The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,839 other subscribers

Archive for the ‘*nix’ Category

« Previous Entries
Next Entries »

GitHub – kellyjonbrazil/jc: CLI tool and python library that converts the output of popular command-line tools and file-types to JSON or Dictionaries. This allows piping of output to tools like jq and simplifying automation scripts.

Posted by jpluimers on 2023/10/17

I already knew about jq and jo (output: the echo for JSON), but not yet about jc for JSON.

Like jq is for querying (the sed for JSON), jc tries to be the universal parser of common command-line tools into JSON:

[Wayback/Archive] kellyjonbrazil/jc: CLI tool and python library that converts the output of popular command-line tools and file-types to JSON or Dictionaries. This allows piping of output to tools like jq and simplifying automation scripts.

Via [Wayback/ArchiveKris on Twitter: ““Jc” verwandelt den Output von üblichen Linux Kommandozeilen Tools in JSON. “Jc” kann auch als Import in Python Programmen verwendet werden und mit subprocess kombiniert werden. Danke, ⁦@janwalzer⁩ und ⁦@the_mutax⁩ für den Tip. “

A few weeks later though, Kris discovered that command-line tools aren’t that portable in their output format: [Wayback/Archive] Kris on Twitter: “As much as I love the idea of @kellyjonbrazil’s jc, this is not a winnable game. sigh Probably still better than a self-cooked parser, but the slightest bit of extra makes it catch fire in multiple possible ways …”

Read the rest of this entry »

Posted in *nix, *nix-tools, bash, bash, Development, JavaScript/ECMAScript, jo, jq, JSON, man/manual pages, mankier, Power User, Python, Scripting, Software Development | Leave a Comment »

Ookla speedtest CLI for Windows has some undocumented arguments to accept license and GDPR

Posted by jpluimers on 2023/10/11

I had speedtest-cli running on MacOS and various Linux machines, but not yet on Windows (see for instance my post Ubuntu: Fixing the myserious “Failed to stop apt-daily.timer: Connection timed out”).

[Wayback/Archive] Install and Test Internet Speed with Speedtest CLI Command Line – NEXTOFWINDOWS.COM reminded me there is a Speedtest CLI for Windows download at at [Wayback/Archive] Speedtest CLI: Internet speed test for the command line, but I am a an automation/scripting/devops person, so luckily there are also [Wayback/Archive] Chocolatey Software | Speedtest by Ookla (don’t get [Wayback/Archive] Ookla.Speedtest download, as that is the GUI version).

Both the Chocolatey and winget packages are named the same, so that is quite confusing. This is how I have set them apart:

Read the rest of this entry »

Posted in *nix, *nix-tools, Batch-Files, Chocolatey, DevOps, GDPR/DS-GVO/AVG, Internet, ISP, KPN, Notepad++, Power User, Privacy, Scripting, SpeedTest, Windows, xs4all | 2 Comments »

Raspberry Pi And The Story Of SD Card Corruption | Hackaday

Posted by jpluimers on 2023/10/02

[Wayback/Archive] Raspberry Pi And The Story Of SD Card Corruption | Hackaday is long and worth reading.

For me the most important bits are how to prevent SD card wear:

  1. use good quality power supplies
  2. put write-heavy operations to SSD
  3. if it suits your use-case, use OverlayFS

The first is always a good idea. It is the primary reason all our electronics live behind a UPS:

In addition, I posted my personal experience (Samsung microSD cards last way longer than SanDisk cards) on Twitter:

[Wayback/Archive] @hackaday I’m have been running a few Raspberry Pi systems with 8-32Gb micro-SD cards as web-dashboard with refreshes every few minutes or so: much write access. When using Sandisk (no matter the type) they last about a year, Samsung (no matter the type) cards last multiple years.

Via: [Wayback/Archive] hackaday on Twitter: “Raspberry Pi And The Story Of SD Card Corruption https://t.co/R8KNVmQORD” / Twitter

EMP

We had a lightning strike in the evening on 20181111 some 50 meters from our home.

