Recently, I made the script to patch your BASH environment available on this site, but that meant a need to copy and paste.
Using a user with the appropriate rights, you can now pipe directly using a quiet wget to make the full recompile to most recent BASH version possible.
All you need is this line: (more…)
Updated to latest kernel patch bash43-30
You’ve heard of ShellShock, and the bash-exploits that are currently doing the rounds, across platforms, that make use of these bugs (CVE-2014-6271 and the volumes of additional updates including CVE-2014-6277, CVE-2014-7186, CVE-2014-7187 and CVE-2014-7169, but to name a few). Proofs of Concept are being collected here… The below works as a vulnerability fix for older Ubuntu LTS and non-LTS versions, Debian (eg Squeeze) as well as Fedora and RedHat/CentOS, and applies all up-to-date patches to Bash.
bash – as a shell – is a tried and trusted component. Some legacy systems’ repositories – be they apt, yum or other – may no longer be kept up to date. Alternatively, they may not be being kept up-to-date enough for your liking. And you want to close the bash issue in the best way you know how.
Easy workaround is a recompile of the bash shell yourself:
Quick note to myself, as I keep forgetting the syntax, though it is so easy — to block an incoming connection by null routing or rejecting the connection is as simple as
route add -host IP reject
To apply this to a whole subnet range, use the -net as you would with the /24 mask (or the appropriate subnet, /29 or smaller should do), eg
route add -net IP/RANGE reject
To undo this,
route delete IP
You knew it already – but I keep forgetting – the power of zgrep and zcat both of which behave as their z-less counterparts.
So, to search a gzip’d file, you can simply zgrep <term> <filename.gz>, or to cat/view it, zcat <filename.gz>
Good to come back to in case of impending forgetfulness…
Just to jot it down lest I forget:
Tar’ing the local directory and streaming the tarball straight to gzip:
tar cvf - . | gzip > target.tar.gz
MySQLdump’ing directly to gzip: (more…)
It’s a simple one-liner that one tends to forget (that is, one that I forget as I untar more than I manually tar). So creating a tar file from directory and all subdirectories is as simple as
tar -cvf file.tar directory (more…)
Assuming you have a Windows machine and you interact with Linux boxen at any stage, chances are high that you have used and interacted with PuTTY at one stage or another. That beautiful, less than 2 sec, 444K download of a tool (currently at version 0.60 beta) allows you to SSH, COM-direct, RSH, Telnet etc from the desktop. Both examples below relate to MySQL port tunneling.
Running on a proper machine (or even a Windows with Cygwin or a Mac Terminal) allows you to quickly tunnel a session to a remote server: (more…)
Just a quick note (as I keep forgetting, and a cut-and-paste solution is a quicker time to market) – but you knew that already. Installing Webmin is quite simple (download directly, or from the mirrors). Currently, 1.510-2 is the latest version – check on www.webmin.com for further details. As an aside, the book Webmin Kompakt – by Holger Reibold – is available for download!
So here’s a simple step-by-step: (more…)
It’s quite simple, really: POP3 (Exchange, dovecot etc) you know, IMAP (Exchange, dovecot, courier etc) you know — so this is just a recap, right? You know how to telnet into the machine — in Vista or Windows 7, you may need to install it separately using “Add/Remove Programs”, or just use Putty in Telnet mode… otherwise, apt-get install telnet if it’s not on your machine (or yum install telnet)
POP3:
telnet SERVER 110 (more…)
So you want to run a script that removes all mp3 and avi files off the filesystem. One way (in bash) as below. Comment, suggestions and feedback are welcome 🙂 Using $EUID to check for root user, and $IFS to check for line breaks as the file names has spaces in them. IFS is saved to a temp variable, reset and then re-instated afterwards. C is the counter. Got two litte for loops in bash with backtick execution.