All posts for the month July, 2021

A quick test of sandbox


Sandbox on my Windows 10 Pro 21H1 OS build 19043.1110 minimum version 18305 required
Virtualization enable already in BIOS
In Features and programs, check “Windows Sandbox” and reboot
Run Windows Sandbox on the Start menu
When close, all will be gone. Session cannot be saved
Folders can be shared between host and sandbox
Software installed on host is not available in Sandbox, e.g. Chrome
My sample config.wsb:

<Configuration>
<MappedFolders>
    <MappedFolder>
    <HostFolder>S:\Rio</HostFolder>
    <SandboxFolder>C:\Rio</SandboxFolder>
    <ReadOnly>false</ReadOnly>
    </MappedFolder>
</MappedFolders>
</Configuration>

Screenshot: Sandbox.jpg

by Rio Wing on July 31, 2021  •  Permalink
Posted in DevOps
Tagged

Posted by Rio Wing on July 31, 2021

https://riowingwp.wordpress.com/2021/07/31/a-quick-test-of-sandbox/

makefile variables


make imports all exported bash variables, such as $(PATH)
to have a variable imported without export: make myCmdVar=myCmdVarVal myTarget
to define var in makefile: makeVarDefer = makeVarDeferValue or makeVarImm := $(shell echo makeVarVal)
to reference: from
make function: $(info info: makeVar = $(makeVar)
make directives: ifeq ($(makeVar),) ifdef makeVar
recipe: echo $(makeVar)

Notes:
indentation: recipe start tab char
recipe calling bash var: on same line: bashVar=bashVarVal; echo bashVar = $$bashVar

download at: http://riowing.net/p/wp/makefileWp including instructions

by Rio Wing on July 25, 2021  •  Permalink
Posted in linux

Posted by Rio Wing on July 25, 2021

https://riowingwp.wordpress.com/2021/07/25/makefile-variables/

Email Security


Why people send emails pretending to be someone else. I can think of three circumstances:
1. TheBadGuys.com
2. I, the owner, requested gmail to send my emails on behave of riowing.net, so that mail.riowing.net only handles incoming email.
3. rioFriend@aWorkMailClient.com requests aws to “redirect”, instead of “forward”, his emails to gmail.com so that rioFriend can process emails on gmail.com.
In this case, workmail have to send the email to gmail with sender shown as rio@riowing.net instead of rioFriend@aWorkMailClient.com

Three technologies, SPF, DKIM and DMARC, discussed with the following assumptions:
email sender shown as: rio@riowing.net
email sent by: gmail.com
email received by: rioFriend@aWorkMailClient.com thru email-smtp.us-west-2.amazonaws.com which is AWS workMail

  1. SPF Sender Policy Framework:
    riowing.net publishes on DNS who is allowed to send emails with sender shown as *@riowing.net. e.g. gmail.com is allowed.

2. DKIM: Domain Keys Identified Mail.
riowing.net signs its outgoing emails and insert the signature as a header.
workmail can verify the signature with riowing.net’s public key.
The header is parallel to “From”, inside smtp DATA, which is after “MAIL TO” , like this:
RCPT TO: rioFriend@aWorkMailClient.com>
DATA
DKIM-Signature: v=1; a=rsa-sha256; d…
From: Riorio@riowing.net

3. DMARC: Domain-based Message Authentication, Reporting and Conformance
is a DNS TXT record to publish if SPF/DKIM is used, and what to do if checking failed.
it looks like this: v=DMARC1; p=none; rua=mailto:admin@riowing.net;aspf=s
meaning: failure report to admin@riowing.net, SPS is strict

All discussed above only verify domain only, like riowing.net, instead of an individual such as rio@riowing.net, which is taken care by PGP and S/MIME

by Rio Wing on July 18, 2021  •  Permalink
Posted in DevOps
Tagged , ,

Posted by Rio Wing on July 18, 2021

https://riowingwp.wordpress.com/2021/07/18/email-security/

Windows delete linux files on NTFS


Windows failed to delete a file with pipe | sign in name, created by linux, on NTFS external drive. file name was “pthread-RPP|TPP.SUSv4.syms” from Broadcom.
Before the successful deletion by mounting it to a physical native ubuntu, I tried all ways on Windows and all failed.

  1. rsync on WSL1. This is how I encoutered this problem. Original error: Permission denied (13) IO error encountered. Then I tried to manually delete this file.
  2. File explorer: can neither del nor rename
  3. Cmd: del “\?\G:\pthread-RPP|TPP.SUSv4.syms”
    The filename, directory name, or volume label syntax is incorrect.
  4. thru 8dot3name
    S:> del /F pthrea~1
    output: Could Not Find pthrea~1
    S:> fsutil 8dot3name query g:
    Output: 8dot3 name creation is disabled on g:
  5. WSL1 and 2: these command cannot see USB drives
    sudo lsusb shows nothing
    sudo fdisk -l only shows internal and ram drives
    mouning is ok: sudo mount -t drvfs g: i
    but cannot ls: cannot access ‘pthread-RPP|TPP.SUSv4.syms’: No such file or directory
    $ sudo rm -rf ParentFolderOfTheFile output: Permission denied
    can see it as driver letter, e.g G:, and therefore mount has to be -t drvfs.
    AS drvfs goes through Windows API, it still cannot delete the file.
  6. cygwin same error as WSL

Summary:
| is invalid on windows, but valid on NTFS.
mounting it to physical linux machine worked:
sudo mount -t ntfs-3g /dev/sdb1 /mnt/usb
rm “pthread-RPP|TPP.SUSv4.syms” # ” is required.
Not tried yet: WSL is likely to work out as below:
c:> wsl.exe –mount \./PHYSICALDRIVE2 –PARTITION 1
$ cd /mnt/wsl/PHYSICALDRIVE2P1
rm “pthread-RPP|TPP.SUSv4.syms”

by Rio Wing on July 10, 2021  •  Permalink
Posted in DevOps
Tagged

Posted by Rio Wing on July 10, 2021

https://riowingwp.wordpress.com/2021/07/10/delete-files/

« Older Posts