Phil Pennock philpennock

## gpg_refresh_external_domains.sh
#!/usr/bin/env bash
set -eu

# Warning: we assume that the input of the list of domains to refresh is
# trusted, and free from abusive characters.  So the only adjustments for using
# within a PCRE regexp we apply is "escape the dots to be literal".

progname="$(basename "$0" .sh)"
die() { printf >&2 '%s: %s\n' "$progname" "$*"; exit 1; }
usage() {

## tflint
#!/bin/bash -eu

DOCKER_IMAGE_NAME='tflint'

KeepEnvVars=( AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_REGION )

DockerArgs=()
CmdArgs=()
PwdMountFlags='ro'

## aws-vault-unlock
#!/usr/bin/env python3
#
# Copyright © 2020 Pennock Tech, LLC
# SPDX-License-Identifier: MIT

"""
aws-vault-unlock: unlock (or lock) the awsvault libsecret collection

The XDG folks specify the Secret service available over D-Bus.
When everything works right, 99designs/aws-vault trying to access a locked

## perlgssapi-code_GSSAPI_fix-macOS-heimdal.patch
Index: GSSAPI.xs
===================================================================
--- GSSAPI.xs	(revision 73)
+++ GSSAPI.xs	(working copy)
@@ -6,6 +6,8 @@
 #define __GSS_KRB5_NT_PRINCIPAL_NAME &mygss_nt_krb5_principal
 #define __gss_mech_krb5_v2 &mygss_mech_krb5_v2

+#define GSSKRB_APPLE_DEPRECATED(x) /**/
+

## loop.py
#!/usr/bin/env python3

import sys
import time

def foo():
    print('ni')
    time.sleep(0.1)
    pass

## SKS Privacy
Privacy

There are three categories of data relevant to privacy here: the public keys stored; the HTTP/HKP requests made to access/upload/retrieve those keys; what I as a keyserver operator might do with those requests (logs).

For the public keys: the SKS keyserver pool, run globally by disparate individuals with no formal affiliation, is currently an append-only store, designed to protect against attempts to remove data. Once a key has been uploaded, that data is part of the public record, designed to allow anyone to attempt to verify the name binding within the key, using the public attestations by others about the identity of the key (key signatures). Keys not intended for public disclosure should not be uploaded, nor shared to people who might upload the keys of others. Note that there's no protection against fraudulent keys, with bindings of any name to any email address, and there is no basis to believe any such pairing without first proceeding through evaluation of the public attestations.

The reques

## aws-vault__login.py
def login():
    if not shutil.which('aws-vault'):
        return boto3.Session()
    if 'AWS_SESSION_TOKEN' in os.environ:
        return boto3.Session()
    if 'AWS_ACCESS_KEY_ID' in os.environ and 'AWS_SECRET_ACCESS_KEY' in os.environ:
        return boto3.Session()
    profile=os.environ.get('AWS_PROFILE', 'default')
    rc = subprocess.run(['aws-vault', 'exec', profile, '--', 'python', '-c',
        'import json,os; print(json.dumps({k:os.environ[k] for k in os.environ if k.startswith("AWS_")}))'],

## aws
#!/bin/sh -eu

aws=/usr/local/bin/aws

die() { printf >&2 '%s: %s\n' "$0" "$*"; exit 1; }

if ! [ -x "$aws" ]; then
  case $0 in
    /*) ;;
    *) die "missing '${aws}' and not invoked with absolute path to skip self" ;;

## go-bindata.txt.asc
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

I am Phil Pennock, I program in Go.  I am writing this text on 2018-02-08.
It should be found PGP-signed from a key in the strong-set, so that this
public attestation can be verified by others.

To the best of my knowledge, I am in no way affiliated with whomever has
registered the new "jteeuwen" GitHub account.

