Make sure Docker is installed!
Get your Minio endpoint url, accesskey, and secretkey ready!
docker plugin install rexray/s3fs \
# Example of using an InitContainer in place of a GitRepo volume. | |
# Unilke GitRepo volumes, this approach runs the git command in a container, | |
# with the associated hardening. | |
apiVersion: v1 | |
kind: Pod | |
metadata: | |
name: git-repo-demo | |
annotations: | |
seccomp.security.alpha.kubernetes.io/pod: 'docker/default' | |
spec: |
KEY=XXXXXXXXXXXX | |
HOST="https://metrics.crisidev.org" | |
mkdir -p dashboards && for dash in $(curl -k -H "Authorization: Bearer $KEY" $HOST/api/search\?query\=\& |tr ']' '\n' |cut -d "," -f 5 |grep slug |cut -d\" -f 4); do | |
curl -k -H "Authorization: Bearer $KEY" $HOST/api/dashboards/db/$dash > dashboards/$dash.json | |
done |
Steps to change the URL of Rancher installation and switch from a self-signed certificate to a certificate signed by recognized CA.
server-url
setting to the new URL:
https://<old_rancher_hostname>/g/settings/advanced
server-url
to https://<new_rancher_hostname>
https://<old_rancher_hostname>/g/settings/advanced
cacerts
click context menu -> View in APIvalue
fieldjamesmead@floehopper.local:~$ sudo dd bs=1m if=/Users/jamesmead/Downloads/2015-02-16-raspbian-wheezy.img of=/dev/disk2
pi@raspberrypi ~ $ sudo raspi-config
# Choose option 1 to "Expand Filesystem" - Ensures that all of the SD card storage is available to the OS
# Choose Finish & reboot
pi@raspberrypi ~ $ sudo apt-get update
Sometimes, we have to access git repositories over SSL and the server only provides a self-signed certificate 🙈. Although there are ways to increase the trust level for the self-signed certificate (https://confluence.atlassian.com/fishkb/unable-to-clone-git-repository-due-to-self-signed-certificate-376838977.html, https://confluence.atlassian.com/bitbucketserverkb/resolving-ssl-self-signed-certificate-errors-806029899.html), my recommendation is to just ignore SSL verification alltogether.
Prepend GIT_SSL_NO_VERIFY=true
before every git command run to skip SSL verification. This is particularly useful if you haven't checked out the repository yet.
Run git config http.sslVerify false
to disable SSL verification if you're working with a checked out repository already.
https://rfc3161.ai.moda | |
https://rfc3161.ai.moda/adobe | |
https://rfc3161.ai.moda/microsoft | |
https://rfc3161.ai.moda/apple | |
https://rfc3161.ai.moda/any | |
http://rfc3161.ai.moda | |
http://timestamp.digicert.com | |
http://timestamp.globalsign.com/tsa/r6advanced1 | |
http://rfc3161timestamp.globalsign.com/advanced | |
http://timestamp.sectigo.com |
See dejavuln-autoroot for a simpler exploit that works on webOS 3.5+ TVs (i.e., models from 2017 and later). It is unpatched as of 2024-04-21 and does not require Developer Mode or even a network connection—just a USB drive.
Otherwise:
wget -c --no-cookies --no-check-certificate --header "Cookie: oraclelicense=accept-securebackup-cookie" https://download.oracle.com/otn-pub/java/jdk/12.0.2+10/e482c34c86bd4bf8b56c0b35558996b9/jdk-12.0.2_linux-x64_bin.tar.gz |
curl
to get the JSON response for the latest releasegrep
to find the line containing file URLcut
and tr
to extract the URLwget
to download itcurl -s https://api.github.com/repos/jgm/pandoc/releases/latest \
| grep "browser_download_url.*deb" \
| cut -d : -f 2,3 \
| tr -d \" \