richardweinberger
richardweinberger
/ gist:6365731
Created
August 28, 2013 12:56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| rw@sandpuppy:~/linux ((v3.10) $)> LANG=C make vmlinuz.bin ARCH=mips CROSS_COMPILE=mips64-linux- -j 4 | |
| CHK include/generated/uapi/linux/version.h | |
| CC scripts/mod/devicetable-offsets.s | |
| GEN scripts/mod/devicetable-offsets.h | |
| HOSTCC scripts/mod/file2alias.o | |
| CHK include/generated/utsrelease.h | |
| CALL scripts/checksyscalls.sh | |
| HOSTLD scripts/mod/modpost | |
| CHK include/generated/compile.h | |
| CC arch/mips/boot/compressed/decompress.o |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ wget https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-nocloud-amd64.raw | |
| $ qemu-system-x86_64 -M pc,accel=kvm -m 1G \ | |
| -drive file=./debian-12-nocloud-amd64.raw,if=virtio \ | |
| -netdev type=user,hostfwd=tcp::5573-:22,id=net0 \ | |
| -device virtio-net,netdev=net0 -rtc base=localtime -smp 4 \ | |
| -nographic | |
| # login with user 'root' | |
| VM$ apt update && apt install openssh-server | |
| VM$ echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/root_login.conf | |
| VM$ systemctl restart sshd |
richardweinberger
/ gist:cae9edeafeec4cdf657f9bdae00be241
Last active
February 16, 2025 22:08
Confine Firefox
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # | |
| # Run Mozilla Firefox in a sandbox - The goal is to deny access to most locations while keeping the full user experience | |
| # | |
| # - Read/write access only to ~/Downloads, ~/.mozilla (profiles), and /tmp | |
| # - /tmp in read/write is needed to access X11 and for temporary downloads | |
| # - The host /dev is mapped into the sandbox so that access to DRI, camera, and sound devices works | |
| # - --disable-userns is *not* used to allow Firefox to sandbox itself further | |
| # - /run is needed to access the current session (e.g., for PipeWire audio) | |
| # - Developed and tested on OpenSUSE; some paths may vary (e.g., /lib64 or /run) |