root access – How to fix the error Permission Denied due to wrong SELinux configuration of the Linux service?

I want to run a Linux service in Android.

I have a device whose shell is rooted (bought by the manufacturer as rooted).
This device does not have a Magisk or other Su manager, but the AdB shell is rooted.
The user debug ROM is installed on this device.

I've done the following for my INIT service:

  1. Creates a custom.rc file under / etc / init with the following content:
# /etc/init/custom.rc

# Define service, use here executable file, if no script is needed
service custom /system/bin/custom.sh

# do not start unless explicitly requested
disabled

# Run with an unrestricted SELinux context to avoid avc denials
# can also use "u: r: su: s0" for userdebug / eng builds if there is no magick
# It is required when SELinux performs the enforcement and the service needs access
# on some system resources that are not allowed by default
# seclabel u: r: magisk: s0
seclabel u: r: su: s0

# Start the service when the boot process is complete
on property: sys.boot_completed = 1
Start custom
  1. Creates a custom.sh file under / system / bin / with the following content:
#! / system / bin / sh

# execute the binary file, should run in the foreground, otherwise loop
echo "$ (date): program is started ..."
exec / system / bin / executable
  1. Place my executable under / system / bin / executable.
  2. Give all files the following permissions:
# Assigned rights to the executable file
chown 0.0 / system / bin / executable
chmod 554 / system / bin / executable
chcon u: object_r: system_file: s0 / system / bin / executable

# Rights granted to the custom.sh
chown 0.0 /system/bin/custom.sh
chmod 554 /system/bin/custom.sh
chcon u: object_r: system_file: s0 /system/bin/custom.sh

# Rights granted to the custom.rc
chown 0.0 /etc/init/custom.rc
chmod 644 /etc/init/custom.rc
chcon u: object_r: system_file: s0 /etc/init/custom.rc
  1. Restart the system.

I got the following error:

[   55.829099 / 06-09 23:51:09.279][0]    init: can not be executed (& # 39; / system / bin / custom.sh & # 39;): permission denied
[   55.850172 / 06-09 23:51:09.309][6]    init: service & # 39; custom & # 39; (pid 7729)
[   55.850224 / 06-09 23:51:09.309][6]    init: The service & # 39; custom & # 39; (pid 7729) ended with status 127
[   55.850243 / 06-09 23:51:09.309][6]    init: sends the signal 9 to the process group & # 39; custom & # 39; (pid 7729) ...
[   60.830224 / 06-09 23:51:14.289][6]    init: service & # 39; custom & # 39; start ...
[   60.832073 / 06-09 23:51:14.289][1]    init: can not be executed (& # 39; / system / bin / custom.sh & # 39;): permission denied
[   60.832153 / 06-09 23:51:14.289][3]    audit: type = 1400 audit (1560142274.289: 131): avc: denied {transition} for pid = 8035 comm = "init" path = "/ system / bin / custom.sh" dev = "sda24" ino = 8146 scontext = u : r: init: s0 tcontext = u: r: su: s0 tclass = process permissive = 0

I have very little experience with SELinux policies. Please guide me how to fix this. I will be very grateful.

Regards.
Vatican Sharma

Configuration – Vypr VPN stops working in 18.10

I tried to find a solution online, but so far no one has appeared. Therefore, I ask here: I have a paid VPN connection with VYPR-VPN. After the update to 18.10 I notice a strange situation:

  • The new Network Manager widget opens a terminal-based program to configure my connections, but there is no VPN option (or is "VLAN" what I need, if so, does it seem to be quite complicated?).
  • In Settings (Main Menu), I find a network connection app that actually works as intended (as in the previous versions of Lubuntu), but whatever I put in there seems to have no effect on the network widget on the taskbar, and these connections are offered to me nowhere.

Since I pay for my VPN service, I would very much like to BENEKE it. Does anyone have any idea how to configure my VPN without having to do my PhD in Linux system administration? Does it work better in 19.XX? Thank you in advance!

python – bioinformatics tools configuration analysis and verification utility

I've been working on my first Python library, which offers several utilities for a number of bioinformatics tools. I'm looking for feedback on this module I created for the analysis configurations needed for each tool run.

To extend the context a bit, users in a text box are prompted to edit the default parameters used to run a tool. This displays a list of various allowed values ​​that each option can accept.

config.py

# - * - Coding: utf-8 - * -
"" "
toolhelper.config
~~~~~~~~~~~~~~~~~~

This module provides the required functionality
to parse and verify user-entered configuration files.
"" "
Import sys
import logging

PY2 = sys.version_info[0] == 2
if PY2:
Import ConfigParser
otherwise:
Import configparser as ConfigParser


Class Config (object):
"" This class implements the parsing and validation of configuration files.

methods:
...

attributes:
...
"" "
def __init __ (self, default,
value_map,
Filename
sections
numericals = None,
allow_no_val = false):
self.defaults = default settings
self.value_map = value_map
self.filename = filename
self.sections = sections
self.numericals = numericals
self.settings = self._parse ()
self.allow_no_val = allow_no_val

def _parse (self):
"" Creates a dictation from custom configuration settings.

Returns:
Dictionary of configuration settings to be used for a tool run.
"" "
config = ConfigParser.ConfigParser (allow_no_value = self.allow_no_val)
cfg = config.read (self.filename)

if not cfg:
msg = & # 39; configuration file unreadable: default parameters are used. & # 39;
logging.error (msg)
return self.defaults

settings = {}
# Go through the standard keys to look up each option
for the option in self.defaults:
To attempt:
input_val = _get_config_value (config, self.sections, option)
numeric = option in self.numericals.keys ()
# Some of the tools allow cases from which the user can choose
# many possible unlisted values ​​for a particular option. This is required
# if the option is not set to value_map
in_value_map = option in self.value_map.keys ()
in_defaults = option in self.defaults.keys ()
# You may want to make this behavior more explicit.
if in_defaults and in_value_map and not numerically:
value = input_val
msg = & # 39; checks the value for the option: {} in a given tool. & # 39 ;. format (option)
logging.debug (msg)
otherwise:
value = self._value_map_lookup (option, input_val, num = numerical)
excluded (InvalidValueError, InvalidOptionError):
msg = (& # 39; Invalid or missing entry for {}. Used by default: & # 39;
& # 39; {} & # 39 ;.. Format (option, self.defaults[option]))
logging.error (msg)
the settings[option] = self.default[option]
            otherwise:
logging.debug (& # 39; parameter% s =% s is valid. & # 39 ;, option, value)
the settings[option] = Value

Return settings


def _value_map_lookup (self, option, value, num = false):
Retrieve the value that corresponds to the value argument in value_map.

arguments:
value: A key to look up in the value_map dict.
numeric: dictionary of numerical entries and their ranges.

Returns:
A value from value_map that is appropriate for the tool
Logic. value_map is an association of user-entered values ​​with values
which are needed by the tool.

value_map[option][value], or float (value) if num = True and the
value is not in value_map.

throws:
InvalidValueError: Value was not found in the value_map dictionary. The given
Value is invalid

"" "
if value in self.value_map[option].Key():
Return self.value_map[option][value]
        
        
        
        elif number:
To attempt:
float_val = float (value)
_check_range (float_val, self.numericals[option][0], self.numericals[option][1])
except ValueError:
Increase InvalidValueError
otherwise:
Return float_val
otherwise:
Increase InvalidValueError


def_get_config_value (config, sections, option):
"" "Gets the value of ConfigParser

A wrapper at ConfigParser.get (). This function checks
that the config before calling the specified section / option has
config.get (). If the config does not have the option on
InvalidOptionError is raised.

arguments:
config: A RawConfigParser instance.
Sections: List of configuration sections to be checked.
Option: The parameter name to look up in the configuration.

Returns:
Parameter value for corresponding section and option.

throws:
InvalidOptionError: The specified option argument is missing in the configuration.
"" "
for sections in sections:
if config.has_option (section, option):
return & # 39; & # 39; .join (config.get (section, option) .split ()). lower ()
Increase InvalidOptionError


def_check_range (value, lower, upper):
"" "Check if the lower <value <is the upper or the lower one < value if upper is 'inf'
    Args:
        value: A number whose range is to be checked against the given range
        lower: The lower limit on the range
        upper: The upper limit on the range

    Raises:
        InvalidValueError: value not in range
    """
    if upper == 'inf':
        if value >= lower:
return
elif lower <= value <= upper:
return
Increase ValueError

Class InvalidValueError (Exception):
"" Exception class for invalid values

Exception in case the user enters a value that
is not a valid option. This exception is thrown when
User entered value in not in valid_options[key],
"" "

Class InvalidOptionError (Exception):
"" Exception class for invalid options

Exception in case the user indicates an unexpected or missing result
Possibility. This exception is thrown to process user-entered options
that does not belong in the config or needed options are
is missing.
"" "

A configuration object is instantiated with:

  1. A dictionary that represents the default configuration parameters of a tool
# Default configuration values ​​for this tool. Corresponds to Default_Parameters.txt.
# When adding keys and values ​​to this dictionary, pay attention to lowercase letters and
# the values ​​match the values ​​in the VALUE_MAP dictation.
DEFAULTS = {
& # 39; counting method & # 39 ;: & # 39; templates & # 39 ;, & # 39;
& # 39; only productive & # 39 ;: true,
& # 39; only solved & # 39 ;: True,
& # 39; vj resolution & # 39 ;: & # 39;
& # 39; correction & # 39;: & # 39; BY & # 39;
"alpha": 0.05,
}
  1. A value mapping dictionary that contains the allowed values ​​for each configuration option, with each value assigned to what the internal execution tool needs.
# A nested dictation in which the outer dictionary keys are all nested and all options nested
# dictionary assigns acceptable user-entered values ​​to the corresponding values
# is needed internally for the tool.
# When adding entries, make sure that all strings are in lower case and without spaces.
# Note that this dictionary does not consider numeric entries
VALUE_MAP = {
'Couting method': {
& # 39; templates & # 39; templates & # 39; templates & # 39 ;, templates & # 39;
& # 39; rearrangement & # 39;: & gt; rearrangement & # 39;
},
& # 39; only productive & # 39 ;: {
& # 39; true & # 39;: productive & # 39 ;,
& # 39; wrong & # 39;: & quot; unproductive & # 39;
},
& # 39; only solved & # 39 ;: {
& # 39; true, true,
& # 39; wrong & # 39 ;: wrong
},
& # 39; vj resolution & # 39 ;: {
& # 39; gene & # 39 ;, gene & # 39;
"Family": "Family",
& # 39; allele & # 39 ;: & # 39; allele & # 39;
},
& # 39; correction & # 39 ;: {
& # 39; BH: & # 39; BH & # 39 ;, & # 39; BH & # 39;
"bonferroni": "bonferroni",
& # 39; by & # 39 ;: & # 39; BY & # 39;
& # 39; fdr & # 39; fdr & # 39 ;, & # 39; fdr & # 39;
# None: none
}
}
  1. The file name of the file containing the user configuration for a particular tool run.

  2. The sections in the configuration.

SECTIONS = ['union', 'significance']
  1. Dictionary of configuration options that can take a numeric value within a specific range.
# Configuration settings that may be numeric
# Keys: numerical options; Values: tuples that embed the accepted range.
NUMERICALS = {
& # 39; alpha & # 39 ;: (0, 1)
}

A tool then creates a configuration instance and retrieves the parsed and validation settings from the config.settings attribute.

                configuration = config.Config (settings.OUTPUT_DIR,
settings.DEFAULTS,
settings.VALUE_MAP,
settings.CONFIG_FILE,
settings.SECTIONS,
settings.NUMERICALS)

parameters = configuration.settings

Each tool initially had its own configuration check method with nested try-except blocks that tested each configuration option, and it was a total mess. I've spent a lot of time thinking about how best to visualize and validate the configuration data, hopefully to minimize the complexity of the code in each tool.

nginx serves a wrong domain site. If no configuration is applied, the default Web site will not be displayed

I have 3 domains that point to my server and run atlissan Confluence and Jira applications.

For some reason my nginx is behaving strangely.

I did not touch the default Nginx configuration. When I visit test.doamin.com, nginx shows me the standard nginx page.

I have a configuration for Jira that is enabled on sites-enabled:

Server {
list jira.domain.com:443 ssl;
Server name jira.domain.com;
server_tokens off;
Location / {
proxy_set_header host $ server name;
proxy_set_header X-Real-IP $ remote_addr;
proxy_set_header X-Forewarded-For $ proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $ -Schema;
proxy_set_header Authorization "";
proxy_pass http://127.0.0.1:8080; #Jira Port
}

# Certbot SSL settings
#htaccess settings
}

Server {
if ($ host = jira.domain.com) {
Return 301 https: // $ host $ request_uri;
}
listen to jira.domain.com:80;
Server name jira.domain.com;
return 404;
}

Well, when I visit jira.domain.comI get served Jira.

These are my only two configurations. The point is that Jira is served to me, even if I visit from there confluence.domain.com, If I change the port in the proxy pass to the Confluence port, Confluence is served. Why does Nginx increase when I come from confluence.domain.com? Even Jira tells me that I come from confluence.domain.com.

All domain entries are A entries to the IP of the server

Basic static MPLS configuration for Cisco 3725 in GNS3

I need to forward an MPLS packet from Router 1 to Router 2 (see screenshot below). The summary of the links is:
Cloud-1 <--> R1 <--> R2 <--> Cloud-2. I tried basic static configuration for both R1 interfaces and static label label binding too. I've also added routes for R1 (I'm just trying to see R1 on R1 if it's able to forward it to R2). Cloud-1 and Cloud-2 are virtual interfaces to a hardware device installed on the same server running GNS3. It sends and receives MPLS-tagged packets and I've checked that it works (i.e., it routes MPLS packets to R1), and I can capture packets between Cloud-1 and R1 and see how the packet from Cloud -1 is sent to R2. These virtual interfaces work like PE routers because they label packets.

scenario

This is the configuration for R1:

activate
Configure terminal
mpls ip
no mpls ldp promotional labels
Interface FastEthernet0 / 1
IP address 192.168.1.1 255.255.255.0
mpls ip
no shutdown
The End
Configure terminal
mpls ip
no mpls ldp promotional labels
Interface FastEthernet0 / 0
IP address 192.168.0.2 255.255.255.0
mpls ip
no shutdown
The End
Configure terminal
no mpls ldp promotional labels
mpls label range 10001 1048575 static 16 10000
mpls static binding ipv4 10.0.1.0 255.255.255.0 2222
mpls static binding ipv4 10.0.2.0 255.255.255.0 1001
MPLs static binding IPV4 10.0.1.0 255.255.255.0 Issue 192.168.0.1 3333
MPLs static binding IPV4 10.0.2.0 255.255.255.0 Issue 192.168.1.2 2002
ip route 10.0.1.0 255.255.255.0 FastEthernet0 / 0
ip route 10.0.2.0 255.255.255.0 FastEthernet0 / 1
The End

The package that R1 receives from Cloud-1 has 10.0.1.1 as the source IP and 10.0.2.1 (a host that is in the direction of Cloud 2). MPLS label is 1001 in this package.

No packet will be forwarded to R2.

This is the output of some relevant commands. Note that there is no entry in LFIB, and I'm not sure why, as most manuals on the Cisco Web sites and tutorials provide, there are entries in the MPLS routing table related to the static bindings I've made should.

R1 # shows the area of ​​the MPLs label
Downstream Generic Label Region: Min / Max Label: 10001/1048575
Static label area: Min / Max number: 16/10000
R1 # show mpls static binding ipv4
10.0.1.0/24: Incoming label: 2222
Outgoing labels:
192.168.0.1 3333
10.0.2.0/24: Incoming label: 1001
Outgoing labels:
192.168.1.2 2002
R1 # show mpls forwarding-table
Local outbound prefix byte tag Outgoing next hop
Day Tag or VC or Tunnel Id Switched Interface
R1 #

The packet sent to R1 looks like this (the destination MAC address is indeed the Fa0 / 0 MAC address of R1, if that could be a reason for dropping packets, as I suspected):

###[ Ethernet ]###
dst = c2: 02: 72: 6b: 00: 00
src = da: a5: a2: dd: 5c: 8b
Type = 0x8847
###[ MPLS ]###
label = 1001L
exp = 0L
bos = 1 l
ttl = 254
###[ IP ]###
version = 4L
Ihl = 5L
tos = 0x0
len = 20
id = 1
flags =
frag = 0L
ttl = 64
proto = hopopt
chksum = 0x63e8
src = 10.0.1.1
dst = 10.0.2.1
 Options 

Every help is appreciated.

Network – Netplan configuration is not working

I switched from Ubuntu 16 to 18.04, and now my internet connection is down. Problem seems to be that 18.04 is used netplan and it was not configured properly.

The file / etc / network / interfaces Contains only the loopback device:

car lo
iface lo inet loopback

All other entries are commented out (probably by an installation script).

The directory / etc / netplan / was empty. I have a 01-netcfg.yaml with the following content:

Network:
Version 2
Renderer: networkd
Ethernet:
eth0:
dhcp4: yes
DHCP6: No
# addresses: []
      gateway4: xxx.xx.xx.xxx
Name Server:
addresses: [xxx.xx.xx.xx, xxx.xx.xx.xx]
        addresses: [8.8.8.8, 8.8.4.4]

The command Apply sudo netplan - debug reveals the following interesting lines:

NetworkManager: Definition eth0 is not for us (backend 1)
DEBUG: eth0 not found in {}

When looking for solutions I have found that most people do not use eth0 in their yaml definition, but something like that enp2s0, Howerver, the command ifconfig shows only the two interfaces, eth0 and lo, The same with Show IP address,

Any ideas?

configuration – Ansible replace all values ​​with the appropriate variable name

I'm new to Ansible and could be wrong in that respect, but that's the only way I can handle this problem.

I have an INI file that is 4000 sometime long entries. In trying to do the configuration as code, I've extracted the values ​​of each entry into a variable file in the format of sectionheader - keyname: original value and replaced it with a token pattern and the name of the variable that now contains its value.

I know that Ansible can do Regex substitutions, but I have not yet found a way to do so dynamically.

Original file:

[sectionheader1]







Keyname1 = value1

[sectionheader2]

Keyname1 = value2

File with token replacements that can now be stored and deployed in the source:

[sectionheader1]







Keyname1 =%

[sectionheader2]







Keyname1 =%

Variables:

Test environment:
sectionheader1 - keyname1: value1
sectionheader2 - keyname1: value2
Vorumgebung:
sectionheader1 - keyname1: value1 (specific to prod)
sectionheader2 - keyname1: value2 (specific to prod)

And then the idea is, I would replace any occurrence of the token pattern % <> So that I can find a suitable variable name for and a viola, I have created my configuration file especially for the environment in which I work. And now I can check if I have some time left % <> Pattern, I know that not all variables have been defined, and can trigger an error. Octopus Deploy handles replacing variables in configuration files in the way that I have the most experience with.

Does Ansible have a way to do this? I could write a script to do it, I suppose and just called Ansible, but I hoped in a built-in way of replacing configuration variables with code.

Configuration Management – Organization of the configuration for use with a module

I recently learned about adding one config / optional Directory for a module to provide configuration items that will be imported when the module is activated if there are no conflicts.

Is there an easier way to get the configuration to use in this way than to select it from the configuration directory of a site? For example, if I wanted a module to contain the configuration for a menu, a content type, and so on, is there a convenient way to get all the configurations related to those elements?