Skip to content

Instantly share code, notes, and snippets.

@SpComb
SpComb / centos-stream8.txt
Created May 27, 2021
RedHat UBI is missing non-en locales
View centos-stream8.txt
$ docker run --rm -it quay.io/centos/centos:stream8 yum search langpack
CentOS Stream 8 - AppStream 537 kB/s | 8.7 MB 00:16
CentOS Stream 8 - BaseOS 247 kB/s | 3.8 MB 00:15
CentOS Stream 8 - Extras 853 B/s | 13 kB 00:15
=========================================================== Name & Summary Matched: langpack ============================================================
langpacks-af.noarch : Afrikaans langpacks meta-package
langpacks-am.noarch : Amharic langpacks meta-package
langpacks-ar.noarch : Arabic langpacks meta-package
langpacks-as.noarch : Assamese langpacks meta-package
langpacks-ast.noarch : Asturian langpacks meta-package
View 00-original.txt
Об инциденте с аварийной посадкой самолета компании RyanAir
Департамент по авиации в соответствии с требованиями Стандартов 5.2.5 и 5.3.1 Приложения 17 к Конвенции о Международной гражданской авиации Департамент по авиации информирует о факте совершения акта незаконного вмешательства в деятельность гражданской авиации на территории Республики Беларусь.
23 мая 2021 г. на электронную почту Национального аэропорта Минск info@airport.by c электронного адреса protonmail.com на английском языке поступило письменное сообщение следующего содержания:
«Мы, солдаты ХАМАС, требуем, чтобы Израиль прекратил огонь в Секторе Газа. Мы требуем, чтобы Европейский Союз отказался от поддержки Израиля в этой войне. Известно, что участники Delphi Economic Forum возвращаются домой рейсом FR4978. В этот самолет заложена бомба. Если вы не выполните наши требования, бомба взорвется 23 мая над Вильнюсом».
С учетом серьезности поступившей угрозы информация из Национального аэропорта Минск была передана в соответствующие органы управл
View app_main.c
#include <FreeRTOS.h>
#include <driver/uart.h>
#include <esp_vfs_dev.h>
#include <stdio.h>
#define UART_RX_BUFFER_SIZE 256
#define UART_TX_BUFFER_SIZE 1024
#define UART_RX_LINE_ENDINGS_MODE ESP_LINE_ENDINGS_CRLF // convert CRLF to LF
#define UART_TX_LINE_ENDINGS_MODE ESP_LINE_ENDINGS_CRLF // convert LF to CRLF
View Dockerfile
FROM debian:stretch
ARG FACTORIO_VERSION=0.16.51
RUN apt-get update && apt-get install -y \
curl xz-utils
RUN \
curl -fsSL https://www.factorio.com/get-download/$FACTORIO_VERSION/headless/linux64 -o /tmp/factorio-$FACTORIO_VERSION.tar.xz && \
tar -C /opt -xvf /tmp/factorio-$FACTORIO_VERSION.tar.xz && \
View auth-http.groovy
import java.util.logging.Logger
import jenkins.model.Jenkins
import org.jenkinsci.plugins.reverse_proxy_auth.ReverseProxySecurityRealm
def env = System.getenv()
def logger = Logger.getLogger("jenkins.init.auth-http")
def instance = Jenkins.getInstance()
if (env.JENKINS_HTTP_AUTH) {
config = [
View conf.yml
- name: Configure telegraf {{name}}
template:
src: "{{ src }}"
dest: "{{ dest }}"
owner: root
group: "{{ telegraf_group }}"
mode: 0640
notify: reload telegraf
# mark for prune
@SpComb
SpComb / README.md
Last active Jul 6, 2019
Connecting back to IPVS VIPs from backend/real servers
View README.md

Scenario: IPVS is used to route traffic to various ports on some VIP to different sets of backend servers. Those backend servers are configured with local routes for that VIP in order to accept incoming packets as local INPUT.

$ ip route add local 194.197.235.245 dev lo

Problem: The backend servers cannot themselves connect to the other services on the same IPVS VIP, because the VIP is locally routed.

$ ip ro get 194.197.235.245
@SpComb
SpComb / README.md
Last active Dec 20, 2018
Shibboleth IDP 3.4 custom LDAP authentication XML for AD return attributes
View README.md

The default idp.authn.LDAP.authenticator=adAuthenticator with idp.authn.LDAP.dnFormat=%s fails to resolve the LDAP entry or return any attributes, because it incorrectly uses the user@domain principal as a base DN for the search:

2018-12-20 11:09:07,543 - 127.0.0.1 - DEBUG [org.ldaptive.auth.SearchEntryResolver:415] - resolve criteria=[org.ldaptive.auth.AuthenticationCriteria@889474363::dn=user@example.com, authenticationRequest=[org.ldaptive.auth.AuthenticationRequest@2125852170::user=[org.ldaptive.auth.User@1891586491::identifier=user@example.com, context=org.apache.velocity.VelocityContext@1bbd991a], retAttrs=[cn, userPrincipalName, mail], controls=null]]
2018-12-20 11:09:07,544 - 127.0.0.1 - DEBUG [org.ldaptive.SearchOperation:138] - execute request=[org.ldaptive.SearchRequest@-1882291035::baseDn=user@example.com, searchFilter=[org.ldaptive.SearchFilter@1642584434::filter=(objectClass=*), parameters={}], returnAttributes=[cn, userPrincipalName, mail], searchScope=OBJECT, timeLimit=0, sizeLimit=
@SpComb
SpComb / gist:92e937deb0977a62138f1694b17f5638
Created Nov 7, 2018
RHEL 7.4 shutdown 30min hang on swap deactivation
View gist:92e937deb0977a62138f1694b17f5638
Nov 07 10:22:02 XXX sudo[17535]: terom : TTY=pts/2 ; PWD=/home/terom ; USER=root ; COMMAND=/sbin/reboot
...
Nov 07 10:22:12 XXX systemd[1]: Stopped Device-mapper event daemon.
Nov 07 10:22:12 XXX systemd[1]: Reached target Shutdown.
Nov 07 10:23:42 XXX systemd[1]: dev-mapper-vgRoot\x2dlvSwap.swap deactivation timed out. Stopping.
Nov 07 10:23:42 XXX systemd[1]: Deactivated swap /dev/mapper/vgRoot-lvSwap.
Nov 07 10:23:42 XXX systemd[1]: Unit dev-mapper-vgRoot\x2dlvSwap.swap entered failed state.
Nov 07 10:52:03 XXX systemd[1]: Job reboot.target/start timed out.
Nov 07 10:52:03 XXX systemd[1]: Timed out starting Reboot.
Nov 07 10:52:03 XXX systemd[1]: Job reboot.target/start failed with result 'timeout'.
@SpComb
SpComb / README.md
Last active Aug 23, 2018
Kube 1.11 CoreDNS + Ubuntu Bionic / Linux 4.15 => parallel DNS A+AAAA query timeouts due to *response* packets getting NF_DROP per nf_conntrack_confirm
View README.md

Kube 1.11 CoreDNS + Ubuntu Bionic / Linux 4.15 => parallel DNS A+AAAA query timeouts due to response packets getting NF_DROP per nf_conntrack_confirm

Related but different issues:

AFAIK these describe the outging DNS query packets getting dropped per nf_conntrack_confirm collisions, but this is about the DNS response packets getting dropped due to nf_conntrack_confirm returning NF_DROP for the incoming response packet.

This increaes the duplicate get_unique_tuple race window from µs for the outgoing packet path to ms for the DNS server's query RTT.