Copy paste using Ctrl+Shift+V in urxvt

Hi all,

As I wrote in my last post I have recently reinstalled my laptop and I made made the switch from Konsole to urxvt. I’ve been using i3wm for a while and still using Konsole as my terminal emulator didn’t feel like it fit in well with i3wm. There was nothing really “wrong” with it, just didn’t feel right so I switched to urxvt.

First of all, urxvt looks quite hidious by default but that can be fixed. I found this somewhere in the internet, credits go to original poster but I can’t remember where I found it.

In your .Xdefaults file;

urxvt*foreground: white
urxvt*background: black
urxvt*scrollBar: false

Xft.dpi: 96
Xft.antialias: true
Xft.rgba: rgb
Xft.hinting: true
Xft.hintstyle: hintfull

URxvt.font: xft:Monospace:pixelsize=12
URxvt.boldfont: xft:Monospace-Bold:pixelsize=12

*color0: #2E3436
*color1: #a40000
*color2: #4E9A06
*color3: #C4A000
*color4: #3465A4
*color5: #75507B
*color6: #ce5c00
*color7: #babdb9
*color8: #555753
*color9: #EF2929
*color10: #8AE234
*color11: #FCE94F
*color12: #729FCF
*color13: #AD7FA8
*color14: #fcaf3e
*color15: #EEEEE

You can ofcourse tweak this to your liking. Just close the current window and open urxvt again, settings will be instantly activated.

But… that is not what this article is about. Urxvt has the nasty habit of, by default, not supporting clipboard pasting using Ctrl-Shift-V. Even though there may be different ways to do this, this is the way I’ve been doing it for a long… long time now and I simply like it to be the way it was. I have been searching for this for quite a while until I stumled upon a post by posting exacyly what I needed. It’s fairly simple.

Create a file in /usr/lib64/urxvt/perl/clipboard (note that I’m placing this in lib64, not lib) and paste the following code in it;

#script to copy/paste text in URXVT

#! perl

sub on_sel_grab {
    my $query = $_[0]->selection;
    open (my $pipe,'| /usr/bin/xclip -in -selection clipboard') or die;
    print $pipe $query;
    close $pipe;

sub paste {
    my ($self) = @_;
    my $content = `/usr/bin/xclip -loop 1 -out -selection clipboard` ;
    $self->tt_write ($content);

sub on_user_command {
    my ($self, $cmd) = @_;
    if ($cmd eq "clipboard:paste") {

Now, this needs xclip. In Fedora you can simply install this using yum;

yum install -y xclip

Then append the following lines to your .Xdefaults;

# Enable the ability to use regular copy-paste
URxvt.keysym.Shift-Control-V: perl:clipboard:paste
URxvt.iso14755: False
URxvt.perl-ext-common: default,clipboard

And you’re all set (after restarting urxvf ofcourse)! Everything you select is automatically copied to your clipboard, you can paste it using Ctrl+Shift+V.

SSD trimming an lvm/luks-device on Fedora

It’s been a while since I’ve written anything but I ran into some problems after reinstalling my laptop with Fedora 20. I’ve been running Fedora for a while and I absolutely love it but I made a mess of my machine so it was time to start over. There’s not much to be said about the Fedora installation itself, I can’t really get used to anaconda but that’s a whole different story.

I’ve had some small problems getting theming to work in KDE apps like Dolphin and Kate, I usually do a Cinnamon install because it is very small and I like the interface a lot but at work I usually revert to i3wm which in my opinion is, by far, the best tiling window manager in existence. Even though this is not what this article is about, if you run into problems with themes in KDE apps, you can fix this by installing qt-config, running qtconfig-qt4 and setting the gui style to GTK+.

Now, my boss requires me to encrypt my laptop’s ssd simply because there is a lot of work-related data on my laptop. Fedora doesn’t nag me multiple times for a passphrase if multiple luks devices use an identical one but Ubuntu had me typing it in four times at boot which was really annoying. A simple workaround to this problem is having a single encrypted partition with lvm inside it, you just make your luks device a physical volume for lvm and everything inside it is automatically encrypted. On the newer Ubuntu versions fstrim is automatically enabled and issue_discards is automatically enabled in /etc/lvm/lvm.conf, on Fedora you have to do this manually. I thought that was all but upon running fstrim I was presented with an error message;

[root@noteloek ~]# fstrim -v /
fstrim: /: discard operation not supported.

It turns out you also have to enable discards on your luks device in /etc/crypttab. Here’s the whole process, step-by-step;

1. Allow discards on the luks device. Find your luks device in /etc/crypttab and append allow-discards to the lines that represent a luks device on an ssd. The second drive is the magnetic drive in my caddy, that’s why discards aren’t enabled for this one.

[root@noteloek ~]# cat /etc/crypttab 
luks-23326d8d-d697-4da7-aef0-66b832bbaaeb UUID=23326d8d-d697-4da7-aef0-66b832bbaaeb none allow-discards
luks-b21d9e4f-602e-42fd-ba7a-2b0e51a80ce8 UUID=b21d9e4f-602e-42fd-ba7a-2b0e51a80ce8 none

Update your init ram drive using dracut.

[root@noteloek ~]# dracut -f

After a reboot you can check if it works by running cryptsetup status, it should show the discard flag.

[root@noteloek ~]# cryptsetup status luks-23326d8d-d697-4da7-aef0-66b832bbaaeb | grep flags
  flags:   discards

2. Enable discards for lvm by setting issue_discards to 1 in /etc/lvm/lvm.conf. You can do it by hand or use sed;

[root@noteloek ~]# sed -i 's|issue_discards\ =\ 0|issue_discards\ =\ 1|g' /etc/lvm/lvm.conf

3. Actually trim the device by either mounting with the discard option or by running fstrim, don’t do both… obviously. As far as I know the fstrim solution is the preferred one as the discard option supposedly has quite a negative impact on the performance of your ssd.

[root@noteloek ~]# cat /etc/fstab | grep root
/dev/mapper/fedora-root /                       xfs     defaults,discard,noatime,x-systemd.device-timeout=0 0 0

OR add fstrim [mountpoint] lines to /etc/cron.hourly/fstrim, you should modify this for the mount points on your system.

[root@noteloek ~]# echo -e "fstrim /\nfstrim /home\nfstrim /boot" > /etc/cron.hourly/fstrim

You can also manually run fstrim -v /. The verbose option gives you the amount of data that was trimmed.

And that’s it!

MikroTik wireless guest network

I tried setting up a guest network on my MikroTik RB2011UiAS-2HnD-IN but a simple task as it may sound, it is not. My first attempt was to make sure the guest network could not connect to my primary network using vlans but I kept failing at getting this right. Eventually I found a way to do this using bridges. Every port on the MikroTik is by default connected to bridge-local, not only the physical ports on the router but also your default wlan device (wlan1).

First off I started adding a new bridge for my guest network, aptly named “bridge-guest”;

/interface bridge
add name=bridge-guest

Once your new bridge is created you have to define a new VirtualAP, create a security profile for it and attach it to your new guest bridge.

/interface wireless security-profiles
add authentication-types=wpa2-psk mode=dynamic-keys name=guest wpa2-pre-shared-key=somepassphrase

/interface wireless
add disabled=no l2mtu=2290 mac-address=D6:CA:6D:8E:45:18 master-interface=wlan1 name=wlan2 security-profile=guest ssid="My Guest SSID" wds-default-bridge=bridge-guest

/interface bridge port
add bridge=bridge-guest interface=wlan2

After that we’re going to setup another dhcp-server which will be handing out ip-addresses to devices connected to the guest bridge. As my primary network is using I chose for my guest network;

/ip address
add address= interface=bridge-guest network=
/ip pool
add name=guest ranges=
/ip dhcp-server
add address-pool=guest disabled=no interface=bridge-guest name=guest
/ip dhcp-server network
add address= dns-server= gateway=

Your guest network will be active now, however, devices connected to it yet can’t connect to the internet and they can still connect to devices on you other bridges. The MikroTik will simply route your traffic to the other bridge and 172.x devices can connect to 10.x devices without any problems.

First, making a nat rule for routing traffic to the internet.

/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1-gateway src-address=

Keep in mind that there is a default masquerade rule for src-address=, I had already changed this to src-address= If the rule for is already in place, you do not have to add this.

And last but not least make sure the guest network cannot connect to your bridge-local;

/ip firewall filter
add action=drop chain=forward in-interface=bridge-guest out-interface=!ether1-gateway

What this rule essentially does is just simply drop all traffic coming from bridge-guest, NOT going to ether1-gateway.

Now, I’m not saying this is necessarily the best way to do this, it is however one that works.

ZeelandNet dual-stack ipv6!

This afternoon our local cable company enabled dual-stack ipv6 for a group of “beta testers”. I have been using a tunnel via hurricane electric for a while so I already had ipv6 connectivity but alas that wasn’t a very stable connection to say the least so I was very eager to switch to dual-stack ipv6.

I own a MikroTik RB2011UiAS-2HnD-IN and I really love it, this device has one major problem though… me, simply because most of the time I have no clue what the hell I’m doing. 😛 The email from my cable company simply stated “enable dual-stack”, as you can imagine on most routers you can do this by opening the web administration panel and smashing your head on your keyboard, on the MikroTik… not so much. As I stated before I have used the hurricane electric tunnel for a while so there were some configs left over which I needed to remove, again.. because I didn’t exactly know what I was doing I was rather doubtful about what and better yet what not to remove, turns out I had to remove literally everything. Once I did that the MikroTik got it’s prefix from my cable company and ipv6 was instantly working;

[loek@MikroTik] > /ipv6 dhcp-client print
Flags: D - dynamic, X - disabled, I - invalid
0 ;;; default configuration
ether1-gateway bound 2a02:xxxx:xxxx::/48 25w4d22h47

One major problem with ipv6 is that all your ipv6 enabled devices are directly accessible from the outside world, you can fix this in the MikroTik’s firewall by adding some rules to the forward chain, my full ipv6 firewall configs are shown below;

/ipv6 firewall filter export
add chain=input protocol=icmpv6
add chain=input dst-port=546 in-interface=ether1-gateway protocol=udp src-port=547
add chain=input in-interface=ether1-gateway src-address-list=whitelist
add chain=input connection-state=established in-interface=ether1-gateway
add chain=input connection-state=related in-interface=ether1-gateway
add action=drop chain=input in-interface=ether1-gateway
add chain=forward protocol=icmpv6
add chain=forward in-interface=ether1-gateway src-address-list=whitelist
add chain=forward connection-state=established in-interface=ether1-gateway
add chain=forward connection-state=related in-interface=ether1-gateway
add action=drop chain=forward in-interface=ether1-gateway

All my devices now have access to and are using ipv6 connectivity but nothing, except for my ssh whitelist, is accessible from the outside world.

New init script for SABnzbd on CentOS

I simply cannot find out why SABnzbd will start without a fuss after a restart of my server and when the service gets stopped it won’t start again until I reboot. Weird thing is though, if I just run it will run without any problems, it just won’t start via the init script. Most likely there’s some garbage leftover somewhere but I just cannot find it so I wrote a quick and dirty new init script. I might improve on it somewhat, I could for example create the /var/run/ sub-directory if it doesn’t exist but I wrote this on the crapper and I just wiped (too much information?) so it will have to do for now. So without further ado, here it is;

# Provides:          SABnzbd
# Required-Start:    $all
# Required-Stop:     $all
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: starts SABnzbd
# Description:       starts SABnzbd

options=" --daemon --config-file $conf --pidfile $pid"
run="$bin $options"

start () {
  echo -n $"Starting $prog..."
  if [ ! -d $pidpath ]; then
    mkdir -p $pidpath
    chown $user: $pidpath
  su $user -c "$run"

stop () {
  echo -n $"Shutting down $prog..."
  kill -TERM `cat $pid`
  rm -f $pid

status () {
  if [[ -f $pid ]]; then
    if ps -p $(cat $pid) > /dev/null; then
      echo "$prog is running."
    echo "$prog is not running."

case "$1" in
    echo $"Usage: $0 {start|stop|status|restart}"
    exit 2

XBMC 13 & Nginx

Yesterday I found out that XBMC 13 is able to handle Nginx’s directory listings. Previously I used Nginx as a reverse proxy in front of Apache, in this setup Nginx would serve the actual files but it would proxy to Apache for directories;

location / {
  try_files $uri @apache/;
location @apache {
   proxy_redirect off;
   proxy_set_header Host $host:80;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

This setup maybe looks a little bit retarded but it worked perfectly, just using Nginx though is a LOT faster.

PHP(-FPM) 5.5.12 update changes permissions on socket files.

Apparently the upgrade to php 5.5.12 changes the default mode for the php-fpm socket files from 666 to 660. A direct result of this is that nginx is no longer able to access these files. In other words; shit gets broken.

At first I added the php-fpm ‘listen.mode = 666’ line to the php-fpm configs which fixed my problem. Later, however, a colleague of mine pointed out that php-fpm also has a ‘listen.owner’ setting. I removed the ‘listen.mode’ line and added ‘listen.owner = nginx’ (because nginx runs as the nginx user), the php-fpm socket files were again chmodded at 660 but because they were now owned by the nginx user this was no longer a problem.

As Sterling Archer would say; “Problem-o solved-o!”.