e1000e, EEE and networking connection flipping on/off

Do you have a

00:1f.6 Ethernet controller: Intel Corporation Ethernet Connection (7) I219-LM (rev 10)

NIC?

Is your interface switching between down and up every few seconds?

Disabling Energy-Efficient Ethernet helped me.

Create a new unit systemctl edit --full --force disable-eee.service with this content (if the interace in question is called eno1):

[Unit]
Description=disable EEE for eno1
After=network-online.target

[Service]
Type=oneshot
ExecStart=/usr/sbin/ethtool --set-eee eno1 eee off

[Install]
WantedBy=multi-user.target

Enable it with systemctl enable disable-eee.service, reboot and check with

$ ethtool --show-eee eno1
EEE settings for eno1:
    EEE status: disabled
    ...

HP EliteDesk 800 G4, HDMI/DP and no sound

Running Debian 12 on a HP EliteDesk 800 G4 with

00:1f.3 Audio device: Intel Corporation Cannon Lake PCH cAVS (rev 10)

Monitor connected via DP->HDMI and no sound?

aplay -l shows no HDMI cards:

**** List of PLAYBACK Hardware Devices ****
card 0: PCH [HDA Intel PCH], device 0: CX20632 Analog [CX20632 Analog]
  Subdevices: 1/1
  Subdevice #0: subdevice #0

dmesg shows:

snd_hda_codec_hdmi hdaudioC0D2: HDMI: pin NID 0x6 not registered

kernel cmdline options not working?

intel_iommu=on,igfx_off
snd_hda_intel.power_save=0
snd_hda_codec_hdmi.enable_silent_stream=0

Either

  • Install alsa-tools-gui,
  • start hdajackretask,
  • for codec, select ‘… HDMI’,
  • enable ‘show unconnected pins’,
  • override all entries with ‘HDMI / DP’,
  • ‘Install Boot Override’,
  • reboot.

Or generate the files by hand:

# cat /usr/lib/firmware/hda-jack-retask.fw
[codec]
0x8086280b 0x80860101 2

[pincfg]
0x05 0x18560070
0x06 0x18560070
0x07 0x18560070

# cat /etc/modprobe.d/hda-jack-retask.conf
options snd-hda-intel patch=hda-jack-retask.fw,hda-jack-retask.fw,hda-jack-retask.fw,hda-jack-retask.fw
root@tv:~#

and reboot.

Check dmesg for

snd_hda_intel 0000:00:1f.3: Applying patch firmware 'hda-jack-retask.fw'

and that

snd_hda_codec_hdmi hdaudioC0D2: HDMI: pin NID 0x6 not registered

no longer shows.

Now aplay -l shows HDMI cards:

**** List of PLAYBACK Hardware Devices ****
card 0: PCH [HDA Intel PCH], device 0: CX20632 Analog [CX20632 Analog]
  Subdevices: 1/1
  Subdevice #0: subdevice #0
card 0: PCH [HDA Intel PCH], device 3: HDMI 0 [HDMI-0]
  Subdevices: 1/1
  Subdevice #0: subdevice #0
card 0: PCH [HDA Intel PCH], device 7: HDMI 1 [HDMI 1]
  Subdevices: 1/1
  Subdevice #0: subdevice #0
card 0: PCH [HDA Intel PCH], device 8: HDMI 2 [HDMI 2]
  Subdevices: 1/1
  Subdevice #0: subdevice #0

Start pavucontrol, under ‘Configuration’ select an available HDMI profile.

NixOS, dhcpcd, and NAMESPACING

Using DHCP on a bridge with NixOS 24.11? No longer getting an IP? dhcpcd.service failing to start? Worked with 24.05?

dhcpcd.service: Failed to set up mount namespacing: /proc/sys/net/ipv6: No such file or directory
dhcpcd.service: Failed at step NAMESPACE spawning ... No such file or directory

Seems to fail with

boot.kernelParams = ["ipv6.disable=1"];

Also there is #355450.

Solr, Zookeper and OPTS

Does your SolrCloud successfully talk to ZooKeeper over TLS? But bin/solr zk ls fails?

In order to set custom System Properties when running any Solr utility other than start (e.g. stop, create, auth, status, api), the SOLR_TOOL_OPTS environment variable should be used.

See Setting Java System Properties.

smbclient, Workgroup, Kerberos and NT_STATUS_NOT_SUPPORTED

Trying to list shares of a windows machine

smbclient -W WORKGROUP -U user -L //server.domain/
Password for [WORKGROUP\user]:
session setup failed: NT_STATUS_NOT_SUPPORTED

and failing?

Running with -d 10

Kinit for user@WORKGROUP to access server.domain failed: Cannot find KDC for requested realm
...
Failed to start GENSEC client mech gse_krb5: NT_STATUS_INTERNAL_ERROR
...
Starting GENSEC submechanism ntlmssp

and seeing it falling back to NTLM?

Using the REALM instead of WORKGROUP helped:

smbclient -W REALM -U user -L //server.domain/

Ssh key and invalid format

Is ssh reporting Load key ... invalid format when trying to use a private key? The file might be missing a newline at EOF.

Mojolicious, TagHelpers and nesting

TIL, the Mojolicious tag helper can be nested. This

<ul class="navigation">
%= tag 'li', tag 'a', href => "#$_", $_ foreach qw/foo bar baz/
</ul>

becomes

<ul class="navigation">
  <li>
    <a href="#foo">foo</a>
  </li>
  <li>
    <a href="#bar">bar</a>
  </li>
  <li>
    <a href="#baz">baz</a>
  </li>
</ul>

FreeIPA, dogtag, Rocky 9 and ipa-replica-install

Trying to install a replica on Rocky 9? Failing when setting up CA or KRA with creating installation admin user:

[3/30]: creating ACIs for admin
[4/30]: creating installation admin user
Unable to log in as uid=admin-ipa2.$domain,ou=people,o=ipaca on ldap://ipa1.$domain:389
[hint] tune with replication_wait_timeout
[error] NotFound: uid=admin-ipa2.$domain,ou=people,o=ipaca did not replicate to ldap://ipa1.$domain:389

Seems like there is a problem with password setting/synchronisation.

On the new replica, patch dogtaginstance.py:

--- dogtaginstance.py   2024-09-18 13:07:59.800133397 +0000
+++ /usr/lib/python3.9/site-packages/ipaserver/install/dogtaginstance.py        2024-09-18 13:08:24.763219686 +0000
@@ -676,6 +676,7 @@

         # add user
         password = ipautil.ipa_generate_password()
+        logger.debug( "FOOBAR " + password )
         entry = api.Backend.ldap2.make_entry(
             dn,
             objectclass=[

Start ipa-replica-install

Watch /var/log/ipareplica-install.log for the FOOBAR line.

On an existing machine, set password:

ldappasswd -D 'cn=Directory Manager' -W -S uid=admin-ipa2.$domain,ou=people,o=ipaca

Needs to be done once for CA and once for KRA.

FreeIPA, kinit, e-text and ENOSUCH

Trying to get a Kerberos ticket for a user on a master? Getting

kinit: Generic error (see e-text) while getting initial credentials

Log shows

ipa1.$domain krb5kdc... AS_REQ ... HANDLE_AUTHDATA: $user@$realm ... No such file or directory

Did you forget to add SIDs on upgrade/replica install?

This helped:

ipa config-mod --enable-sid --add-sids