Berkeley CSUA MOTD:Entry 52552
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2018/10/20 [General] UID:1000 Activity:popular
10/20   

2009/2/10-13 [Computer/SW/Security, Computer/SW/Unix] UID:52552 Activity:nil
2/10    I have an sh file that does a mount.. the mount does an
        authentication. I previosly stored the username and password
        from zenity prompts. However, I can't get a return on the password
        field. The following only works on the username:
        mount -t davfs "http://blahblah.com/BLahUser11" /mountdir << EOF
        ${username}
        ${password}
        EOF
        It gets stuck at the password. Any thoughts? thanks
        \_ Expect?
          \_ the username gets passed and a carriage return then a prompt
                for the password is there but the ${password} doesnt get
                put in nor carriage return. so script is stuck
                \_ /usr/bin/expect
                  \_ can't use expect. this is an automated installer on other
                    persons machines. I would have to apt-get expect
                    No way to do it just with EOFs?
                    \_ would "for i in 1; do echo $username; sleep 1; \
                              echo $password"; done | mount -t ..." work?
                       It really depends on how the password is being read.
                        \_ that didnt work... same behavior
                    \_ No, this is one reason tools like Expect were invented.
                       See, e.g.,
                       http://www.noah.org/wiki/Pexpect#Q:_Why_not_just_use_a_pipe_.28popen.28.29.29.3F
                        \_ thanks.. i guess i have no choice :) excellent!
                           \_ Well, that's not to say you couldn't make a very
                              stripped down version of an expect-like tool
                              that does what you want, and ship that. Maybe
                              someone else has already done it.
                                \_ or use Perl Expect or Python Expect.
ERROR, url_link recursive (eces.Colorado.EDU/secure/mindterm2) 2018/10/20 [General] UID:1000 Activity:popular
10/20   

You may also be interested in these entries...
2013/10/24-11/21 [Computer/Companies/Apple] UID:54747 Activity:nil
9/19    "No, A Severed Finger Will Not Be Able to Access a Stolen iPhone 5S"
        http://mashable.com/2013/09/15/severed-finger-iphone-5s
        I'm sure the Apple QA department has tested extensively that a severed
        finger will not be able to access a stolen iPhone 5S.
        \_ It doesn't matter whether or not a severed finger can be used.  It
           matters whether or not a robber thinks that a severed finger can be
	...
2013/6/6-7/31 [Politics/Foreign/Asia/China, Computer/SW/Security] UID:54690 Activity:nil
6/6     Wow, NSA rocks. Who would have thought they had access to major
        data exchangers? I have much more respect for government workers,
        crypto experts, mathematicans now than ever.
        \_ flea to Hong Kong --> best dim-sum in the world
           \_ "flee"
        \_ The dumb ones work for DMV, the smart ones for the NSA. If you
	...
2012/8/26-11/7 [Computer/SW/Security] UID:54465 Activity:nil
8/26    Poll: how many of you pub/priv key users: 1) use private keys that
        are not password protected 2) password protect your private keys
        but don't use ssh-agent 3) use ssh-agent:
        1) .
        2) ..
        3) ...
	...
2012/8/29-11/7 [Computer/SW/Security] UID:54467 Activity:nil
8/29    There was once a CSUA web page which runs an SSH client for logging
        on to soda.  Does that page still exist?  Can someone remind me of the
        URL please?  Thx.
        \_ what do you mean? instruction on how to ssh into soda?
           \_ No I think he means the ssh applet, which, iirc, was an applet
              that implemented an ssh v1 client.  I think this page went away
	...
2012/9/20-11/7 [Finance/Investment, Computer/SW/Unix] UID:54482 Activity:nil
9/20    How do I change my shell? chsh says "Cannot change ID to root."
        \_ /usr/bin/chsh does not have the SUID permission set. Without
           being set, it does not successfully change a user's shell.
           Typical newbie sys admin (on soda)
           \_ Actually, it does: -rwsr-xr-x 1 root root 37552 Feb 15  2011 /usr/bin/chsh
	...
2012/9/24-11/7 [Computer/SW/Languages, Computer/SW/Unix] UID:54484 Activity:nil
9/24    How come changing my shell using ldapmodify (chsh doesn't work) doesn't
        work either? ldapsearch and getent show the new shell but I still get
        the old shell on login.
