This is a conversion table for uniform values on these websites / environments.
# An overly complicated SIP config checker | |
# This is a technically interesting implementation because it does not rely on csrutil | |
# Instead it queries the kernel directly for the current configuration status | |
# This means, for example, in environments where SIP has been disabled and csrutil has | |
# been removed or modified (say, with DYLD_LIBRARY_PATH), as long as python can run you | |
# can still check status | |
# Additionally, checking the nvram csr-active-config setting isn't accurate now with | |
# 10.12.2+, since running "sudo csrutil clear" deletes the variable until reboot, |
from Foundation import NSBundle | |
import objc, array | |
# from CoreFoundation import CFGetTypeID | |
Security = NSBundle.bundleWithPath_('/System/Library/Frameworks/Security.framework') | |
# First we need the CF TypeIDs to build some signatures | |
functions = [ | |
('SecKeychainGetTypeID', 'I'), | |
] |
#!/usr/bin/python | |
import os | |
import sys | |
from CoreFoundation import (CFPreferencesAppValueIsForced, | |
CFPreferencesCopyAppValue, | |
CFPreferencesCopyValue, | |
kCFPreferencesAnyUser, | |
kCFPreferencesAnyHost, |
This nginx configuration allows to restrict access via different methods to separate users.
This is very useful for private docker registries, where you want every member of your team to be able to fetch Docker images, but only some users (admins and CI users) to push new images to the registry.
Example:
- User
write
can use GET, POST, PUT, DELETE and everything else. - User
read
can only use GET and HEAD. - Anonymous users are denied access entirely.
obs = obslua | |
source_name = "" | |
vlc_name = "" | |
scene_name = "" | |
replaying = false | |
autoclear = false | |
addall = false | |
replaylength = 10 | |
instant_hotkey_id = obs.OBS_INVALID_HOTKEY_ID | |
add_hotkey_id = obs.OBS_INVALID_HOTKEY_ID |
// Enter slack in the browser. https://{insert your team name here}.slack.com/messages/ | |
// Click on the channel you want. | |
// Click the information icon. | |
// Expand the members dropdown. | |
// Click "See All Members" | |
// Paste the next line into the console, hit enter. | |
var imageList = new Array() | |
// If your channel has more than 19 members, the list won't display past that. It also unloads them from the state as you scroll. |
from nibbler import * | |
from Foundation import NSTimer, NSObject | |
from AppKit import NSApplication | |
n = Nibbler('/Users/frogor/Desktop/sweet.nib') | |
def test2(): | |
print "hi (politely quit)" | |
n.quit() |
import obspython as obs | |
import subprocess | |
import os | |
import re | |
import datetime | |
# Info for potential OBS Python hackers! | |
# Tip 1 - Read the "OBS Studio Backend Design" documentation page. Read the documentation table of contents. | |
# Tip 2 - be sure to add obspython.py to your script path to enable completion. | |
# Tip 3 - Some of the Python API is generated at runtime, so it won't show up in obspython.py. |
This was a huge hassle to figure out, so I wrote up a little guide in hopes that others would find it helpful:
How to convince macOS to do IPv6 DNS lookups when your only IPv6 address is via a VPN or tunnel of some sort
macOS's domain name resolver will only return IPv6 addresses (from AAAA records) when it thinks that you have a valid routable IPv6 address. For physical interfaces like Ethernet or Wi-Fi it's enough to set or be assigned an IPv6 address, but for tunnels (such as those using utun
interfaces) there are some extra annoying steps that need to be taken to convince the system that yes, you indeed have an IPv6 address, and yes, you'd like to get IPv6 addresses back for DNS lookups.
I use wg-quick
to establish a WireGuard tunnel between my laptop and a Linode virtual server. WireGuard uses a utun
user-space tunnel device to make the connection. Here's how that device gets configured: