The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,603 other followers

Archive for the ‘bash’ Category

« Previous Entries

Show SCSI / HBA modules in ESXi 6.5 with file and version information

Posted by jpluimers on 2019/05/02

A small script I made: Show SCSI / HBA modules in ESXi 6.5 with file and version information:

MODULES=`esxcfg-scsidevs --hbas | awk 'FNR > 0 {print $2}'`
for MODULE in $MODULES ; do
    # echo "Probing $MODULE"
    vmkload_mod --showinfo $MODULE | grep 'file: \|Version'
done

The script is based on ideas from [WayBackDetermining Network/Storage firmware and driver version in ESXi 4.x and later (1027206) | VMware KB

It works in at least ESXi 6.5 where it shows this on one of my systems:

 input file: /usr/lib/vmware/vmkmod/lsi_msgpt3
 Version: 12.00.02.00-11vmw.650.0.0.4564106
 input file: /usr/lib/vmware/vmkmod/vmw_ahci
 Version: 1.0.0-39vmw.650.1.26.5969303
 input file: /usr/lib/vmware/vmkmod/vmw_ahci
 Version: 1.0.0-39vmw.650.1.26.5969303
 input file: /usr/lib/vmware/vmkmod/vmw_ahci
 Version: 1.0.0-39vmw.650.1.26.5969303
 input file: /usr/lib/vmware/vmkmod/lsi_mr3
 Version: 6.910.18.00-1vmw.650.0.0.4564106
 input file: /usr/lib/vmware/vmkmod/megaraid_sas
 Version: Version 6.603.55.00.2vmw, Build: 4564106, Interface: 9.2 Built on: Oct 26 2016
 input file: /usr/lib/vmware/vmkmod/vmkusb
 Version: 0.1-1vmw.650.1.26.5969303

–jeroen

Read the rest of this entry »

Posted in bash, Development, ESXi6.5, Power User, Scripting, Software Development, Virtualization, VMware, VMware ESXi | Leave a Comment »

bash – aliasing cd to pushd – is it a good idea? – Unix & Linux Stack Exchange

Posted by jpluimers on 2019/04/30

On my research list: [WayBackbash – aliasing cd to pushd – is it a good idea? – Unix & Linux Stack Exchange

It has a nice discussion on complements to pushd/popd/cd/dirs including a very nice set of navd scripts that eases the navigation of the directory stack.

I found it because the ESXi busybox does not have pushd and popd and a cd won’t work from inside a shell script: [WayBacklinux – Why doesn’t “cd” work in a bash shell script? – Stack Overflow

It also made me find out that the ESXi busybox does support cd - to go to the previous directory. More info on that cd syntax is at [WayBack] bash – Difference between “cd -” and “cd ~-” – Unix & Linux Stack Exchange

–jeroen

Posted in *nix, bash, Development, ESXi5, ESXi5.1, ESXi5.5, ESXi6, ESXi6.5, Power User, Scripting, Software Development, Virtualization, VMware, VMware ESXi | Leave a Comment »

sed in a bash script: backslash escape anything that looks suspicious

Posted by jpluimers on 2019/02/26

Did I ever tell I dislike regular expressions and old-skool shells?

They’re not good for anything but basic commands, so if you try any scripts in them, you’re basically lost.

If you disagree, please read [WayBack] Don’t write Shell scripts. I would recommend Python, but I tried “pip search mysql”…. – Kristian Köhntopp – Google+) and [WayBack] How did this shit ever work? by the same author.

On the other hand: on many system, the baseline isn’t much more than a shell and a very limited tool set.

With nx like systems that usually comes down to sed and a shell like bash.

Since I wanted to modify an openssh hardening script to cover more permutations that was using sed in a bash script, I had not much choice but to bite the bullet.

TL;DR:

When you use any of the below characters, prepend them with a backslash as they have a bash meaning in addition to a sed meaning.