        \_ Scratch that, it magically took my new shell now. WTF?
           \_ probably nscd(8)
	...
2012/8/7-10/17 [Computer/SW/Security] UID:54455 Activity:nil
8/6     Amazon and Apple have lame security policies:
        http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all
        "First you call Amazon and tell them you are the account holder, and
         want to add a credit card number to the account. All you need is the
         name on the account, an associated e-mail address, and the billing
         address. "
	...
2012/5/8-6/4 [Computer/SW/Unix] UID:54383 Activity:nil
5/8     Hello everyone!  This is Josh Hawn, CSUA Tech VP for Spring 2012.
        About 2 weeks ago, someone brought to my attention that our script
        to periodically merge /etc/motd.public into /etc/motd wasn't
        running.  When I looked into it, the cron daemon was running, but
        there hadn't been any root activity in the log since April 7th.  I
        looked into it for a while, but got lost in other things I was
	...
2013/4/30-5/10 [Computer/SW/Unix] UID:54666 Activity:nil
4/30    17:34 <xxx@xxx02:~ $ > uptime
        17:34:40 up 19:10,  2 users,  load average: 1117.31, 1106.06, 1074.05
	...
2012/4/27-6/4 [Computer/SW/Languages/Misc, Computer/SW/Unix] UID:54372 Activity:nil
4/27    I wrote a little shell script to collect iostat data:
        #!/bin/bash
        DATE=`date +%m%d`
        DATADIR=/var/tmp/user
        OUTPUTFILE=$DATADIR/$DATE.out
        while true
	...
2012/2/9-3/26 [Computer/SW/Security, Computer/SW/Unix] UID:54305 Activity:nil
2/9     Reminder: support for mail services has been deprecated for *several
        years*. Mail forwarding, specifically .forward mail forwarding, is
        officially supported and was never deprecated.
        \_ There is no .forward under ~root.  How do we mail root and how do
           we get responses?
           \_ root@csua.berkeley.edu is and always has been an alias.
	...
2011/9/14-12/28 [Computer/SW/Unix] UID:54172 Activity:nil
9/12    We've restored CSUA NFS to something vaguely resembling normal
        functionality -- plus, with some luck, we should now have something
        vaguely resembling normal uptime, too!  Ping root@csua.org if you
        notice any problems.  --jordan
--------------------------------------------------------------------------------
        \_  Oh, and http://irc.CSUA.Berkeley.EDU is online again.
	...
2011/10/26-12/6 [Computer/SW/Unix] UID:54202 Activity:nil
10/24  What's an easy way to see if say column 3 of a file matches a list of
       expressions in a file? Basically I want to combine "grep -f <file>"
       to store the patterns and awk's $3 ~ /(AAA|BBB|CCC)/ ... I realize
       I can do this with "egrep -f " and use regexp instead of strings, but
       was wondering if there was some magic way to do this.
       \_ UNIX has no magic. Make a shell script to produce the ask or egrep
	...
Cache (70 bytes)
blahblah.com/BLahUser11"
Not Found The requested URL /BLahUser11" was not found on this server.
