Linux

I’ve seen it before, a customer deletes a file and then needs it restored. Normally a challenging request, but under special circumstances a process may have the file opened. While showing my son some fun and exciting Linux security scenarios, I recalled all those times I was able to recover data from the /proc (in memory) filesystem. In order to visualize this scenario I threw together a small Dockerfile and had him poke around:

If you ever want to quickly check the expiration date on your HTTPS server’s SSL certificate all you need is OpenSSL , luckily most of your Linux and OSX workstations will already have it installed. openssl s_client -showcerts -connect **domain.com**:443 </dev/null 2>/dev/null \ | openssl x509 -noout -dates You should get back a nice and tidy response with a notBefore and a notAfter date: notBefore=Mar 13 00:00:00 2015 GMT notAfter=Mar 12 23:59:59 2018 GMT

Elasticsearch is a distributed RESTFul search tool over the HTTP protocol. And we are going to use Docker to spin up multiple nodes in the cluster. First we need a server node running Docker. I’m using a Debian server so the command I need is apt-get: # apt-get install docker.io After installing the package make sure the docker command is available: # docker version Client version: 1.3.1 Client API version: 1.

So you may have looked at /proc/net/route before and thought how the heck am I suppose to read this. Well here is the low down. This file uses endianness to store the addresses as hexadecimal, in reverse; for example 192 as hex is C0 : In []: hex(192) Out[]: '0xc0' So lets take a look at our route file: Iface Destination Gateway Flags RefCnt Use Metric Mask MTU Window IRTT eth0 00087F0A 00000000 0001 0 0 0 00FFFFFF 0 0 0 eth0 0000FEA9 00000000 0001 0 0 1002 0000FFFF 0 0 0 eth0 00000000 01087F0A 0003 0 0 0 00000000 0 0 0 Now the first entry has a destination of 00087F0A , lets go ahead and chunk these in to hex characters:

I’ve spent a lot of time working with RPM in the last couple years, and have had the pleasure of maintaining the IUS Community . I wanted to share a small utility we use quite often called repodataParser , repodataParser is a Python class for working with RPM repositories, and used in a few of our Django applications . The idea is all RPM repositories contain a XML file containing details about the package it contains.

I know this has been written a few time online, but the last time I needed to read up on it, it took a little long to find the answer. What I wanted to do was to chroot in to a new root, then exit that chroot via python . Below we have my current working directory that is /root , take a look at what we have in the directory:

There has been a number of times when I’ve needed to clear the Varnish caching server’s cache, but had no clue how to do this. This resulted in me restarting Varnish, which really wasn’t needed. The easiest way to clear the Varnish cache (without restarting) is by using the varnishadm command line tool: varnishadm -T 127.0.0.1:6082 url.purge . The man page for varnishd shows a number of command which can be used with varnishadm , but the one we need is url.

So there are a few ways to run system command using python, but I tend to find the below approach the easiest to use and has error handling. First off I would create a function rather than running the commands over and over: import subprocess def run(command): '''takes a string command and hands back a subprocess object''' process = subprocess.Popen(command.split(), shell=False, stdout=subprocess.PIPE, stderr=subprocess.PIPE) process.wait() return process The function itself is pretty small and makes use of the subprocess library .