The below code snippet was used to add SSH users to RackSpace cloud CentOS Linux nodes being used as application servers and managed via RightScale. The SSH users were required during a testing phase so they could look through logs and make modifications to specific configuration files, etc. There are three things that have to happen to create the SSH user, allow them to login, and provide them the necessary rights on the server to accomplish their tasks which include adding the user, modifying the sshd config to allow password logins, and update the sudoers file to enable sudo access for wheel group users.
The other day I needed to create a RightScript shell script that would update a couple configuration files on a server that was being launched in the RackSpace Cloud via RightScale. I decided to use SED to find and replace content within the configuration files. The first pass at the script failed because what I thought were spaces ended up being tabs. Use the information below to represent a tab within a shell script when using sed.
While looking into all of the specifics of the screencapture application on Mac OSX Lion I came across some interesting information about Color Profile. The Color Profile is assigned to each image captured with screencapture and I assume other media utilities function in the same way meaning they use the color profile that was configured when the image was created. The Color Profile stands for ICC Profile or International Color Consortium Profile and specifies a configuration file or set of configuration details that include color attributes. As you can image not all monitors display colors in the same way the same as not all graphics cards output colors in the same way so the Color Profile assigns settings that can be adjusted to make colors or any form of graphics look different.
So earlier today I noticed a discrepancy in traffic to question-defense.com and because of a previous incident I knew exactly where to look. Sure enough a similar attack had been performed which we are coining Search Engine Click Jacking. In this case we are sure that a single files permissions were left open and the attackers were able to write PHP into the file which caused traffic being referred to our site from many of the major search engines to be redirected to tenderloin.osa.pl. Our site is built using WordPress however any site built in PHP with incorrect permissions on any files are vulnerable to this type of attack. Below is more information about the attack, how to search for the attack, and a simple bash script that will remove the infected code from PHP files on your web site.
Earlier I was transferring some configuration files from an application on a Windows 7 computer to an application on a OSX Lion computer. The location of a file referenced in the configuration files had changed so I needed to update about a hundred different INI files with the new location. Doing this on OSX is very easy using perl as long as you get the syntax correct as it can be tricky if there are multiple quotes and or slashes. Below is a quick example of a perl command used to replace a single line of text in multiple files without having to modify each file individually.