Veghead's Spell Book

Cloaking Spells
Containment Spells
Debianicals
Discworlde
Perls of wisdom
Remedies for nuisance
Spells of the 6th order
Shellmanship
Videographical Spells

Containment Spells

Run a docker container, without launching the entrypoint

docker run -it --entrypoint '/bin/bash' mycontainer -s

root@6f3eca61s5cf4:/#

Cloaking Spells

Turn an empty partition into an encrypted LUKS device

cryptsetup -y -v luksFormat /dev/sdbX

This will erase /dev/sdbX. You will be asked to supply a passphrase.

Set a passphrase for your LUKS device volume, and name it "mydrive"

cryptsetup luksOpen /dev/sdbX mydrive

You will be asked to supply the passphrase. The name "mydrive" will be registered with the mapper, and will be available at /dev/mapper/mydrive.

Show information about an encrypted LUKS device

cryptsetup luksDump /dev/sdbX
cryptsetup -v status mydrive

Force every sector to be encrypted, and then format it with ext4

dd if=/dev/zero of=/dev/mapper/mydrive
mkfs.ext4 /dev/mapper/mydrive

Mount encrypted LUKS volume

mount /dev/mapper/mydrive /mnt

Unmount encrypted LUKS volume and secure it

umount /dev/mapper/mydrive
cryptsetup luksClose mydrive

Add subjectAltName (SAN) to home-made certs in OpenSSL.

These days, the Common Name (CN) is not the preferred way of matching certs to websites. Instead, the x509v3 option "Subject Alternative Name" is used. You can force this using the openssl.cfg file. From OpenSSL v1.1.1 you can add it directly on the command line instead. e.g.:

openssl req -new -subj "/C=US/CN=example.com" \
                  -addext "subjectAltName = DNS:www.example.com" \
		  -newkey rsa:4096 -keyout site.key -out site.req

Even if your CN is valid, some browsers (e.g. Chrome) can whinge with a ERR_CERT_COMMON_NAME_INVALID error, if there is no SAN.

Good description here.

Videographical Spells

Extract 40 seconds starting at 4:40 from biglongmovie.avi into clip.avi - recoding as xvid.

ffmpeg -ss 00:04:40 -t 40 -i biglongmovie.avi -sameq -isync -acodec copy -vcodec libxvid -vsync 0 clip.avi

On a mac, take a divx and convert to something iMovie likes

/Applications/ffmpegX.app/Contents/Resources/ffmpeg -i dixmovie.avi -sameq -vsync 0 happyimovie.mov

Convert divx to DVD style MPEG

mencoder -oac lavc -ovc lavc -of mpeg -mpegopts format=dvd -vf scale=720:576,harddup -srate 48000 -af lavcresample=48000 -lavcopts vcodec=mpeg2video:vrc_buf_size=1835:vrc_maxrate=9800:vbitrate=5000:keyint=15:aspect=16/9:acodec=ac3:abitrate=192 -ofps 25 -o dvd.mpg mymovie.avi

Create a DVD image from an MPG

dvdauthor -o dvdimage -x dvd.xml
Example xml files:

Burn a DVD image in Linux/un*x

chmod 500 AUDIO_TS VIDEO_TS; chmod 400 VIDEO_TS/*; growisofs -dvd-compat -Z /dev/scd0 -dvd-video .

Transcode a movie to a Roku-friendly MP4

ffmpeg -i my_divx_or_xvid_or_whatever.avi -vcodec libx264 -acodec libfaac -ac 2 -ar 44100 -ab 128k -b 1000k -vpre medium my_divx_or_xvid_or_whatever.mp4

Extract an MPEG2 from a DVD image quickly

mencoder dvd://1 -ovc copy -oac copy -of mpeg -o first-title-show.mpg

Perls of wisdom

Search and replace a regular expression in a bunch of files, keeping backups

perl -pi.bak -e 's/oldthing/newthing/g' *

Remedies for nuisance

Prevent tar from including "._" files on MacOS

Set COPYFILE_DISABLE=1 in the environment e.g.
COPYFILE_DISABLE=1 tar zcvpf myarchive.tar.gz files

Prevent the annoying "... can automatically configure your Mac" Device Enrollment pop-up from appearing on Big Sur

sudo touch /var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled

Do not be tempted to disable Signed System Volume (SSV) support!

Disable SIP (System Integrity Protection) on MacOS

Boot into recovery mode (hold down Cmd-R during boot)
Go to Utilities->Terminal
csrutil disabled
Reboot

Disable MacOS's obnoxious "The default interactive shell is now zsh." message

Add export BASH_SILENCE_DEPRECATION_WARNING=1 to $HOME/.bash_profile
Or install a much newer vesion of bash from homebrew: brew install bash

Shellmanship

Find all unique jpegs

Find all unique jpegs in your filesystem (from Seb).

find / -type f -iregex '.*jpe*g$' | xargs sha1sum | sort | uniq -w 40 | cut -d " " -f3

MacOS tar and resource files

Prevent tar from including resource files with "._" (dot underscore) prefixes when creating archives.

export COPYFILE_DISABLE=true

MacOS file resource magic

Extract an icon as a resource script

DeRez -only icns IconFiles.icns > Icon.rsrc

Add a custom icon, stored as a resource script, to an existing file

Rez -append Icon.rsrc -o MyApp.pkg
SetFile -a C MyApp.pkg

Hide a file extenstion

SetFile -a E MyApp.pkg

MacOS equivalent of strace

dtruss -d /path/to/executable/you/want/to/examine

Discworlde

Making Hybrid CDs/DVDs on a mac

This will build an ISO image that will appear as a Windows CD on Windows machines and a Mac CD on Macs. We assume the current directory contains all the files you want to burn. In this case the Windows autorun files are hidden from the Mac and the Mac files are hidden from Windows.

hdiutil makehybrid -iso -hfs -joliet -hide-hfs '{AutoRun.bmp,AutoRun.exe,AutoRun.inf,AutoRun.ini,Docs,Prerequisite,ReadMe,System32,System64,Tools}' -hfs-openfolder . -hide-joliet '{.DS_Store,.background,Applications,MyApp.app}' -hfs-volume-name 'My CD' -o ../NewDiskImage.iso .

Fix DiskUtility

Make DiskUtility stop lying and let you do what you want to do with your own partitions.

defaults write com.apple.DiskUtility DUDebugMenuEnabled 1

Debianicals

SysV service maintenance

update-rc.d -f SERVICENAME remove
update-rc.d SERVICENAME start 20 2 3 4 5 . stop 80 0 1 6 .
update-rc.d SERVICENAME defaults

Add missing key to APT to fix apt-get update

gpg --keyserver wwwkeys.eu.pgp.net --recv-keys XXXXXXXXXXXXXXXX
apt-key add /root/.gnupg/pubring.gpg
apt-get update

Spells of the 6th order

Add an address to an interface

ip a a fe80:ab7f:16d2:1::1 dev eth0

Add a /64 subnet to an interface

ip r a fe80:ab7f:16d2:1::/64 dev eth0
This is useful if you've been given a /48 from your ISP. In this (fictional) case, the block was fe80:ab7f:16d2::/48

<< Back

HTML5