apache-2.2.34 and openssh-8.2p1 on EL6

Red Hat backports fixes and keep package versions as they are. At times, security scanners are not smart enough to know that. They’d complain the packages are out of date. Making it worse, apache 2.2 has reached EOL since 2018. And even though openssh is now on version 8.2, one will still find version 5.3 on EL6 systems. Upgrading EL is not an easy task like Ubuntu. One will most…

Read More

UID > INT_MAX

From thehackernews, it was said when the UID is larger than INT_MAX, which is 2147483647, privilege validation is improperly handled and that gives the user right to run systemctl commands as if he/she is a privileged user. What is my INT_MAX? Though it’s hard to imagine who would use such an UID when they usually starts with 1000. However, if Linux is integrated with AD, the AD users ID are mapped…

Read More

Cool feature on Azure – Run Command Script

I don’t think I’ve ever said anything good about Azure, but I’ve finally ran into one today. Someone screwed up sshd_config and the service would not start anymore. With the run script tool, I was able to revert the config to the original version and restart the service. Fortunately, the changes were checked into RCS, which made recovery relatively easy. Here, I checked out the original version of the config…

Read More

Building my first Linux package

Let’s take a look at how to build a really simple Linux package. The most common package formats are definitely .deb and .rpm. One will find them on Debian-variants and Redhat-variants respectively. In the following examples, a package will be created and it will contain 1 script.The script depends on Python so I want the package management tool to handle that for me too. The script’s name is goldenRatio.sh and…

Read More