Jenkins NodeJS plugin with async or other thirdparty libraries

After enabling Jenkins NodeJS plugin, I found it missing async even though I configure it to install async in "Configuring Tools". Actually you can still reference it by doing some string manipulation In your job step:

Is glibc-2.17 in Ubuntu 13.10 GHOST vulnerable?

Based on some facts:

1. Run the famous GHOST.c and print out "not vulnerable" with 2.17-93ubuntu4 libc6.
2. The patch was in on May 21, 2013, between the release of glibc-2.17 and 2.18.
3. Tomsguide said 13.10 and later are immune.
4. A comment from Y Combinator said no.

However, Qualys said 2.17 should have a problem right?

Following the patch...

Let's get the glibc source 2.17-93ubuntu4

# apt-get source eglibc
# head debian/changelog
eglibc (2.17-93ubuntu4) saucy; urgency=low

# vi nss/digits_dots.c
matches Yea it was patched.

The preseed to disable the auto update from Ubuntu repo during ISO installation

Tried to search google and didn't find an easy answer. Therefore I needed to look at the apt-setup source, and figured out these two preseeds:

d-i apt-setup/use_mirror boolean false

d-i apt-setup/services-select-ubuntu multiselect ""

The first entry disables the main/update/multiverse etc. The second entry disables the security.

Unit Testing Bash Scripts

Although I have written a lot of shell scripts the past year, I did not write a single unit test to verify my code. In Python, I have unittest module. In Java, I have JUnit for that... it seems I don't have any tool for bash scripts. Inspired by haridsv in http://stackoverflow.com/questions/971945/unit-testing-for-shell-scripts, I have achieved something that looks quite promising without installing extra lib, but repeating few lines... Task: Run a test.sh script to change the content of the /etc/ssh/sshd_config How can we test this script? We put everything into functions and test the functions! We are going to put the functions into a file with the same name + "_functions" The last declare, grep and while statement will automatically run every functions starting with "test_". You will get the line number too if it fails. You can also put setUp() or tearDown() feature into the while loop before/after the eval. To run this test, just run ./test_functions.sh Hope that helps. *EDIT: add ERROR or the eval will return 0 even it failed the middle tests.

Integrate jkeymaster with javAuto to support HotKey

Today I was looking for an alternative of AutoIt for Linux and found javAuto. After few mins, I already missed the HotKey function in AutoIt, and it seems javAuto has no support for this. A simple search of "Java Hotkey" returned https://github.com/tulskiy/jkeymaster, and actually it's easy to combine these two tools. Download the jkeymaster, build it with maven. You will find two jar files: jkeymaster-1.2-SNAPSHOT.jar and jna-4.1.0.jar in the target folder. Copy these two jars to the working directory along with javAuto.jar. For the Test.java, using F11 as the hotkey!

Node.js spawn command line in Linux

This is just a wrapper of the Node.js spawn in Linux containing Bash. A trick is to use /bin/bash for the child process and just pipe the command there.

run = (cmd, arg1, arg2) ->
  throw new Error 'The last argument needs to be a fn.' \
      if arg2? and typeof arg2 isnt 'function' or \
      !arg2? and typeof arg1 isnt 'function'

  options =
    'quiet': false

  if typeof arg1 is 'object'
    options[k] = v for k, v of arg1

  terminal = require('child_process').spawn('bash');

  stdout = ''
  terminal.stdout.on 'data', (data) ->
    stdout += data.toString()
    process.stdout.write data.toString() unless options['quiet']

  stderr = ''
  terminal.stderr.on 'data', (data) ->
    stderr += data.toString()
    process.stderr.write data.toString() unless options['quiet']

  terminal.on 'close', (code) ->
    stdout = stdout.replace(/^\s+|\s+$/g, '')
    stdout = if stdout.length > 0 then stdout.split '\n' else []
    stderr = stderr.replace(/^\s+|\s+$/g, '')
    stderr = if stderr.length > 0 then stderr.split '\n' else []

    callback = if typeof arg1 is 'function' then arg1 else arg2
    if code == 0
      callback null, stdout, stderr
    else
      callback new Error("#{cmd} exited with code #{code}."), stdout, stderr

  console.log "+ #{cmd} (#{new Date()})" unless options['quiet']
  terminal.stdin.write cmd
  terminal.stdin.end()

run 'ls -al *.coffee', (err, stdout, stderr) ->
  console.log err
  console.log stdout
  console.log stderr

awk sub, system, and getline to variable example

This is an example of having awk with system and getline calls... This is similar what debsums -c is doing but you can actually supply a custom md5sum list...

while read line; do echo $line | awk '{ x=$1; $1=""; sub("^ ", "/", $0); z=$0; sub("^", "\"", $0); sub("$", "\"", $0); if (system("[ -f " $0 " ]") == 0) { cmd="md5sum " $0 " | cut -d\  -f1"; cmd | getline y; close(cmd); if (y != x) printf "%-73s FAILED\n", z; } else printf "%-71s NOTFOUND\n", z;}'; done < /var/lib/dpkg/info/libc-bin.md5sums

How to make Python raw_input ignores Ctrl-D

The way to do this is to have a while loop around raw_input, and not print the question again in the next iteration. However, because of this Python bug http://bugs.python.org/issue12833, raw_input() or raw_input('') will erase the previous printed question in stdout output with a backspace. A workaround will be needed. Then, there's also a problem with Ctrl-D after you input something... Here's the code to handle Ctrl-D and quit at Ctrl-C without the stacktrace:

import readline
import sys

sys.stdout.write("question? ")
while True:
    try:
        print raw_input(" \b")
        break
    except EOFError:
        pass
    except KeyboardInterrupt:
        break

"import readline" will handle the Ctrl-D when you got something input at the question.

Syntax error near unexpected token LIBHTPMINVERSION PKG_CHECK_MODULES in Ubuntu

When compiling suricata 1.4.1 fresh in Ubuntu, after apt-get install all the necessary dependencies, you may see this:

syntax error near unexpected token `LIBHTPMINVERSION,'
`        PKG_CHECK_MODULES(LIBHTPMINVERSION,

Well, if you google it, it's more like you need to install pkg-config. However, I have it installed. There was another post saying, maybe my pkg-config is not updated... Turns out the workaround is to modify the ACLOCAL_FLAGS described here. By default, it's

export ACLOCAL_FLAGS="-I /usr/share/aclocal"

Monkey patch (mock) the built-in raw_input function

For testing without mock (thirdparty or 3.x), I wrote a mock context manager function for raw_input. If you do not provide enough response in the mock_raw_input argument list, the raw_input is back to normal.

import __builtin__
import sys
from contextlib import contextmanager

@contextmanager
def mock_raw_input(*input_list):
    """Monkey patch the raw_input()"""
    _raw_input = __builtin__.raw_input
    def _stub(prompt='', input_iter=iter(input_list), orig=_raw_input):
        try:
            _input = next(input_iter)
            sys.stdout.write(prompt)
            return _input
        except StopIteration:
            __builtin__.raw_input = _raw_input
            return raw_input(prompt)
    __builtin__.raw_input = _stub
    try:
        yield
    finally:
        __builtin__.raw_input = _raw_input

def main():
    with mock_raw_input('abc','cde'):
        print raw_input('abc?\n')
        print raw_input()
        print raw_input('no more expected value? ')
    raw_input('raw_input should be back to default here, right? ')

if __name__ == "__main__":
    main()