BEES!!!

My mountain mint brings all the bees to the yard.

Honey bee on mountain mint

Honey bee on mountain mint

Enchinacea

A purple flower at my parents’ house.

Pulleys for G5RV antenna

I bought two of these pulleys for my G5RV antenna. Nylon cord comes from the antenna’s insulators and is tied to a brick on each side. This allows the antenna to move with the wind or a tree limb.

Shield generator on 30 Rockefeller Plaza

Visiting the Top, I noticed this deflector shield generator. Reddit says NBC installed it to protect Alec Baldwin’s ego.

30rockradome

It is actually a mechanical radar inside a radome. /nerd

SSH/SFTP Rsync backups done with chroot

Rsync

Rsync, for those who aren’t familiar, is a file copy tool, which, after the first copy, will only send changes during subsequent updates. This makes it a very efficient tool, especially when used over an internet connection.

Anyway, to enable rsync from server A to server B, it is common to perform the login via key. This means that on Server A you’d generate a SSH keypair for your backup user, then copy the public key that was generated into the ~/.ssh/authorized_keys file for your backup user on Server B.

Because rsync is going to be executed automatically via cron script, it is necessary to create the key file without a password.

Jail

  • Configure your SSH server
    • Open up /etc/ssh/sshd_config
    • At the end of the file, tell SSH to create a chroot jail for your backup user:
      ChrootDirectory %h
      AllowTcpForwarding no
      PermitTunnel no
      X11Forwarding no

      Note, because of the way chroot works, you’ll need to make sure the chroot directory is owned by ROOT, even if it’s actually the home directory of your backup user.

  • Save, and restart your SSH server.

This gets you part of the way, you should now be able to SSH/SFTP into Server B using your backup user, and when connected, you will be restricted to the location set in ChrootDirectory.

Unfortunately, rsync needs more than this, and in order to copy files it’ll need access to the shell (I’m assuming bash), as well as the rsync application itself, together with whatever libraries are required.

Therefore, it becomes necessary to create a partial chroot image in the backup user’s chroot directory. You could do this the traditional way (e.g. by using something like debootstrap), which will create a mirror of your base operating system files in the chroot jail. However, this generally takes a few hundred megabytes at least, and if all you want is to copy some files, you don’t want to give access to more than you need.

Instead, I opt to create a skeleton chroot jail by hand.

The goal here is to mirror the filesystem of your server inside the chroot jail, so that if a file exists in /foo/bar, then you need to copy it to /home/backup-user/foo/bar, and make sure it’s owned by root.

  • Copy bash from /bin/bash to the directory /home/backup-user/bin/
  • Copy rsync (on my system this was in /usr/bin)
  • Next, you need to copy the symbolic link libraries to which these files are linked against. You can use the tool ldd to interrogate the executable and get a list of files to copy, e.g:
    root@server-b:/home/backup-user# ldd /bin/bash
        linux-vdso.so.1 =>  (0x00007fff52bff000)
        libtinfo.so.5 => /lib/x86_64-linux-gnu/libtinfo.so.5 (0x00007f412810a000)
        libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f4127f06000)
        libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f4127b79000)
        /lib64/ld-linux-x86-64.so.2 (0x00007f4128340000)

    Copy the files which have directories into the appropriate locations, e.g./lib/x86_64-linux-gnu/libtinfo.so.5 should go into/home/backup-user/lib/x86_64-linux-gnu/

  • Do the same for /usr/bin/rsync

Moto G (3rd generation)

I ordered the new Moto G. Normally $179, my total was $219 for doubled storage and RAM.

The third generation Moto G (marketed as simply moto g) is an Android smartphone developed by Motorola Mobility, announced on July 28, 2015.

The third generation Moto G has a 5-inch 720p Gorilla Glass 3 display, a 13-megapixel camera similar to the one from the Nexus 6, a quad-core Snapdragon 410 processor, the latest version of Android, the phone back is a removable textured plastic, comes in multiple colors available in Motorola’s Moto Maker and it is water resistant through the use of nano-coating and internal rubber gaskets giving it an IPX7 rating. The low end model comes with 8GB of storage and 1GB of RAM, and the high end model comes with 16GB of storage and 2GB of RAM.

The phone runs near stock Android 5.1 Lollipop. The phone has both a single sim and dual sim variant.

Shed organization

Now that the wood shed is gone, I need to consolidate everything into the brick shed. I want everything off the floor. I now have a workbench and ceiling hooks, but need a lot more.

ShedOrganization

Wood shed removal

We bought our house with a garage and two sheds on the property. One shed was constructed using bricks and concrete and was perfectly situated in the corner of the lot. The other shed was constructed using wood and was beginning to rot with paint chipping off two sides. The wood shed was awkwardly placed between the brick shed and the garage. I decided to remove the wood shed after renovating the brick shed to improve the “flow” of the yard and landscaping.

Here’s a picture taken during the shed’s final hours. So long shed!

Wood shed removal

Cleaning the 1979 300D

I scrubbed the outside and vacuumed the inside. Also, I cleaned its windows. I need a driver seat – this one is busted.

IMG_0064

Before, you couldn’t see through the moss on the windows. Now they’re clean in and out.

IMG_0135

Now, I can keep it in the garage with my other junker!

IMG_0059

Muscadine grapes

Muscadine is a grapevine species native to the south of North America that has been extensively cultivated since the 16th century. The plants are well adapted to their native warm and humid climate; they need fewer chilling hours than better known varieties and they thrive on summer heat.

They have skin sufficiently tough that eating the raw fruit often involves biting a small hole in the skin to suck out the pulp inside. Muscadines are not only eaten fresh, but also are used in making wine, juice, and jelly.

Muscadine