Wednesday, September 3, 2014

Increase POSTFIX File Sizes

Was getting log entries for postfix failures:
“file too large”
“message file too big”
The fix was to run these commands
sudo postconf -e mailbox_size_limit=0
sudo postconf -e message_size_limit=0
0 is unlimited
To set to another value enter size in bytes for example 30720000 = around 29M

The default is 10240000 bytes (around 9M)

Posted by at No comments:
Labels:

RECONFIGURE ORACLE EM CONSOLE ON WINDOWS HOST AFTER RENAMING HOST

When running Oracle 11g etc on a Windows system the EM Console will quit working if you rename the host.  To fix you have to drop the EM Console and recreate.
Verify these items:
  • listener.ora points and tnsnames.ora files pont to the new host name instead of IP
  • make sure there is a line for the new host name in the hosts file that resolves the current IP
  • If the sysman account is locked unlock it
  • If not in the system enviromental variables already set the SID on the command line
    • c:\> set ORACLE_SID=theSID     (You can get the SID name from the ORACLE Service name in the services panel it will be something like ORACLESERVICEtheSID, the SID is the “theSID” part)
    • Do not close the command window use it to run all subsequent step, if you close it you lose the environmental variable for the ORACLE SID
  • Have the passwords for sys, DBSNMP. and sysman available
Read more »
Posted by at No comments:
Labels: , , ,

Tuesday, August 26, 2014

Let regular user run an application as admin without having admin password

A couple caveats, this script uses encrypted passwords for an admin user stored in each user profile and if you have smart users they can easily figure out how to modify their own scripts to invoke runas on any thing on the local machine they want.  In my case this is a Windows Domain that is not connected to the Internet and my users mostly don't have a clue about command line scripts etc and I have done minimal obfuscation on what is happening, in other words even if I do get the occasional smart guy they really can't hurt anything.  But don't confuse this with security.
I have an older application that will not run correctly as a regular user on Windows 7 even if I configure it to run as admin and or set compatibility with XP/2003 etc.  In order for my regular users to run the app they need to use runas and put in the admin credentials.  However, I do not want users having admin passwords on the system and I dont want to have to enter credentials each time they start the app.  After much fiddling around with powershell snippets found via google I came up with a simple solution.
The script is in two parts.  The first is run once with the user logged in so that an encrypted password for the admin user is created. When the script runs a prompt for an admin password appears and the admin (not the user) inputs the appropriate password .  This is done on a per user basis since the encrypted password is only good for the logged in user.
I call it whoami.ps1
$WHOAMI=”$env:username”  
echo $WHOAMI
$passwd = Read-Host “Enter Password” -AsSecureString
$encpwd = ConvertFrom-SecureString $passwd
$encpwd > “c:\users\$WHOAMI\documents\$WHOAMI.TXT”
With Notes:
$WHOAMI=”$env:username”      Gets the current user name
echo $WHOAMI     Optional but lets you verify user when script is running
$passwd = Read-Host “Enter Password” -AsSecureString    Pops up a window to input password for admin
$encpwd = ConvertFrom-SecureString $passwd      gets the secure password and encrypts
$encpwd > “c:\users\$WHOAMI\documents\$WHOAMI.TXT”   outputs encrypted password to a text file to be used when the application script is run.
The main script to run application as admin without user having admin pwd called startme.ps1
$WHOAMI = “$env:username”
$encpwd = Get-Content c:\users\$WHOAMI\documents\$WHOAMI.TXT
$passwd = ConvertTo-SecureString $encpwd
$cred = new-object System.Management.Automation.PSCredential ‘Admin_User’, $passwd
Start-process powershell -Credential $cred -ArgumnetList ‘-noexit -noprofile -command &{start-process C:\windows\system32\notepad.exe -verb runas}’
With Notes
$WHOAMI = “$env:username”     Get the logged in user name
$encpwd = Get-Content c:\users\$WHOAMI\documents\$WHOAMI.TXT     Get the encrypted admin password
$passwd = ConvertTo-SecureString $encpwd  Get the password from the encrypted string
$cred = new-object System.Management.Automation.PSCredential ‘Admin_User’, $passwd     Create credentials
Start-process powershell -Credential $cred -ArgumnetList ‘-noexit -noprofile -command &{start-process C:\windows\system32\notepad.exe -verb runas}’  
Have a powershell session call up the application with runas.  Notice start-process is called twice.  For this example.  I used notepad, you can prove it is running as admin by opening c:\windows\system32\drivers\etc\hosts and making a small edit to the host file and being able to save it which can only be done as admin.  You will get a elevation prompt when the script is run but the users just hit ok and press on.
The scripts need to be stored where all users can access them, in my case I use c:\users\public.  You can put a shortcut to the startme.ps1 script on the user’s desktop so they don't have to actually navigate to the script.  If you put the shortcut on c:\users\public\desktop (normally hidden by default) everyone gets the shortcut.  The minimal obfuscation come from the fact that unless the user reads the script they don't know or even really care what is happening.
Posted by at No comments:
Labels: , ,

Thursday, February 20, 2014

Retina Finding JAVA Vulnerabilities When no Java Installed

Beyond Trust Retina kept finding multiple Java findings on a Win7 system.  Despite uninstalling java and hunting down any reference to Java, JDK, JRE in registry and file system I kept getting hits for multiple Oracle JAVA CPUs since Oct 2012 missing.  Retina would report that it found READ,F,WB,JavaHome.  From going through the various Retina scan XML files I knew it was checking the registry for these values but I had cleaned out the registry and other than some misc references to java in the various CLASS keys I knew that Retina should not be finding anything.
During another search of the registry I noticed that I did not have a wow6432node key in HKLM\software, this being a 64bit install I knew the key had to be there.  I suspected that Retina was actually detecting those values in that registry node but I could not get there.
After some basic research I found that there are actually different versions of regedit on 64 bit systems.  If I could not see this node I must be using the regedit.exe from the c:\windows\syswow64 which is actually the 32 bit version.  For whatever reason the default redgedit on this system used the 32 bit version.  I did a search on the entire C: and tried every regedit all the same results no wow6432node.  That is when I remembered you can surf the registry in Powershell the same as a file system.
In Powershell:
PS C:\> cd hklm:\software
ls or dir to get contents and sure enough there was a javasoft key and a subkey for “Java Runtime Environment” and the values were for 1.6.0_21.
So now all I had to do was run:
cd back up a level or two to get out of the javasoft key the run a delete
remove-item -recurse javasoft.

After doing that a new scan showed no Java findings.
Posted by at No comments:
Labels: , , ,

Wednesday, January 15, 2014

Create A Bunch Of Random Files for Testing Whatever Using Powershell



I need to test processing of files by a process that ingests text files into an Oracle Database.  For this I do not care what the data looks like once ingested. I care more about testing the ingestion process which is based on a JAVA application.  To give the ingestion process a good workout I generate a ton of files, the more the better. To do this I kludged together a powershell script that does the job.  The script generates as many text files as I want using any text source I want.  Then the script inserts a random date into each file so that they appear as new files to Oracle.  I could use powershell to randomly add anything but I choose dates since there is a date field in the Oracle database.  
I found the powershell snippet that generates random dates online a while back and not sure who gets credit, but it is not me.  A quick search this morning and I saw several hits in Google for the code.
Basically the script creates a new file appends a random date then cats a source text file and appends that to the new file.  Even though each file has the same information they are random because of the random date.
#declare some variables
$SourceText=”c:\path\to\mytext.txt”  (edit as needed)
$DestLoc=”c:\path\to\where\files\go  (edit as needed)
$myTxt= cat $SourceTxt    (I used this because I did not find a simple way to cat the source file right in the code when I need the text.  The code is “Add-content $DestLoc\$y.txt $myTxt”  I tried using backticks like used in bash to put the output of one command into another command like so: “Add-content $DestLoc\$y.txt `cat $SourceText`” but powershell does not like that.
#set how many files are needed
$Xfiles=10000 (edit as needed)
#set up a loop
for ($i=1; $i -lt $Xfiles; $i++)
{
$y = $i; (on each iteration set $y = current value of $i)
new-item $DestLoc\$y.txt -type file -force (create the new empty file using $y as the file name)
#Generate a random date
[[DateTime]$theMin = "1/1/2008" (start date edit as needed)
[DateTime]$theMax = [DateTime]::Now (end date, for this it is current, edit as needed)
$theRandomGen = new-object random
$theRandomTicks = [Convert]::ToInt64( ($theMax.ticks * 1.0 - $theMin.Ticks * 1.0 ) * $theRandomGen.NextDouble() + $theMin.Ticks * 1.0 )
$dateNow=(new-object DateTime($theRandomTicks))
#Append random date to new file
Add-content $DestLoc\$y.txt $dateNow
#Append target text to new file
Add-content $DestLoc\$y.txt $myTxt
}
Uncluttered Script_________________________________________________________
#declare some variables
$SourceText=”c:\path\to\mytext.txt”  
$DestLoc=”c:\path\to\where\files\go  
$myTxt= cat $SourceTxt  
#set how many files are needed
$Xfiles=10000
#set up a loop
for ($i=1; $i -lt $Xfiles; $i++)
{
$y = $i;
new-item $DestLoc\$y.txt -type file -force

