I have been looking for a good responsive table set up for a project I was working on. I ran across a codepen at https://codepen.io/nhackley/pen/QbGoLN and it was exactly what I was looking for (minus a few tweaks and adding the ability to have grouped results)
I cleaned it up and added a Grouped version.
Interested? Go check it out at https://github.com/cwhittl/responsive-react-tables
So we’re using Filevault and Local Accounts and we were in the need to reset password remotely.
We tried all the command line options but none would sync with Filevault.
We found out that you could reset it as the user in the User and Groups Preference window but that’s not an option (because it’s remote).
After much experimenting we found the only command line that worked was to run passwd as the user, not passwd user.
So run
sudo -u bobbysue passwd
Not
passwd bobbysue
This complicates the code due to passwd requires interaction so you have to use something like expect.
Here is what I came up with and it seems to work well.
expect -c"
spawn sudo -u bobbysue passwd
sleep 1
expect \"assword:\"
send $old_pass\r
expect \"assword:\"
send $new_pass\r
expect \"assword:\"
send $new_pass\r
expect eof"
Wait, what if I don’t know the old password?
This will work.
#!/bin/sh
password_user="bobbysue"
pass="ctechastronomy"
#reset to a known password
expect -c"
spawn passwd $password_user
sleep 1
expect \"assword:\"
send $pass\r
expect \"assword:\"
send $pass\r
expect eof"
#reset to known password which then pushes to FileVault
expect -c"
spawn sudo -u $password_user passwd
sleep 1
expect \"assword:\"
send $pass\r
expect \"assword:\"
send $pass\r
expect \"assword:\"
send $pass\r
expect eof"
Gotchas
This will mess up your Keychain, if you know the original password you can unlock it but if not you will need to create a new one.
We have spent days working on an issue where when we curl’d our sites we were getting the error
SL read: error:00000000:lib(0):func(0):reason(0), errno 104
Cert was ok but Curl could not touch the site…
Found out it was due to a misconfiguration in NGINX.
For you that care and find this, to fix make sure when you define a server to use 443 and a cert that you define all of it’s config option.
For example we were missing
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
That’s silly you should have that defined… We did in our default and we assumed that the site would inherit this.
A little know fact is that NGINX will allow inherit if you don’t redefine the cert so we took out the redefined cert (because it was the same as the default) and voila! the error was gone.
Hope this helps someone.
Whitt
We have been working on shoring up our servers for a specific client. Their latest scan showed an issue with CVE-2000-0649 “Web Server Internal IP Address/Internal Network Name Disclosure Vulnerability”
We looked and looked and there is not documentation to fix the issue.
We could replicated it using https://www.exploit-db.com/exploits/20096/
After days of trying to figure it out we finally found a fix.
http://nginx.org/en/docs/http/ngx_http_core_module.html#server_name_in_redirect
server_name_in_redirect
on
Once it’s added to nginx.conf and nginx is reloaded this is what you will see
Wait what about my domain? Shouldn’t it be that instead of localhost?
I think it’s because the vulnerability is from HTTP 1.0 which won’t contain the “Host” part of the header.
But I’m not 100% sure…
Maybe I’ll look into it more later but for now it fixes our issue and we can move on.
I hope this helps anyone looking to fix the problem and feel free to comment below if you have a better way or can see any issues with enabling this flag.
Whitt
I finally have decided to use the whittlecorn address. I’m not sure if I will actually blog or just use it for a place to share my code and other random musings.
Enjoy!
