bashrc | bashrc | Configuration Management library
kandi X-RAY | bashrc Summary
kandi X-RAY | bashrc Summary
bashrc
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of bashrc
bashrc Key Features
bashrc Examples and Code Snippets
Community Discussions
Trending Discussions on bashrc
QUESTION
I am developing a simple blog engine in go using only the standard libraries (and the mysql driver 😁)
For the admin I am using Basic HTTP Auth
...ANSWER
Answered 2022-Apr-15 at 12:50When it comes down to storing credentials on a server or other runtime environment, you are somehow between the devil and the deep blue sea. There is no real good solution which is likewise usable.
Start asking yourself, what your threat model is.
- A: Secrets being persisted in version control, shared with others, or even worse, made public on GitHub etc.
- B: Secrets being exposed to unprivileged co-users of the runtime environment
- C: Secrets being exposed to privileged users of the runtime environment (including an attacker who compromised the system and was able to get privileged user rights).
Based on the threats defined, you can start assessing potential solutions to store and inject secrets. This will of course depend on your environment (e.g. OS, cloud provider, Kubernetes/Docker, etc.). In the following I will assume Linux as OS.
Pass in as parameter:
Would mitigate threat A, but not B and C. Command line arguments can be revealed even by unprivileged users e.g. by ps -eo args
Store in config file: Would mitigate threat B, given that file permissions are set correctly. With regard to A, there is still a risk that the config file is unintendedly added to the version control. Does not mitigate threat C.
If you would use e.g. json format for the config file, this could be implemented easily with the Golang standard lib.
Store in environment variables:
Would mitigate threats A and B, but not C. Privileged users can access the environment variables via /proc//environ. Also the question remains how you will set the environment variables in the runtime environment. If you are using a CI/CD pipeline to deploy your service, this pipeline could be used to inject the environment variables during deployment. Usually, the CI/CD engine come with some kind of variable store for secrets.
Drawback of this approach is that the environment variables will be ephemeral, so after a reboot of the runtime environment you would need to redeploy via the CI/CD pipeline or you need to ensure persistence of the secrets in the runtime environment, e.g. in a startup script.
Environment variables can be read easily with os.Getenv() or os.LookupEnv() from the standard lib.
Enter manually on start time: Would mitigate A and B, but privileged users would still be able to read the secrets from memory. Upon reboot of the runtime environment, the service will not be available until an operator enters the secrets manually. So this approach would probably be considered as impractical in many use cases.
Further considerations:
Storing secrets in a database as suggested by brianmac shifts the question to "Where to store my db credentials?"
Combining secret encryption with any of the solutions described above will require that the decryption key is made available to the service in the runtime environment. So you either need a TPM-based solution or you are faced with the question, where to store this key.
"Secrets as a Service" solutions like Hashicorp Vault, Azure Key Vault, AWS Secrets Manager etc. will probably be oversized in your scenarion. They provide centralized storage and management of secrets. Applications/services can retrieve secrets from this solution via a defined API.
This, however, requires authentication and authorization of the service requesting a secret. So we are back at the question how to store another secret for the service in there runtime environment.
Cloud providers try to overcome this by assigning the runtime environment an identity and authorizing this identity to access other cloud resources including the "Secret as a Service" solution. Usually only the designated runtime environment will be able to retrieve the credentials of the identity. However, nothing can prevent an privileged user who has access the runtime environment from using the identity to access the secrets.
Bottom line is that it is hard to impossible to store secrets in a way that a privileged user or someone who compromised the system will not be able to get access.
If you accept this as the residual risk, storing the secrets in environment variables is a good approach as it can avoid persisting secrets. It is also platform agnostic and thus can be used with any runtime environment, cloud provider etc. It can also be supported by a variety of automation and deployment tools.
QUESTION
I'm trying to run a Jupyter notebook on Ubuntu 21.10. I've installed python, jupyter notebook, and all the various prerequisites. I added export PATH=$PATH:~/.local/bin to my bashrc so that the command jupyter notebook would be operational from the terminal.
When I call jupyter notebook from the terminal, I get the following error message from my browser:
ANSWER
Answered 2022-Apr-01 at 17:04I had the same problem.
Ubuntu 20.04.3 LTS Chromium Version 96.0.4664.110
This was the solution in my case:
Create the configuration file with this command:
QUESTION
Using bash interactive terminal, the output of quote a is 'a' as expected. But quote doesn't work using bash -c 'quote a' or in a shell script, giving the error bash: line 1: quote: command not found. quote isn't an executable, and I failed to find quote in the bash builtins reference, so where does this command come from?
bashrc:
...ANSWER
Answered 2022-Mar-28 at 15:03quote is a helper function in /usr/share/bash-completion/bash_completion:
QUESTION
I made an .sh script with the following code
ANSWER
Answered 2022-Mar-27 at 10:01suggesting to add environment context to your script.
QUESTION
When using wsl (windows subsystem for linux) I often want to change directory to a windows directory. wslpath takes a windows directory like C:\Windows and converts it to the wsl version /mnt/c/Windows. With a bit of quoting a construct like this works well (although I suspect there are edge cases):
...ANSWER
Answered 2022-Mar-13 at 11:17The single quotes prevent variable expansion, so '$1' produces the literal string $1.
The command substitution is a command boundary, so you can say
QUESTION
I was recently trying to create a docker container and connect it with my SQLDeveloper but I started facing some strange issues. I downloaded the docker image using below pull request:
...ANSWER
Answered 2021-Sep-19 at 21:17There are two issues here:
- Oracle Database is not supported on ARM processors, only Intel. See here: https://github.com/oracle/docker-images/issues/1814
- Oracle Database Docker images are only supported with Oracle Linux 7 or Red Hat Enterprise Linux 7 as the host OS. See here: https://github.com/oracle/docker-images/tree/main/OracleDatabase/SingleInstance
Oracle Database ... is supported for Oracle Linux 7 and Red Hat Enterprise Linux (RHEL) 7. For more details please see My Oracle Support note: Oracle Support for Database Running on Docker (Doc ID 2216342.1)
The referenced My Oracle Support Doc ID goes on to say that the database binaries in their Docker image are built specifically for Oracle Linux hosts, and will also work on Red Hat. That's it.
Linux being what it is (flexible), lots of people have gotten the images to run on other flavors like Ubuntu with a bit of creativity, but only on x86 processors and even then the results are not guaranteed by Oracle: you won't be able to get support or practical advice when (and it's always when, not if in IT) things don't work as expected. You might not even be able to tell when things aren't working as they should. This is a case where creativity is not particularly rewarded; if you want it to work and get meaningful help, my advice is to use the supported hardware architecture and operating system version. Anything else is a complete gamble.
QUESTION
I am trying to install conda on EMR and below is my bootstrap script, it looks like conda is getting installed but it is not getting added to environment variable. When I manually update the $PATH variable on EMR master node, it can identify conda. I want to use conda on Zeppelin.
I also tried adding condig into configuration like below while launching my EMR instance however I still get the below mentioned error.
...ANSWER
Answered 2022-Feb-05 at 00:17I got the conda working by modifying the script as below, emr python versions were colliding with the conda version.:
QUESTION
JupyterHub has various authentication methods, and the one I am using is the PAMAuthenticator, which basically means you log into the JupyterHub with your Linux userid and password.
However, environment variables that I create, like this (or for that matter in those set in my .bashrc), before running JupyterHub, do not get set within the user's JupyterLab session. As you can see they're available in the console, with or without the pipenv, and within python itself via os.getenv().
However in JupyterHub's spawned JupyterLab for my user (me):
This environment variable myname is not available even if I export it in a bash session from within JupyterLab as follows:
Now the documentation says I can customize user environments using a Docker container for each user, but this seems unnecessarily heavyweight. Is there an easier way of doing this?
If not, what is the easiest way to do this via Docker?
...ANSWER
Answered 2022-Jan-20 at 07:39In the jupyterhub_config.py file, you may want to add the environment variables which you need using the c.Spawner.env_keep variable
QUESTION
I have written a github workflow file. I want to run a python program in github actions to validate few changes. I have one environment.yml file which contains all conda environment dependencies required by this program. The thing is, actual program is not running at all, and my workflow is completed with success.
Following is jobs section of workflow.yml file
ANSWER
Answered 2021-Sep-26 at 16:38Your CI script contains the line:
QUESTION
My objective is to write a CLI in Typescript/node.js, that uses --experimental-specifier-resolution=node, written in yargs with support for autocompletion.
To make this work, I use this entry.sh file, thanks to this helpful SO anwswer (and the bin: {eddy: "./entry.sh"} options in package.json points to this file)
ANSWER
Answered 2021-Dec-30 at 11:05You can try specifying the scriptName in your entry.js file to the name of your wrapper script. This may force generation of completion name using it. I haven't tried it but looking at the source code of yargs, it looks like the $0 parameter can be altered using scriptName, which in turn will affect how the completion-generation function generate the completion code:
In yargs-factor.ts:
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install bashrc
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page
