Allow non-root processes to bind to privileged (ports <1024) on linux

As I work on my homelab migration from FreeNAS into Linux containers, I need to move my freebsd jails to LXC.

In *nix any usage of well-known ports (aka 1024 or less) requires special privileges or a kernel setting. In FreeBSD a simple sysctl net.inet.ip.portrange.reservedhigh =1 was enough to allow the BSD jail to use any port on the jail.

On LXC, I had to figure out how to do the same thing and its quite different. My environment is a debian stretch LXC container but should work on other linux versions.

# apt-get install libcap2-bin
# setcap 'cap_net_bind_service=+ep' /usr/bin/transmission-daemon

In the example above, the binary /usr/bin/transmission-daemon is now able to open any port, or port 80 http in my case all while running a service as a non-root user.

Hopefully these helps folks out there, the answer took some digging but I already had an idea on what was needed thanks to my FreeBSD experience in zones 🙂

FreeBSD/FreeNAS USB_ERR_TIMEOUT fix

As I prepare my migration to my new Debian ZFS system I wanted to backup my zpool onto an external 8TB hard drive. I came across this issue where after plugging in the external USB 3.0 hard drive it would loop and not work:

Continue reading

Install proxmox on a partition instead of a full-disk

By default, installing Proxmox with ZFS during the installation process will force you to use the entire disk for the root zpool. For most installs this is good enough. However, I like to do things differently sometimes.

I have a pair of Samsung 840 Pro 256GB SSDs that I wanted to use for my new homelab that I am currently building (moving from vmware to proxmox). You may be wondering why I want to install the operating system on a partition instead of an entire disk. Several reasons:
Continue reading

Homelab 2017 refresh

My faithful Lenovo TS440 home server has reached its peak potential as I have maxed out the 32gb memory limit of the Intel E3 v3 architecture.

My needs for more CPU power and memory is driven by the idea of hyperconvergence. Which means I use a single machine to be my router/firewall, VPN gateway, network storage as well as virtual machine host.

Those themes have been part of my home network design since 2010 or so, today’s hot technologies are focusing on containers (LXC), Docker, etc. So I need a more powerful server in order to be able to expand my playground into those technologies. The 32gb maximum on my old server is simply not enough when you have 5 different VMs that consume almost all your memory resources (windows 10 VM, OSX one and my FreeNAS one being the top users of 75%+). Continue reading

3 week post-LASIK update

If you are following my LASIK journey, where I drove to Mexico to get it done. This is my 3 week post-op update.

I’ll keep it brief and summarize my experience over the past 3 weeks. If you read my initial post you know that I had moderate Hyperopia (farsightedness) plus astigmatism that I wanted to get corrected.

Continue reading

TeamViewer monitoring and instant push notifications

It has been almost a year since that massive reddit post with people freaking out about their TeamViewer accounts getting hacked [link].

Since then I have always wished team viewer would notify my cellphone every time someone connected or disconnected from my workstation, since I am the only user that connects to it I find the peace of mind extremely valuable and I wouldn’t mind getting some push notifications each time I used TeamViewer.

As TeamViewer themselves don’t have this feature I decided to write my own little program that will  send instant notifications to any phone for anyone connecting to your workstation using TeamViewer. Say hello to go-TValerts!


I have released my code as open source, written instructions on how to install and implement it. Find out more at github.com/TheLinuxGuy/go-tvalerts

I drove to Mexico to get LASIK eye surgery

This is a follow up post about my research for LASIK vision correction. You can read it here.

Why Mexico?

Based on the technology advantages of the AMARIS 1050RS laser system that is widely available in Europe, Latin America, Canada but not in the United States I ended up deciding to get my vision corrected using the latest technology. Continue reading

Xenserver 7.1 a good contender to replace esxi

I have been a big fan and user of vmware ESXi for years, I started playing with it since circa 2008. The bare metal hypervisor and its easy to use GUI on Windows makes virtualization management extremely easy.

However in the past couple of years the free version of esxi has moved to HTML5 web management, and in the latest ESXi version the Windows client (vSphere client) requires you to pay for a license a run a central vcenter server/vm in order to manage via GUI (non-web).

Continue reading

Troubleshooting networking issues after fresh install of proxmox VE 4.4

Writing a quick troubleshooting guide and informative post to address an issue I came across when installing Proxmox VE 4.4 on two of my machines.

On servers with more than two network interfaces Debian/Proxmox renames all interfaces and does not properly detect eth0 as the on-board ethernet as many other linux flavors. This may cause a mild headache if you just installed Proxmox with static IP addresses using the installer and upon reboot you can’t access any network resources. Continue reading

Why certain programs launch fine on Start > Run on Windows but not from the command line

On windows, if you run a program such as Chrome.exe (Google Chrome Web Browser) via control + R (run) it will launch without a hitch as long as the browser is installed.

However, if you open the command line and you attempt to run “chrome.exe” it will complain that the executable is not found in the %PATH%

This is because Control+R also looks up the registry values within HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\

Which include all apps ever installed such as Chrome.exe, Firefox.exe, Excel.exe, Illustrator.exe, etc.

So if you are ever writing a program in your programming language of choice, using a Windows Registry check of the location (HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths) for whatever.exe will be the perfect solution when that program is not in the System Environment variable %PATH%