maggioni.xyz Eat polenta and do not counter-aim! http://localhost:4000/ Tue, 23 Oct 2018 17:00:52 +0200 Tue, 23 Oct 2018 17:00:52 +0200 Jekyll v3.8.4 How to rickroll people that try to run "rm -rf" on your system <p><strong> WARNING: The method showed here could not prevent the actual execution of “rm -rf” if the “UNIX vandal” is clever enough. Proceed at your own risk, and make backups! </strong></p> <p>I like Rick Astley late 80’s songs, and you can see them here in my Spotify:</p> <p><img src="https://dl.dropboxusercontent.com/s/t9vywa4yjotxv0o/Screenshot_20160728_154506.png?dl=0" alt="dQw4w9WgXcQ" /></p> <p>I like rickrolling people myself too, especially if they’re trying to delete my entire <code class="highlighter-rouge">/home</code> directory or, even worse, <code class="highlighter-rouge">/</code>. Since I learned how to use the <code class="highlighter-rouge">alias</code> built-in, I wanted a way to prevent that random people tinkering with my laptop (that I may forgot to lock) could delete potentially important stuff, just for fun or boredom.</p> <p>The method that I’ll show will lock any <code class="highlighter-rouge">rm</code> command runned in both recursive and force mode, so <code class="highlighter-rouge">rm -rf</code>, <code class="highlighter-rouge">rm -f -r</code> and <code class="highlighter-rouge">rm -r --force</code> are all blocked, even if they are launched by <code class="highlighter-rouge">sudo</code>. I’m going to alias the rm command in <code class="highlighter-rouge">/etc/profile</code> <code class="highlighter-rouge">/etc/bash.bashrc</code> and in <code class="highlighter-rouge">/etc/zsh/zshrc</code> (I’m a zsh user) so that the rickroll will be possible from all users, even root and the ones with a brand new <code class="highlighter-rouge">bashrc</code> or <code class="highlighter-rouge">zshrc</code>. Here is the code I appended to those files:</p> <figure class="highlight"><pre><code class="language-bash" data-lang="bash"><span class="nb">alias rm</span><span class="o">=</span>/bin/rmAlias <span class="nb">alias sudo</span><span class="o">=</span><span class="s1">'sudo '</span> <span class="c"># this enables aliases in sudo, see http://askubuntu.com/questions/22037/aliases-not-available-when-using-sudo</span></code></pre></figure> <p>Since <code class="highlighter-rouge">alias</code> is not able to control the flags of the aliases (see <a href="http://apple.stackexchange.com/questions/50963/how-do-i-add-a-flag-to-an-alias">here</a>), we’re going to redirect each call of <code class="highlighter-rouge">rm</code> to <code class="highlighter-rouge">/bin/rmAlias</code>, that would run the command if it’s safe. I didn’t use a function because it’s a bit tricky to make that work with <code class="highlighter-rouge">sudo</code>. So, let’s see the code I put in <code class="highlighter-rouge">rmAlias</code>:</p> <figure class="highlight"><pre><code class="language-bash" data-lang="bash"><span class="c">#! /bin/bash</span> <span class="c"># Rickroll whoever tries to desert this system, even root.</span> <span class="c"># To achieve this, set the appropriate aliases even in /etc/profile and similars.</span> <span class="c"># Video played when rickrolling</span> <span class="nv">ROLLVIDEO</span><span class="o">=</span>/opt/anti-rm/serious-video.mkv <span class="c"># it's just Never Gonna Give You Up on my system, but be free to customize this!</span> rickroll<span class="o">(){</span> <span class="nb">echo</span> <span class="s2">"Never gonna desert this system..."</span> xdg-open <span class="nv">$ROLLVIDEO</span> 2&gt;&amp;1 &amp; <span class="nb">exit </span>0 <span class="o">}</span> <span class="k">while </span><span class="nb">getopts</span> <span class="s2">":rf-"</span> opt<span class="p">;</span> <span class="k">do</span> <span class="c"># Prevent '--force' to be detected as -r and -f</span> <span class="k">if</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$opt</span><span class="s2">"</span> <span class="o">=</span> <span class="s2">"-"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nv">OPTIND</span><span class="o">=</span><span class="nv">$OPTIND</span>+1 <span class="k">continue fi if</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$opt</span><span class="s2">"</span> <span class="o">=</span> <span class="s2">"r"</span> <span class="o">]</span> <span class="o">||</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$opt</span><span class="s2">"</span> <span class="o">=</span> <span class="s2">"f"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then if</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$tmp</span><span class="s2">"</span> <span class="o">=</span> <span class="s2">""</span> <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nv">tmp</span><span class="o">=</span><span class="nv">$opt</span> <span class="k">continue elif</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$tmp</span><span class="s2">"</span> <span class="o">!=</span> <span class="s2">"</span><span class="nv">$opt</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then </span>rickroll <span class="k">fi fi done for </span>var <span class="k">in</span> <span class="s2">"</span><span class="nv">$@</span><span class="s2">"</span> <span class="k">do if</span> <span class="o">[[</span> <span class="s2">"</span><span class="nv">$var</span><span class="s2">"</span> <span class="o">=</span> <span class="s2">"--force"</span> <span class="o">&amp;&amp;</span> <span class="s2">"</span><span class="nv">$tmp</span><span class="s2">"</span> <span class="o">=</span> <span class="s2">"r"</span> <span class="o">]]</span><span class="p">;</span> <span class="k">then </span>rickroll <span class="k">fi done</span> <span class="c"># If it's safe, just run rm</span> /bin/rm <span class="s2">"</span><span class="nv">$@</span><span class="s2">"</span> <span class="nb">exit</span> <span class="nv">$?</span></code></pre></figure> <p>It may look messy to a UNIX guy more experienced than me, but it works. The <code class="highlighter-rouge">getopts</code> built-in sees if both the <code class="highlighter-rouge">-r</code> and the <code class="highlighter-rouge">-f</code> flags are used and, if so, it starts <code class="highlighter-rouge">rickroll()</code>, which opens with <code class="highlighter-rouge">xdg-open</code> that amazing clip from RickAstleyVEVO. From line 30 and below, the script checks if the <code class="highlighter-rouge">--force</code> flag is used instead of <code class="highlighter-rouge">-f</code>.</p> <p>Give execute permissions to the script we’ve just created:</p> <figure class="highlight"><pre><code class="language-bash" data-lang="bash"><span class="c"># chmod +x /bin/rmAlias</span></code></pre></figure> <p>Restart your shell, and enjoy. If you want to test safely, I suggest trying to run <code class="highlighter-rouge">rm -rf</code> with no folders or one nonexistant, since this script stop even these commands.</p> <p>If you want even more security, you can rename this script to <code class="highlighter-rouge">/bin/rm</code> and move the original one in some other place, getting rid of all the aliases. I prefer the solution above because it’s tidier: you haven’t to move anything. In fact, this could be just an AUR package…</p> Thu, 28 Jul 2016 16:00:00 +0200 http://localhost:4000/linux/2016/07/28/how-to-rickroll-people-launching-rm-rf-on-your-system.html http://localhost:4000/linux/2016/07/28/how-to-rickroll-people-launching-rm-rf-on-your-system.html linux Installing Gentoo on a Lenovo ThinkPad X60s <p>My only laptop is a <a href="http://www.thinkwiki.org/wiki/Category:X60s">IBM/Lenovo ThinkPad X60s</a>, a top line “ultrabook” from 2006 that features:</p> <ul> <li>An Intel Core Duo L2400 dual core 32 bit CPU, clocked at 1.66 Ghz;</li> <li>2GB of RAM;</li> <li>60GB of SATA1 hard drive;</li> <li>Wifi, Bluetooth, trackpoint mouse only, 56k modem, and a decent set of I/0 ports (including a CardBus slot!).