Bike Tires & Pressure

This is reference info for me:

  • Pavement Reference: 700c, 28mm @ 120psi for 300 LB ride weight, 60% rear
  • Cruiser Reference: 32er, 55mm @ 60psi for 310 LB ride weight, 70% rear
  • Off-Road Reference: 700c, 40mm @ 40psi for 180 LB ride weight, 60% rear

Slower speed, butt off the seat, you can go lower psi. You’d be risking pinch flats on longer rides, or unseating the bead in harder turns, etc

Tread pattern is coarse for rough terrain, fine for sand & hardpack, and smooth for pavement.

Higher pressure prevents tire flex, and is better on pavement. – Less shock absorption, grippy on soft, loose surface.

Lower pressure increases tire flex, which grips obstacles better. – Increased risk of pinch flats, or rolling off the rim.

General width preferences:

  • Hardpack or pavement – narrow to prevent drag
  • Sand, pea gravel, mud – wide to prevent sinking
  • loose, large gravel – wide to prevent pinch flats, throwing gravel, etc

Weight Distribution

  • Cruiser ~ 70% rear.
  • Mountain ~ 60% rear.
  • Race Road ~ 55% rear.

Proportional adjustments:

  • Narrower tire for larger diameter
  • Lower pressure for lower weight
  • Lower pressure for wider tire

Rim sizes:

  • 559mm = 26er
  • 584mm = 650b / 27.5″
  • 622mm = 700c / 29er
  • 686mm = 32er
  • 787mm = 36er

dsmserv fails to start if LDAP is inaccessible

IBM, and the white books, say this is working as designed.
• If LDAP dies, dsmserv stays up without it.
• If LDAP dies, and dsmserv restarts, it refuses to come up.
• ANR3103E https://www.ibm.com/support/knowledgecenter/SSEQVQ_8.1.5/srv.msgs/b_msgs_server.pdf
• Workaround is remove LDAPURL from dsmserv.opt, or wait for LDAP to become accessible.

On a multi-homed server, any links serving LDAP should be fault tolerant.

Any server using LDAP should have fault tolerant LDAP servers.

Here’s where to vote on getting the start-up limitation changed.
http://www.ibm.com/developerworks/rfe/execute?use_case=viewRfe&CR_ID=121985


Spectrum Protect / TSM systemd autostart


cat < <'EOF' >/etc/systemd/system/db2fmcd.service
[Unit]
Description=DB2V111

[Service]
ExecStart=/opt/tivoli/tsm/db2/bin/db2fmcd
Restart=always
KillMode=process
KillSignal=SIGHUP

[Install]
WantedBy=default.target
EOF
systemctl enable db2fmcd.service
systemctl start db2fmcd.service

cp -p /opt/tivoli/tsm/server/bin/dsmserv.rc /etc/init.d/tsminst1
cat < <'EOF' >>/etc/systemd/system/tsminst1.service
[Unit]
Description=tsminst1
Requires=db2fmcd.service

[Service]
Type=forking
ExecStart=/etc/init.d/tsminst1 start
ExecReload=/etc/init.d/tsminst1 reload
ExecStop=/etc/init.d/tsminst1 stop
StandardOutput=journal

[Install]
WantedBy=multi-user.target
EOF
systemctl enable tsminst1.service
systemctl start tsminst1.service

ln -s /opt/tivoli/tsm/client/ba/bin/rc.dsmcad /etc/init.d/dsmcad
cat < <'EOF' >>/etc/systemd/system/dsmcad.service
[Unit]
Description=dsmcad

[Service]
Type=forking
ExecStart=/etc/init.d/dsmcad start
ExecReload=/etc/init.d/dsmcad reload
ExecStop=/etc/init.d/dsmcad stop
StandardOutput=journal

[Install]
WantedBy=multi-user.target
EOF
systemctl enable dsmcad.service
systemctl start dsmcad.service


AIX 7.2 crash removing adapters from etherchannel

If I remove the first main adapter, and re-add it, then I can add/remove either adapter or IP interface after that.

If I remove the second main adapter, and re-add it, then I cannot remove the first, and dropping the IP interface crashes.

So, assuming adapter_names=ent2,ent6

This works everywhere:
/usr/lib/methods/ethchan_config -d ent17 ent2
/usr/lib/methods/ethchan_config -a ent17 ent2
/usr/lib/methods/ethchan_config -d ent17 ent6
/usr/lib/methods/ethchan_config -a ent17 ent6
/usr/sbin/rmdev -Rl en17
/usr/sbin/mkdev -l en17
/usr/sbin/cfgmgr
# Can do any combination of the above after remove/readd first adapter in advance.

And this crashes everywhere:
/usr/lib/methods/ethchan_config -d ent17 ent6
/usr/lib/methods/ethchan_config -a ent17 ent6
# crashed here on one server
/usr/lib/methods/ethchan_config -d ent17 ent2
ethchan_config: 0950-021 Unable to delete adapter ent2 from the
EtherChannel because it could not be found, errno = 2
/usr/sbin/rmdev -Rl en17

# crash here on several others

Crash analysis follows:

(96)> stat
SYSTEM_CONFIGURATION:
CHRP_SMP_PCI POWER_PC POWER_8 machine with 160 available CPU(s) (64-bit
registers)

SYSTEM STATUS:
sysname... AIX
nodename.. testnode001
release... 2
version... 7
build date Mar 2 2018
build time 13:02:46
label..... 1809C_72H
machine... 00DEADBEEF00
nid....... FBCAFE4C
time of crash: Wed May 9 04:45:59 2018
age of system: 25 day, 10 hr., 54 min., 41 sec.
xmalloc debug: enabled
FRRs active... 0
FRRs started.. 0

CRASH INFORMATION:
CPU 96 CSA F00000002FF47600 at time of crash, error code for LEDs:
30000000
pvthread+1A0E00 STACK:
[00009324].unlock_enable_mem+000018 ()
[06058D54]shientdd:entcore_disable_tx_timeout_timers@AF123_105+000074
(??, ??)
[060592E8]shientdd:entcore_suspend_nic+000028 (??, ??)
[0605FB20]shientdd:entcore_suspend+0001E0 (??, ??, ??)
[06129A68]shientdd:entcore_close_common+000668 (??)
[0612A0B0]shientdd:entcore_close+000490 (??)
[060103CC]shientdd:shi2ent_close+00000C (??)
[F1000000C04911C0]ethchandd:ethchan_close+0001A0 (??)
[00014D70].hkey_legacy_gate+00004C ()
[0057A914]ns_free+000074 (??)
[00014F50].kernel_add_gate_cstack+000030 ()
[069E503C]if_en:en_ioctl+0002DC (??, ??, ??)
[0057126C]if_detach+0001CC (??)
[0056E1DC]ifioctl+00081C (F00000002FF473D0, 8020696680206966,
00000000066EB8A0)
[005EA764]soo_ioctl+0005C4 (??, ??, ??)
[007A4754]common_ioctl+000114 (??, ??, ??, ??)
[00003930]syscall+000228 ()
[kdb_get_virtual_memory] no real storage @ 2FF22358
[D011C92C]D011C92C ()
[kdb_read_mem] no real storage @ FFFFFFFFFFF5D60

(96)> status | grep -v wait
CPU INTR TID TSLOT PID PSLOT PROC_NAME
96 20E03BF 6670 380324 3128 ifconfig

(96)> vmlog
Most recent VMM errorlog entry
Error id = DSI_PROC
Exception DSISR/ISISR = 000000000A000000
Exception srval = 00007FFFFFFFD080
Exception virt addr = 0000000000000004
Exception value = 00000086 EXCEPT_PROT

0x86:
Protection exception. An attempt was made to write to a protected
address in memory

(96)> th -n ifconfig
SLOT NAME STATE TID PRI RQ CPUID CL WCHAN
pvthread+1A0E00 6670*ifconfig RUN 20E03BF 03E 96 0
shientdd:.entcore_disable_tx_timeout_timers AF123_105+000074
bla < .unlock_enable>
.
2390 ! SUNLOCK(TX_QUEUE_SLOCK, tx_pri);
.

---- NDD INFO ----( F1000B003952B410)----
name............. ent6 alias............ en6
ndd_next......... 0000000000000000
ndd_flags........ 00610812
(BROADCAST!NOECHO!64BIT!CHECKSUM_OFFLOAD)
ndd_2_flags...... 00000930
(IPV6_LARGESEND!IPV6_CHECKSUM_OFFLOAD!LARGE_RECEIVE!ECHAN_ELEM)

(96)> print entcore_acs_t F1000B00393F0000
struct entcore_acs_t
struct entcore_tx_queue_t
< ...>
struct entcore_ras_cb_t *ffdc_ras_cb = 0xF1000B0039537D40;
struct entcore_tx_atomics_t *atomics = 0x0000000000000000;
struct mbuf *overflow_queue = 0x0000000000000000;
struct mbuf *overflow_queue_tail = 0x0000000000000000;
uint64_t ofq_cnt = 0x0000000000000000;
struct entcore_lock_info_t *p_lock_info = 0x0000000000000000;
void *p_acs = 0xF1000B00393F0000; NULL so DSI

(96)> dd F1000B00393F78D0
F1000B00393F78D0: 0000000000000000 < - p_lock_info

(96)> xm F1000B00393F78D0
Page Information:
heap_vaddr = F1000B0000000000
P_allocrange (range of 2 or more allocated full pages)
page........... 00003937 start.. F1000B00393F0000 page_cnt....... 0017
allocated_size. 00170000 pd_size........ 00010000 pinned......... yes
XMDBG: ALLOC_RECORD

Allocation Record:
F1000B00E4306600: addr......... F1000B00393F0000 allocated pinned
F1000B00E4306600: req_size..... 1458712 act_size..... 1507328
F1000B00E4306600: tid.......... 033F0187 comm......... cfgshien
XMDBG: ALLOC_RECORD
Trace during xmalloc() on CPU 00
0604FCB0(.entcore_allocate_acs+000310)
060129C4(.entcore_config_state_machine+
0601A884(.entcore_perform_init+0000A4)

Free History:
105D 40.955808 SHIENTDD GEN: L3 Close__B d1=F1000B00393F0000
105D 40.955808 SHIENTDD GEN: L3 CloseC_B d1=F1000B00393F0000
105D 40.955809 SHIENTDD GEN: L3 HwClos_B d1=F1000B00393F0000
105D 40.955810 SHIENTDD GEN: L3 HwClos_B -HW| d1=0000000000000000
105D 40.955810 SHIENTDD GEN: L3 HwClos10 -HW| d1=0000000000000000
105D 40.955810 SHIENTDD GEN: L3 HwClos_E -HW| d1=0000000000000000
105D 40.955811 SHIENTDD GEN: L3 HwClos_E d1=0000000000000000

< ...>

105D 41.039269 SHIENTDD GEN: L3 CloseC_E d1=F1000B00393F0000
105D 41.039269 SHIENTDD GEN: L3 Close__E d1=0000000000000000
105D 41.039273 SHIENTDD GEN: L3 Close__B d1=F1000B00393F0000

another close ? >>

105D 41.039273 SHIENTDD GEN: L3 CloseC_B d1=F1000B00393F0000
105D 41.039274 SHIENTDD GEN: L3 HwClos_B d1=F1000B00393F0000
105D 41.039275 SHIENTDD GEN: L3 HwClos_B -HW| d1=0000000000000000
105D 41.039275 SHIENTDD GEN: L3 HwClos10 -HW| d1=0000000000000000
105D 41.039276 SHIENTDD GEN: L3 HwClos_E -HW| d1=0000000000000000
105D 41.039276 SHIENTDD GEN: L3 HwClos_E d1=0000000000000000
105D 41.039276 SHIENTDD GEN: L3 Suspnd_B d1=F1000B00393F0000
105D 41.039279 SHIENTDD GEN: L3 MctSyn_B d1=F1000B00393F0000
105D 41.039281 SHIENTDD GEN: L3 MctSyn_E d1=0000000000000000
END

It seems that 2 closes happened, which would have leaded to a double free, and the crash.

Debug efix was tested for 2 weeks on 24 systems and problem was resolved, patch was stabl.

APAR IJ06720 was generated, and a public efix will be released for that./


Spectrum Protect – container vulnerability

We ran into an issue where a level-zero operator became root, and cleaned up some TSM dedupe-pool containers so he’d stop getting full filesystem alerts.

Things exposed:

How does someone that green get full, unmonitored root access?
* They told false information about timestaps during defense
* Their senior tech lead was content to advise they not move or delete files without contacting the app owner.
* Imagine if this had been a customer facing database server!

In ISP/TSM, once extents are marked damaged, a new backup of that extent will replace it.
* Good TDP4VT CTL files and other incrementals will send missing files.
* TDP for VMWare full backups fail if the control file backup is damaged.
* Damaged extents do not mark files as damaged or missing.

Replicate Node will back-propagate damaged files.
* Damaged extents do not mark files as damaged or missing.

Also, in case you missed that:
* Damaged extents do not mark files as damaged or missing.

For real, IBM says:
* Damaged extents do not mark files as damaged or missing.
* “That might cause a whole bunch of duplicates to be ingested and processed.”

IBM’s option is to use REPAIR STGPOOL.
* Requires a prior PROTECT STGPOOL (similar to BACKUP STGPOOL and RESTORE STGPOOL).
* PROTECT STGPOOL can go to a container copy on tape, a container copy on FILE, or a container primary on the replica target server.
* PROTECT STGPOOL cannot go to a cloud pool
* STGRULE TIERING only processes files, not PROTECT extents.
* PROTECT STGPOOL cannot go to a cloud pool that way either.
* There is NO WAY to use cloud storage pool to protect a container pool from damage.

EXCEPTION: Damaged extents can be replaced by REPLICATE NODE into a pool.
* You can DISABLE SES, and reverse the replication config.
* Replicate node that way will perform a FULL READ of the source pool.

There is a Request For Enhancement from November, 2017 for TYPE=CLOUD POOLTYPE=COPY.
* That would be a major code effort, but would solve this major hole.
* That has not gotten a blink from product engineering.
* Not even an “under review”, nor “No Way”, nor “maybe sometime”.

Alternatives for PROTECT into CLOUD might be:
* Don’t use cloud. Double the amount of local disk space, and replicate to another datacenter.
* Use NFS (We would need to build a beefy VM, and configure KRB5 at both ends, so we could do NFSv4 encrypted).
* Use CIFS (the host is on AIX, which does not support CIFS v3. Linux conversion up front before we had bulk data was given a big NO.)
* Use azfusefs (Again, it’s not Linux)

Anyway, maybe in 2019 this can be resolved, but this is the sort of thing that really REALLY was poorly documented, and did not get the time and resources to be tested in advance. This is the sort of thing that angers everyone at every level.

REFERENCE: hard,intr,nfsvers=4,tcp,rsize=1048576,wsize=1048576,bg,noatime


ANR3114E LDAP error 81. Failure to connect to the LDAP server

This used to be on IBM’s website, but it disappeared.  It is referenced all over the net, and needed to still exist. I only found it in the wayback machine, so I’m adding another copy to the internet.

2013 SOURCE: www-01.ibm.com/support/docview.wss?uid=swg21656339

Problem(Abstract)

When the SET LDAPUSER command is used, the connection can fail with:

ANR3114E LDAP error 81 (Can’t contact LDAP server)

Cause

The user common name (CN) in the SET LDAPUSER command contains a space or the ldapurl option is incorrectly specified.

Diagnosing the problem

Collect a trace of the Tivoli Storage Manager Server using the following trace classes:
session verbdetail ldap ldapcache unicode

More information about tracing the server can be found here: Enabling a trace for the server or storage agent

The following errors are reported within the trace:

