SIMPLE BASH:LOOPING THROUGH A SIMPLE LIST

Here are some simple examples of looping through a list of items in a bash script:

#!/bin/bash

for x in 0 1 2 3 4 5 6 7 8 9
do
        echo $x
done

This is what you get:

You can also cat a file for the list:

This is the same list of numbers stored in a text file:

#!/bin/bash

for x in `cat thisIsAList`

do echo $x

done

You get the same results.  Basically you choose the method that works for the situation.  When looping through a short list of items it is probably more efficient to just put the list in the script while for longer lists it  might be best to use a separate text file.

In the above example the important bit is the "`" characters around the cat command.  This is the lower case character  on the same key with the "~" key(under the ESC key).  This is called command substitution; essentially you use the output of a command to replace the command itself.  

The line above can also be written as "for x in $(cat thisIsAList)"

SIMPLE BASH: LESSMORECAT

3 Basic Ways To Look At A Text File In Linux 

cat:  The cat command simply returns the text in a file

The basic syntax is [cat filename]

But what happens if there is more text than fits the window

Notice that a few lines are missing from the top of the screen.

To prevent that you can pipe the output of the cat command to the “more” or “less” command which
will paginate the display.

$cat chicago_beef_sandwich.txt |less

Notice the colon at the bottom of the page; this indicates there is more text. 

You access it by using the spacebar to move a full page or arrow keys to move a line or more at a time.

But in reality there is no reason to pipe the cat results when you can just use the less or more command
directly to show the file.

more and less commands:

These two commands are pretty much the same.  They let you look at text in a file and paginate
as necessary.  You use the spacebar or arrow keys to view lines form the next screen of text.  

The basic syntax is [more filename] or [less filename]

Output of less command:

Of the two commands less is more flexible because more will only move forward a page at a time
while less will move forward or backwards through the file. 

One area where less can be inferior to more is the fact that when you exit the less command the text
you are looking at is cleared from the screen.  This is good for decluttering the terminal but what if you
want to still see the contents of the file even after exiting.  

By passing the -X option less will not clear the screen when exiting the command.

For example you run the less command against a file:

And when you are done you quit the command and the screen clears:

But maybe you want to still see what is in the file so you can use it in another command; if you have
a short memory you might be asking yourself  “is the oven supposed to be at 300 degrees Celcius or
Farenheit”?

If you use the less command with -X your screen won’t be cleared when you exit and you can see that
the oven is supposed to be set to 300 degrees F.

Several other ways To look at text in a file:

You can also look at the text in a file with VI or nano, or other CLI text editors.  But these are primarily
for editing text. In my opinion it is actually not a good habit to use these for just viewing text
because you could inadvertently modify the file.  You would really have to screw up to do that but it is
not unheard of if your one of those multitasking constantly interrupted sysadmins.

One safe alternative to using VI to look at a file is to use the “view”  command which is a VI interface but
started in read only mode.

However overall the big advantage of the cat, less, and more commands is that their output is easily
redirected to another command or file; especially the  cat command.

Wow It's Been Almost 5 Years Since My Last Post

Been busy the last 5 years; moving to new house fixing up old house selling old house; dragging kids around teaching them to drive blah blah.  Something had to give and it was the blog,  Anyway it is 2019 now things have settled down and I am ready to start posting again.

I know you really care and I appreciate it, all one of you, you know the only one who ever bothered to leave a comment; even if it was spam.

Increase POSTFIX File Sizes

Was getting log entries for postfix failures:

“file too large”

“message file too big”

The fix was to run these commands

sudo postconf -e mailbox_size_limit=0
sudo postconf -e message_size_limit=0

0 is unlimited

To set to another value enter size in bytes for example 30720000 = around 29M

The default is 10240000 bytes (around 9M)

RECONFIGURE ORACLE EM CONSOLE ON WINDOWS HOST AFTER RENAMING HOST

When running Oracle 11g etc on a Windows system the EM Console will quit working if you rename the host.  To fix you have to drop the EM Console and recreate.

Verify these items:

• listener.ora points and tnsnames.ora files pont to the new host name instead of IP
• make sure there is a line for the new host name in the hosts file that resolves the current IP
• If the sysman account is locked unlock it
• If not in the system enviromental variables already set the SID on the command line
• c:\> set ORACLE_SID=theSID     (You can get the SID name from the ORACLE Service name in the services panel it will be something like ORACLESERVICEtheSID, the SID is the “theSID” part)
• Do not close the command window use it to run all subsequent step, if you close it you lose the environmental variable for the ORACLE SID
• Have the passwords for sys, DBSNMP. and sysman available

Let regular user run an application as admin without having admin password

A couple caveats, this script uses encrypted passwords for an admin user stored in each user profile and if you have smart users they can easily figure out how to modify their own scripts to invoke runas on any thing on the local machine they want.  In my case this is a Windows Domain that is not connected to the Internet and my users mostly don't have a clue about command line scripts etc and I have done minimal obfuscation on what is happening, in other words even if I do get the occasional smart guy they really can't hurt anything.  But don't confuse this with security.

I have an older application that will not run correctly as a regular user on Windows 7 even if I configure it to run as admin and or set compatibility with XP/2003 etc.  In order for my regular users to run the app they need to use runas and put in the admin credentials.  However, I do not want users having admin passwords on the system and I dont want to have to enter credentials each time they start the app.  After much fiddling around with powershell snippets found via google I came up with a simple solution.

The script is in two parts.  The first is run once with the user logged in so that an encrypted password for the admin user is created. When the script runs a prompt for an admin password appears and the admin (not the user) inputs the appropriate password .  This is done on a per user basis since the encrypted password is only good for the logged in user.

I call it whoami.ps1

$WHOAMI=”$env:username”  

echo $WHOAMI

$passwd = Read-Host “Enter Password” -AsSecureString

$encpwd = ConvertFrom-SecureString $passwd

$encpwd > “c:\users\$WHOAMI\documents\$WHOAMI.TXT”

With Notes:

$WHOAMI=”$env:username”      Gets the current user name

echo $WHOAMI     Optional but lets you verify user when script is running

$passwd = Read-Host “Enter Password” -AsSecureString    Pops up a window to input password for admin

$encpwd = ConvertFrom-SecureString $passwd      gets the secure password and encrypts

$encpwd > “c:\users\$WHOAMI\documents\$WHOAMI.TXT”   outputs encrypted password to a text file to be used when the application script is run.

The main script to run application as admin without user having admin pwd called startme.ps1

$WHOAMI = “$env:username”

$encpwd = Get-Content c:\users\$WHOAMI\documents\$WHOAMI.TXT

$passwd = ConvertTo-SecureString $encpwd

$cred = new-object System.Management.Automation.PSCredential ‘Admin_User’, $passwd

Start-process powershell -Credential $cred -ArgumnetList ‘-noexit -noprofile -command &{start-process C:\windows\system32\notepad.exe -verb runas}’

With Notes

$WHOAMI = “$env:username”     Get the logged in user name

$encpwd = Get-Content c:\users\$WHOAMI\documents\$WHOAMI.TXT     Get the encrypted admin password

$passwd = ConvertTo-SecureString $encpwd  Get the password from the encrypted string

$cred = new-object System.Management.Automation.PSCredential ‘Admin_User’, $passwd     Create credentials

Start-process powershell -Credential $cred -ArgumnetList ‘-noexit -noprofile -command &{start-process C:\windows\system32\notepad.exe -verb runas}’  

Have a powershell session call up the application with runas.  Notice start-process is called twice.  For this example.  I used notepad, you can prove it is running as admin by opening c:\windows\system32\drivers\etc\hosts and making a small edit to the host file and being able to save it which can only be done as admin.  You will get a elevation prompt when the script is run but the users just hit ok and press on.

The scripts need to be stored where all users can access them, in my case I use c:\users\public.  You can put a shortcut to the startme.ps1 script on the user’s desktop so they don't have to actually navigate to the script.  If you put the shortcut on c:\users\public\desktop (normally hidden by default) everyone gets the shortcut.  The minimal obfuscation come from the fact that unless the user reads the script they don't know or even really care what is happening.

Retina Finding JAVA Vulnerabilities When no Java Installed

Beyond Trust Retina kept finding multiple Java findings on a Win7 system.  Despite uninstalling java and hunting down any reference to Java, JDK, JRE in registry and file system I kept getting hits for multiple Oracle JAVA CPUs since Oct 2012 missing.  Retina would report that it found READ,F,WB,JavaHome.  From going through the various Retina scan XML files I knew it was checking the registry for these values but I had cleaned out the registry and other than some misc references to java in the various CLASS keys I knew that Retina should not be finding anything.

During another search of the registry I noticed that I did not have a wow6432node key in HKLM\software, this being a 64bit install I knew the key had to be there.  I suspected that Retina was actually detecting those values in that registry node but I could not get there.

After some basic research I found that there are actually different versions of regedit on 64 bit systems.  If I could not see this node I must be using the regedit.exe from the c:\windows\syswow64 which is actually the 32 bit version.  For whatever reason the default redgedit on this system used the 32 bit version.  I did a search on the entire C: and tried every regedit all the same results no wow6432node.  That is when I remembered you can surf the registry in Powershell the same as a file system.

In Powershell:

PS C:\> cd hklm:\software

ls or dir to get contents and sure enough there was a javasoft key and a subkey for “Java Runtime Environment” and the values were for 1.6.0_21.

So now all I had to do was run:

cd back up a level or two to get out of the javasoft key the run a delete

remove-item -recurse javasoft.

After doing that a new scan showed no Java findings.