Pinned toot

I just realised my intro went when my instance crashed all those months ago.

Anyhow, hello (again) I am developer and a programmer including and I write stuff in and

Besides my interests include bike riding, or and reading, mostly There is also a starting interest in

My day job is a senior working on some very large and strange computer networks.

Tonight, the #Moon is right in the body of the #constellation #Virgo in its #Waxing #Gibbous #Phase. I think its another nicely detailed #photograph of the #lunar surface and you can really make out quite a lot of features on this #cropped #image. #ISO 250, F5.7, #ShutterSpeed: 1/800 s and #FullZoom

#MyWork #MyPhoto #CCBYSA #DSLR #Nikon #D7000 #Nature #BackyardAstronomy #Astronomy #AstroPhotography

Looking through my spam folder I have found something curious.

Spammers are using some sort of automated script to walk through part of the website and despite getting a 403 in the comments link the comment makes it through (although it ends up in the spam folder).

I'm not sure how to debug this further but wish I knew what they're sending to do that.

Debian packages for WordPress version 5.4 will be uploaded shortly. I’m just going through the install testing now. One problem I have noticed is, at least for my setup, there is an issue with network updates. The problem is that WordPress will ask me if I want to update the network sites, I say yes and get a SSL error. After lots of debugging, the problem is that the fsockopen option to use SNI is turned off for network updates. My sites need SNI so without this they just bomb out with a SSL handshake error. I’m not sure what the real fix is, but my work-around was to temporary set the SNI in the fsockopen transport while doing the site updates. The file you want wp-includes/Requests/Transport/fsockopen.php and in the request method of Requests_Transport_fsockopen you’ll see something like: stream_context_set_option($context, array(β€˜ssl’ => $context_options)); } else { $remote_socket = β€˜tcp://’ . $host; } Just before the stream_context_set_option put the line: $context_options[’SNI_enabled’] = true; Ugly but it works

https://dropbear.xyz/2020/04/05/wordpress-5-4/

The well-known kill system call has been around for decades and is used to send a signal to another process. The most common use is to terminate or kill another process by sending the KILL or TERM signal but it can be used for a form of IPC, usually around giving the other process a β€œkick” to do something. One thing that isn’t as well known is besides sending a signal to a process, you can send some data to it. This can either be an integer or a pointer and uses similar semantics to the known kill and signal handler. I came across this when there was a merge request for procps. The main changes are using sigqueue instead of kill in the sender and using a signal action not a signal handler in the receiver. To illustrate this feature, I have a small set of programs called sender and receiver that will pass an integer between them. The Sender The sender program is extremely simple, use a random(ish) from time masked to two bytes, put it in the required union and send the lot to sendqueue. # include # include # include # include int main(int argc, char **argv) { union sigval sigval; pid_t pid; if (argc < 2 || (pid = atoi(argv[1])) < 0) return EXIT_FAILURE; sigval.sival_int = time(NULL) & 0xff; printf("sender: sending %d to PID %d\n", sigval.sival_int, pid); sigqueue(pid, SIGUSR1, sigval); return EXIT_SUCCESS; } The key lines are 13 and 16 where the random (ish) integer is stored in the sigval union and then sent to the other process with the sigqueue. The receiver The receiver just sets up the signal handler, sends its PID (so I know what to tell the sender) and sits in a sleeping loop. # include # include # include # include # include void signal_handler(int signum, siginfo_t *siginfo, void *ucontext) { if (signum != SIGUSR1) return; if (siginfo->si_code != SI_QUEUE) return; printf("receiver: Got value %d\n", siginfo->si_int); } int main(int argc, char **argv) { pid_t pid = getpid(); struct sigaction signal_action; printf("receiver: PID is %d\n", pid); signal_action.sa_sigaction = signal_handler; sigemptyset (&signal_action.sa_mask); signal_action.sa_flags = SA_SIGINFO; sigaction(SIGUSR1, &signal_action, NULL); while(1) sleep(100); return EXIT_SUCCESS; } Lines 16-26 setup the signal handler. The main difference here is SA_SIGINFO used for the signal flags and sigaction references a sa_sigaction function rather than sa_handler. We need to use…

Read more

https://dropbear.xyz/2020/04/29/sending-data-in-a-signal/

ALRIGHT NERDS

happy #MastoMonday

today i've got somethin special for yall

a mastodon instance for folks who love to cook!!!

toomanycooks.social/

it's now offically open for signups (by approval) - please put any existing account you consider your "main" in the signup notes to help me approve!!

IMPORTANT NOTE TO OTHER ADMINS: this instance will be posting un CW'd food, please feel free to silence the instance if you don't want that on your fedi timeline!!!

love y'all!!

The @samuelpepys bot is one of the cooler ideas I've seen for bot-posting here.

Basically, it toots out a guy's journal from several hundred years ago, but does so in real-time with statuses and threads.

while doing routine maintenance on my servers today, I updated EntropyBot (a Limnoria bot for IRC) to use the system Python 3 version instead of the local pyenv based Python 2.x install that has been running for years

with that there shouldn't be any software running on my servers that's using Python 2

#sysadmin

Genesis - Land of Confusion

if you needed puppets today start here.

https://youtu.be/Yq7FKO5DlV0

Russian crackers are exploiting bug that gives control of mail servers

arstechnica.com/information-te

"In an advisory published on Thursday, the NSA said that the Sandworm group was actively exploiting a vulnerability in Exim, an open-source mail transfer agent for Unix-based operating systems. Tracked as CVE-2019-10149, the critical bug makes it possible for an unauthenticated remote attacker to send specially crafted emails that execute commands with root privileges."

#Cybersecurity #Infosec

the toot-lab is hosted in sundogistan, obviously, and I dare those imperialist swine to send their operatives to try and penetrate our borders

if you had a magic blue box that could go anywhere in time and space, where would you go?

My 2020 books in print!

Fewer titles than it should be but, you know: plague.

Are you one of those people with some mad system with lots of CPUs? Having a hard time trying to see them all? Well top is coming out with two new features.

The first is two CPUs per row for wide (about over 160 columns) screens.

The second is to be able to group cpus into, um groups, so you can see pairs of cpu stats aggregated or 4 aggregated etc.

If I had testicles, they wouldn't be just any testicles. They'd be extra fancy nuts.

The solution I eventually used was an evil kludge. It just matches the path of the mount point and the real path of the target file (so followed symlinks etc).

Evil, but lsof does this same thing so at least I will have company.

Show thread
Show more

πŸ… Craig's choices:

Mastodon on Dropbear

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!