Skip to content

Instantly share code, notes, and snippets.

View jirutka's full-sized avatar
🇺🇦
Слава Україні!

Jakub Jirutka jirutka

🇺🇦
Слава Україні!
449 followers · 104 following
View GitHub Profile
@nuxlli
nuxlli / unix_socket_request.sh
Last active January 25, 2024 04:37
Examples of http request in unix domain socket with shell, using socat, netcat or curl
#!/bin/bash
# References
# http://www.computerhope.com/unix/nc.htm#03
# https://github.com/daniloegea/netcat
# http://unix.stackexchange.com/questions/26715/how-can-i-communicate-with-a-unix-domain-socket-via-the-shell-on-debian-squeeze
# http://unix.stackexchange.com/questions/33924/write-inside-a-socket-open-by-another-process-in-linux/33982#33982
# http://www.linuxjournal.com/content/more-using-bashs-built-devtcp-file-tcpip
# http://www.dest-unreach.org/socat/
# http://stuff.mit.edu/afs/sipb/machine/penguin-lust/src/socat-1.7.1.2/EXAMPLES
@julianlam
julianlam / provisioning-unprivileged-lxc-containers-via-login-or-script.md
Last active September 7, 2023 12:45
Provisioning and usage of unprivileged LXC containers via indirect login or script #blog

Provisioning and usage of unprivileged LXC containers via indirect login or script

As I've discovered, managing LXC containers is fairly straightforward, but when building out a system for provisioning out user maintained instances of NodeBB, it was imperative that unprivileged LXC containers were used, so that in the event of shell breakout from NodeBB followed by privilege escalation of the saas user, the root user in the LXC container would only be an unprivileged user on the host machine.

During the course of development, I ran into numerous blockers when it came to managing LXC containers in unexpected circumstances. Namely:

  • Using LXC in a subshell is not directly supported. This usually happens under one of the following two circumstances:
    • After switching users via su or executing lxc-* commands as another user via sudo
    • Executing lxc-* commands via a program, application, or script. In my case, a Node.js application.
@geemus
geemus / excon_multipart_form_data.rb
Last active July 16, 2023 08:36
require 'excon'
require 'securerandom'
def multipart_form_data(buildpack_file_path)
body = ''
boundary = SecureRandom.hex(4)
data = File.open(buildpack_file_path)
data.binmode if data.respond_to?(:binmode)
data.pos = 0 if data.respond_to?(:pos=)
@JulienPalard
JulienPalard / curry.py
Created August 1, 2014 10:51
KISS Python curry
#!/usr/bin/env python
def curry(func):
"""
Decorator to curry a function, typical usage:
>>> @curry
... def foo(a, b, c):
... return a + b + c
@josegonzalez
josegonzalez / access.lua
Created December 3, 2012 18:26
Simple lua file enabling oauth support for nginx via nginx-lua and access_by_lua.
- certain endpoints are always blocked
if nginx_uri == "/_access_token" or nginx_uri == "/_me" then
ngx.exit(403)
end
-- import requirements
local cjson = require "cjson"
-- setup some app-level vars
local app_id = "APP_ID"
@faun
faun / have_xml.rb
Created December 13, 2012 21:14
require 'nokogiri'
RSpec::Matchers.define :have_xml do |xpath, text|
match do |body|
doc = Nokogiri::XML::Document.parse(body)
nodes = doc.xpath(xpath)
nodes.empty?.should be_false
if text
nodes.each do |node|
node.content.should == text
end
@japaric
japaric / build.sh
Last active May 12, 2022 14:29
rustc for x86_64-unknown-linux-musl
# Build an statically linked rustc (with host=x86_64-unknown-linux-musl)
# Last tested on: 9316ae515e2f8f3f497fb4f1559910c1eef2433d
# Usage:
# # patches must be in $(pwd)
# $ ls *.patch
# liblibc.patch rust.patch
#
@myronmarston
myronmarston / response.md
Last active April 6, 2022 19:47
In response to http://tenderlovemaking.com/2015/01/23/my-experience-with-minitest-and-rspec.html

I highly suspect that the RSpec core team all use black backgrounds in their terminals because sometimes the colors aren’t so nice on my white terminal

I certainly use a black background. I'm not sure about the other RSpec core folks. Regardless, if there are some color changes we can make that would make output look good on a larger variety of backgrounds, we'll certainly consider that (do you have some suggested changes?). In the meantime, the colors are configurable, so you can change the colors to fit your preferences on your machine. First, create a file at

@nilium
nilium / key-bindings.json
Created August 11, 2012 23:14
A Sublime Text 2 plugin to enable running multiple commands in any given context from a single key binding.
[
{
"keys": ["ctrl+w"],
"command": "run_multiple",
"args": {
"commands": [
{"command": "find_under_expand", "args": null, "context": "window"},
{"command": "show_panel", "args": {"panel": "find"}, "context": "window"}
]
}
@c4milo
c4milo / disk_types.md
Last active August 2, 2021 11:31

Digesting VMDK spec

Particularly, virtual disks types are very confusing. This document is an attempt to disentangle that and make easier the design of an implementation.

Flat or preallocated disk

  • Monolithic or one-file: Single flat extent with separate descriptor file. createType: monolithicFlat
  • Split or multiple files: 2gb preallocated extents or smaller, to account for file system limits. createType: 2GbMaxExtentFlat
  • VMFS (managed):
    • Zeroed: Thick (flat) disk on VMFS, with blocks zeroed on first use. createType: vmfsPreallocated