The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,319 other followers

Archive for the ‘*nix’ Category

Dockerfile with Bite Size Networking tools from b0rk

Posted by jpluimers on 2021/04/16

[WayBack] Ryan James Spencer on Twitter:

“I wrote a quick Dockerfile so people who purchase Bite Size Networking from  @b0rk can quickly have access to the tools. You can slim the image down to do debugging on docker networks once you get comfortable with which tools are most useful to you.”

He is planning to do more, so maybe a few of [WayBack] wizard zines get encapsulated into dockerfiles as well.

–jeroen

PS: [WayBack] Dockerfile | Docker Documentation

# N.B. The only tool missing here that is mentioned in the document is `zenmap`
# purely because this image is intended to be run via a CLI and `zenmap` is a GUI
# to `nmap` i.e. one can play around with the tools by running:
#
# $ docker build –name bite_size_networking:latest .
# $ docker run –rm -d –name bsn_test bite_size_networking:latest
# $ docker exec -it bsn_test bash
#
# Alternatively, one can change the `ENTRYPOINT` to `["bash"]` and run:
#
# $ docker run -it –name bsn_test bite_size_networking:latest
#
# then later (after exiting the shell):
#
# $ docker start bsn_test
# $ docker attach bsn_test
#
# One can also run this image on a docker network to capture packets and so
# forth for debugging purposes. Once you've found the tooling that best suits
# your needs, it may make sense to make a slimmed down version of this
# Dockerfile and, if wireguard isn't needed, base this image off
# `debian:stable` instead.
#
# Lastly, you can purchase Bite Size Networking or Julia's other fantastic
# zines over at https://wizardzines.com/
# We use `unstable` here since we install `wireguard` below
FROM debian:unstable
RUN apt update && \
DEBIAN_FRONTEND=noninteractive apt install -y \
dnsutils \
curl \
nmap \
tcpdump \
ngrep \
mitmproxy \
iptables \
ethtool \
stunnel \
hping3 \
lsof \
ipcalc \
p0f \
iperf \
apache2-utils \
wget \
python3 \
iftop \
nethogs \
iptraf \
httpie \
nload \
aria2 \
nftables \
tcpflow \
telnet \
openvpn \
links \
wireguard \
tshark
ENTRYPOINT ["sh", "-c", "while true; do sleep $(( 60 * 60 * 24 )); done"]

Posted in *nix, *nix-tools, Cloud, Containers, Docker, Infrastructure, Power User | Leave a Comment »

The Architecture of Open Source Applications: Sendmail

Posted by jpluimers on 2021/04/12

Cool historic article: [WayBack] The Architecture of Open Source Applications: Sendmail by Eric Allman.

It is Chapter 17 of this book [WayBack]:

The Architecture of
Open Source Applications

Amy Brown and Greg Wilson (eds.)
ISBN 978-1-257-63801-7

I totally missed that book being published in 2014.

Great historic read!

–jeroen

Posted in *nix, *nix-tools, History, Power User, sendmail | Leave a Comment »

linux – How can I execute a series of commands in a bash subshell as another user using sudo? – Stack Overflow

Posted by jpluimers on 2021/03/31

Based on [WayBack] linux – How can I execute a series of commands in a bash subshell as another user using sudo? – Stack Overflow:

alias restart-spotlight-service-as-root="sudo bash -c 'echo stop;launchctl stop com.apple.metadata.mds;echo start;launchctl start com.apple.metadata.mds;echo started'"

The bold bits above sudo bash -c 'echo stop;launchctl stop com.apple.metadata.mds;echo start;launchctl start com.apple.metadata.mds;echo started' allow the commands between single quotes to executed in one new bash shell under sudo.

