This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Helper script to query the SecureDrop Directory API, | |
# and display how many instances are serving Onion v3 URLs. | |
set -e | |
set -u | |
set -o pipefail | |
onion_info="$(curl -s https://securedrop.org/api/v1/directory/ | python3 -m json.tool | grep -i onion_address)" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ curl -s https://pressfreedomtracker.us/all-incidents/export/ | xsv frequency -s categories | xsv select 2,3 | xsv table | |
value count | |
Physical Attack 265 | |
Arrest / Criminal Charge 100 | |
Other Incident 73 | |
Subpoena / Legal Order 71 | |
Physical Attack, Equipment Damage 54 | |
Denial of Access 48 | |
Chilling Statement 42 | |
Arrest / Criminal Charge, Physical Attack 35 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
""" | |
Debugging script meant to reproduce the problems documented in | |
https://github.com/freedomofpress/securedrop-workstation/issues/590 | |
""" | |
import logging | |
import subprocess | |
import sys | |
import os |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Test script to evaluate the qrexec service for Qubes VMs, | |
# depending on virt_mode=(hvm|pvh). Starts several test-only VMs | |
# of both virt types, then executes a command inside of them and reports | |
# the time to completion of that command. | |
function run_cmd_in_vm() { | |
vm_name="$1" | |
shift |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
""" | |
Utility script to reboot Qubes domains. Attempts | |
to perform a graceful shutdown, kills if shutdown fails, | |
then starts up. Inspiration for the timeout logic taken | |
from qubesadmin.tools.qvm_shutdown.main. | |
""" | |
import argparse | |
import time | |
from functools import partial |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
global_lock released | |
do_balance() | |
balance(xen_free_memory=35843820, domain_dictionary={'24': {'last_target': 721125047, 'mem_used': 283856896, 'memory_current': 704278528, 'slow_memset_react': False, 'id': '24', 'memory_maximum': 786432000, 'memory_actual': 721125047, 'no_progress': False}, '128': {'last_target': 955639321, 'mem_used': 389140480, 'memory_current': 938901504, 'slow_memset_react': False, 'id': '128', 'memory_maximum': 4194304000, 'memory_actual': 955639321, 'no_progress': False}, '172': {'last_target': 808155535, 'mem_used': 322928640, 'memory_current': 791416832, 'slow_memset_react': False, 'id': '172', 'memory_maximum': 4194304000, 'memory_actual': 808155535, 'no_progress': False}, '171': {'last_target': 1480951661, 'mem_used': 624975872, 'memory_current': 1464107008, 'slow_memset_react': False, 'id': '171', 'memory_maximum': 4194304000, 'memory_actual': 1480951661, 'no_progress': False}, '17': {'last_target': 786432000, 'mem_used': 343920640, 'memory_current': 769589248, 'slow_memset_react': |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[root@dom0 ~]# cat /home/user/scripts/evaluate-qmemman.sh | |
#!/bin/bash | |
set -u | |
set -o pipefail | |
vm="fpf-dev-dvm" | |
echo "Poll the assigned memory for the vm, so we can see whether it changes" | |
while true; do | |
echo "$(date) $(xl list | grep -i $vm)" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Utility script to check whether Qubes memory balancing | |
# service has failed. Compares the timestamps of the last | |
# success balance operation and the most recent "EOF" | |
# message available in the log file. If EOF is more | |
# recent, declare service broken. Recommended invocation: | |
# | |
# watch -n5 ./check-qmemman.sh | |
# | |
set -e |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
http://27p5nbsmdt5okqun.onion/.well-known/pki-validation/40f318fb930440be9aea960640b01777.txt | |
c17f3564e25844c5ae626955b46af267 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
TASK [ossec : Add firewall exemption for OSSEC agent registration (both servers)] *** | |
ok: [mon-staging] => (item={u'chain': u'INPUT', u'proto': u'tcp', u'cstate': u'NEW,ESTABLISHED,RELATED', u'jump': u'ACCEPT', u'source': u'app-staging', u'match': u'state', u'dest_port': 1515}) | |
ok: [app-staging] => (item={u'chain': u'OUTPUT', u'proto': u'tcp', u'cstate': u'NEW,ESTABLISHED,RELATED', u'jump': u'ACCEPT', u'dest': u'10.0.1.3', u'match': u'state', u'dest_port': 1515}) | |
ok: [mon-staging] => (item={u'chain': u'OUTPUT', u'proto': u'tcp', u'cstate': u'ESTABLISHED,RELATED', u'jump': u'ACCEPT', u'dest': u'app-staging', u'source_port': 1515, u'match': u'state'}) | |
ok: [app-staging] => (item={u'chain': u'INPUT', u'proto': u'tcp', u'cstate': u'ESTABLISHED,RELATED', u'jump': u'ACCEPT', u'source': u'10.0.1.3', u'source_port': 1515, u'match': u'state'}) | |
TASK [ossec : Register OSSEC agent.] ******************************************* | |
fatal: [app-staging]: FAILED! => {"changed": true, "cmd": [ |