Re: [CentOS] Is shellcheck safe?
This is purely a Bkav Pro issue. I don't know what it's looking for, but it's clearly not accurate enough. All the search hits I get about VEX.Webshell are questions about why this single and rather unknown scanner is identifying it in a wide variety of files. On Wed, Jan 19, 2022 at 6:31 PM Thomas Stephen Lee wrote: > Thanks a lot for the clarification. > By the way, is this a Haskell bug? > > Thanks > > --- > Lee > > On Thu, Jan 20, 2022 at 5:07 AM Vidar Holen via CentOS > wrote: > > > > Hi, ShellCheck author here. > > > > Regarding the scanner "Bkav Pro" detecting "VEX.Webshell" according to > > VirusTotal.com, this is a false positive that seems to trigger on every > > Haskell binary including a simple "Hello World". It further appears to > > trigger on a number of unrelated repositories. See internal issue > > https://github.com/koalaman/shellcheck/issues/2432 > > > > The Bkav Corporation does not appear to have a false positive submission > > process that I could find using Google Translate on bkav.com.vn, but I > > emailed a general product contact address about it. Hopefully they'll > make > > the check more accurate in the future. > > > > Regards, > > Vidar Holen > > > > (Sorry about the bad reply-to, I wasn't on the list when the discussion > > started) > > ___ > > CentOS mailing list > > CentOS@centos.org > > https://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is shellcheck safe?
Thanks a lot for the clarification. By the way, is this a Haskell bug? Thanks --- Lee On Thu, Jan 20, 2022 at 5:07 AM Vidar Holen via CentOS wrote: > > Hi, ShellCheck author here. > > Regarding the scanner "Bkav Pro" detecting "VEX.Webshell" according to > VirusTotal.com, this is a false positive that seems to trigger on every > Haskell binary including a simple "Hello World". It further appears to > trigger on a number of unrelated repositories. See internal issue > https://github.com/koalaman/shellcheck/issues/2432 > > The Bkav Corporation does not appear to have a false positive submission > process that I could find using Google Translate on bkav.com.vn, but I > emailed a general product contact address about it. Hopefully they'll make > the check more accurate in the future. > > Regards, > Vidar Holen > > (Sorry about the bad reply-to, I wasn't on the list when the discussion > started) > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is shellcheck safe?
Hi, ShellCheck author here. Regarding the scanner "Bkav Pro" detecting "VEX.Webshell" according to VirusTotal.com, this is a false positive that seems to trigger on every Haskell binary including a simple "Hello World". It further appears to trigger on a number of unrelated repositories. See internal issue https://github.com/koalaman/shellcheck/issues/2432 The Bkav Corporation does not appear to have a false positive submission process that I could find using Google Translate on bkav.com.vn, but I emailed a general product contact address about it. Hopefully they'll make the check more accurate in the future. Regards, Vidar Holen (Sorry about the bad reply-to, I wasn't on the list when the discussion started) ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Ping as regular user not allowed (CentOS Stream 8)
Am 19.01.22 um 15:44 schrieb Brian Stinson: On Wed, Jan 19, 2022 at 8:33 AM Toralf Lund wrote: Following some update or the other (I think) on my CentOS Stream 8 system, I'm no longer able to use ping as a regular user; I get $ ping www.centos.org ping: socket: Operation not permitted Does anyone else see this? It it a bug, or were the system/default permissions deliberately changed? Can anyone suggest a fix/workaround? Actually, I can find several different ones via a simple web search, but they are generally related to other distributions, I'm not quite sure which would be the most appropriate for CentOS... I also noticed this "change". Folks interested in this issue can watch this bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2037807 We're waiting for systemd-239-55.el8 sources to show up after which we will build this and publish to CentOS Stream. Right now this appears to be an infrastructure issue and the appropriate folks are working on that, but we also want this package to pass the proper checks before we build. Is this a regression of the last systemd update? -- Leon ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Qemu - enabling "bridge mode" for primary physical interface for VMs