–jeroen

Posted in *nix, *nix-tools, Apple, bash, bash, Development, Mac OS X / OS X / MacOS, Power User, Scripting, Software Development | Leave a Comment »

Disable ESXi Password Complexity – Perfect Cloud

Posted by jpluimers on 2021/03/29

Sometimes you have a long enough password, that matches with the confirmation, but pressing “Enter” to continue gives “Password does not have enough character types”:

From [WayBack] Disable ESXi Password Complexity – Perfect Cloud:

A part of my job as a VMware Certified Instructor is to update our lab systems whenever new vSphere versions come out.   After upgrading from 5.5 to 6.0 I decided we should change passwords, h…

This is the workflow:

  1. Make a backup of /etc/pam.d/passwd.
  2. Use vi to edit /etc/pam.d/passwd, and:
    1. Put a # in front of the lines starting with password requisite
    2. Remove the use_authtok bit of the line starting with password sufficient
    3. Put a # in front of the line starting with password required
    4. Quit vi while saving (press Esc, then enter :wq on the prompt)
  3. Change the password to a less secure one
  4. Restore the original /etc/pam.d/passwd.

Via: esxi 6 force short password – Google Search

Working around this on during ESXi installation fails

I tried this:

  1. Press Alt-F1 to go from the installation screen to the console screen
  2. Logon as root, with no password at all to get to the command-prompt:

  3. Perform the /etc/pam.d/passwd editing steps above
  4. Press Alt-F2 to go back to the install screen
  5. Enter root password

The password requirements stayed.

(more screenshots at [WayBack] ESXi 6.7 installation Guide – Let We-i Go)

Related

On my ESXI 6.5 system where the italic bit is removed, besides the two lines being commented out:

  1. original /etc/pam.d/passwd:
    #%PAM-1.0
    
    # Change only through host advanced option "Security.PasswordQualityControl".
    password   requisite    /lib/security/$ISA/pam_passwdqc.so retry=3 min=disabled,disabled,disabled,7,7
    password   sufficient   /lib/security/$ISA/pam_unix.so use_authtok nullok shadow sha512
    password   required     /lib/security/$ISA/pam_deny.so
    
  2. modified /etc/pam.d/passwd:
    #%PAM-1.0
    
    # Change only through host advanced option "Security.PasswordQualityControl".
    #password   requisite    /lib/security/$ISA/pam_passwdqc.so retry=3 min=disabled,disabled,disabled,7,7
    password   sufficient   /lib/security/$ISA/pam_unix.so nullok shadow sha512
    #password   required     /lib/security/$ISA/pam_deny.so
    

On my ESXI 6.7 system (which adds the bold lines below):

  1. original /etc/pam.d/passwd:
    #%PAM-1.0
    
    # Change only through host advanced option "Security.PasswordQualityControl".
    password   requisite    /lib/security/$ISA/pam_passwdqc.so retry=3 min=disabled,disabled,disabled,7,7
    
    # Change only through host advanced option "Security.PasswordHistory"
    password   requisite    /lib/security/$ISA/pam_pwhistory.so use_authtok enforce_for_root retry=2 remember=0
    
    password   sufficient   /lib/security/$ISA/pam_unix.so use_authtok nullok shadow sha512
    password   required     /lib/security/$ISA/pam_deny.so
    
  2. modified /etc/pam.d/passwd:
    #%PAM-1.0
    
    # Change only through host advanced option "Security.PasswordQualityControl".
    #password   requisite    /lib/security/$ISA/pam_passwdqc.so retry=3 min=disabled,disabled,disabled,7,7
    
    # Change only through host advanced option "Security.PasswordHistory"
    #password   requisite    /lib/security/$ISA/pam_pwhistory.so use_authtok enforce_for_root retry=2 remember=0
    
    password   sufficient   /lib/security/$ISA/pam_unix.so nullok shadow sha512
    #password   required     /lib/security/$ISA/pam_deny.so
    

–jeroen

Posted in *nix, ESXi6, ESXi6.5, ESXi6.7, Power User, Virtualization, VMware, VMware ESXi | Leave a Comment »

email file decoding: Encode/Decode Quoted Printable – Webatic

Posted by jpluimers on 2021/03/26

For my link archive: [WayBack] Encode/Decode Quoted Printable – Webatic.

It did a splendid job at decoding email files in MIME format Quoted-printable.

–jeroen

Posted in *nix, *nix-tools, Communications Development, Development, eMail, Encoding, Internet, Internet protocol suite, Power User, sendmail, SMTP, SocialMedia, Software Development | Leave a Comment »

 
<span>%d</span> bloggers like this: