CosmicToast

Some useful policies for MinIO

A small collection, because reasons.

User Policies

To apply these:

1. Download the file.
2. mcli admin policy add MYMINIO NAME NAME.json (replace MYMINIO with your configured instance and NAME with the filename).
3. mcli admin policy set MYMINIO NAME user=USER (same as above, replace USER with the user you want to configure).

lijikun

Automatic Signing of DKMS-Generated Kernel Modules for Secure Boot (Nvidia Driver on CentOS 8 as Example)

First I thank Nvidia for sponsoring the video card.

Secure Boot isn't exactly easy to configure to work with Linux and disabling it isn't really a good idea. Many modern Linux distributions provide the Microsoft-signed shim EFI binary to interpose between Secure Boot and the grub2 bootloader, making booting Linux easy enough if you only ever use kernels and drivers from the official repos. Still, enabling Secure Boot prevents the loading of kernel or modules without a proper digital signature. For example, the propriatary Nvidia GPU driver won't work, unless your distro really went to great lengths to distribute a signed version of the kernel module.

To make Secure Boot play nicely with the driver (i.e. to work at all), we can generate and import a Machine Owner Key (MOK)

christhomas

#!/usr/bin/env bash

self=$(basename $0)

[ "$1" = "help" ] && [ ! -f "$1" ] \
   && echo -e "scr_to_gif: v1.0" \
   && echo -e "usage: ${self} <filename.mov> <scale> <speed>\n" \
   && echo -e "scale: - Range 100-9999" \
   && echo -e "       - A single number to denote the desired width, the height will be automatic. E.g: 300, 500, 640, 800, 1024, 1280, 1600" \
   && echo -e "       - Also both dimensions with numbers within range. Separated by a colon. Example: 100:100, 512,512, 800:600" \

ClementNerma

ZSH CheatSheet

This is a cheat sheet for how to perform various actions to ZSH, which can be tricky to find on the web as the syntax is not intuitive and it is generally not very well-documented.

Strings

Description	Syntax
Get the length of a string	${#VARNAME}
Get a single character	${VARNAME[index]}

thingsiplay

#!/bin/sh
# rscript: Rust script interpreter
# Shebang in rust.rscript: #!/usr/bin/env -S rscript 2018

# Directory where compiled binaries are saved to.
# Example: /var/tmp/rscript or /tmp
output_dir=/var/tmp/rscript

# -C panic=abort
# abort, unwind

Neo23x0

log4j RCE Exploitation Detection

You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228

Grep / Zgrep

This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders

sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log

gnremy