Entries Comments

ESXi on an Asus Chromebox M004U

23 May, 2015 (11:51) | Networks, Unixy | By: benjamin

I recently stumbled across the ASUS CHROMEBOX-M004U. It’s a Chromebox, which is cool in its own right, but I was interested in using it’s dual-core Celeron Haswell CPU, expandable RAM (up to 16GB), and M2 Sata storage for other purposes.

First things first, you’ve got to enable the box to run things other than ChromeOS… Thankfully that’s well documented ( http://kodi.wiki/view/ASUS_Chromebox ), so I won’t go into detail at this time. But I will say, I used the standalone, custom coreboot firmware and chose the headless option, as my current planned use cases are for servers. Apparently you want non-headless if you plan to use the box as a Plex Home Theater or Kodi box. Oh, also, I set it to boot first from USB if  available.

Now the Chromebox will boot happily from it’s internal SSD or USB if attached.

Time for ESXi! I haven’t been blogging much in the past couple years, but I have been doing a lot of home work with virtualization, ESXi, vSPhere, ZFS, SmartOS, OmniOS… so at this point I’ve got a bunch of crazy tech projects going on at home.

First, you need an ESXi installer ISO image… I’m using ESXi 5.5u2  and it’s freely available from VMware…https://my.vmware.com/web/vmware/evalcenter You probably have to register to get it. 6.0 is out now, but I haven’t made that jump. However, while 6.0 DOES have USB3/xhci driver, even the latest ISO for 5.5 does not… Even though the matrix of VIB versions per release https://docs.google.com/spreadsheets/d/10Vzx4NLhx1XzhmS-hQuIO1wXa98_8EKN3bhXjFx2GgQ shows later versions which have it. So we’ll have to add that/upgrade after install. (Also, this is helpful information about that matrix: http://www.v-front.de/2012/11/are-esxi-5x-patches-cumulative.html)

Second, we need to customize our installer to have non-standard packages for this machine.

I’ve been using ESXi Customer: https://vibsdepot.v-front.de/wiki/index.php/ESXi-Customizer

And, you’ll need to get some custom VIBs (drivers/configs)… you need the following 2, and you want the offline-bundle versions

To customize, you use a source ISO and add an offline bundle… ESXi Customer only does one VIB at a time… so after it gives you one customized ISO, rename it, then use it as the source, and add the second VIB.

Now, you are ready to install…  We will install to a different, better supported machine, ensuring your install is good to go, then move to the Chromebox. 

Using your custom ISO burned to a USB flash drive (various tools to do that, on windows I use Rufus), install to a target USB flash drive at least 8GB (not the one you are installing from). Installing can take some time, so be patient. Also, make sure you only install to the desired, target flash drive, not your hard drive or something. :)

Once installed, remove the installer flash drive, and boot from the target ESXi flash drive. Again, it takes a while.

Now we have a few configuration steps.

First, we’ll use F2, to customize the system… navigate to troubleshooting options… press enter on “Enable SSH” ( screenshots here: http://www.thomasmaurer.ch/2012/09/activate-ssh-on-vmware-esxi-5-1/ )
For the rest of the steps, SSH into your ESXi machine, it should be displaying it’s IP on the screen.

Second, we need to fix a network setting. By default, the vmk0 (virtual NIC created on which the DHCP client runs) will do a one-time clone of the MAC HW address of your system’s NIC, so you’ll need to fix this, else when booting the USB in a different machine, the installation will boot with the original machine’s MAC… it will CONFLICT with your original machine, you’ll have network issues, including using same IP if you have DHCP static addresses, etc.

esxcfg-advcfg -s 1 /Net/FollowHardwareMac

more detail from: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1031111

Third, you need to install and make sure that USB3/xhci gets loaded at boot…

esxcli network firewall ruleset set -e true -r httpClient
esxcli software profile update -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml -p ESXi-5.5.0-20141004001-standard
esxcli system module set -e true -m xhci

and add following to /etc/rc.local.d/local.sh  :

vmkload_mod xhci

more detail from: http://www.v-front.de/2014/11/vmware-silently-adds-native-usb-30.html

Finally, you should be able to shutdown, remove the USB flash drive with ESXi on it,  put into Chromebox, and boot. And it should come up with it’s own HW MAC, IP, etc, have access to update its own config on its USB drive, and be able to use an attached keyboard.

SSH to new ESXi IP and/or use the vSphere Client to manage as normal.

Odd Git Licensing Message on OSX

18 September, 2013 (16:28) | Coding, Mac | By: benjamin

Today,IOS 7 dropped to the general public. As usually comes with the release, there was an Xcode update. I updated.


For some time, I’ve been using the git bundled in Xcode as it makes it simpler to get updates as they come with Xcode. Today, that yielded an amusing message.

I use git via an alias in my .bashrc

alias git='xcrun git'

A simple version check reveals all:


git –version


Oops… git is apparently subject to Apple’s licenses.

Have fun RESTing!

8 January, 2010 (02:46) | Coding, Mac, Web | By: benjamin

Cheesy post titles aside…

I just discovered the very simple but incredibly useful RESTClient at: http://code.google.com/p/rest-client/ .

It’s a simple Java GUI app for testing out one’s REST services. You can choose your: URL, HTTP method, add any custom headers, add a body for PUT/POST, set auth info, SSL info, and do simple scripting.

This is an incredibly useful tool, AND a far cry better than doing it all on the command line with curl.

Thanks @subwiz (the project owner)!

Here, File File! Nears Release, Gets Attention

5 December, 2009 (14:51) | Coding, Mac, Projects | By: benjamin

I’m taking time away from adding spit and polish to the exciting Here, File File project to say WOO HOO!

The whole team (Adam, Buck, and I) are psyched! A few days ago we found out Here, File File is a finalist in the AppsFire Apps Star Awards. And today, The Unofficial Apple Weblog (TUAW) published a great HFF write up.

If you haven’t seen our promo video yet, give it a whirl!

YouTube Preview Image

Killing “find” Errors

8 November, 2009 (21:46) | Mac, Unixy | By: benjamin

I’ve used the unix filesystem search utility find for many years. Though, like most things, until forced to learn its deeper secrets, I generally get by with only the most basic knowledge.

One of the cool things about find is that you can specify a search and then execute an action on the results, all in one command.

This example is probably my most common use of find:

find . -type d -name .svn -exec rm -fr {} \;

This means: find, in the current directory (.), a directory (-type d), named .svn (-name .svn), and for every result (-exec) remove that directory (rm -fr {}) .  The “{}” represents the matched path string, and the “\;” is required to end the “-exec” command.

Here’s a sample of what this looks like, including output:

$ find . -type d -name .svn -exec rm -fr {} \;
find: ./.svn: No such file or directory
find: ./getid3-2.0.0b4/.svn: No such file or directory
find: ./getid3-2.0.0b4/extras/.svn: No such file or directory
find: ./getid3-2.0.0b4/getid3/.svn: No such file or directory

This is great, and I’ve used this exact syntax for years. But today I ran into a problem. I wanted to run this exact command as part of a custom build script in Xcode. When this command ran I had 81 errors popup in my build results! What happened is that all thos “No such file or directory” messages are actually errors, and Xcode reported them as such.

The solution is to add one extra argument: -depth . This causes find to do a depth-first traversal of the sub-directories being searched. That is, find will check the contents of directories before acting (eg, running an -exec command) on the directory in question. The default is to act on the directory (in our case, removing it) before attempting to visit it’s contents. So after we removed the directory, find was still trying to look at it; -depth fixes that.

So, the final answer is, I now use:

find . -type d -name .svn -depth -exec rm -fr {} \;

Yes, this is a slightly verbose explanation for something so simple, but maybe it will help someone else.

Resetting Forgotten OS X 10.5 User Password

4 November, 2009 (10:43) | Mac | By: benjamin

I have an older G4 Mac Mini I use for testing the Mac app I’m working on (Here, File File F.K.A. Welcome to Your Mac. It’s just nice to have a machine that I can test both 10.4 and 10.5 as well as PowerPC compatibility.

Yesterday I needed to do some updates on the 10.5 system and couldn’t remember my password.

Google was my friend and showed me an Apple Knowledge Base article to solve the problem.

The steps to restart are as follows:

  1. Restart into single user mode (hold Command+S during boot). (Note: that if you use a non-Apple keyboard that’s WindowsKey+S)
  2. At the “#” prompt run:
    • mount -uw /
  3. Now run:
    • launchctl load /System/Library/LaunchDaemons/com.apple.DirectoryServices.plist
  4. Note your short username and user directory by running:
    • ls /Users
  5. Run the following with your username instead of “username”:
    • dscl . -delete /Users/username AuthenticationAuthority
  6. Now reset your password by running:
    • passwd username
  7. Now reboot by running:
    • reboot

This is a bit more complicated than it seems to have been in 10.4 Tiger.  I’m fairly certain you could skip steps 2 – 5, since it didn’t use the same directory service backend.

Note: I don’t use secure file vault, but others on the web have noted that resetting your password in this way will lock you out of your data. In fact, it looks like there is not a way to recover/reset that password, which is part of what makes it secure. :-)

Thanks Google and Apple!

Source: http://support.apple.com/kb/TS1543

Fixing Snow Leopard’s broken ‘focus follows mouse’ Terminal behavior

21 October, 2009 (16:14) | Uncategorized | By: benjamin

Since upgrading to OS X 10.6 (Snow Leopard), I’ve been frustrated by Terminal’s focus follows mouse behavior. I typically like such behavior but it’s broken as of 10.6. I would frequently CMD-Tab to switch to a different application and start typing only to wonder why my keyboard was not working, then realize my input had gone to the Terminal which sometimes was no longer even visible.

To fix this, type the following in Terminal:

defaults write com.apple.Terminal FocusFollowsMouse -string NO

Then, restart Terminal. Voila! No more lost input in my Terminal.

Many thanks to www.macosxhints.com for popping up when I googled this problem.

VPN on Ubuntu Linux with Juniper Network Connect

15 June, 2009 (16:13) | Networks, Unixy | By: benjamin

There’s one standard document on HOWTO get Network Connect working on Ubuntu Linux. It’s mad scientist’s doc: http://mad-scientist.us/juniper.html . However, there are a few things not covered. I’ll assume that you’ve followed mad scientist’s excellent guide before going any further.

Issue #1: 64-bit Ubuntu

By default, when you install java on your 64-bit system, you get a 64-bit java. No surprise there, right? Well, Juniper’s tools don’t play nice with 64-bit java. If you attempt to start the junipernc script you’ll promptly see the “VPN has failed!” error message.

VPN has failed!

VPN has failed!

Also if you look closely in your Terminal you’ll see the text error:

Failed to load the ncui library.

This is the clue that we are dealing with the 64-bit issue.

The work around for this is to install a 32-bit java on your system. Type the following into your Terminal:

sudo apt-get install ia32-sun-java6-bin

After typing your password, a 32-bit copy of java will be installed at: /usr/lib/jvm/ia32-java-6-sun .

Now, you need to convince Juniper Network Connect to use the 32-bit java. If you don’t use java for much besides your new VPN, you may just want to make the 32-bit java your default. This can be done by typing the following into your Terminal:

update-alternatives --set java /usr/lib/jvm/ia32-java-6-sun/jre/bin/java

If you DO use java and just want to tell the VPN to use the 32-bit java, you should modify the junipernc by adding the following line right after the block of lines that start with “#”:

export JDK_HOME=/usr/lib/jvm/ia32-java-6-sun

Now, when you run junipernc, it will use 32-bit java and you should no longer have the failure due to ncui.

Issue #2: Determining Your Realm

The scripting for Network Connect asks a few questions that may not make sense to a typical user. Even a networking savvy programmer may not be certain what values to use for the “Realm” or “PIN + SecureID Code”.

Finding your realm is fairly straight forward if you don’t mind diving into some HTML. Point your web browser to your company’s VPN website: https://vpn.mycompany.com or https://connect.mycompany.com .   View the source of that page and look for a line like:

<input type="hidden" name="realm" value="REALMNAME">

The value of REALMNAME is what you’ll need to enter when prompted.  Your IT department may or may not know what this is if you ask them.

If you don’t know your “PIN + SecureID Code”, it’s simply the password you type along with your username on the VPN website to gain access. As mad scientist says, some companies use “SecurID so [they] enter a personal PIN plus the value provided by the SecurID fob,” which explains why he coded that as the prompt for the password input.

If you need help, there’s a long running thread over at the ubuntu forums where this continues to be discussed a lot: http://ubuntuforums.org/showthread.php?t=232607 . I gathered my info from both mad scientist’s page above and the thread itself.

One further note, I’ve tested this on Ubuntu 9.04 64-bit as well as 8.10 32-bit. Hope this is helpful to all you who need Juniper VPN access on 64-bit Ubuntu Linux.


14 June, 2009 (14:26) | Life, Mac | By: benjamin

I recently purchased a Mac Mini to be my home media computer. I plan to blog more about that later. For now, the only tricky thing about using a Mini has been using my TV for a monitor.

There’s a lot of noise on the web (or Google at least) when trying to search for a solution to using a Mini’s DVI output on LCD TV’s. Typically they recommend using DisplayConfigX  or SwitchResX to tweak your display modelines, timing, resolution, and just generally dive deeper than I like  into display configuration. My solution was MUCH simpler.

My television is a Samsung 46″ LCD (LN46A539P1F). It has 3 HDMI inputs, but one is specifically intended to be used for PCI DVI input converted to HDMI.  It also provides a VGA DSUB input which works perfectly with a Mac Mini’s miniDVI->VGA apapter, but the point here is to get direct digital signal without converting to analog.

The Mac Mini has a miniDVI output and is packaged with a miniDVI->DVI adapter, so to get a signal into the TV, you’ll need a DVI->HDMI or miniDVI->HDMI adapter. I bought both from Monoprice as they are very inexpensive and either works fine.

Once you have the apdapter on and the HDMI cable connected to the TV, the Mac will recognize that it is displaying on an HDTV and will recommend 720p (1280×720 resoution) or 1080p (1920×1080 resolution). However, you will now most likely see that your output is either too small on the screen (has a few inches of black border around the picture)  or is too big (extends beyond the screen). If it’s too big, you have Overscan enabled in your Displays preference pane. If not, you should enable Overscan.

Now, on your TV, go to the Menu:

  • Choose “Picture” (should be first option)
  • Choose “Picture Options” (near the bottom of list)
  • Choose “Size” (will have options like 4:3, 16:9, and Just Scan)
  • Choose “Just Scan”
  • Close Menu

Bam! Your display should now be just right!

Drive Free, Retire Rich

21 April, 2009 (21:02) | Life | By: benjamin

I discovered J.D.’s Get Rich Slowly personal finance blog a few months ago and have read it off and on since then.

Today I noticed he had a link to an excellent slideshow resource provided by Dave Ramsey.

So, go watch how you and I can both Drive Free and Retire Rich.