It killed immediately killed this (some pictures further below):

Read the rest of this entry »

Posted in *nix, Debian, Development, Hardware Development, Linux, Power User, Raspberry Pi, Raspbian | Leave a Comment »

Getting a local VM disk to OVH (or most any VM hoster) is as easy as 1, 2, 3, 4, 5 (dd, gzip ssh, gunzip, dd)

Posted by jpluimers on 2023/09/29

This is why I love nx:

Actually, saving the OVH image first is another 1, 2, 3, 4 (ssh, dd, gzip, dd).

Speed wasn’t bad BTW: [Wayback/Archive] Jilles🏳️‍🌈 on Twitter: “Done 167772160+0 records in 167772160+0 records out 85899345920 bytes (86 GB, 80 GiB) copied, 2481.09 s, 34.6 MB/s [root@arch ~]#” / Twitter

–jeroen

Posted in *nix, *nix-tools, dd, Power User | Leave a Comment »

Viewing email in Linux using postfix’s mailq and postcat | Jeff Geerling

Posted by jpluimers on 2023/09/22

Since mail mostly “works” I use these below commands only very little and tend to forget them.

Luckily they were documented at [Wayback/Archive] Viewing email in Linux using postfix’s mailq and postcat | Jeff Geerling

Here are the most common commands I use when either developing or troubleshooting email in production:
  • mailq – print a list of all queued mail
  • postcat -vq [message-id] – print a particular message, by ID (you can see the ID along in mailq‘s output)
  • postqueue -f – process the queued mail immediately
  • postsuper -d ALL – delete ALL queued mail (use with caution—but handy if you have a mail send going awry!)

Via [Wayback/Archive] postfix process queue – Google Search two interesting answers (thanks [Wayback/A] Nicolas for asking):

Read the rest of this entry »

Posted in *nix, *nix-tools, postfix, Power User | Leave a Comment »

Some threadreaderapp URLs

Posted by jpluimers on 2023/09/14

For my link archive so I can better automate archiving Tweet threads using bookmarklets written in JavaScript:

The base will likely be this:

javascript:void(open(`https://archive.is/?run=1&url=${encodeURIComponent(document.location)}`))

which for now I have modified into this:

javascript:void(open(`https://threadreaderapp.com/search?q=${document.location}`))

It works perfectly fine without URL encoding and demonstrates the JavaScript backtick feature for template literals for which you can find documentation at [WayBack/Archive] Template literals – JavaScript | MDN.

Read the rest of this entry »

Posted in *nix, *nix-tools, bash, bash, Bookmarklet, Communications Development, cURL, Development, HTTP, https, Internet protocol suite, Power User, Scripting, Security, Software Development, TCP, Web Browsers | Leave a Comment »

.NET/C#: Small command-line tool to query REST JSON results from a batch file.

Posted by jpluimers on 2023/08/29

Often the power is in the combinations of tools.

Read until the epilogue…

Prologue

In this case, I needed to be able to query the JSON results of calls to REST services from the command-line so I could process them in Batch files.

Since I could not find anything readily available, I originally Originally I opted for the PowerShell command-line scripting tool, as that ships with recent Windows versions and can re-use anything that .NET brings. But though [Wayback/Archive] .NET has built in JSON serialization support, there is [Wayback/Archive] no querying support in it.

Then I thought about Delphi, as it [Wayback/Archive] too has a built-in JSON parser, but even the well known [Wayback/Archive] JSON SuperObject library has no query support.

Back to .NET, which – like Delphi – has a well known and respected third party JSON library as well: [Wayback/Archive] NewtonSoft JSON aka JSON.net and that one [Wayback/Archive] does have support for querying JSON with the SelectToken function.

That’s the fundament of the rest of this article, with the potential to be used in a cross-platform as well.

So no need for a plan B.

Read the rest of this entry »

Posted in *nix, *nix-tools, .NET, Batch-Files, Conference Topics, Conferences, Development, Event, JavaScript/ECMAScript, jq, JSON, Power User, Scripting, Software Development, Windows, Windows Development | Leave a Comment »

HTGWA: Create a ZFS RAIDZ1 zpool on a Raspberry Pi | Jeff Geerling

Posted by jpluimers on 2023/08/21

For my link archive: [Wayback/Archive] HTGWA: Create a ZFS RAIDZ1 zpool on a Raspberry Pi | Jeff Geerling

–jeroen

Posted in *nix, Power User, ZFS | Leave a Comment »

Figuring out the threads for processes ran by python

Posted by jpluimers on 2023/08/17

A while ago I wrote about Figuring out the open network connections for processes ran by python, which explained the TL;DR:

pidof python | tr " " "\n" | xargs -r -n 1 lsof -i -a -e /run/user/1001/gvfs -p

Now I needed thread information as well, so below two examples using ps and pstree. I won’t explain the pidof and xargs stuff here as that was already covered in the above blog-post and I found out that ps already has a built-in way to filter on process name.

The ps solution uses the H, -L or -T argument to show the threads:

Read the rest of this entry »

Posted in *nix, *nix-tools, bash, Development, lsof, Power User, ps, Scripting, Software Development | Leave a Comment »

5 days after the exploit publication of snowcra5h/CVE-2023-38408: Remote Code Execution in OpenSSH’s forwarded ssh-agent

Posted by jpluimers on 2023/07/26

TL;DR is at the bottom (;

5 days ago this exploit development got published: [Wayback/Archive] snowcra5h/CVE-2023-38408: CVE-2023-38408 Remote Code Execution in OpenSSH’s forwarded ssh-agent.

It is about [Wayback/Archive] NVD – CVE-2023-38408 which there at NIST isn’t rated (yet?), neither at [Wayback/Archive] CVE-2023-38408 : The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remot.

However at [Wayback/Archive] CVE-2023-38408- Red Hat Customer Portal it scores 7.3 and [Wayback/Archive] CVE-2023-38408 | SUSE it did get a rating of 7.5, so since I mainly use OpenSuSE I wondered what to do as the CVE is formulated densely at [Wayback/Archive] www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt: it mentions Alice, but no Bob or Mallory (see Alice and Bob – Wikipedia).

Luckily, others readly already did the fine reading and emphasised the important bits, especially at [Wayback/Archive] RCE Vulnerability in OpenSSH’s SSH-Agent Forwarding: CVE-2023-38408 (note that instead of Alex, they actually mean Alice)

“A system administrator (Alice) runs SSH-agent on her local workstation, connects to a remote server with ssh, and enables SSH-agent forwarding with the -A or ForwardAgent option, thus making her SSH-agent (which is running on her local workstation) reachable from the remote server.”

According to researchers from Qualys, a remote attacker who has control of the host, which Alex has connected to, can load (dlopen()) and immediately unload (dlclose()) any shared library in /usr/lib* on Alice’s workstation (via her forwarded SSH-agent if it is compiled with ENABLE_PKCS11, which is the default).

The vulnerability lies in how SSH-agent handles forwarded shared libraries. When SSH-agent is compiled with ENABLE_PKCS11 (the default configuration), it forwards shared libraries from the user’s local workstation to the remote server. These libraries are loaded (dlopen()) and immediately unloaded (dlclose()) on the user’s workstation. The problem arises because certain shared libraries have side effects when loaded and unloaded, which can be exploited by an attacker who gains access to the remote server where SSH-agent is forwarded to.

Mitigations for the SSH-Agent Forwarding RCE Vulnerability

Read the rest of this entry »

Posted in *nix, *nix-tools, bash, bash, Communications Development, Development, Internet protocol suite, OpenSSH, Power User, PowerShell, Scripting, Security, Software Development, SSH | Leave a Comment »

« Previous Entries
Next Entries »