Dan Langille dlangille
dlangille
/ 1 - The FileSet
Last active
February 28, 2021 23:45
Each jail is in its own fileset. Snapshot each fileset, back it up. Destroy the filesets.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # the filesets will be different on each jail, thus, we'll always be doing a full unless | |
| # we define this for each jail server | |
| # | |
| FileSet { | |
| Name = "zuul jail snapshots" | |
| Include { | |
| Options { | |
| signature = MD5 | |
| Exclude = yes | |
| } |
dlangille
/ gist:0d01a703af266b0f3022
Last active
August 29, 2015 14:12
Mail recovery, proof of concept
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| I think this is my solution, based on http://giantdorks.org/alain/resend-mail-thats-locally-stored-in-a-mbox-format-on-a-linux-box-to-a-working-email-address/ | |
| export myemail=foo@example.org | |
| cat msg.example | | |
| formail -k \ | |
| -X From: \ | |
| -X Subject: \ | |
| -X Message-Id: \ | |
| -X Date: \ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| In a recent blog post, I showed how I copy mail off to another location which it is archived, mbox fashion. | |
| see http://dan.langille.org/2013/10/19/using-mbox-for-mail-backup/ | |
| What I didn't do at the time was come up with a recovery method. Today, I found one. | |
| First, determine what messages need to be added to your restored Maildir. Copy those files to the IMAP server. | |
| Then run this command: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Note that all existing packages are cleared. | |
| [dan@slocum:~] $ sudo poudriere bulk -v -j 93amd64 -p default -z master-list devel/p5-Exporter-Tinyorter-Tiny | |
| [00:00:00] ====>> Creating the reference jail... done | |
| [00:00:00] ====>> Mounting system devices for 93amd64-default-master-list | |
| [00:00:00] ====>> Mounting ports/packages/distfiles | |
| [00:00:00] ====>> Stashing existing package repository | |
| [00:00:01] ====>> Mounting packages from: /usr/local/poudriere/data/packages/93amd64-default-master-list | |
| [00:00:01] ====>> Mounting /var/db/ports from: /usr/local/etc/poudriere.d/master-list-options | |
| [00:00:01] ====>> Appending to make.conf: /usr/local/etc/poudriere.d/make.conf |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| webserver is running in a jail on FreeBSD 9.3-RELEASE-p5 | |
| This package was compiled via poudriere. | |
| Building from source in the jail solves the problem. | |
| [dan@webserver:/usr/local/libexec/nagios] $ ldd ./check_ping | |
| ./check_ping: | |
| libintl.so.8 => /usr/local/lib/libintl.so.8 (0x800828000) | |
| libthr.so.3 => /lib/libthr.so.3 (0x800a33000) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ===> Returning to build of nagios-plugins-2.0.3_4,1 | |
| ===> nagios-plugins-2.0.3_4,1 depends on executable: msgfmt - found | |
| ===> nagios-plugins-2.0.3_4,1 depends on file: /usr/local/bin/perl5.16.3 - found | |
| ===> nagios-plugins-2.0.3_4,1 depends on shared library: libintl.so - found (/usr/local/lib/libintl.so.8.1.2) | |
| ===> nagios-plugins-2.0.3_4,1 depends on shared library: libpq.so.5 - found (/usr/local/lib/libpq.so.5) | |
| ===> nagios-plugins-2.0.3_4,1 depends on shared library: libmysqlclient.so.18 - found (/usr/local/lib/mysql/libmysqlclient.so.18) | |
| ===> Configuring for nagios-plugins-2.0.3_4,1 | |
| configure: loading site script /usr/ports/Templates/config.site | |
| checking for a BSD-compatible install... /usr/bin/install -c -o root -g wheel | |
| checking whether build environment is sane... yes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ====>> Building net-mgmt/nagios-plugins | |
| build started at Tue Jan 6 03:37:32 UTC 2015 | |
| port directory: /usr/ports/net-mgmt/nagios-plugins | |
| building for: FreeBSD 93amd64-default-master-list-job-02 9.3-RELEASE-p7 FreeBSD 9.3-RELEASE-p7 amd64 | |
| maintained by: mat@FreeBSD.org | |
| Makefile ident: $FreeBSD: head/net-mgmt/nagios-plugins/Makefile 373636 2014-11-29 18:22:32Z tijl $ | |
| Poudriere version: 3.1.1 | |
| Host OSVERSION: 903000 | |
| Jail OSVERSION: 903000 |
dlangille
/ 404 when logging in
Created
January 7, 2015 22:47
Give a 404 for certain IP ranges when they try to login
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <Directory "/path/to/wordpress/"> | |
| AllowOverride AuthConfig | |
| Options ExecCGI FollowSymLinks | |
| Order allow,deny | |
| Allow from all | |
| <IfModule mod_rewrite.c> | |
| RewriteEngine On | |
| RewriteCond %{REMOTE_ADDR} ^188.143.234. [OR] | |
| RewriteCond %{REMOTE_ADDR} ^188.143.235. |
dlangille
/ check_host_basejail.sh
Last active
January 19, 2019 12:22
Nagios plugin for comparing userland with kernel
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # | |
| # Nagios check to compare host and basejail | |
| # Use this freely. Enjoy. | |
| # Copyright Dan Langille <dan@langille.org> | |
| # | |
| HOST=`/usr/bin/file -b /bin/sh` | |
| JAIL=`/usr/bin/file -b /usr/jails/basejail/bin/sh` |
dlangille
/ check_snmp_pkgvuln
Last active
August 29, 2015 14:13
A simple script which retrieves via SNMP (net-snmp) the list of installed packages on a FreeBSD system and checks for known vulnerabilities with pkg audit. Based upon https://www.cotds.org/~clement/FreeBSD/nagios/check_snmp_pkgvuln
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /bin/sh | |
| # | |
| # Author: Clement Laforet <clement@FreeBSD.org> | |
| # | |
| # Converted to pkg audit by Dan Langille <dan@langille.org> | |
| # | |
| # This script is under beerware licence from Poul-Henning Kamp | |
| # <phk@FreeBSD.org>. | |
| # | |
| # ---------------------------------------------------------------------------- |