Mantas Mikulėnas grawity

## aleph_upload_patrons.py
#!/usr/bin/env python3
import argparse
import bs4
import os
import requests
import subprocess
import sys

def validate_xml_file(path, schema):
    r = subprocess.call(["xmllint", "--noout", "--schema", schema, path])

## hidepid.conf.xml
<?xml version="1.0"?>
<!-- /etc/dbus-1/system.d/hidepid.conf -->
<!-- This prevents users from bypassing /proc hidepid= restrictions using 'systemctl status'. -->
<busconfig>
	<!-- Allow root to use systemctl -->
	<policy user="root">
		<allow send_destination="org.freedesktop.systemd1"
			send_interface="org.freedesktop.systemd1.Manager"
			send_member="GetUnitProcesses"/>
	</policy>

## update.py
import dns.rdtypes.ANY.TKEY
import dns.resolver
import dns.update
import gssapi
import socket
import time
import uuid

def _build_tkey_query(token, key_ring, key_name):
    inception_time = int(time.time())

## dhcp_option119.py
#!/usr/bin/env python3
"""Command generator for setting DHCP Option 119

This script converts the specified domain names to DHCP Option 119
(Domain Search Option) and prints commands for various DHCP servers.

USAGE:
  ./dhcp_option119.py DOMAIN ...

EXAMPLE:

## x11-device-monitor.c
#if 0
src = $(MAKEFILE_LIST)
app = $(basename $(src))

$(app): LDLIBS = -lX11 -lXi
$(app): $(src)

define source
#endif

## 50-usb-deauthorize.rules
ACTION!="add", GOTO="deauthorize_end"
SUBSYSTEM!="usb", GOTO="deauthorize_end"
TEST!="authorized", GOTO="deauthorize_end"

## make hubs deauthorize all devices by default
TEST=="authorized_default", ATTR{authorized_default}="0", GOTO="deauthorize_end"

## whitelist specific devices
ENV{ID_VENDOR}=="Yubico", ENV{ID_MODEL}=="Yubikey_NEO*", ATTR{authorized}="1", GOTO="deauthorize_end"
ENV{ID_VENDOR}=="Zubico", ENV{ID_MODEL}=="Zubikey_GEO*", ATTR{authorized}="1", GOTO="deauthorize_end"

## knob.c
#if 0
pkg = libpulse
src = $(MAKEFILE_LIST)
app = $(basename $(src))

CFLAGS  = $(shell pkg-config --cflags $(pkg)) -x c
LDFLAGS = $(shell pkg-config --libs $(pkg))

$(app): $(src)

## README.md

      
              4 files
            
          
              0 forks
            
          
              1 comment
            
          
              5 stars
            
          
                grawity
                / README.md
            
            
              Last active
              May 21, 2023 12:50
            
              
                systemd Type=notify implementations
              
          
      View README.md
  
      
    The official documentation is in the [sd_notify(3)][1] manual page.
Very short summary:

Change your systemd service to Type=notify.
Your daemon will receive an environment variable NOTIFY_SOCKET, which contains a path to an AF_UNIX socket.

(If the first path byte is @, this means an "abstract" socket, and you should change the 1st byte to 0x00 before using.)
The protocol consists of sending datagrams containing textual (UTF-8) status messages.

Each message contains newline-separated KEY=value parameters.
When the daemon is ready, it must send READY=1, and systemd will transition the service from "starting" to "running".


## x11-window-monitor.c
#define _GNU_SOURCE
#include <X11/Xlib.h>
#include <X11/Xatom.h>
#include <err.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

int get_prop_card32(Display *d, Window w, Atom p) {
	Atom actual_type;

## eduroam-example.conf
# NOTE
#
#    Eduroam settings are organization-specific.
#
#    If something works with *@foobar.edu, that _does_not_mean_ the same
#    settings automatically work elsewhere.
#
#    Fortunately, *most* sites use very similar settings – password logins via
#    PEAP or TTLS. That's what this example covers.
#
	#!/usr/bin/env python3
	import argparse
	import bs4
	import os
	import requests
	import subprocess
	import sys

	def validate_xml_file(path, schema):
	r = subprocess.call(["xmllint", "--noout", "--schema", schema, path])
	<?xml version="1.0"?>
	<!-- /etc/dbus-1/system.d/hidepid.conf -->
	<!-- This prevents users from bypassing /proc hidepid= restrictions using 'systemctl status'. -->
	<busconfig>
	<!-- Allow root to use systemctl -->
	<policy user="root">
	<allow send_destination="org.freedesktop.systemd1"
	send_interface="org.freedesktop.systemd1.Manager"
	send_member="GetUnitProcesses"/>
	</policy>
	import dns.rdtypes.ANY.TKEY
	import dns.resolver
	import dns.update
	import gssapi
	import socket
	import time
	import uuid

	def _build_tkey_query(token, key_ring, key_name):
	inception_time = int(time.time())
	#!/usr/bin/env python3
	"""Command generator for setting DHCP Option 119

	This script converts the specified domain names to DHCP Option 119
	(Domain Search Option) and prints commands for various DHCP servers.

	USAGE:
	./dhcp_option119.py DOMAIN ...

	EXAMPLE:
	#if 0
	src = $(MAKEFILE_LIST)
	app = $(basename $(src))

	$(app): LDLIBS = -lX11 -lXi
	$(app): $(src)

	define source
	#endif
	ACTION!="add", GOTO="deauthorize_end"
	SUBSYSTEM!="usb", GOTO="deauthorize_end"
	TEST!="authorized", GOTO="deauthorize_end"

	## make hubs deauthorize all devices by default
	TEST=="authorized_default", ATTR{authorized_default}="0", GOTO="deauthorize_end"

	## whitelist specific devices
	ENV{ID_VENDOR}=="Yubico", ENV{ID_MODEL}=="Yubikey_NEO*", ATTR{authorized}="1", GOTO="deauthorize_end"
	ENV{ID_VENDOR}=="Zubico", ENV{ID_MODEL}=="Zubikey_GEO*", ATTR{authorized}="1", GOTO="deauthorize_end"
	#if 0
	pkg = libpulse
	src = $(MAKEFILE_LIST)
	app = $(basename $(src))

	CFLAGS = $(shell pkg-config --cflags $(pkg)) -x c
	LDFLAGS = $(shell pkg-config --libs $(pkg))

	$(app): $(src)
	#define _GNU_SOURCE
	#include <X11/Xlib.h>
	#include <X11/Xatom.h>
	#include <err.h>
	#include <stdio.h>
	#include <stdlib.h>
	#include <string.h>

	int get_prop_card32(Display *d, Window w, Atom p) {
	Atom actual_type;
	# NOTE
	#
	# Eduroam settings are organization-specific.
	#
	# If something works with *@foobar.edu, that _does_not_mean_ the same
	# settings automatically work elsewhere.
	#
	# Fortunately, most sites use very similar settings – password logins via
	# PEAP or TTLS. That's what this example covers.
	#