Thank you Chris Adams for excellent information! It worked, see below. On Tuesday, December 7, 2021 8:25:37 PM PST Chris Adams wrote: > Once upon a time, Lists said: > > I understand that it's possible to allow the 4 VM guest systems to each > > have a "direct" fixed IP address and access the addresses \via the host > > network adapter, while the host retains its fixed IP. > > If you are running NetworkManager (the default), it's not too hard. > Here's an example step-by-step for changing an existing interface "em1" to > be a bridge "br0": > > > # Create a bridge interface > nmcli con add type bridge ifname br0 bridge.stp no > > # Copy all the IPv4/IPv6 config from an existing interface > nmcli con mod bridge-br0 $(nmcli -f > ipv4.method,ipv4.addresses,ipv4.gateway,ipv6.method,ipv6.addresses,ipv6.gat > eway con show em1 | grep -v -- -- | sed 's/: */ /') # -or- just set an IPv4 > address/gateway to known values > nmcli con mod bridge-br0 ipv4.method manual ipv4.address 10.1.1.2/24 > ipv4.gateway 10.1.1.1 ipv6.method ignore > > # Make a connection for the physical ethernet em1 to be part of the bridge > nmcli con add type ethernet ifname em1 master bridge-br0 > > # Switch from the "regular" em1 to the bridge > nmcli con down em1; nmcli con up bridge-br0; nmcli con up bridge-slave-em1 > > # Disable the original config > nmcli con mod em1 autoconnect 0 > > > Then you set your VMs to use the bridge - in the libvirt XML for > example, you'd have something like: > > > > > >function='0x0'/> > > > Inside the VM, configure the interface just as if it was a physical system > on that subnet. I just wanted to say that this worked, exactly as shown, and after trying it once on development hardward, I tried it on a production server and it also worked with minimal hassle. I ran into an oddity because the software image of the production server was from a disk image, not a fresh install and I had to wrestle with some "Network Adapters" that no longer really existed. My advice to anybody trying this would be to go into Network Manager and ensure the following before starting: 1) Set up the server to manual IP addresses, not DHCP. 2) Remove all duplicitous or inactive network adapters and interfaces. 3) Make sure that in nmtui, that all editable connection(s) also show in the interface that lets you activate them. 4) Make sure you are not dependent on the network adapter you are trying to use to contact the server! In my case I ended up falling back to IPMI. Minor issue because I had it available, could have been far worse if I hadn't. ... and then do the above. Ben S signature.asc Description: This is a digitally signed message part. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS-docs] [centos/centos.org] branch master updated (1633ecd -> d87760a)
This is an automated email from the git hooks/post-receive script. rbowen pushed a change to branch master in repository centos/centos.org. from 1633ecd Update BoD members add d87760a Fix Automotive SIG record No new revisions were added by this update. Summary of changes: community/calendar.md | 32 +++-- community/irc-meetings.ical | 108 ++-- 2 files changed, 71 insertions(+), 69 deletions(-) -- To stop receiving notification emails like this one, please contact the administrator of this repository. ___ CentOS-docs mailing list CentOS-docs@centos.org https://lists.centos.org/mailman/listinfo/centos-docs
[CentOS-docs] [centos/centos.org] branch master updated (a008137 -> 1633ecd)
This is an automated email from the git hooks/post-receive script. rbowen pushed a change to branch master in repository centos/centos.org. from a008137 Simple note about new cloud user for Stream 9 AMI images add 1633ecd Update BoD members No new revisions were added by this update. Summary of changes: about/governance.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) -- To stop receiving notification emails like this one, please contact the administrator of this repository. ___ CentOS-docs mailing list CentOS-docs@centos.org https://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS] Ping as regular user not allowed (CentOS Stream 8)
On Wed, Jan 19, 2022 at 8:33 AM Toralf Lund wrote: > > Following some update or the other (I think) on my CentOS Stream 8 > system, I'm no longer able to use ping as a regular user; I get > > $ ping www.centos.org > ping: socket: Operation not permitted > > Does anyone else see this? It it a bug, or were the system/default > permissions deliberately changed? Can anyone suggest a fix/workaround? > Actually, I can find several different ones via a simple web search, but > they are generally related to other distributions, I'm not quite sure > which would be the most appropriate for CentOS... > > Thanks. > > - Toralf > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > Folks interested in this issue can watch this bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2037807 We're waiting for systemd-239-55.el8 sources to show up after which we will build this and publish to CentOS Stream. Right now this appears to be an infrastructure issue and the appropriate folks are working on that, but we also want this package to pass the proper checks before we build. --Brian ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Ping as regular user not allowed (CentOS Stream 8)
Following some update or the other (I think) on my CentOS Stream 8 system, I'm no longer able to use ping as a regular user; I get $ ping www.centos.org ping: socket: Operation not permitted Does anyone else see this? It it a bug, or were the system/default permissions deliberately changed? Can anyone suggest a fix/workaround? Actually, I can find several different ones via a simple web search, but they are generally related to other distributions, I'm not quite sure which would be the most appropriate for CentOS... Thanks. - Toralf ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS-announce Digest, Vol 201, Issue 2
Send CentOS-announce mailing list submissions to centos-annou...@centos.org To subscribe or unsubscribe via the World Wide Web, visit https://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-requ...@centos.org You can reach the person managing the list at centos-announce-ow...@centos.org When replying, please edit your Subject line so it is more specific than "Re: Contents of CentOS-announce digest..." Today's Topics: 1. CESA-2022:0124 Important CentOS 7 firefox Security Update (Johnny Hughes) 2. CESA-2022:0127 Important CentOS 7 thunderbird Security Update (Johnny Hughes) 3. CEBA-2022:0068 CentOS 7 python-virtualenv BugFix Update (Johnny Hughes) 4. CEBA-2022:0069 CentOS 7 rear BugFix Update (Johnny Hughes) 5. CEBA-2022:0067 CentOS 7 cronie BugFix Update (Johnny Hughes) 6. CEBA-2022:0061 CentOS 7 unzip BugFix Update (Johnny Hughes) 7. CEBA-2022:0062 CentOS 7 x3270 BugFix Update (Johnny Hughes) 8. CEBA-2022:0060 CentOS 7 perl-DBD-Pg BugFix Update (Johnny Hughes) 9. CEBA-2022:0066 CentOS 7 systemd BugFix Update (Johnny Hughes) 10. CEBA-2022:0070 CentOS 7 pki-core BugFix Update (Johnny Hughes) 11. CESA-2022:0063 Moderate CentOS 7 kernel Security Update (Johnny Hughes) 12. CEBA-2022:0156 CentOS 7 openssl BugFix Update (Johnny Hughes) 13. CESA-2022:0162 Important CentOS 7 gegl Security Update (Johnny Hughes) 14. CESA-2022:0063 Moderate CentOS 7 kernel Security Update (Johnny Hughes) -- Message: 1 Date: Tue, 18 Jan 2022 13:44:03 + From: Johnny Hughes To: centos-annou...@centos.org Subject: [CentOS-announce] CESA-2022:0124 Important CentOS 7 firefox Security Update Message-ID: <20220118134403.ga30...@bstore1.rdu2.centos.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2022:0124 Important Upstream details at : https://access.redhat.com/errata/RHSA-2022:0124 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 42e22ddc4f5145c86fda06a008ba1415e8c40c3caa32ca21f81ce460fa3e2bf5 firefox-91.5.0-1.el7.centos.x86_64.rpm Source: 37785df2875c5eb6c436ca5e15daab86f16b8bad3c9cd21a246184c5562ec843 firefox-91.5.0-1.el7.centos.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #cen...@libera.chat Twitter: @JohnnyCentOS -- Message: 2 Date: Tue, 18 Jan 2022 13:44:49 + From: Johnny Hughes To: centos-annou...@centos.org Subject: [CentOS-announce] CESA-2022:0127 Important CentOS 7 thunderbird Security Update Message-ID: <20220118134449.ga30...@bstore1.rdu2.centos.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2022:0127 Important Upstream details at : https://access.redhat.com/errata/RHSA-2022:0127 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 151bddd3018c3cf341e45301fea7e855900839a749c197c0037edde602eaef35 thunderbird-91.5.0-1.el7.centos.x86_64.rpm Source: 91c6a1ec8b49d2f0883bde205114bb7573106a5acd86a2344d652241f7150ee9 thunderbird-91.5.0-1.el7.centos.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #cen...@libera.chat Twitter: @JohnnyCentOS -- Message: 3 Date: Tue, 18 Jan 2022 13:46:38 + From: Johnny Hughes To: centos-annou...@centos.org Subject: [CentOS-announce] CEBA-2022:0068 CentOS 7 python-virtualenv BugFix Update Message-ID: <20220118134638.ga30...@bstore1.rdu2.centos.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Bugfix Advisory 2022:0068 Upstream details at : https://access.redhat.com/errata/RHBA-2022:0068 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 594dfccfe823bf2e7b0b092a49e9599e40606708a101de2e67c467258d6fd21e python-virtualenv-15.1.0-5.el7_9.noarch.rpm Source: 0c59875991139a5551c5cb52320453f97e0aa2010e8c8c6042017aa5dab403e9 python-virtualenv-15.1.0-5.el7_9.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #cen...@libera.chat Twitter: @JohnnyCentOS -- Message: 4 Date: Tue, 18 Jan 2022 13:47:07 + From: Johnny Hughes To: centos-annou...@centos.org Subject: [CentOS-announce] CEBA-2022:0069 CentOS 7 rear BugFix Update Message-ID: <20220118134707.ga30...@bstore1.rdu2.centos.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Bugfix Advisory 2022:0069 Upstream details at : https://access.redhat.com/errata/RHBA-2022:0069 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64:
Re: [CentOS] Is shellcheck safe?
On 17/01/2022 05:30, Thomas Stephen Lee wrote: Hi, I downloaded, extracted, and ran 0.8.0 https://github.com/koalaman/shellcheck/releases After running, I submitted the file to virustotal with the below result. https://www.virustotal.com/gui/file/f4bce23c11c3919c1b20bcb0f206f6b44c44e26f2bc95f8aa708716095fa0651 Should I be concerned that I ran the program once? Thanks ShellCheck is available in EPEL (v0.3.8), at least for rhel7, if that is any indication of it's trustworthiness. The (older) EPEL version scans clean on VirusTotal. You could look at the source code changes between the two releases and make a judgement if you feel there is any reason to be concerned. Alternatively I would suggest submitting a copy to the AV vendor who flagged it for further investigation as a potential false positive. Phil ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] chkrootkit---abandoned???
Il 2022-01-19 01:52 Fred ha scritto: Just tried to check for updated chkrootkit and it appears there haven't been any since 0.53, 3 1/2 years ago. Anybody know if it is now accessible somewhere other than www.chkrootkit.org ?? Thanks in advance! Wikipedia reports its latest version at 0.54, released Dec 24, 2020. But the site www.chkrootkit.org seems down right now. Regards. -- Danti Gionatan Supporto Tecnico Assyoma S.r.l. - www.assyoma.it email: g.da...@assyoma.it - i...@assyoma.it GPG public key ID: FF5F32A8 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is shellcheck safe?
Il 2022-01-17 06:30 Thomas Stephen Lee ha scritto: Hi, I downloaded, extracted, and ran 0.8.0 https://github.com/koalaman/shellcheck/releases After running, I submitted the file to virustotal with the below result. https://www.virustotal.com/gui/file/f4bce23c11c3919c1b20bcb0f206f6b44c44e26f2bc95f8aa708716095fa0651 Should I be concerned that I ran the program once? Thanks I don't see anything wrong with the shellcheck repository. Anyway the golden rules always apply: check you script on a test machine and, if needed, update your bash script on the production server. Regards. -- Danti Gionatan Supporto Tecnico Assyoma S.r.l. - www.assyoma.it email: g.da...@assyoma.it - i...@assyoma.it GPG public key ID: FF5F32A8 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos