najamelan

# This is a short collection of tools that are useful for managing your
# known_hosts file. In this case, I'm using the '-f' flag to specify the
# global known_hosts file because I'll be adding many deploy users on this
# system. Simply omit the -f flag to operate on ~/.ssh/known_hosts

# Add entry for host
ssh-keyscan -H github.com > /etc/ssh/ssh_known_hosts

# Scan known hosts
ssh-keygen -f /etc/ssh/ssh_known_hosts -H -F github.com

najamelan

Keybase proof

I hereby claim:

• I am najamelan on github.
• I am najamelan (https://keybase.io/najamelan) on keybase.
• I have a public key whose fingerprint is 8076 5DA9 0DA5 CF68 2FC9 2BCD FB4A 4EEE EE1D 2A89

To claim this, I am signing this object:

najamelan

# https://gist.github.com/francisco-rojas/db0fb04ed6aa509acc18
# https://dev.firmafon.dk/blog/drat-ruby-has-a-double-splat/
# http://blog.simplificator.com/2015/03/20/ruby-and-the-double-splat-operator/
# http://chriszetter.com/blog/2012/11/02/keyword-arguments-in-ruby-2-dot-0/
# ------------------------------------------------------Method Definition-----------------------------------------------------
puts "\n---Method Definition---\n"
def say(what, *people)
  people.each { |person| puts "#{person}: #{what}" }
end
say "Hello!", "Alice", "Bob", "Carl"

najamelan

# http://devrandom.postr.hu/offline-ruby-core-and-stdlib-documentation-with-yard

$ gem install yard
$ wget ftp://ftp.ruby-lang.org/pub/ruby/2.0/ruby-2.0.0-p247.tar.gz
$ tar xzvf ruby-2.0.0-p247.tar.gz
$ cd ruby-2.0.0-p247
$ yardoc *.c
$ yardoc -b .yardoc-stdlib -o doc-stdlib
$ yard server -m ruby-core2.0 .yardoc stdlib .yardoc-stdlib

najamelan

cargo build --target=x86_64-rumprun-netbsd
   Compiling hello-tcp v0.1.0 (file:///home/user/code/unikernels/rumprun-packages/rust/examples/hello-tcp)
error: linking with `x86_64-rumprun-netbsd-gcc` failed: exit code: 1
  |
  = note: "x86_64-rumprun-netbsd-gcc" "-Wl,--as-needed" "-Wl,-z,noexecstack" "-m64" "-L" "/usr/share/dev-template/home/user/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/lib/rustlib/x86_64-rumprun-netbsd/lib" "/home/user/code/unikernels/rumprun-packages/rust/examples/hello-tcp/target/x86_64-rumprun-netbsd/debug/deps/hello_tcp-f74073b02c05897c.__rustc_fallback_codegen_unit.rcgu.o" "/home/user/code/unikernels/rumprun-packages/rust/examples/hello-tcp/target/x86_64-rumprun-netbsd/debug/deps/hello_tcp-f74073b02c05897c.alloc-allocator.rcgu.o" "/home/user/code/unikernels/rumprun-packages/rust/examples/hello-tcp/target/x86_64-rumprun-netbsd/debug/deps/hello_tcp-f74073b02c05897c.alloc-allocator.volatile.rcgu.o" "/home/user/code/unikernels/rumprun-packages/rust/examples/hello-tcp/target/x86_64-

najamelan

$block-bg: #f5f5f5;
$color-stab-internal-bg: #ffb9b3;
$nav-separater-border: #000;
$stab-unstable-bg: #fff5d6;
$stab-deprecated-bg: #f3dfff;
$stab-portability-bg: #c4ecff;
$theme-picker-bg: #fff;
$kdb-box-shadow: #c6cbd1;
$pre-ignore-border-left: rgba(255, 142, 0, .4);
$pre-ignore-border-left-hover: #ff9200;

najamelan

<?php

/*
Correct output escaping in php is ridiculously difficult. This class does not pretend to be perfect, but is an attempt for myself to do better than scattering htmlspecialchars all over my code.

This is basically a wrapper around basic functionality like htmlspecialchars. For better security, inspired on code from Twig, who inspired themselves on Zend who inspired themselves on ESAPI. Security notice: all of the above fail to escape the comma in javascript context. This class doesn't and it also provides you with a wrapper around HTML purifier.

This comment has some bits and bops of text to make the point. References:
http://blog.astrumfutura.com/2012/06/automatic-output-escaping-in-php-and-the-real-future-of-preventing-cross-site-scripting-xss/
http://blog.astrumfutura.com/2012/03/a-hitchhikers-guide-to-cross-site-scripting-xss-in-php-part-1-how-not-to-use-htmlspecialchars-for-output-escaping/

najamelan

# Syntactic sugar for pacman
#

function print_pcm_usage

	set blue   ( set_color blue   )
	set green  ( set_color green  )
	set bold   ( set_color --bold )
	set normal ( set_color normal )

najamelan

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBFNdDzMBEAC8qzcVzL2GR4ZaHvuN+dHmvJaHIwSbdUaf03GtfpFk5S7H89kX
iIkfZHh+j8l+oebPZN9L8kkwUB1PPskoz/vUmCap2w//MlNr2BJ00DaBNJy5j+fd
IVz3BiFEsp6PfjAlxUMx0YsEsUpbu5n4i1uYyzMmj9dOLRP//BrAjk9VIrWguqoI
9hpLGEuX2E5pp0/XY3Ns5Ito1NbEBFhzGGDwnuo0ykdtUuccj5sklJfQEWcYM0vJ
or+ScqNjWnH2aizsk+8qKKP8/pBjeR3TRTUkb9kdgJIAbNWeq4MrQct2xQvjgM9T
rzDgw7rW3PJEaJEOx6HoW/ntD3b5fW/RfuSxESESrl3sNFvP9PYF8v3GHupKhRgv
Rmhtf2T2aNjSjP/tecr1ie81MyFMd1yEdp/VogDsPmpuGNNSXyIAu9ibLwWo4Ail
ktejMVmeaMgfn9z/xvjwIsbv4N9dlRNV0NnfjvYScIIWQfB3kdnD5ZKtjMWcjWSb

najamelan

Keeping physical network cards in a dedicated namespace could be a way to control which processes can access the network. For non privileged processes in the main namespace, it would seem that the only network card in the machine is the loopback device. WARNING: Personally I haven't managed to connect to wifi this way. The idea comes from this post, but hacked upon until it works.

Create an udev rule to move any new non-virtual interface to a new namespace as soon as it's plugged in:

# /etc/udev/rules.d/99-physical-netns.rules

SUBSYSTEM=="net", ACTION=="add", DEVPATH!="/devices/virtual/*",TAG+="systemd", ENV{SYSTEMD_WANTS}="physical-namespace@$id.service"

This will call the systemd service with the ID of the network device: