If you have worked with configuration files from Windows right from the early days with Windows 3.1 to the newer versions of Windows common today, you may have seen the .ini text files on your disk. These are configuration files, and were (and still are) a popular alternative to the YAML (Yet Another Markup Language / Yaml Aint Markup Language) configuration files that are common today. The simplicity of these .

On Linux, iptables / nftables provide a kernel-level control for IP routing and filtering. iptables are non-persistent (will not survive a reboot). ufw builds upon iptables and provides a user-friendly interface for configuration. And then there’s the alternative, firewalld. Here’s a cheat sheet for working with firewalld: systemctl status firewalld , firewall-cmd --state. # Check if firewalld is enabled firewall-cmd --list-ports # Check if the port is already whitelisted firewall-cmd --list-services # Check for whitelisted services firewall-cmd --get-services # Lists the out-of-the-box known services firewall-cmd --add-port=27017/tcp # Add the MongoDB port to the whitelist (runtime) firewall-cmd --runtime-to-permanent # Make it permanent #firewall-cmd --add-port=27017/tcp --permanent # With --permanent, the runtime is not affected - use --reload for the change to take effect firewall-cmd --reload # Reload the config firewall-cmd --list-ports # Check if the port is whitelisted For setting up a listener to test the above…

The Logical Volume Manager device mapper lets us create file systems that span multiple physical disks. When you know the hierarchy, the rest of the concepts become clear. At the hardware level, you have physical disks. These physical disks are divided into “physical volumes”. Physical volumes are then added to “volume groups”, and the volume groups contain “logical volumes”. These logical volumes contain partitions that can be formatted with file systems.

Globbing (wildcard patterns) is something that comes naturally to us when we search for files on a command-line of a Linux or Windows box. While its not as powerful as regular expressions, it’s less to type and extremely simple. Most command line tools don’t process globs and are reliant on the shell to process the globs. Bash 4 also introduces the globstar (but needs it to be enabled with shopt -s globstar; use shopt | grep globstar to check if it is set) to match within subdirectories recursively (the match also includes path separators).

We often encounter RedHat Enterprise Linux servers that have not been updated because of RPM repositories not being configured or because of mission subscriptions. As a first step, you always want to check - are there any repositories: yum repolist all (use “dnf” instead of “yum”, if available). You will likely also see the /etc/yumrepos.d/redhat.repo file, managed by the subscription-manager utility. The subscription-manager can tell you if the RHEL box you are working on has an active subscription.

Normally, when you encrypt data, you cannot perform any kind of comparison… unless, of course, you opt for less-secure encryption in which a specific clear-text value always encrypts to the same encrypted-value - you can then perform equality matches. Homomorphic encryption refers to a form of encryption in which operations can be performed on the encrypted value without decryption. Order-preserving encryption preserves the order of the encrypted data. For example, if we encode 1, 2, 3 as A, B, C we know we can tell if a data point is greater or lesser than another data point even in the encrypted form.

When using TLS with certificates on the server-side, the client validates the hostname of the server against the subject alternate name or common name from the certificate presented by the server. However, when using mutual TLS, the certificate that the client presents does not necessarily contain the hostname of the client, so we are not (at least not in most use cases - we can always build software that requires specific fields in the client certificate and can perform this check in our software) validating the client hostname.

pygments-pymentize to rouge-rougify When working with text based user interfaces (TUI/CLI), a wall of black-and-white text makes things harder. Add colors with syntax highlighting, and it makes the text much more discernible. Depending on which programming language you are working with, there’s usually a popular library native to the programming language you are working with - for Python, there’s Pygments; for PHP, there’s Geshii; and, for Ruby, there’s Rouge. To install Pygments, we use the Python package mamanger pip and we then invoke pygmentize by passing a filename as an argument like this:

You have likely used less as a way to paginate text files or logs - a step up from cat, which dumps the text onto the screen till the end of the file. You’ve probably also used the vi-like search with front-slash and question-mark to search forward or backward, and “n” and “p” to move back and forth among search results. Less can do more. Less has more superpowers that you likely haven’t tried yet.

Ruby on Rails applications commonly use the Clearance and Devise authentication gems. The Clearance gem requires ActiveModel and therefore cannot work with MongoDB. However, the Devise gem has the ability to use Mongoid instead of ActiveRecord. To begin, we create a new Rails project: rails new authdemo --skip-active-record --skip-test --skip-system-test We then install mongoid: echo "gem 'mongoid'" >> Gemfile bundle install rails g mongoid:config We then install the Devise gem: