craig bender ThinGuy
ThinGuy
/ oscap-report.sh
Last active
November 4, 2022 15:54
Function to run OpenSCAP CVE Evaluation with options to view report in terminal
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| oscap-report() { | |
| local REL=$(lsb_release -sr) SHOW=loc; | |
| [[ $((${REL%%.*}%2)) && $((10#${REL##*.})) -eq 4 ]] && { true; } || { printf "\e[1;38;2;255;0;0mSorry\x21\e[0m OVAL Data is only available for LTS release\n\n";return 3; } | |
| local OSCAP_REPORT="$HOME/oscap-eval-report__$(lsb_release -sd|awk '{gsub(/ /,"-");print tolower($0)}')-$(hostname -s).html" | |
| OK() { printf "\e[74G\x20\e[0m[\x20\e[38;2;0;255;0mOK\e[0m\x20]\e[0m\n"; } | |
| FAIL() { printf "\e[74G\e[0m\x20[\e[38;2;255;0;0mFAIL\e[0m]\n"; } | |
| WARN() { printf "\e[74G\x20\e[0m[\e[38;2;255;200;0mWARN\e[0m]\n"; } | |
| local -a PREREQS=(bzip2 html2text libopenscap8 w3m) | |
| local -a PKGS=() | |
| local OVAL_URL="https://security-metadata.canonical.com/oval/com.ubuntu.$(lsb_release -cs).usn.oval.xml.bz2" |
ThinGuy
/ pg_dumpall_maas-test-db.sh
Created
October 31, 2022 23:36
Run pg_dumpall against maas-test-db
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| sudo -iu root psql -U postgres -h /var/snap/maas-test-db/common/postgres/sockets -d maasdb -c "ALTER ROLE maas WITH SUPERUSER" | |
| sudo -iu root pg_dumpall -U maas -l maasdb -h /var/snap/maas-test-db/common/postgres/sockets -c|tee 1>/dev/null ~/dump.sql |
ThinGuy
/ ip-fwd-status
Created
October 25, 2022 01:14
BASH function to get ip forwarding status of all nics
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ip-fwd-status() { find /sys/class/net -maxdepth 1 -type l ! -iname "*lo*" -printf "%P\n"|sort -uV|xargs -I@ -P1 sudo sysctl [email protected]; };export -f ip-fwd-status |
ThinGuy
/ demo-typer.sh
Last active
April 18, 2024 12:04
Read a list of commands then make it look like you're typing in terminal, Use with termtosvg. asciinema, etc.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| [[ -f ~/script.cmds ]] || { printf "\nMissing $HOME/script.cmds. Exiting\n";exit 1; } | |
| dprompt() { [[ $HOME = $(pwd) ]] && { local DIR='~'; } || { local DIR=$(pwd); };printf "\e[01;32m$USER@${HOSTNAME}\e[0m:\e[01;34m${DIR}\e[0m$ ";};export -f dprompt | |
| clear | |
| declare -ag DCMDS=() | |
| export DCMD_CNT=${#DCMDS[@]} | |
| while IFS= read -er C;do DCMDS+=("${C%;$*}");done < <(cat script.cmds) | |
| export DCMD_CNT=${#DCMDS[@]} | |
| for D in "${DCMDS[@]}";do dprompt;echo "${D}"|pv -qL 10;bash -c "${D}";done |
ThinGuy
/ pnid-regex.sh
Created
October 3, 2022 19:20
REGEX for Predictable Network Interface Device Names
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| export PNID_REGEX=$(curl -fksSL https://raw.githubusercontent.com/systemd/systemd/main/src/udev/udev-builtin-net_id.c|grep -oPa '(?<=prefix = \x22)[^\x22]+'|sort -uV|paste -sd'|'|sed -r 's,l\|ww,[lw],g;s,^|$,\x27') |
ThinGuy
/ sudo-show.sh
Last active
October 2, 2022 18:42
Illustrate sudo preserving the users's environment ($HOME is this case)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Show value of $HOME when user does not preserve the environment | |
| sudo bash -c 'echo $HOME' | |
| # Show the value of $HOME when -E to preserve the sudo user's environment | |
| sudo -E bash -c 'echo $HOME' | |
| # Tip: If both are the same: | |
| # | |
| # - You ran this command directly as root (naughty!) |
ThinGuy
/ sudo-env.sh
Last active
October 20, 2022 23:39
Create bash arrays for the checked, removed, and preserved sudo environmental variables. Add to ~/.bash_rc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| declare -ag SUDO_CHCK=($(sudo sudo -V|awk '/(safety|sanity):[\r]?$/,/remove:[\r]?$/{if (/^E|^Lo/) next;gsub(/\t|\r/,"");print}'|sort -uV)) | |
| declare -ag SUDO_REMV=($(sudo sudo -V|awk '/remove:[\r]?$/,/preserve:[\r]?$/{if (/^E|^Lo/) next;gsub(/\t|\r/,"");print}'|sort -uV)) | |
| declare -ag SUDO_KEEP=($(sudo sudo -V|awk '/preserve:[\r]?$/,/^Loc/{if (/^E|^Lo/) next;gsub(/\t|\r/,"");print}'|sort -uV)) |
ThinGuy
/ add-repo.sh
Last active
October 20, 2022 23:41
Bash function to add a repo with new "signed-by" line in apt sources
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| add-repo() { | |
| add-repo_usage() { | |
| # Help Blue, Help Blue Bold, Help Blue Italic, Italic Text and Reset Text | |
| local HB='\e[38;2;72;226;225m' HBB='\e[1;38;2;72;226;225m' HBI='\e[3;38;2;72;226;225m' IT='\e[3m' RT='\e[0m' | |
| printf "\n\e[2G${HBB}${FUNCNAME%_*}${RT}: ${IT}Add a repo using the new \x22signed-by\x22 feature${RT}\n\n" | |
| printf "\e[2G${HBB}Usage${RT}:\n\n" | |
| printf "\e[5G${FUNCNAME%_*} [ options ]\n\n" | |
| printf "\e[2G${HBB}Options${RT}:\n\n" | |
| printf "\e[5G-n,--repo-name\e[22GRepo Name\n\n" | |
| printf "\e[5G-u,--repo-url\e[22GRepo URL (in sources.list format)\n\n" |
ThinGuy
/ ci-rerun.sh
Created
September 25, 2022 20:56
Re-run cloud-init without reboot (run as root if UID 1000 did not get setup on Ubutnu)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| cloud-init clean --logs | |
| cloud-init init --local | |
| cloud-init init | |
| cloud-init modules --mode=config | |
| cloud-init modules --mode=final |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| amt-check() { | |
| local G=https://github.com/mjg59/mei-amt-check.git | |
| if [[ ! -f /srv/$(basename ${G%.*})/mei-amt-check ]];then | |
| sudo chown -R $(id -un 1000):$(id -gn 1000) /srv | |
| git clone ${G} /srv/$(basename ${G%.*}) | |
| cd /srv/$(basename ${G%.*}) | |
| make | |
| fi | |
| [[ -x /srv/$(basename ${G%.*})/mei-amt-check ]] && { sudo /srv/$(basename ${G%.*})/mei-amt-check; } | |
| };export -f amt-check |