Conor Schaefer conorsch
conorsch
/ app-test-failures.log
Created
February 6, 2018 01:10
app-test failures on 4.4.115 candidate kernel image for SD
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ============================= test session starts ============================== | |
| platform linux2 -- Python 2.7.6, pytest-3.3.2, py-1.5.2, pluggy-0.6.0 -- /usr/bin/python | |
| cachedir: .cache | |
| rootdir: /var/www/securedrop, inifile: | |
| plugins: cov-2.5.1 | |
| collecting ... collected 229 items | |
| tests/test_2fa.py::TestJournalist2FA::test_bad_token_fails_to_verify_on_admin_new_user_two_factor_page PASSED [ 0%] | |
| tests/test_2fa.py::TestJournalist2FA::test_bad_token_fails_to_verify_on_new_user_two_factor_page PASSED [ 0%] | |
| tests/test_2fa.py::TestJournalist2FA::test_totp_reuse_protections PASSED [ 1%] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from __future__ import (absolute_import, division, print_function) | |
| __metaclass__ = type | |
| DOCUMENTATION = ''' | |
| vars: sops | |
| version_added: "N/A" | |
| short_description: In charge of loading SOPS-encrypted vars | |
| description: | |
| - Loads SOPS-encrytped YAML vars into corresponding groups/hosts in group_vars/ and host_vars/ directories. | |
| - Only SOPS-encrypted vars files, with a top-level "sops" key, will be loaded. |
conorsch
/ securedrop-0.7.0-gui-updater-verbose-output
Created
May 15, 2018 21:22
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| When the update begins, this area will populate with output. | |
| Fetching and verifying latest update... (5 mins remaining) | |
| INFO: Applying SecureDrop updates... | |
| INFO: Checking for SecureDrop updates... | |
| Fetching origin | |
| INFO: Update needed | |
| INFO: Verifying signature on latest update... | |
| gpg: key 0x310F561200F4AD77: "SecureDrop Release Signing Key" not changed | |
| gpg: Total number processed: 1 | |
| gpg: unchanged: 1 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Keybase proof | |
| I hereby claim: | |
| * I am conorsch on github. | |
| * I am conorsch (https://keybase.io/conorsch) on keybase. | |
| * I have a public key whose fingerprint is 0B09 5DF4 2849 1E14 7B61 5CD3 F088 93B9 59CA B065 | |
| To claim this, I am signing this object: |
conorsch
/ convert-reboot-from-task-to-role.patch
Created
July 12, 2018 00:39
Supporting discussion of proposed changes in https://github.com/freedomofpress/securedrop/pull/3624
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| commit edf72ac610a118d61fddbce0898822fd3d00f17f | |
| Author: Conor Schaefer <[email protected]> | |
| Date: Wed Jul 11 17:14:39 2018 -0700 | |
| Convert end-of-run reboot task -> role | |
| The "include" block in the final play for the provisioning flow uses a | |
| relative path for the task list, which works well for standard | |
| production use, but breaks when playbooks are symlinks, as they are in | |
| several Molecule scenarios. (We symlink the playbooks to avoid |
conorsch
/ gist:2fde312b631dd39d7bf066fe84fdc0b5
Created
November 1, 2018 20:49
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [user@dom0 securedrop-workstation]$ make test | |
| python -m unittest discover tests | |
| ............. | |
| . | |
| . | |
| . | |
| . | |
| . | |
| . | |
| . |
conorsch
/ ossec registration fail
Created
January 28, 2019 19:28
failing on clean xenial install with new xenial build logic
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| TASK [ossec : Add firewall exemption for OSSEC agent registration (both servers)] *** | |
| ok: [mon-staging] => (item={u'chain': u'INPUT', u'proto': u'tcp', u'cstate': u'NEW,ESTABLISHED,RELATED', u'jump': u'ACCEPT', u'source': u'app-staging', u'match': u'state', u'dest_port': 1515}) | |
| ok: [app-staging] => (item={u'chain': u'OUTPUT', u'proto': u'tcp', u'cstate': u'NEW,ESTABLISHED,RELATED', u'jump': u'ACCEPT', u'dest': u'10.0.1.3', u'match': u'state', u'dest_port': 1515}) | |
| ok: [mon-staging] => (item={u'chain': u'OUTPUT', u'proto': u'tcp', u'cstate': u'ESTABLISHED,RELATED', u'jump': u'ACCEPT', u'dest': u'app-staging', u'source_port': 1515, u'match': u'state'}) | |
| ok: [app-staging] => (item={u'chain': u'INPUT', u'proto': u'tcp', u'cstate': u'ESTABLISHED,RELATED', u'jump': u'ACCEPT', u'source': u'10.0.1.3', u'source_port': 1515, u'match': u'state'}) | |
| TASK [ossec : Register OSSEC agent.] ******************************************* | |
| fatal: [app-staging]: FAILED! => {"changed": true, "cmd": [ |
conorsch
/ gist:ad21b2535b4f4a4b37717591bbe7196e
Created
September 24, 2019 21:22
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://27p5nbsmdt5okqun.onion/.well-known/pki-validation/40f318fb930440be9aea960640b01777.txt | |
| c17f3564e25844c5ae626955b46af267 |
conorsch
/ check-qmemman.sh
Created
March 24, 2020 21:00
Helper scripts to manage Qubes memory balance service
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Utility script to check whether Qubes memory balancing | |
| # service has failed. Compares the timestamps of the last | |
| # success balance operation and the most recent "EOF" | |
| # message available in the log file. If EOF is more | |
| # recent, declare service broken. Recommended invocation: | |
| # | |
| # watch -n5 ./check-qmemman.sh | |
| # | |
| set -e |
conorsch
/ qmemman-service-observation.txt
Created
March 31, 2020 23:25
Observations during debugging qubes-qmemman service
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@dom0 ~]# cat /home/user/scripts/evaluate-qmemman.sh | |
| #!/bin/bash | |
| set -u | |
| set -o pipefail | |
| vm="fpf-dev-dvm" | |
| echo "Poll the assigned memory for the vm, so we can see whether it changes" | |
| while true; do | |
| echo "$(date) $(xl list | grep -i $vm)" |