Archív kategorií: Linux

PowerDNS – GSQLBackend lookup query:Attempt to bind more parameters than query has

PowerDNS is a very good DNS nameserver, but debugging is sometimes very hard. I just add some records to my zone and zone stops working: server doesn’t respond to DNS queries.

Here is error from syslog:

2018-03-28T23:59:14+02:00 my [err] [pdns] Exception building answer packet for (All data was not consumed) sending out servfail
 2018-03-28T23:59:30+02:00 my [err] [pdns] Backend reported permanent error which prevented lookup (GSQLBackend lookup query:Attempt to bind more parameters than query has: SELECT content,ttl,prio,type,domain_id,disabled,name,auth FROM records WHERE disabled=0 and name=? and domain_id=?), aborting

Tracing of pdns told me the following exception:

$ strace -s 4096 -f -e send,recv,read,write,sendmsg -p `pidof /usr/sbin/pdns_server-instance`
[pid 12801] send(3, "<27>Mar 29 01:09:08 pdns[12791]: Exception building answer packet for (All data was not consumed) sending out servfail\0", 137, MSG_NOSIGNAL) = 137

After few hours of googling, debugging, removing records etc. I have found:

$ pdnsutil check-zone
[Error] Following record had a problem: " IN SOA 2018032808 21600 7200 1209600 3600 "
[Error] Error was: All data was not consumed
Checked 14 records of '', 1 errors, 0 warnings.

Did you notice extra space at the end of record? After removing extra space problem get solved.

I have added the following crontab job to prevent problems in the feature:

@daily pdnsutil check-all-zones | grep Error

Firewall rule to allow access to windows updates

When you try to install Windows updates for the first time (e.g. you buy a new computer with Windows 8.1 preinstalled), windows doesn’t start to download updates unless you permit UDP connection to port 3544.

Here is the firewalling rule for your linux firewall:

iptables -A FORWARD -d -p udp -m udp --dport 3544 -m conntrack --ctstate NEW -j ACCEPT

Here we go!

Howto make sure nagstamon is running on your desktop

nagstamon_header_logoAdd the following line to your (desktop user, not root) crontab:

*/5 * * * * [ -z "`pidof -x /usr/bin/nagstamon`" ] && DISPLAY=:0.0 /usr/bin/nagstamon &

This will start nagstamon and make sure user doesn’t closes them. Tricky is configuration of connection to you Xserver / graphical environment. But solution is simple: set $DISPLAY environment variable to :0.0 value, which means ‚use the first desktop running on localhost‘.

Did you know ‚xauth list‘ command?

Nagstamon – Python OpenSSL certificate validation

nagstamon_header_logoWhen I try to connect to my monitoring system with desktop widget Nagstamon, Nagstamon was not able to connect due to SSL certificate validation problem. I’m using certificate from

After a while of hacking I have found this workaround in source code. This is the wrong way: Pokračovať v čítaní

MySQL Workbench – passwords not being saved in keychain

MySQLWorkbenchIf you have problem, that your MySQL Workbench can’t save passwords for your MySQL connections, try to start mysql-workbench in verbose mode. Maybe you will see a error:

$ mysql-workbench --verbose
** Message: Gnome keyring daemon seems to not be available. Stored passwords will be lost once quit
['un\\"o', 'do``s']

Thread started

Pokračovať v čítaní

sendxmpp release v1.24

New config file format is supported since sendxmpp version 1.24. Issue #9 – passwords with spaces not supported in .sendxmpprc. has been fixed.

Example for Google Talk servers:

$ cat ~/.sendxmpprc
password: my-"secure-pass _word with sp@ce!

Please, don’t try the password above, I have changed them. 🙂


Make cryptsetup ask the same password only once at boot

initramfs-tools-cryptroot-as-password-onceluks-logoI bought a new hard drive. Because I protect all my harddisk with encryption, I setup LUKS for new harddrive too. But init scripts ask password for every encrypted partition and I want enter my harddisk password only once. I have started with googling but I wasn’t succesfull. I have found this thread about the same problem. But author didn’t provide patch and uploaded *.tar.gz archive is no longer available. Pokračovať v čítaní