</li> </ul> <p><img src="https://dl.dropboxusercontent.com/s/vkm6phz5yb2k4oq/IMG_20160712_143708.jpg?dl=0" alt="Think1" /></p> <p><img src="https://dl.dropboxusercontent.com/s/wfjj1wih90lrzax/IMG_20160712_143618.jpg?dl=0" alt="Think2" /></p> <p>This machine had an installation on Arch Linux, and I was using it for school stuff. It runned smoothly KDE5, Atom (great editor, I’m using it to write this article), and it was usable even with Phpstorm. Pretty impressive for such an old thing, right?</p> <p>Since now I don’t need this laptop every day I decided to give a try at Gentoo, another rolling relase, DIY install distro. This was both a test of my skills, my patience and the performances of the machine. For those of you that don’t know, Gentoo hasn’t binary packages: imagine using Arch with just a developer mantained AUR.</p> <p>I followed the <a href="https://wiki.gentoo.org/wiki/Handbook:Main_Page">installation guide</a> without any problem until I had to emerge and install 309 packets from my <code class="highlighter-rouge">@world</code> set: it took 15 hours! The compilation of <code class="highlighter-rouge">cmake</code> crashed because of memory starvation, and so I had to use a spare USB stick as swap (the root file system wasn’t resizable as it was JFS). After some research and a couple of seconds in <code class="highlighter-rouge">top</code> I discovered that <a href="https://en.wikipedia.org/wiki/Physical_Address_Extension">PAE</a> was not implemented in the install disk kernel. TIP: if you want to use a nicer install enviroment, use the Arch ISO. With gentoo, the initialisation of the file system is made with a <a href="https://wiki.gentoo.org/wiki/Stage_tarball#Stage_3">stage 3 tarball</a> and not by tools like <a href="https://wiki.archlinux.org/index.php/beginners'_guide#Install_the_base_packages">pacstrap</a>.</p> <p>I had another problem with <code class="highlighter-rouge">make menuconfig</code>, the tool used to specify what features add or remove in your compiled from source Linux kernel. The ncurses menu showed me 64bit options, even if the install disk and the CPU were both 32 bit. If you have this issue too, you can set the <code class="highlighter-rouge">ARCH</code> variable by your own:</p> <figure class="highlight"><pre><code class="language-bash" data-lang="bash"><span class="c"># make ARCH=i386 menuconfig</span> <span class="c"># make ARCH=i386</span> <span class="c"># make ARCH=i386 install</span></code></pre></figure> <p>At the end, I made it! I only have a base install, but i can show you <code class="highlighter-rouge">screenfetch</code>:</p> <p><img src="https://dl.dropboxusercontent.com/s/fbysnd58sj4g3kl/IMG_20160711_162733.jpg?dl=0" alt="Screenfetch" /></p> <p>I’ve not installed Gentoo in dual boot because I didn’t figured out how to switch my bluetooth dongle in HID mode yet, so I can’t select the OS with <code class="highlighter-rouge">rEFInd</code>. Hope this rambling was, if not useful, at least entertaining!</p> Tue, 12 Jul 2016 13:00:00 +0200 http://localhost:4000/linux/2016/07/12/installing-gentoo-on-a-thinkpad-x60s.html http://localhost:4000/linux/2016/07/12/installing-gentoo-on-a-thinkpad-x60s.html linux Get a Bluetooth keyboard work with Arch Linux <p> I've recently got a Rapoo E6100. This is a minimal and space saving Bluetooth 3.0 keyboard. If you pair it with Windows 10, it will remain paired after reboot, giving the possibility to use it since the login screen. After installing the Bluetooth stack on my Arch via the <code>bluez</code> and <code>bluez-utils</code> packages I thought the pairing process would be as simple as Windows if I used the KDE GUI menus for Bluetooth management. That's not true. The keyboard, once paired, will reconnect automatically just after <code>plasmashell</code> loaded, leaving me without keyboard during the SDDM login screen and, of course, during a non-graphical session. </p> <p> As usual, i've searched help in the ArchWiki, founding <a href="https://wiki.archlinux.org/index.php/Bluetooth_keyboard">this</a> article. With that, i've succesfully reconnected my Bluetooth keyboard using the <code>bluetoothctl</code> utility. The next step was configuring the service for auto connection during boot. I've created the <code>btkbd.conf</code> and the <code>btkbd.service</code> files, enabling the last one with systemd. Let's give a look to the service file: </p> <p> <figure class="highlight"><pre><code class="language-bash" data-lang="bash"><table class="rouge-table"><tbody><tr><td class="gutter gl"><pre class="lineno">1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 </pre></td><td class="code"><pre><span class="o">[</span>Unit] <span class="nv">Description</span><span class="o">=</span>systemd Unit to automatically start a Bluetooth keyboard <span class="nv">Documentation</span><span class="o">=</span>https://wiki.archlinux.org/index.php/Bluetooth_Keyboard <span class="nv">Requires</span><span class="o">=</span>dbus-org.bluez.service <span class="nv">After</span><span class="o">=</span>dbus-org.bluez.service <span class="nv">ConditionPathExists</span><span class="o">=</span>/etc/btkbd.conf <span class="nv">ConditionPathExists</span><span class="o">=</span>/usr/bin/hcitool <span class="nv">ConditionPathExists</span><span class="o">=</span>/usr/bin/hciconfig <span class="o">[</span>Service] <span class="nv">Type</span><span class="o">=</span>oneshot <span class="nv">EnvironmentFile</span><span class="o">=</span>/etc/btkbd.conf <span class="nv">ExecStart</span><span class="o">=</span>/usr/bin/hciconfig <span class="k">${</span><span class="nv">HCIDEVICE</span><span class="k">}</span> up <span class="c"># ignore errors on connect, spurious problems with bt?</span> <span class="c"># so start next command with -</span> <span class="nv">ExecStart</span><span class="o">=</span>-/usr/bin/hcitool cc <span class="k">${</span><span class="nv">BTKBDMAC</span><span class="k">}</span> <span class="o">[</span>Install] <span class="nv">WantedBy</span><span class="o">=</span>multi-user.target</pre></td></tr></tbody></table></code></pre></figure> </p> <p> Line 13 enables the Bluetooth dongle, and line 16 connects it to the keyboard we gave the mac address in <code>/etc/btkbd.conf</code>. This should work flawlessly, right? Of course it doesn't. The service starts before the <code>dbus-org.bluez.service</code> is loaded and fails. However, if the service is started manually after login the Bluetooth keyboard works. After hours of trying figuring out what was wrong I've almost asked for a return on Amazon! The last attempt I made was with sddm disabled and involved built from scratch service: </p> <p> <figure class="highlight"><pre><code class="language-bash" data-lang="bash"><table class="rouge-table"><tbody><tr><td class="gutter gl"><pre class="lineno">1 2 3 4 5 6 7 8 9 10 </pre></td><td class="code"><pre><span class="o">[</span>Unit] <span class="nv">Description</span><span class="o">=</span>systemd Unit to automatically start a Bluetooth keyboard <span class="o">[</span>Service] <span class="nv">Type</span><span class="o">=</span>oneshot <span class="nv">ExecStart</span><span class="o">=</span>/bin/hciconfig hci0 up <span class="nv">ExecStart</span><span class="o">=</span>/bin/hcitool cc 00:11:22:33:44:55 <span class="o">[</span>Install] <span class="nv">WantedBy</span><span class="o">=</span>bluetooth.target</pre></td></tr></tbody></table></code></pre></figure> </p> <p> This incredibly worked. I think the problem was that <code>multi-user.target</code> that needs to be reached earlier than <code>bluetooth.target</code>. I got rid of all the tidiness of the ArchWiki solution just to be sure that was not the problem, but I think you can use all of that just correcting <code>WantedBy=</code>. Currently I haven't an ArchWiki account nor a forum one, but as soon as I'll register I'll correct the article. </p> <p> Last thing: I discovered that my Bluetooth dongle is CSR 8510 A10 based so expect some ramblings about <a href="http://www.0xf8.org/2014/02/the-crux-of-finding-a-hid-proxy-capable-usb-bluetooth-adapter/">hid proxy</a>. </p> Thu, 07 Jul 2016 14:49:18 +0200 http://localhost:4000/linux/2016/07/07/get-a-bluetooth-keyboard-work-with-arch.html http://localhost:4000/linux/2016/07/07/get-a-bluetooth-keyboard-work-with-arch.html linux