Booting Thinkpad firmware updater from a USB key

I have a Lenovo Thinkpad T431s running Ubuntu. For those of us not running Windows, Lenovo provide a bootable CD image for their firmware updates. The Thinkpad T431s does not have a CD drive and the ISOs Lenovo provide will not boot from a USB key.

It’s trivial to provide images that can boot from a USB key, but Lenovo instead just assume you have an external USB drive because they’re dickheads; or incompetent. Or both. Let’s assume both!

Anyway, you can convert their images into something you can write to a USB key if you know the magic incantation.

You just need the geteltorito command, which is provided by the genisoimage package on Ubuntu.

The isoinfo command (in the same package) shows that the iso has an ElTorito virtual disk section, which you can’t see normally – it’ll just look like an empty CD if you mount it.

isoinfo -i fwsx04.iso -d

CD-ROM is in ISO 9660 format
System id: 
Volume id: FWSX04
Volume set id: 
Publisher id: 
Data preparer id: 
Application id: NERO BURNING ROM
Copyright File id: 
Abstract File id: 
Bibliographic File id: 
Volume set size is: 1
Volume set sequence number is: 1
Logical block size is: 2048
Volume size is: 15542
El Torito VD version 1 found, boot catalog is in sector 20
Joliet with UCS level 3 found
NO Rock Ridge present
Eltorito validation header:
    Hid 1
    Arch 0 (x86)
    Key 55 AA
    Eltorito defaultboot header:
        Bootid 88 (bootable)
        Boot media 4 (Hard Disk Emulation)
        Load segment 7C0
        Sys type 6
        Nsect 1
        Bootoff 1B 27

And you can extract the ElTorito image like this:

geteltorito fwsx04.iso  > fwsx04.img

And then you can just write that image file direct to your USB key. In my case, my USB key shows up as /dev/sdb

dd if=fwsx04.img of=/dev/sdb

then you can shutdown and boot from the USB key and the firmware flashing utility will execute.

Or you could buy a Lenovo external DVD drive just for doing firmware updates; yeah thanks Lenovo.

Reliable rake task execution

My News Sniffer project needs to regularly do some back-end stuff like checking a bunch of rss feeds and downloading web pages. I do this with some rake tasks, which I call using the cron daemon.  Recently I’ve been having problems where some tasks take a bit longer than usual to complete and end up running in parallel. This slows things down, which means more tasks end up running in parallel and then my little virtual machine eventually falls on it’s face under memory pressure.

I could implement some locking in my application, but it’s always good to avoid as much new code as possible so, in the good old *NIX fashion, I cobbled together a short bash script taking advantage of existing tools. What this does is executes the given rake task in the given rails root using the Debian/Ubuntu tool start-stop-daemon (provided by the dpkg package, which is therefore always installed). start-stop-daemon uses a pid file to keep track of the rake program for the given task, so it will never run a second concurrent instance of rake for this task. Cron just keeps trying to run it every 5 minutes or whatever, but it only runs once concurrently.
Continue reading Reliable rake task execution

Xen on Ubuntu Edgy broken – Debian to the rescue

Xen LogoI found a great HOWTO on getting a Xen virtual machine up and running on Ubuntu Edgy. Unfortunately, Xen is pretty broken on Edgy. I managed to get one virtual machine running easily but on starting a second one, Dom0 panics and the whole box freezes. It’s been reported on launchpad but as it’s in universe I guess it’s just not a priority.

As a workaround, I installed the Xen kernels from Debian testing (Etch). These pulled in the Debian Xen userspace packages too, but they didn’t clobber anything. So now I have a couple of mostly Edgy virtual machines which I plan to use as a little test lab.

Whilst troubleshooting, I also found another good Debian specific Xen HOWTO with lots of good general advice too.

Etch is looking good. I work with Sarge a lot on servers and firewalls but I’ve not played with Etch much. I think I’ll get it installed in a Xen machine and have a play. I feel bad for not helping with its testing though.

Encrypted partitions with Ubuntu/Debian

I figured out how to set up an encrypted partition on Ubuntu the other day. There are a bunch of ways of doing it but I found this to be the simplest. It should work on Debian too, since all the relevant packages are Debian ones anyway. In my example I’m encrypting an LVM partition (logical volume), but it should work with any device, including removable USB keys (see end notes). UPDATE: This is broken in Edgy but I figured out a simple fix, see below.

Continue reading Encrypted partitions with Ubuntu/Debian

IPSEC VPN problems upgrading to Ubuntu Edgy

I upgraded my home gateway firewall to Edgy today in the hope of fixing some SATA problems I’ve been experiencing. The new Edgy kernel might help – we’ll see.

Anyway, it went pretty well. Two runs (?) of apt-get dist-upgrade -u, a reboot and there I was.

Unfortunately I had two problems with my Openswan IPSEC VPNs. I’m not so sure if these count as bugs. I’ll be investigating further and reporting if so. Anyway, techie details follow…
Continue reading IPSEC VPN problems upgrading to Ubuntu Edgy

Epiphany and Firefox Dapper packages for Breezy

I’ve built Ubuntu Dapper Epiphany 1.9 and Firefox 1.4.99 packages for Ubuntu Breezy. I’ve also enabled the Epiphany Adblock extension which seems to work fine. You can’t specify your own advert signatures with a GUI yet (afaikt) but the built-in database seems to cover most bases.

I’ve only built for i386 as that’s all I need it for right now. Tbh, it’s really not that difficult to build you own, but here they are anyway:
UPDATE: I’ve setup an apt repository for all this nonsense.

deb breezy backports

I don’t really have plans to keep this up to date, but I might expand it to a few other packages I want to play with, so feel free to use.

Hula calendar and mail server proprietaryness

I played with Hula a few weeks ago. I really didn’t spend very long with it, but managed to get it working on Ubuntu Breezy and connected to it with Evolution IMAP client. A big fat tip if you’re planning on having a go with it: don’t use the official Ubuntu packages. The ones I used were old and really sucked; I got nowhere with them. There are packages for Debian on the Hula site that worked well for me.
Continue reading Hula calendar and mail server proprietaryness

Xorg xserver $HOME/xorg.conf

It turns out that xorg will use $HOME/xorg.conf if it finds it, rather than the default in /etc/X11/xorg.conf.

I didn’t know this, and didn’t notice that it was telling me this in the logs. I’ve now wasted a bunch of time troubleshooting a font problem on Ubuntu where xorg couldn’t find my fonts and I was working from the WRONG CONFIG FILE. AGH!

Anyway, in other Ubuntu xorg related news, something changed in the latest Breezy upgrades that causes /dev/input/mice not to be created. Xorg then bombs on boot as that’s my core pointer. If you restart udev the device nodes get created fine. Not sure what this is yet.