## admin.py
#!/usr/bin/env python3

"""
admin: Passwords repo admin tool

Passwords repo has a bunch of actions which are common; copy/paste is
annoying.  So manage the common actions.
"""

__author__ = 'phil.pennock@spodhuis.org (Phil Pennock)'
	#!/usr/bin/env bash
	set -eu

	# Warning: we assume that the input of the list of domains to refresh is
	# trusted, and free from abusive characters. So the only adjustments for using
	# within a PCRE regexp we apply is "escape the dots to be literal".

	progname="$(basename "$0" .sh)"
	die() { printf >&2 '%s: %s\n' "$progname" "$*"; exit 1; }
	usage() {
	#!/bin/bash -eu

	DOCKER_IMAGE_NAME='tflint'

	KeepEnvVars=( AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_REGION )

	DockerArgs=()
	CmdArgs=()
	PwdMountFlags='ro'
	#!/usr/bin/env python3
	#
	# Copyright © 2020 Pennock Tech, LLC
	# SPDX-License-Identifier: MIT

	"""
	aws-vault-unlock: unlock (or lock) the awsvault libsecret collection

	The XDG folks specify the Secret service available over D-Bus.
	When everything works right, 99designs/aws-vault trying to access a locked
	Index: GSSAPI.xs
	===================================================================
	--- GSSAPI.xs (revision 73)
	+++ GSSAPI.xs (working copy)
	@@ -6,6 +6,8 @@
	#define __GSS_KRB5_NT_PRINCIPAL_NAME &mygss_nt_krb5_principal
	#define __gss_mech_krb5_v2 &mygss_mech_krb5_v2

	+#define GSSKRB_APPLE_DEPRECATED(x) /**/
	+
	#!/usr/bin/env python3

	import sys
	import time

	def foo():
	print('ni')
	time.sleep(0.1)
	pass
	Privacy

	There are three categories of data relevant to privacy here: the public keys stored; the HTTP/HKP requests made to access/upload/retrieve those keys; what I as a keyserver operator might do with those requests (logs).

	For the public keys: the SKS keyserver pool, run globally by disparate individuals with no formal affiliation, is currently an append-only store, designed to protect against attempts to remove data. Once a key has been uploaded, that data is part of the public record, designed to allow anyone to attempt to verify the name binding within the key, using the public attestations by others about the identity of the key (key signatures). Keys not intended for public disclosure should not be uploaded, nor shared to people who might upload the keys of others. Note that there's no protection against fraudulent keys, with bindings of any name to any email address, and there is no basis to believe any such pairing without first proceeding through evaluation of the public attestations.

	The reques
	def login():
	if not shutil.which('aws-vault'):
	return boto3.Session()
	if 'AWS_SESSION_TOKEN' in os.environ:
	return boto3.Session()
	if 'AWS_ACCESS_KEY_ID' in os.environ and 'AWS_SECRET_ACCESS_KEY' in os.environ:
	return boto3.Session()
	profile=os.environ.get('AWS_PROFILE', 'default')
	rc = subprocess.run(['aws-vault', 'exec', profile, '--', 'python', '-c',
	'import json,os; print(json.dumps({k:os.environ[k] for k in os.environ if k.startswith("AWS_")}))'],
	#!/bin/sh -eu

	aws=/usr/local/bin/aws

	die() { printf >&2 '%s: %s\n' "$0" "$*"; exit 1; }

	if ! [ -x "$aws" ]; then
	case $0 in
	/*) ;;
	*) die "missing '${aws}' and not invoked with absolute path to skip self" ;;
	-----BEGIN PGP SIGNED MESSAGE-----
	Hash: SHA256

	I am Phil Pennock, I program in Go. I am writing this text on 2018-02-08.
	It should be found PGP-signed from a key in the strong-set, so that this
	public attestation can be verified by others.

	To the best of my knowledge, I am in no way affiliated with whomever has
	registered the new "jteeuwen" GitHub account.
	#!/usr/bin/env python3

	"""
	admin: Passwords repo admin tool

	Passwords repo has a bunch of actions which are common; copy/paste is
	annoying. So manage the common actions.
	"""

	__author__ = 'phil.pennock@spodhuis.org (Phil Pennock)'