11:02:04.127 [44][output.c][7531][PutConsoleMsg]:ANR2017I Administrator ADMIN issued command: SET LDAPPASSWORD ?***? ~
11:02:04.171 [44][ldapintr.c][548][ldapInit]:Entry: ldapUserNew =      CN=tsm user,OU=TSM,DC=ds,DC=example,DC=com
11:02:04.173 [44][ldapintr.c][5851][LdapHandleErrorEx]:Entry: LdapOpenSession(ldapintr.c:2340) ldapFunc = ldap_start_tls_s_np, ldapRc = 81, ld = 0000000001B0CAB0
11:02:04.174 [44][ldapintr.c][5867][LdapHandleErrorEx]:ldap_start_tls_s_np returned LDAP code 81(Can't contact LDAP server), LDAP Server message ((null)), and possible GSKIT SSL/TLS error 0(Success)
11:02:04.174 [44][output.c][7531][PutConsoleMsg]:ANR3114E LDAP error 81 (Can't contact LDAP server) occurred during ldap_start_tls_s_np.~
11:02:04.174 [44][ldapintr.c][6079][LdapHandleErrorEx]:Exit: rc = 2339, LdapOpenSession(ldapintr.c:2340), ldapFunc = ldap_start_tls_s_np, ldapRc = 81, ld = 0000000001B0CAB0
11:02:04.174 [44][ldapintr.c][1580][ldapCloseSession]:Entry: sessP = 0000000009B99CD0
11:02:04.175 [44][ldapintr.c][3159][LdapFreeSess]:Entry: sessP = 0000000009B99CD0
11:02:04.175 [44][ldapintr.c][2449][LdapOpenSession]:Exit: rc = 2339, ldapHandleP = 000000000AFDE740, bindDn =                              (CN=tsm user,OU=TSM,DC=ds,DC=example,DC=com)
11:02:04.175 [44][output.c][7531][PutConsoleMsg]:ANR3103E Failure occurred while initializing LDAP directory services.~
11:02:04.175 [44][ldapintr.c][856][ldapInit]:Exit: rc = 2339
11:02:04.175 [44][output.c][7531][PutConsoleMsg]:ANR2732E Unable to communicate with the external LDAP directory server.~

Resolving the problem

  • In the trace provided, the common name (CN) contains a space. (CN=tsm user,OU=TSM,DC=ds,DC=example,DC=com)

    Remove the space in the common name when using the SET LDAPUSER command. For example:

    SET LDAPUSER “CN=tsmuser,OU=TSM,DC=ds,DC=example,DC=com”

  • Use an LDAP connection utility such as ldp.exe to ensure the ldapurl option is correct and the LDAP server is accepting connections

    <ldapurl> port 636, check the box for SSL

    Verify there are no errors in the output


Gridcoin Compiles on Xenial


I know it might not mean anything to the non-techs, and it might seem insignificant to the uber-techs.

I have successfully built the Gridcoin client on Xenial 16.04.4 with proper libraries, and confirmed it sees my testnet wallet, and overall is just working like it should. (No testplan per se.)

This is a major accomplishment for me, and makes me very excited. It takes 16 minutes to compile with 3 cores of i7-6820HQ CPU @ 2.70GHz and 3.2GB RAM.

I get some QT warnings, but they do not seem to break anything:

/usr/include/x86_64-linux-gnu/qt5/QtCore/qlogging.h:112:73: note: in expansion of macro ‘Q_ATTRIBUTE_FORMAT_PRINTF’
void critical(CategoryFunction catFunc, const char *msg, ...) const Q_ATTRIBUTE_FORMAT_PRINTF(3, 4);

Here is my build environment setup procedure.

### Xenial Build Environment References
http://wiki.gridcoin.us/Linux_guide
https://raw.githubusercontent.com/gridcoin/Gridcoin-Research/master/CompilingGridcoinOnLinux.txt
Google searches for libqt5charts for xenial (KDE Neon distribution)

https://88plug.com/linux/install-berkeley-4-8-db-libs-on-ubuntu-16-04

##########################################
### Intall libqt5charts5-dev and related files from Neon LTS
cat < <‘EOF’ > /etc/apt/sources.list.d/kde-neon-archive-xenial.list
deb http://archive.neon.kde.org/testing-qt xenial main
deb http://archive.neon.kde.org/user/lts xenial main
EOF
sudo apt update
sudo upgrade
sudo apt install ntp git build-essential curl libcurl4-openssl-dev libcurl3-dev libssl-dev libzip-dev libzip4 libdb-dev libdb++-dev \
libdb4.8-dev libdb4.8++-dev debhelper devscripts automake libtool pkg-config libprotobuf-dev protobuf-compiler libminiupnpc-dev \
autotools-dev libevent-dev bsdmainutils software-properties-common libboost-all-dev libqt5gui5 libqt5core5a libqt5dbus5 qttools5-dev \
libqrencode-dev qt-sdk qtcreator libqt5charts5-dev qt5-default qttools5-dev-tools libqt5webkit5-dev libqt5charts5-dev
sudo apt-get autoremove

### Change the distro back to Ubuntu from Neon
echo “DISTRIB_ID=Ubuntu” >> /etc/lsb-release

### Install BDB 4.8 on Xenial
sudo add-apt-repository ppa:bitcoin/bitcoin ## Stable
#sudo add-apt-repository ppa:bitcoin/rc ## testing
sudo apt update
sudo apt install libdb4.8-dev libdb4.8++-dev

##########################################
### New download
cd ~
git clone https://github.com/gridcoin/Gridcoin-Research
cd ~/Gridcoin-Research

### Optional if issues
git config –global http.sslverify false

##########################################
### Refresh download – master, hotfix, staging
cd ~/Gridcoin-Research
make clean
git fetch –all
git reset –hard origin/master

### Build Daemon
cd ~/Gridcoin-Research/src
make clean
mkdir obj
chmod 755 leveldb/build_detect_platform
make -j3 -f makefile.unix USE_UPNP=-
strip gridcoinresearchd
install -m 755 gridcoinresearchd ~/.Gridcoinresearchd/testnet/gridcoinresearchd
### The above probably wants sudo, and a target of /usr/bin

### Build GUI
cd ~/Gridcoin-Research
rm -f build/o.*
qmake gridcoinresearch.pro “USE_UPNP=-”
make -j3
strip gridcoinresearch
install -m 755 gridcoinresearch ~/.Gridcoinresearchd/testnet/gridcoinresearch
### The above probably wants sudo, and a target of /usr/bin

##########################################
### Refresh download, development
cd ~/Gridcoin-Research
make clean
git fetch –all
git reset –hard origin/development

### Build Autotools
cd ~/Gridcoin-Research
./autogen.sh
#./configure –with-incompatible-bdb ### If you do not have BDB 4.8
./configure
date ; make -j3 ; date
make install

###############################


GRC VM Template

Installed base OS

Ubuntu 16.04.4 LTS  because only LTS releases are worthy.  No auto-updates.
Copy over home directory and /etc/apt from my current TESTNET system

Split /home /usr /var /tmp into separate LVs.

lvcreate, edit /etc/fstab, mount on temp space, copy over, move old dir, reboot, remove old dir.

Shrunk root filesystem

grub
e
root=/dev/ram0 rw
^X

Wait for mdadm to finish complaining.
alias ll='ls -laF'
mkdir /mnt
lvm pvscan
lvm vgscan
lvm vgchange -a y
e2fsck -f /dev/ubuntu-vg/root
mount /dev/ubuntu-vg/root /mnt
cd /mnt
cp -a lib lib65 bin sbin /
cd /
umount /mnt
e2fsck -f /dev/ubuntu-vg/root
resize2fs -M /dev/ubuntu-vg/root
lvreduce -L 1120M /dev/ubuntu-vg/root
e2fsck -f /dev/ubuntu-vg/root
resize2fs /dev/ubuntu-vg/root
umount -a

power off VM since halt and reboot do not work.

Cleared free space

lvcreate -l 100%FREE -n deleteme ubuntu-vg
dd if=/dev/zero of=/dev/null bs=256k
lvremove /dev/ubuntu-vg/deleteme
swapoff /dev/ubuntu-vg/swap_1
dd if=/dev/zero of=/dev/ubuntu-vg/swap_1 bs=256k
for i in / /home /var /tmp /boot /usr ; do dd if=/dev/null of=${i}/deleteme bs=256k & rm ${i}/deleteme ; done
halt -p

Compacted

"\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyhd --compact "Xenial GRC Build.vdi"

Plans

Snapshot, test building.


ubuntu shrink root

/var, /usr, /home, and /tmp were all fairly easy to replace live.

/ is a special case.  I did the following:

grub
e
root=/dev/ram0 rw
^X
Wait for mdadm to finish complaining.
alias ll='ls -laF'
mkdir /mnt
lvm pvscan
lvm vgscan
lvm vgchange -a y
e2fsck -f /dev/ubuntu-vg/root
mount /dev/ubuntu-vg/root /mnt
cd /mnt
cp -a lib lib65 bin sbin /
cd /
umount /mnt
e2fsck -f /dev/ubuntu-vg/root
resize2fs -M /dev/ubuntu-vg/root
lvreduce -L 1120M /dev/ubuntu-vg/root
e2fsck -f /dev/ubuntu-vg/root
resize2fs /dev/ubuntu-vg/root
umount -a