Bipolar disorder and psychotic disorder

My post of last night got me thinking. My first intention of this blog was posting some technical stuff. As I am not the greatest programmer / system administrator / IT guru this world has to offer, this would be more of a notes-to-self endeavor than anything else.
On the other hand I have been struggling with “mental illness” most of my adult life. This subject is shunned and frowned upon a lot. But this is something I’m learning to deal with more and more. My personal journey and daily struggles could be a lot more interesting to a reader.
So I decided to focus my posts on this topic. I will be talking about medication, mental health care, ways I try to cope. Success and failure. That kind of stuff. Hope some one could one day benefit from my story. To be continued!

Insomnia again….

It has been a while (besides my recent post on Outlook) that I have posted on my blog. I think I have found a way to do some more up-keep.
When I have had a busy day with a lot of interaction with people and information I find myself unable to sleep. It is almost 04.00 am right now and I am still awake. Instead of looking at the TV or mindlessly browsing the web, I decided I could write on my blog and let my thoughts flow in posts I make rambling about everything and nothing. As almost nobody reads my blog I don’t see the harm in this.
It is like there is something wrong with the way I process information (there really is I’m seeing a psychiatrist ­čÖé ). When I’m presented with a lot of stimuli during the day I tend to get really active with a feeling of being in control. This feels great and induces more active behavior, which in turn causes more information to flow my way. This tends to get out of hand and my brain is left in a state of hyper activation. There is little that can get me to sleep when I am like this. It’s also pretty dangerous as I am prone to psychosis. Sleep-deprivation combined with a stressy “high-urgency I have to do things” state of mind is a big no-no.
So how do I prevent this from happening?
The key is prevention I think. Just keep a strict daily routine with lots of physical exercise to relieve the stressy feeling and keep the head clear. This is easier said than done, as the cycle of stress and stress seeking behavior is completely in my nature. Is it possible to make something such a strong habit by repetition that I can overpower this? Let’s try and see….

Outlook app on android – Why does microsoft need my imap credentials?

I had added a new imap account to my mailserver and I had bought a new phone. This phone (motorola g5s) comes pre-installed with the Outlook app made by microsoft as an email client.
As I am lazy by nature I did not want to install an extra email client, so I decided to add my imap account to the Outlook app. Checking the logs of my mailserver, I saw an incoming connection that was authenticating succesfully using my credentials. But the connection did not originate from my IP! I was using the ip address 94.xxx.xxx.xxx and the client connected from 52.xxx.xxx.xxx!

Microsoft is playing man in the middle and thus has acccess to all my mail in the imap account!

Nice one Microsoft. From now on I am only using Outlook for Microsoft mail accounts, as they have my authentication data for these already…..

Mining monero with nvidia GPU in unpriviliged container

The problem

As my interest in crypto currency grew in the last couple of weeks, I decided an attempt at mining them would be a good idea. So I went out and got some second hand GPU’s (GTX 760 oc) and wanted to mine monero with them.

Now we have the problem of running the miner software on our operating system directly (which in my humble opinion is not always secure and a high value target). This could be solved by virtualization, but this gives a lot of overhead. Looking into LXC containers, this seems this is a viable solution as the overhead is minimized and privileges can be minimized.

Containers should not be your last line of defence and should be run unprivileged. So in this post I give a short note on how I have set things up considering the above.

Used software: LXC, Nvidia CUDA, XMR-STAK, Ubuntu 16.04 amd64

Setting up CUDA

Firstly we need a NVIDIA GPU supported by cuda, and of course the proprietary software. You can find CUDA here: https://developer.nvidia.com/cuda-downloads

I use ubuntu 16.04 amd64 in this post, as it is user friendly and will be supported for a long time to come.

Before you install CUDA do an apt-get update and apt-get dist-upgrade and reboot

You will have to install CUDA twice, once now and once in the container. The installation is pretty straightforward, just follow the instructions. The last step however I would recommend using apt-get with the flag --no-install-recommends, this installs a lot less unneeded packages. The command will be: sudo apt-get --no-install-recommends install cuda

After installing cuda reboot, so the nouveau driver is replaced by the nvidia driver.

Check if everything is okay by typing the command nvidia-smi. This should give you output about your card and shows the nvidia driver is working.

Setting up the container

The container setup is well described at https://help.ubuntu.com/lts/serverguide/lxc.html

I would choose to do the network setup a little differently, so the container can be accessed on the network with ssh.  So I will create a network bridge first by editing /etc/network/interfaces and replacing the primary network interface line with:

iface <interface> inet manual

and adding the lines:

auto br0
iface br0 inet dhcp
bridge_ports <interface>
bridge_stp off
bridge_maxwait 0
bridge_fd 0

To run LXC containers (and bridges) we need to install the LXC package:
sudo apt-get install lxc
The easiest way to get your new network setup running is by rebooting your system.
After the reboot we create a lxc-user
sudo useradd -m lxc
then become the lxc user:
sudo -s
su - lxc

Get the subuid and subgid and copy these to clipboard / leafpad / gedit / etc.
grep lxc /etc/sub*
Now create the config directory:
mkdir -p .config/lxc
Create the file default.conf in .config/lxc with the following content:
lxc.id_map = u 0 <subuid> 65536
lxc.id_map = g 0 <subgid> 65536
lxc.network.type = veth
lxc.network.link = br0

Now add the following line to /etc/lxc/lxc-usernet:
lxc veth br0 10
Install the container:
lxc-create -n<container name> -t download
choose ubuntu, xenial, amd64
Start the container:
lxc-start -n<container name>
Attach to the container:
lxc-attach -n<container name>
This will give some errors, which can be ignored. You should get a root prompt. Append some stuff to $PATH:
export PATH=$PATH:/sbin:/usr/sbin
Now you can install packages you like (openssh-server, sudo, vim) and add a user and add this user to the sudo group:
apt-get install openssh-server vim sudo
adduser <username>
adduser <username> sudo

Now you can close the terminal your working on and ssh into the container.

Setting up CUDA in the container

Setting up CUDA in the container is exactly the same as on the host. After setting up CUDA we need access to the GPU in the container. The devices in /dev starting with nvidia (like /dev/nvidia0 should be bind mounted into the container. This can be done by adding a line for each device to /home/lxc/.local/share/lxc/<container name>/config
lxc.mount.entry = /dev/nvidia<xxx> dev/nvidia<xxx> none bind,optional,create=file
After this the container should be shutdown and started as the lxc user as shown earlier.
Now the command nvidia-smi should work in your container too.

Setting up XMR-STAK in the container

In the container:
sudo apt-get install git libmicrohttpd-dev libssl-dev cmake build-essential
git clone https://github.com/fireice-uk/xmr-stak.git
cd xmr-stak
mkdir build
cd build
cmake -DHWLOC_ENABLE=OFF -DOpenCL_ENABLE=OFF ../
make -j$(nproc)

Now XMR-STAK should be built. You can run it by:
cd bin
./xmr-stak

Answer the questions and you should be ready to mine in an unprivileged container.

Using virt-install / virsh without vnc

This is my first post. I’ve started tinkering with computers again and I will drop a line here every now and then about something I find useful (even if you may think it is not ­čÖé ).

I have been using KVM for a while now and mostly install virtual machines using virt-install, activating VNC, completing the installation that way.
Getting bored with always using a vnc client / virt-manager I decided to try it another way.
The tricky part was passing the console=ttyS0 to the kernel. When you use a networkinstall (using the -l switch in virt-install) you can specify extra arguments (using -x). As I am using netinstalls mostly, this is no problem for me.
For Ubuntu/Debian this results in:

virt-install -n <domain name> -r <ram in megabytes> -l < network mirror, e.g.: http://ftp.nl.debian.org/debian/dists/stretch/main/installer-amd64> –disk <disk,options> -w <network, options> –nographics -x “console=ttyS0”

This will let you install on a serial console.

During installation I enable ssh.

Post installation, log in with ssh, edit /etc/default/grub to include GRUB_CMDLINE_LINUX=”console=ttyS0″ and run update-grub.

Further more run:

systemctl enable serial-getty@ttyS0.service
systemctl start serial-getty@ttyS0.service

To enable the serial console getty service in systemd and start it right away.

Voila! virsh console works. No more VNC.

Now you can virsh console <domain>.