The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,729 other followers

Archive for the ‘bash’ Category

How to Update All Your Ruby Gems At Once | Life, the Universe, and Everything

Posted by jpluimers on 2019/08/26

This looks smart

gem update `gem list | cut -d ' ' -f 1`

From: [WayBack] How to Update All Your Ruby Gems At Once | Life, the Universe, and Everything

Though on the bash prompt, it works fine on Mac OS X / OS X / macOS / …, it does not work nice as an alias.

You can get it to work with difficult escaping (or nesting).

But it is easier to escape this:

gem update $(gem list | cut -d ' ' -f 1)

Escaped, it comes down to:

alias "gem-update-all=gem update \$(gem list | cut -d ' ' -f 1)"

Based on:

–jeroen

Posted in Apple, bash, bash, Development, Mac OS X / OS X / MacOS, Power User, Scripting, Software Development | Leave a Comment »

Show SCSI / HBA modules in ESXi 6.5 with file and version information

Posted by jpluimers on 2019/05/02

A small script I made: Show SCSI / HBA modules in ESXi 6.5 with file and version information:

MODULES=`esxcfg-scsidevs --hbas | awk 'FNR > 0 {print $2}'`
for MODULE in $MODULES ; do
    # echo "Probing $MODULE"
    vmkload_mod --showinfo $MODULE | grep 'file: \|Version'
done

The script is based on ideas from [WayBack] Determining Network/Storage firmware and driver version in ESXi 4.x and later (1027206) | VMware KB

It works in at least ESXi 6.5 where it shows this on one of my systems:

 input file: /usr/lib/vmware/vmkmod/lsi_msgpt3
 Version: 12.00.02.00-11vmw.650.0.0.4564106
 input file: /usr/lib/vmware/vmkmod/vmw_ahci
 Version: 1.0.0-39vmw.650.1.26.5969303
 input file: /usr/lib/vmware/vmkmod/vmw_ahci
 Version: 1.0.0-39vmw.650.1.26.5969303
 input file: /usr/lib/vmware/vmkmod/vmw_ahci
 Version: 1.0.0-39vmw.650.1.26.5969303
 input file: /usr/lib/vmware/vmkmod/lsi_mr3
 Version: 6.910.18.00-1vmw.650.0.0.4564106
 input file: /usr/lib/vmware/vmkmod/megaraid_sas
 Version: Version 6.603.55.00.2vmw, Build: 4564106, Interface: 9.2 Built on: Oct 26 2016
 input file: /usr/lib/vmware/vmkmod/vmkusb
 Version: 0.1-1vmw.650.1.26.5969303

–jeroen

Read the rest of this entry »

Posted in bash, Development, ESXi6.5, Power User, Scripting, Software Development, Virtualization, VMware, VMware ESXi | Leave a Comment »

bash – aliasing cd to pushd – is it a good idea? – Unix & Linux Stack Exchange

Posted by jpluimers on 2019/04/30

On my research list: [WayBack] bash Рaliasing cd to pushd Рis it a good idea? РUnix & Linux Stack Exchange

It has a nice discussion on complements to pushd/popd/cd/dirs including a very nice set of navd scripts that eases the navigation of the directory stack.

I found it because the ESXi busybox¬†does not have pushd¬†and popd¬†and a cd¬†won’t work from inside a shell script:¬†[WayBack]¬†linux – Why doesn’t “cd” work in a bash shell script? – Stack Overflow

It also made me find out that the ESXi busybox¬†does support cd -¬†to go to the previous directory. More info on that cd¬†syntax is at¬†[WayBack] bash – Difference between “cd -” and “cd ~-” – Unix & Linux Stack Exchange

–jeroen

Posted in *nix, bash, Development, ESXi5, ESXi5.1, ESXi5.5, ESXi6, ESXi6.5, Power User, Scripting, Software Development, Virtualization, VMware, VMware ESXi | Leave a Comment »

sed in a bash script: backslash escape anything that looks suspicious

Posted by jpluimers on 2019/02/26

Did I ever tell I dislike regular expressions and old-skool shells?

They’re not good for anything but basic commands, so if you try any scripts in them, you’re basically lost.

If you disagree, please read¬†[WayBack] Don’t write Shell scripts. I would recommend Python, but I tried “pip search mysql”…. – Kristian K√∂hntopp – Google+) and¬†[WayBack] How did this shit ever work?¬†by the same author.

On the other hand: on many system, the baseline isn’t much more than a shell and a very limited tool set.

With nx like systems that usually comes down to sed and a shell like bash.

Since I wanted to modify an openssh hardening script to cover more permutations that was using sed in a bash script, I had not much choice but to bite the bullet.

TL;DR:

When you use any of the below characters, prepend them with a backslash as they have a bash meaning in addition to a sed meaning.

  • ?¬†becomes \?
  • (¬†becomes \(
  • )¬†becomes \)
  • |¬†becomes \|

The script

Hopefully by now it’s [Archive.is] been merged into https://github.com/comotion/gone/blob/github/modules/ssh. If not, it’s at¬†https://github.com/jpluimers/gone/blob/jpluimers-ssh-hardening-patch/modules/ssh.

The diff: [Archive.is] https://github.com/jpluimers/gone/commit/329bf12a320704080e68eee90f4c099e92d8388d?diff=unified

The relevant portion (which also uses backslashes as line continuation and wrap a command over multiple lines [WayBack]):

sed -i \
-e 's/#\?MaxAuthTries *[0-9]*.*/MaxAuthTries 2/' \
-e 's/#\?PermitRootLogin *\(yes\|no\).*/PermitRootLogin no/' \
-e 's/#\?UsePrivilegeSeparation *\(yes\|no\|sandbox\).*/UsePrivilegeSeparation sandbox/' \
-e 's/#\?StrictModes *\(yes\|no\).*/StrictModes yes/' \
-e 's/#\?IgnoreRhosts *\(yes\|no\).*/IgnoreRhosts yes/' \
-e 's/#\?PermitEmptyPasswords *\(yes\|no\).*/PermitEmptyPasswords no/' \
-e 's/#\?ChallengeResponseAuthentication *\(yes\|no\).*/ChallengeResponseAuthentication yes/' \
-e 's/#\?KerberosAuthentication *\(yes\|no\).*/KerberosAuthentication no/' \
-e 's/#\?GSSAPIAuthentication *\(yes\|no\).*/GSSAPIAuthentication no/' \
-e 's/#\?GatewayPorts *\(yes\|no\).*/GatewayPorts no/' \
-e 's/#\?X11Forwarding *\(yes\|no\).*/X11Forwarding no/' \
-e 's/#\?PrintMotd *\(yes\|no\).*/PrintMotd no/' \
-e 's/#\?PrintLastLog *\(yes\|no\).*/PrintLastLog yes/' \
-e 's/#\?TCPKeepAlive *\(yes\|no\).*/TCPKeepAlive no/' \
-e 's/#\?PermitUserEnvironment *\(yes\|no\).*/PermitUserEnvironment no/' \
-e 's/^\(HostKey .*ssh_host_dsa_key\)/#\1/' \
sshd_config

–jeroen

 

 

 

Posted in *nix, *nix-tools, bash, bash, Development, Power User, Scripting, sed, sed script, Software Development | Leave a Comment »

linux – Test if a port on a remote system is reachable (without telnet) – Super User

Posted by jpluimers on 2019/01/29

Just learned that bash can do TCP and UDP itself:

Bash has been able to access TCP and UDP ports for a while. From the man page:

/dev/tcp/host/port
    If host is a valid hostname or Internet address, and port is an integer port number
    or service name, bash attempts to open a TCP connection to the corresponding socket.
/dev/udp/host/port
    If host is a valid hostname or Internet address, and port is an integer port number
    or service name, bash attempts to open a UDP connection to the corresponding socket.

So you could use something like this:

xenon-lornix:~> cat < /dev/tcp/127.0.0.1/22
SSH-2.0-OpenSSH_6.2p2 Debian-6
^C pressed here

Taa Daa!

This for systems that do not have telnet installed (Windows stopped using this a long time ago, many Linux distributions followed suit) and you cannot to use nc (also known as netcat).

–jeroen: [WayBack]¬†linux – Test if a port on a remote system is reachable (without telnet) – Super User

Posted in *nix, *nix-tools, bash, bash, Development, Power User, Scripting, Software Development | Leave a Comment »

 
%d bloggers like this: