I hereby claim:
- I am tcely on github.
- I am tcely (https://keybase.io/tcely) on keybase.
- I have a public key ASCepDrTFuNbJ51KamisH6cg9iNJN90f5vFYyIQYJ4nTWgo
To claim this, I am signing this object:
# Determine the OS version across the various forks using %{dist} detail from the building machine's kernel release. | |
# Versions 6 & 7 started including including the architecture in the kernel **release** field. We have to deal with that stupidity too. | |
%define osVersion %(uname -r | awk -F '.' '{for (i=NF; i > 0; i--) if ($i !~ /^(x86_64|i[36]86)$/) { print gensub(/^[^0-9]+/, "", "", $i); exit; }}') | |
# I wish redhat-release provided the major number, but that only started with 7 from what I've found. Even after adding a number to the redhat-release provide, they started using 7.0, just to make things difficult. | |
# Add conflicts as appropriate for the various RedHat major versions. | |
%if 0%{?osVersion} == 5 | |
Conflicts: upstart, systemd | |
%endif |
#!/bin/bash | |
# Inspiration from: http://askubuntu.com/questions/126817/how-to-disable-alt-f1-alt-f2-shortcuts | |
unset -v _key _value _schema | |
_schema='org.gnome.desktop.wm.keybindings' | |
while IFS= read -r _key; do | |
_value="$(gsettings get "$_schema" "$_key")" | |
while [[ "$_value" =~ \''<Alt>F'[1-9]\' ]] || [[ "$_value" =~ \''<Alt>F1'[0-2]\' ]]; do | |
#_value="$(sed -e "s/\(, \)\?${BASH_REMATCH[0]}\(, \)\?//;s/''/', '/;" <<<"$_value")" |
if [ -s ~/.bashrc ]; then | |
. ~/.bashrc | |
fi | |
# Additions to fix the lack of confirmation when keys are added from the Keychain | |
if [ -s ~/.ssh/ssh-agent.pid ]; then | |
. ~/.ssh/ssh-agent.pid | |
if [ -n "$SSH_AGENT_PID" ] && ! kill -0 "$SSH_AGENT_PID" &>/dev/null; then | |
rm -f ~/.ssh/ssh-agent.pid | |
unset -v SSH_AGENT_PID |
#!/bin/bash | |
## SecurityCenter Backup Script | |
# | |
# This script is intended to create backups of all of the SecurityCenter data | |
# on a daily/weekly/monthly/etc. basis. This is intended to be run as a cronjob | |
# and expect the SysAdmin to have configured the root@localhost mail alias to | |
# route through their email system in-case of errors. An example of how to run | |
# this as a cronjob is below: | |
# | |
# 1 45 * * * root /opt/scripts/backups/sc-backup.sh |
#!/usr/bin/env python | |
import io, os, sys | |
from argparse import ArgumentParser | |
from calendar import timegm | |
from time import gmtime, localtime, mktime, strftime, strptime | |
def touchUTCString(t): | |
return timegm(strptime(t, '%a, %d %b %Y %H:%M:%S %Z')) |
#!/bin/sh | |
iptables -F SSH_PORT_LIMIT || iptables -N SSH_PORT_LIMIT | |
iptables -A SSH_PORT_LIMIT -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT | |
iptables -A SSH_PORT_LIMIT -p tcp -m state --state NEW -m hashlimit --hashlimit-mode srcip --hashlimit-upto 10/hour --hashlimit-burst 15 --hashlimit-name ssh -j ACCEPT | |
iptables -A SSH_PORT_LIMIT -j LOG --log-level info --log-prefix 'ssh-port-limit: ' | |
iptables -A SSH_PORT_LIMIT -p tcp -j REJECT --reject-with tcp-reset | |
iptables -A SSH_PORT_LIMIT -j DROP |
#!/bin/sh | |
docker run --rm -it perl:5-threaded \ | |
perl -e 'print(q{Enter pass phrase: }); system("stty -echo"); chomp($pt = <>); system("stty echo"); print(qq{\n}, crypt($pt, q{$1$YCCaQNAP$}), qq{\n});' |
I hereby claim:
To claim this, I am signing this object:
#!/bin/bash | |
conditional_get_etag() { | |
local _url _file _tmpdir | |
local _awk_program='/^ETag:/ {$1=""; printf "If-None-Match: %s", substr($0, 2, length($0)-2); exit;}' | |
for _url; do | |
if [ '--file=' = "${_url:0:7}" ]; then | |
_file="${_url:7}" | |
continue |
As I originally outlined in this comment there is a work around for the problem of having shared credentials and keys on the various backup "clients" so that they push their contents to your restic server.
I have implemented this solution, but it took a fair amount of work. I am putting this work up for bounty, so if you are interested please contact me to arrange payment and when the goal is reached, I will send my solution to everyone who chipped in.
Thank you very much!