#Generate a random date
[[DateTime]$theMin = "1/1/2008"
[DateTime]$theMax = [DateTime]::Now
$theRandomGen = new-object random
$theRandomTicks = [Convert]::ToInt64( ($theMax.ticks * 1.0 - $theMin.Ticks * 1.0 ) * $theRandomGen.NextDouble() + $theMin.Ticks * 1.0 )
$dateNow=(new-object DateTime($theRandomTicks))
#Append random date to new file
Add-content $DestLoc\$y.txt $dateNow
#Append target text to new file
Add-content $DestLoc\$y.txt $myTxt

}
Posted by at No comments:
Labels: ,

Friday, January 10, 2014

Can't Start network on New RHEL6 VM Clone

After cloning a RHEL 6 VM I could not get the network running, got error that the nic was not present.
Problem turned out to be that when cloning the new VM gets a new MAC but RHEL UDEV still showed the configuration of the network before cloning so there was a conflict.  On the source VM I had an eth0 on the cloned VM I only had eth1 and no eth0.



You need to edit  /etc/udev/rules.d/70-persistent-net.rules
Find these lines:
# PCI device 0x15ad:0x07b0 (vmxnet3) (custom name provided by external tool)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:50:56:bc:00:45", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"
# PCI device 0x15ad:0x07b0 (vmxnet3)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:50:56:bc:00:46", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"
Look at the entries and find your virtual NIC MAC address, You can get that In VSphere client by editing the new cloned system clicking on the NIC and you will see the MAC  listed on the right side of the properties box.   


In the 70-persistent-net.rules file you should see that the entry for eth1 has the new MAC not eth0.


Delete entry referring to eth0 i.e., NAME=”eth0”
On the remaining entry edit NAME=”eth1” to NAME=”eth0”
Now fix  /etc/sysconfig/network-scripts/ifcfg-eth0 by making sure the HWADDR matches the correct MAC address.
 
Restart the network or reboot as necessary.
Posted by at No comments:
Labels: , ,

Thursday, January 9, 2014

Rescue data with Simple HTTP Server

Had Rhel system VM that crashed during a yum update then would not boot due to a kernel panic.  Had 3 kernels listed in Grub and the system would panic on each until oldest kernel let me login in as single user for maintenance. Before going on with troubleshooting and recovery etc I wanted to save my data just in case. I could not hook up an external drive so I took a shot at starting the network and it started right up.  With that done I tried starting ssh but it would not start, the sshd.config file was corrupted and the ssh service completely missing from init.d.  So I opted on recovering my data using the “Really Simple HTTP Server” in Python.  This was not only simple but it worked great.

Python and SimpleHTTPServer may already be installed by default on a RHEL6 system on RHEL6, they are on our build. To use use just do the following:
$ cd /home/somedir$ python -m SimpleHTTPServer

Now the http server will start on port 8000.
You should see:
Serving HTTP on 0.0.0.0 port 8000 ...

From a browser on another system connect with http and IP of the target system:
http://xxx.xxx.xxx.xxx:8000 and you will see you files and sub-directories in the directory you are running SimpleHTTP.

You can only download individual files not directories so if need be tar up the files you want and down load the tar.


This is also a great and easy way to get files in lieu of scp, just don't leave the Simple HTTP Server running, probably not very secure.


REF: http://www.linuxjournal.com/content/tech-tip-really-simple-http-server-python
Posted by at No comments:
Labels:

Thursday, January 2, 2014

Simple Powershell That Builds A List From User Input



This script builds a list from user input.   For me this list is used as a source for configuring folders and xml config files with other Powershell scripts used in a custom process on my job.
The scripts keeps prompting for inputs until quit.
#Declare Variables (Optional)
$DestList=”c:\mypath\list.txt  The list file being built
clear (clears the screen)
echo “Start Building the List”
new-item $DestList -type file -force   Create the file and if it already exists force it to be recreated
$response = “”   
do
{
echo “”
echo “”
$response = Read-Host “Enter a list item or Q when done”   Can use Q or q
if ($response -ne “Q”)
{
echo $response >> $DestList
}
until ($response -eq “Q”)

# The next section is optional

clear
echo "Here is the list"
echo ""
cat $DestList
echo ""
echo ""
echo "If the list is not correct either re-run script or directly edit the new file"
start-sleep -s 10  (gives time for user to see list and message before script quits)


____________Full Script_____________________
#Declare Variables
$DestList=”c:\mypath\list.txt  
clear
echo “Start Building the List”
new-item $DestList -type file -force  
$response = “”   
do
{
echo “”
echo “”
$response = Read-Host “Enter a list item or Q q when done”  
if ($response -ne “Q”)
{
echo $response >> $DestList
}
until ($response -eq “Q”)

# The next section is optional

clear
echo "Here is the list"
echo ""
cat $DestList
echo ""
echo ""
echo "If the list is not correct either re-run script or directly edit the new file"
start-sleep -s 10
Posted by at No comments:
Labels: ,
Subscribe to: Comments (Atom)