blog
Table des matières
4 billet(s) pour janvier 2026
| AWX sur K8S Kind - partage de fichier pour les blob - Execution pods | 2026/01/26 10:15 | Jean-Baptiste |
| Notes rsh rcp | 2026/01/21 18:08 | Jean-Baptiste |
| Git - Duplication d'un dépôt | 2026/01/19 10:22 | Jean-Baptiste |
| Exemple simple de conf Nagios | 2026/01/14 10:07 | Jean-Baptiste |
Chiffrer un fichier avec age ou rage
Voir :
Voir aussi :
- scrypt
- SOPS
- Tomb Folder Encryption
sudo apt-get install age
age-keygen -o key.txt # Chiffrer age -r age1yvq8462vpqg4mcdqgfj6amhzgtldpwpclv5tsymf26fl2jhlusxqjy6jzf -a message.txt # Déchiffrer age -d -i ./key.txt message.enc # Chiffrer age -r age1yvq8462vpqg4mcdqgfj6amhzgtldpwpclv5tsymf26fl2jhlusxqjy6jzf -o datafile.tar.gz.enc datafile.tar.gz # Déchiffrer age -i key.txt -d -o plop.tar.gz datafile.tar.gz.enc
Notes TrueCrypt VeraCrypt tcplay
tcplay
tcplay est une implémentation libre de TrueCrypt inclus dans les dépôts Debian
Device Boot Start End Sectors Size Id Type /dev/sda1 32 30031871 30031840 14.3G c W95 FAT32 (LBA) 0c W95 FAT32 (LBA)
apt-get install fatresize dd if=/dev/urandom of=/dev/sda bs=4096 conv=notrunc status=progress dd if=/dev/zero of=/dev/sda bs=512 count=1 conv=notrunc parted --align optimal /dev/sda mklabel msdos mkpart p fat32 1MiB 100% parted -ms /dev/sda print
usb-SanDisk_Ultra_USB_3.0 /dev/sda1 on /media/jibe/6E6F-0B54 type vfat (rw,nosuid,nodev,relatime,uid=1000,gid=1000,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,showexec,utf8,flush,errors=remount-ro,uhelper=udisks2) /dev/sda1: UUID="6E6F-0B54" BLOCK_SIZE="512" TYPE="vfat"
parted /dev/sda unit s resizepart 1 15015935s #mkpart primary ext4 15015936s 30031871s mkpart primary ext4 15015936s 100%
mkfs.vfat -F 32 -n SANDISK /dev/sda1 #tcplay -c -z -d /dev/sda2 -k key1 tcplay -c -z -d /dev/sda2 #tcplay -m enc_steg -d /dev/sda2 -k key1 tcplay -m enc_steg -d /dev/sda2 mkfs.ext4 /dev/mapper/enc_steg
rm 2 resizepart 1 100% fatresize -s max /dev/sda1
Autres
$ /usr/sbin/tcplay --help
...
-a <pbkdf prf algorithm>, --pbkdf-prf=<pbkdf prf algorithm>
Specifies which hashing function to use for the PBKDF password
derivation when creating a new volume.
To see valid options, specify '-a help'.
...
$ /usr/sbin/tcplay -a help Valid PBKDF PRF algorithms are: RIPEMD160 RIPEMD160 SHA512 whirlpool
tcplay --create --hidden --device=/dev/loop0 --cipher=AES-256-XTS,TWOFISH-256-XTS --pbkdf-prf=whirlpool --keyfile=one.key --cipher-hidden=AES-256-XTS --pbkdf-prf-hidden=whirlpool --keyfile-hidden=hidden.key # Creation tcplay --create --hidden --device=/dev/loop0 --cipher=TWOFISH-256-XTS --pbkdf-prf=whirlpool --keyfile=key1 --keyfile=key2 --cipher-hidden=AES-256-XTS --pbkdf-prf-hidden=whirlpool --keyfile-hidden=key3 # Monter le volume tcplay -m crypt1 -d /dev/loop0 --keyfile=key1 --keyfile=key2 # Monter le volume en protegeant le volume caché tcplay -m crypt1 -d /dev/loop0 --keyfile=key1 --keyfile=key2 --protect-hidden --keyfile-hidden=key3 # Monter le volume caché tcplay -m hidden --device=/dev/loop0 --keyfile=key3 mkfs.ntfs -f /dev/mapper/crypt1
Fin
umount /mnt/crypt1/ dmsetup remove crypt1
Autres
Comment marquer la partition FAT en “dirty” ?
Notes TPM - puce Fritz
Voir :
- tcsd - daemon that manages Trusted Computing resources
- Clevis Decryption Framework unprivileged user
Éthique :
TSS : TPM Software Stack
Message sur ESXi : Unable to acquire ownership of TPM 2.0 device. Please clear TPM through the BIOS.
systemd-tpm2-clear.service /usr/lib/systemd/systemd-tpm2-clear
Notes Tower AWX AAP Ansible Automation Platform
Voir :
Install
shell_plus
Voir :
shell_plus avec IPython
Install
Voir aussi :
/var/lib/awx/venv/awx/bin/pip install graphviz
python3.9 -m venv ipython pip install ipython cp -a venv/ venv2/ rsync -axv --exclude "*.pyc" --exclude "__pycache__" ipython/ venv2/awx/ rsync -axv --exclude "*.pyc" --exclude "__pycache__" venv/awx/ venv2/awx/ cd venv2/ sed -e 's%/venv/awx/%/venv2/awx/%' -i $(grep -rl 'venv/awx' *) sed -e 's%/var/lib/awx/ipython/%/var/lib/awx/venv2/awx/%' -i $(grep -rl 'awx/ipython' *) find . -name "*.pyc" -delete find . -name "__pycache__" -delete
Utilisation
export PYTHONPATH=/var/lib/awx/venv2/awx/lib/python3.9/site-packages SHELL_PLUS=ipython # awx-manage shell_plus --ipython awx-manage shell_plus
Erreur AttributeError: module 'typing' has no attribute '_ClassVar'
$ ipython
Traceback (most recent call last):
File "/var/lib/awx/ipython/bin/ipython", line 5, in <module>
from IPython import start_ipython
File "/var/lib/awx/ipython/lib/python3.9/site-packages/IPython/__init__.py", line 54, in <module>
from .terminal.embed import embed
File "/var/lib/awx/ipython/lib/python3.9/site-packages/IPython/terminal/embed.py", line 14, in <module>
from IPython.core.magic import Magics, magics_class, line_magic
File "/var/lib/awx/ipython/lib/python3.9/site-packages/IPython/core/magic.py", line 20, in <module>
from . import oinspect
File "/var/lib/awx/ipython/lib/python3.9/site-packages/IPython/core/oinspect.py", line 64, in <module>
class OInfo:
File "/var/lib/awx/venv/awx/lib/python3.9/site-packages/dataclasses.py", line 958, in dataclass
return wrap(_cls)
File "/var/lib/awx/venv/awx/lib/python3.9/site-packages/dataclasses.py", line 950, in wrap
return _process_class(cls, init, repr, eq, order, unsafe_hash, frozen)
File "/var/lib/awx/venv/awx/lib/python3.9/site-packages/dataclasses.py", line 800, in _process_class
cls_fields = [_get_field(cls, name, type)
File "/var/lib/awx/venv/awx/lib/python3.9/site-packages/dataclasses.py", line 800, in <listcomp>
cls_fields = [_get_field(cls, name, type)
File "/var/lib/awx/venv/awx/lib/python3.9/site-packages/dataclasses.py", line 659, in _get_field
if (_is_classvar(a_type, typing)
File "/var/lib/awx/venv/awx/lib/python3.9/site-packages/dataclasses.py", line 550, in _is_classvar
return type(a_type) is typing._ClassVar
AttributeError: module 'typing' has no attribute '_ClassVar'
Solution
mv ./lib/python3.9/site-packages/dataclasses-0.6.dist-info ./lib/python3.9/site-packages/dataclasses-0.6.dist-info.bak mv ./lib/python3.9/site-packages/dataclasses.py ./lib/python3.9/site-packages/dataclasses.py.bak
Gestion d'un job
sudo -u awx -i awx-manage shell_plus --ipython
Analyse d'un job
Exemple de changement d'état
su - awx echo "UnifiedJob.objects.filter(status='running').update(status='canceled')" | awx-manage shell_plus
Exemple
#from awx.main.models import UnifiedJob for i in UnifiedJob.objects.filter(): print(i) job_jb = UnifiedJob.objects.filter(id=241021) job_jb.values_list()[0] job_jb.update(status='canceled') start = time.time() UnifiedJob.objects.filter(id=1096679).update(status='canceled') end = time.time() print(end - start)
Effacement d'inventaire
awx-manage shell_plus
Inventory.object.filter(pending_deletion=True).update(pending_deletion=False) Inventory.object.filter(id=inventoryId).delete()
Note : Avant faire une sauvegarde avec ./setup.sh -b
Autres
[awx@aap-crtl-001]$ awx-manage profile_sql --threshold 1 --minutes 5 SQL profiling initiated with a threshold of 1.0 second(s) and a duration of 5.0 minute(s), any queries that meet criteria can be found in /var/log/tower/profile/.
Notes thunderbird icedove
Voir aussi :
- claws-mail
http://www.brighthub.com/office/collaboration/articles/71421.aspx
XNote++
To avoid leaking your locale you should change the mailnews.reply_header_authorwrotesingle and mailnews.reply_header_ondateauthorwrote fields to be the same as in this example.
If you can not change the timezone on your node to GMT then you should also set mailnews.reply_header_type to 1 instead of the default which will cause it to only refer to the author and not the time they wrote their message, otherwise Thunderbird will leak your timezone.
If you can change the timezone on your computer (running in a VM helps here) then you should set it to GMT and can leave the header type set at 2.
blog.txt · Dernière modification : de 127.0.0.1