Cache (8192 bytes)
www.noah.org/wiki/Pexpect#Q:_Why_not_just_use_a_pipe_.28popen.28.29.29.3F
pexpect current Description of Pexpect Pexpect is a pure Python expect-like module. Pexpect makes Python a better tool for controlling other applications. Pexpect is a pure Python module for spawning child applications; Pexpect allows your script to spawn a child application and control it as if a human were typing commands. Pexpect can be used for automating interactive applications such as ssh, ftp, passwd, telnet, etc. It can be used to a automate setup scripts for duplicating software package installations on different servers. Pexpect is in the spirit of Don Libes' Expect, but Pexpect is pure Python. Unlike other Expect-like modules for Python, Pexpect does not require TCL or Expect nor does it require C extensions to be compiled. It should work on any platform that supports the standard Python pty module. License MIT style -- Free, open source, and all that good stuff. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. pexpect current The Pexpect tarball is a standard Python Distutil distribution. Running the following commands should get you a working Pexpect module. Note that you have to have root access to install a site package. Requirements for use of Pexpect Python Pexpect was written and tested with Python 25 It should work on earlier versions that have the pty module. The pty module is part of the Standard Python Library, so if you are running on a POSIX system you should have it. I have taken effort to try to smooth the wrinkles out of the different platforms. Pexpect does not currently work on the standard Windows Python (see the pty requirement); It is possible to build something like a pty for Windows, but it would have to use a different technique that I am still investigating. I know it's possible because Libes' Expect was ported to Windows. If you have any ideas or skills to contribute in this area then I would really appreciate some tips on how to approach this problem. SVN trunk Note that all PyUnit tests are under the tests/ directory. py Examples Under the distribution tarball directory you should find an "examples" directory. It calculates some simple statistical information on the number of external inet connections. This can be used to detect if one IP address is taking up an excessive number of connections. It can also send an email alert if a given IP address exceeds a threshold between runs of the script. This script can be used as a drop-in Munin plugin or it can be used stand-alone from cron. I used this on a busy web server that would sometimes get hit with denial of service attacks. This made it easy to see if a script was opening many multiple connections. A typical browser would open fewer than 10 connections at once. py This script creates SSH connections to a list of hosts that you provide. Each shell command that you enter is sent to all the hosts. For example, you could connect to a dozen different machines and reboot them all at once. py This implements a command similar to the classic BSD "script" command. This will start a subshell and log all input and output to a file. py This is for cleaning up binary files improperly added to CVS. checks with CVS to see if the sticky options are set to -kb; finally if sticky options are not -kb then uses 'cvs admin' to set the -kb option. and then gives the user interactive control over the session. In this case the "bookmark" is to a directory on the OpenBSD ftp server. py This runs a sequence of commands on a remote host using SSH. It runs a simple system checks such as uptime and free to monitor the state of the remote host. py This will login to each given server and change the password of the given user. py This starts the python interpreter and prints the greeting message backwards. It greatly simplifies the process of ripping a DVD to Divx (mpeg4) format. removing interlace artifacts, fitting to a target file size, etc. There are lots of options, but the process is simple and easy to use. It monitors the connection and restarts the tunnel if it goes down. py This will run the uptime command and parse the output into variables. This demonstrates using a single regular expression to match the output of a command and capturing different variable in match groups. The grouping regular expression handles a wide variety of different uptime formats. Overview Pexpect can be used for automating interactive applications such as ssh, ftp, mencoder, passwd, etc. Here is an example of Pexpect in action: # This connects to the openbsd ftp site and # downloads the recursive directory listing. sendline ('bye') Obviously you could write an ftp client using Python's own ftplib module, but this is just a demonstration. This is especially handy if you are writing automated test tools. There are two important methods in Pexpect -- expect() and send() (or sendline() which is like send() with a linefeed). The expect() method waits for the child application to return a given strong. The string you specify is a regular expression, so you can match complicated patterns. The send() method writes a string to the child application. From the child's point of view it looks just like someone typed the text from a terminal. After each call to expect() the before and after properties will be set to the text printed by child application. The before property will contain all text up to the expected string pattern. The after string will contain the text that was matched by the expected pattern. An example of Pexpect in action may make things more clear. and then pass interactive control of the ftp session to the human user. Special EOF and TIMEOUT patterns There are two special patterns to match the End Of File or a Timeout condition. If the child has died and you have read all the child's output then ordinarily expect() will raise an EOF exception. In this case everything the child has output will be available in the before property. Lists if patterns The pattern given to expect() may be a regular expression or it may also be a list of regular expressions. The expect() method returns the index of the pattern that was matched. After entering a password you could get various responses from the server -- your password could be rejected; or you could be allowed in and asked for your terminal type; or you could be let right in and given a command prompt. sendline (my_secret_password) # We expect any of these three patterns... after If nothing matches an expected pattern then expect will eventually raise a TIMEOUT exception. The default time is 30 seconds, but you can change this by passing a timeout argument to expect(): # Wait no more than 2 minutes (120 seconds) for password prompt. expect('password:', timeout=120) Find the end of line -- CR/LF conventions Matching at the end of a line can be tricky. Pexpect matches regular expressions a little differently than what you might be used to. The $ matches the end of string, but Pexpect reads from the child one character at a time, so each character looks like the end of a line. Pexpect can't do a look-ahead into the child's output stream. In general you would have this situation when using regular expressions with a stream. Note, pexpect does have an internal buffer, so reads are faster t...