frezbo

# Dockerfile, first try

# from  https://gist.github.com/frezbo/97925f04c823079f7ea0903d6a528caa
# Dockerfile.first
# This works
curl -SLo Dockerfile.first https://gist.githubusercontent.com/frezbo/97925f04c823079f7ea0903d6a528caa/raw/5b669ce089c3f3bebdd7d7d612bd07aa299b82ab/Dockerfile.first

docker build -t test:first -f Dockerfile.first .

frezbo

Freezer cgroup FTW

In a terminal start a server.

$ python -m SimpleHTTPServer 8000

In another terminal set up the cgroups freezer.

frezbo

A collection of The Morning Paper posts relating to containers, operating systems etc.

In order of first appearance in The Morning Paper.

• On the duality of operating system structures
• Why threads are a bad idea
• Why events are a bad idea
• Unikernels: library operating systems for the cloud
• The scalable commutativity rule: designing scalable software for multicore processors
• Jitsu: just-in time summoning of unikernels

frezbo

In absolutely no order

• Insertion Evasion and Denial of Service: Eluding Network Intrusion Detection http://users.ece.cmu.edu/~adrian/731-sp04/readings/Ptacek-Newsham-ids98.pdf
• The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86) https://hovav.net/ucsd/dist/geometry.pdf
• Smashing the Stack for Fun and Profit http://www-inst.eecs.berkeley.edu/~cs161/fa08/papers/stack_smashing.pdf
• Exploiting the DRAM rowhammer bug to gain kernel privileges https://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
• Understanding and Hardening Linux Containers https://www.nccgroup.trust/globalassets/our-research/us/whitepapers/2016/april/ncc_group_understanding_hardening_linux_containers-1-1.pdf
• Spectre Attacks: Exploiting Speculative Execution https://meltdownattack.com/spectre.pdf
• Dolphin Emulator Internals (PPC) https://www.alchemistowl.org/pocorgtfo/pocorgtfo06.pdf
• This World of Ours https://www.usenix.org/system/files/1401_08-12_micke

frezbo

// should be run as Groovy System Script

import hudson.EnvVars
import hudson.model.Environment

def build = Thread.currentThread().executable
def vars = [ENV_VAR1: 'value1', ENV_VAR2: 'value2']

build.environments.add(0, Environment.create(new EnvVars(vars)))

frezbo

Methods of Signing with GPG

There are now two ways to approach this:

1. Using gpg and generating keys
2. Using Kryptonite by krypt.co

This Gist explains how to do this using gpg in a step-by-step fashion. Kryptonite is actually wickedly easy to use-but you will still need to follow the instructions

For using a GUI-based GIT tool such as Tower or Github Desktop, follow the steps here for signing with either GPG or Krypt.co.

frezbo

def md4(string)
  # functions
  mask = (1 << 32) - 1
  f = proc {|x, y, z| x & y | x.^(mask) & z}
  g = proc {|x, y, z| x & y | x & z | y & z}
  h = proc {|x, y, z| x ^ y ^ z}
  r = proc {|v, s| (v << s).&(mask) | (v.&(mask) >> (32 - s))}

  # initial hash
  a, b, c, d = 0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476

frezbo

import hudson.model.*
import hudson.security.*
import jenkins.*
import jenkins.model.*
import java.util.*
import com.michelin.cio.hudson.plugins.rolestrategy.*
import java.lang.reflect.*

RoleBasedAuthorizationStrategy roleBasedAuthenticationStrategy = Hudson.instance.getAuthorizationStrategy()

frezbo

#!/usr/bin/env ruby

require 'base64'
require 'digest'
require 'openssl'

# Author: @thesubtlety
# Decrypts Jenkins 2 encrypted strings, code change introduced around Jenkins ver 2.44
# Based off work by juyeong, https://gist.github.com/juyeong/081379bd1ddb3754ed51ab8b8e535f7c

frezbo

#!/bin/bash
# This tool can be used to sync down Red Hat based packages from RHN using only Red Hat shipped tools
# Brian "Red Beard" Harrington <[email protected]>
# To satisfy the pre-reqs for this script install the following two rpms:
# yum-utils
# createrepo

download_dir="/var/www/html/RHN"

/usr/bin/reposync --gpgcheck -m --download-metadata -l -p ${download_dir}/ >> /var/log/reposync.log 2>&1