So on my upgrade from Wheezy to Jessie, I found myself (amongst other issues) looking at a graphical interface where the mouse worked fine, but no mouse pointer was visible. After trying a few other things, it turned out that :-
gsettings set org.gnome.settings-daemon.plugins.cursor active false
Did the trick.
Of course that tip came from somewhere else, but as it worked for me, it’s worth making a note of.
Whilst messing around with malware, memory dumps, and memory forensics, it is kind of handy to be able to use VirtualBox. Particularly when that is your virtual machine "weapon of choice".
According to the documentation, Volatility can read core dumps from VirtualBox. Once you realise that you need to specify a “profile” to read the result, this is quite simple :-
✓ mike@pica» VBoxManage list vms | grep Windows
"Windows" {9cefc95e-eaf2-4052-b466-cb665c73a36a}
✓ mike@pica» VBoxManage debugvm "Windows" dumpguestcore --filename ~/windows.elf
✓ mike@pica» ls -l ~/windows.elf
-rw------- 1 mike mike 2.1G May 10 14:11 /home/mike/windows.elf
If you specify the right profile option, then Volatility can make use of this :-
✓ mike@pica» volatility -f ~/windows.elf --profile=Win7SP1x86 cmdline
Volatility Foundation Volatility Framework 2.4
************************************************************************
System pid: 4
************************************************************************
smss.exe pid: 260
Command line : \SystemRoot\System32\smss.exe
{Long list of processes removed}
All fairly obvious really, but if you do not specify the profile, volatility will present you an error that indicates it does not understand the format of the memory dump which is a bit confusing :-
✓ mike@pica» volatility -f ~/windows.elf cmdline
Volatility Foundation Volatility Framework 2.4
No suitable address space mapping found
Tried to open image as:
{Long list of memory image formats}
At least to someone as thick as me! Yes it took me ages to get this figured out.
Well if you are a Tory supporter nothing went wrong; indeed you must be cock-a-hoop given that you have a Tory government when 64% of the voters wanted something else! But if you are against the Tories, you have to be wondering what went wrong.
The most obvious problem is the broken medieval electoral system we have. For practical reasons it made sense in the days of horse-drawn carts to ask each area to appoint a representative in parliament. But today we should be able to design an electoral system where MPs represent people not places, and where everybody can say their vote helped appoint someone to parliament.
As an example if all the votes for the Green party were distributed amongst the smallest UK consituencies (you did realise they are different sizes didn't you?), they would have ended up with 23 MPs instead of just 1! The Tories would end up with 240 seats rather than 331, which basically means that the Tories are very good at distributing their supporters.
In my case, my vote went towards a loser which means I'm "represented" by a politician whose policies and attitudes I find totally repulsive. There is nobody in parliament that I voted for. And the same applies to a huge swathe of the population who are now feeling alienated by the whole process.
And that is something that can and should be changed.
The alienation caused by the first past the post system is probably one of the causes of the low turnout; what is the point in voting if you live in a "safe" seat?
The most obvious difference in this election is the wholesale take-over of Scotland by the SNP, which surprised everyone. Which leads the new Tory government to a bit of a problem – with just one MP in Scotland, they essentially have no mandate to govern Scotland.
And even in England, the Tory majority is nothing to crow about – a majority of 5 is what would have been called a "fragile majority" in the past. A Tory leader with such a slim majorty is likely to run into problems if they try and ram through a radical programme.
The Tories managed to persuade many of us that a bit more self-flagellation is necessary, and punishing the poor and unfortunate is good for the country.
The effect on the Liberal Democrats is both surprising and entirely predictable. Joining a coalition with the Tories was always a mistake in terms of future elections – it was always seen as helping to put the Tories into power, and many Liberals were far less accepting of this than they would have been to see the party join a coalition with Labour. What the Liberal Democrats failed to sell was the idea that their presence in government helped to amerliorate the Tory extremes.
Labour's failure was probably down to several things :-
Of course whinging about it is not going to change things. We have five years of Tory mismanagement and punishing austerity to accept now.
I have recently been upgrading my Linux containers from Debian wheezy to jessie, and each time have encountered a problem preventing the container from booting. Or rather as it turns out, preventing the equivalent of init from starting any daemons. Which is systemd of course.
Now this is not some addition to the Great Systemd Debate (although my contribution to that debate may well arrive someday), but a simple fix, or at this stage a workaround (to use the dreaded ITIL phrase).
The fix is to re-install the traditional SystemV init package replacing the new systemd package. This can be done during the upgrade by running the following at the end of the usual process :-
apt-get install sysvinit-core
Of course you will probably be reading this after you have encountered the problem. There are probably many ways of dealing with the situation after you have tried rebooting and encountered this issue, but my choice is to run the following commands from what I tend to call the "global container" :-
chroot ${container root filesystem}
apt-get install sysvinit-core
As mentioned before, this is not a fix. And indeed the problem may be my own fault – perhaps it doesn't help having the "global container" still running wheezy. Perhaps there are some instructions in the Debian upgrade manual that details some extra step you should run. And of course by switching back to System V init, we are missing out on all of the systemd fun.
So for ages I've been having these mysterious slow downs in connecting to some of my internal servers. A few seconds, but once connected things are working normally.
And of course I kept putting off having a look into the problem, because firstly I'm lazy, secondly there are other more interesting things to look at, and thirdly I'd already discounted the obvious (actually I'd "fixed" it but made certain assumptions). But it's finally time to have a look.
Now I said I'd earlier discounted the obvious but decided to have a look any way. The thing to remember is that when you connect to a server it almost always performs a DNS lookup on your network address, so a mysterious slow down could well indicate that DNS resolution is to blame. You could perform diagnostics to determine what the problem is, but in all the decades I've been solving issues with computers whenever a mysterious slow down has occurred when connecting over the network, then the problem has almost always been the DNS resolver.
Taking a look at /etc/resolv.conf on the relevant server (a Linux container), and I find the file has a nameserver within it that was retired several weeks ago! Fixing that solved the issue.
Lessons learnt :-