  • ? becomes \?
  • ( becomes \(
  • ) becomes \)
  • | becomes \|

The script

Hopefully by now it’s [Archive.is] been merged into https://github.com/comotion/gone/blob/github/modules/ssh. If not, it’s at https://github.com/jpluimers/gone/blob/jpluimers-ssh-hardening-patch/modules/ssh.

The diff: [Archive.is] https://github.com/jpluimers/gone/commit/329bf12a320704080e68eee90f4c099e92d8388d?diff=unified

The relevant portion (which also uses backslashes as line continuation and wrap a command over multiple lines [WayBack]):

sed -i \
-e 's/#\?MaxAuthTries *[0-9]*.*/MaxAuthTries 2/' \
-e 's/#\?PermitRootLogin *\(yes\|no\).*/PermitRootLogin no/' \
-e 's/#\?UsePrivilegeSeparation *\(yes\|no\|sandbox\).*/UsePrivilegeSeparation sandbox/' \
-e 's/#\?StrictModes *\(yes\|no\).*/StrictModes yes/' \
-e 's/#\?IgnoreRhosts *\(yes\|no\).*/IgnoreRhosts yes/' \
-e 's/#\?PermitEmptyPasswords *\(yes\|no\).*/PermitEmptyPasswords no/' \
-e 's/#\?ChallengeResponseAuthentication *\(yes\|no\).*/ChallengeResponseAuthentication yes/' \
-e 's/#\?KerberosAuthentication *\(yes\|no\).*/KerberosAuthentication no/' \
-e 's/#\?GSSAPIAuthentication *\(yes\|no\).*/GSSAPIAuthentication no/' \
-e 's/#\?GatewayPorts *\(yes\|no\).*/GatewayPorts no/' \
-e 's/#\?X11Forwarding *\(yes\|no\).*/X11Forwarding no/' \
-e 's/#\?PrintMotd *\(yes\|no\).*/PrintMotd no/' \
-e 's/#\?PrintLastLog *\(yes\|no\).*/PrintLastLog yes/' \
-e 's/#\?TCPKeepAlive *\(yes\|no\).*/TCPKeepAlive no/' \
-e 's/#\?PermitUserEnvironment *\(yes\|no\).*/PermitUserEnvironment no/' \
-e 's/^\(HostKey .*ssh_host_dsa_key\)/#\1/' \
sshd_config

–jeroen

 

 

 

Posted in *nix, *nix-tools, bash, bash, Development, Power User, Scripting, sed, sed script, Software Development | Leave a Comment »

linux – Test if a port on a remote system is reachable (without telnet) – Super User

Posted by jpluimers on 2019/01/29

Just learned that bash can do TCP and UDP itself:

Bash has been able to access TCP and UDP ports for a while. From the man page:

/dev/tcp/host/port
    If host is a valid hostname or Internet address, and port is an integer port number
    or service name, bash attempts to open a TCP connection to the corresponding socket.
/dev/udp/host/port
    If host is a valid hostname or Internet address, and port is an integer port number
    or service name, bash attempts to open a UDP connection to the corresponding socket.

So you could use something like this:

xenon-lornix:~> cat < /dev/tcp/127.0.0.1/22
SSH-2.0-OpenSSH_6.2p2 Debian-6
^C pressed here

Taa Daa!

This for systems that do not have telnet installed (Windows stopped using this a long time ago, many Linux distributions followed suit) and you cannot to use nc (also known as netcat).

–jeroen: [WayBacklinux – Test if a port on a remote system is reachable (without telnet) – Super User

Posted in *nix, *nix-tools, bash, bash, Development, Power User, Scripting, Software Development | Leave a Comment »

Easy Running of Scripts at Boot and Shutdown – SUSE Blog | SUSE Communities

Posted by jpluimers on 2019/01/01

Cool:

/etc/init.d/after.local

–jeroen

Posted in *nix, *nix-tools, bash, Development, Linux, openSuSE, Power User, Scripting, Software Development, SuSE Linux, Tumbleweed | Leave a Comment »

« Previous Entries
 
%d bloggers like this: