Memory – To disable core dumps in the application code, regardless of the Linux distribution configuration

Confidential applications must prevent sensitive data from being written to disk when an application crashes. For some distributions (such as Ubuntu), daemons (apport, whoopsie) collect crash information and send data to the distribution provider (Cononical / Launchpad tracker). What measures can be taken in the application code to reduce this risk regardless of a particular distribution?

In particular, would it be sufficient to disable core dumps at the Linux kernel level so that the distribution (like Ubuntu) never gets core dumps?

struct rlimit limit;
limit.rlim_cur = 0;
limit.rlim_max = 0;
setrlimit(RLIMIT_CORE, &limit)

spfx – Add the same Web Part with different configuration multiple times on the same page

I have created an SPFX web part. So, if I add this web part more than once to the same page, the same data appears on both web parts, even if they have different properties. Configuring the properties pane for a Web Part will change both Web Parts because they have the same class for div and other controls.

How do we deal with this situation in SPFX?

NixOS: Set package configuration globally (for all packages)

Under NixOS I try to compile my system without Gnome.
For example, network-manager / openconnect has an withGnome option:

{ stdenv, fetchurl, openconnect, intltool, pkgconfig, networkmanager, libsecret
, withGnome ? true, gnome3, procps, kmod }:

I want to set that to false; but while I could do that with an overlay,
I'm not sure how to set Gnome to false all Packages that were created as part of the system.

In 6.1.1 of the nixos manual, the following is; However, it seems like overwriting a single package for the benefit of all dependent people instead of overwriting all packages with a single option.

The overrides shown above are not global. They do not affect the
Original packaging; Other packages in Nixpkgs continue to depend on the
Original and not the customized package. This means that if
Another package in your system depends on the original package, you
in the end with two instances of the package. If you want to have
Everything depends on your custom instance. You can apply a global instance
overwrite as follows:

Any help appreciated.

Azure Point 2 site RADIUS configuration is not working

I've looked at just about every article I can find. I'm trying to get NPS / Radius Server to authenticate against the Azure Point to Site VPN.

The NPS / Radius server is one of three VMS in our Azure subscription. The server is a 2019 datacenter box running ADDS, DNS, NPS / RADIUS. With an IP of 172.10.20.4

Main subnets of the virtual network:

Supernet: 172.10.0.0/16

AzureFirewallSubnet: 172.10.10.0/24

SVR: 172.10.20.0/24 (If all our cloud servers are running static IPs)

MerakiVMXSubnet: 172.10.50.0/24 (This subnet is for VMX100 VPN Concentrator.) Traffic on this subnet flows smoothly to our on-prem Meraki.)

GatewaySubnet: 172.10.0.0/24

Note: DNS in the virtual network is set to 172.10.20.4 and 172.10.20.5. These are the two AD DNS servers in the SVR subnet.

Virtual network gateway

Address pool: 192.168.100.0/22

Tunnel Type: IKEv2 and SSTP (SSL)

Radius (Enabled) ServerIP: 172.10.20.4

SharedSecret: Same goes for NPS and Azure

I hope I'm missing something simple. I have also attached a screenshot of the Radius server configuration. I also confirmed that the account I want to access is authorized to connect.

Enter image description here

design – Prevents the regression of settings when the configuration is bound to a build

I inherited a distributed application with a lot of legacy configuration management.

Currently, the application's settings are not updated with an application update. The process looks something like this:

  1. The application is being updated. The only settings that are defined are those with hard-coded default settings.
  2. A separate workflow transfers a configuration to correct the application status from a separately managed "gold" configuration.
  3. A user can manually change the settings in the application.
  4. A user may request that the workflow of FIG. 2 be re-executed with a setting change.

Since the application is running on the order of over 3000 instances, it is very prone to doing something manually. Therefore, we have another workflow that recognizes every setting that differs from the "gold" value.

To reduce the complexity, I suggested moving the "gold" configuration into the repo and evaluating it at creation.

I had some holes, but it feels like the right direction. In particular, other stakeholders fear that a hotfix will be subject to regression.

Powershell – SCCM Conformance Configuration Item

I have a configuration base on which to test deployment on a single machine. The script looks like this:

$sfcstr = findstr /c:"(SR) Verify complete" C:windowslogscbscbs.log
$sfclines = $sfcstr | Measure-Object -line

if($sfclines.lines -gt 0) {
    echo $true
} else {
    echo $false
}

I have set the settings on the CI to the value returned by the specified script equal to True.

I ran SFC / scannow on the computer. I can confirm that this script will execute locally after SFC returns true and previously False.

I ran the computer policy evaluation cycle and re-deployed the configuration baseline. I checked the version number, but it still reports an error.

Can someone help or suggest a better way to check if SFC / Scannow has been run?

Duplicate setup and configuration of Windows 10 on a different Windows 10 computer

I've set up my Windows 10 laptop with all the programs I want to install and all the required configurations. We have a new person who starts at work and needs exactly the same setup as me.

Is there a way to clone my setup to a virtual machine or simply copy all of these installed files and configurations to another Windows 10 laptop?

Is Docker a Possible Solution for Windows?