For anyone that has done a long source code audit is not about really finding the easy/low hanging fruit stuff that can be slow and sometimes a bit “frustrating”. I recently had a nice 660,000 lines of code source code audit to be done in less than 2 weeks, the language was Java, so the first thing that was to be done (they had already hit fortify and other tools with it) and were looking for a bit of more interesting stuff apparently. This raised some specific problems while working and finding the vulnerabilities and exploitability of them.
If you have created a custom RightScript in the RightScale interface that uses git to clone a repository and you are running that RightScript on boot following the RightScale git_repo recipe then you likely are having issues. The problem appears to stem from the fact that the environment variables are not completely cleaned up as expected including $GIT_SSH and possibly others. I have a work around noted below along with a line you can enter in your RightScript to clear the $GIT_SSH ENV variable as well.
Have a long running Linux process open in a SSH terminal window and need to shutdown your computer without killing it? I run into this on a regular basis and never spent the time looking into a solution but this past weekend I actually decided to look and came up with a cool solution called reptyr. The reptyr application allows you to open screen and migrate the process to the screen terminal and away from the terminal connection opened without screen. This allows you to detach from the window without killing the process. Below is a quick overview of installing reptyr and how to use it.
During an attempt to update Git on a CentOS Linux server via the Yum Package manager this evening I ran into a dependency error. The newer Git package has a dependency of Git-CVS package which also has a dependency of CVSPS package. So initially when I installed Git it didn’t require these packages so I never ran into an error. Below I show the error displayed when attempting to upgrade git via yum followed by how I resolved the issue installing the EPEL repository.
If you are using Git for version control then it is likely at some point you will have a project with multiple branches of code. The benefit of this is allowing various developers to work on different projects while providing an easier way to merge the code when the developers tasks are completed. One developer may be working strictly on big fixes that could need to be checked in daily while another developer may be working on a project that may take months to complete and git provides a system to merge these code branches together. Below is a quick reference for switching between Git code branches.