Hey Kitty Kitty

Monday, February 23, 2026

Display Not Found / No protocol specified

When faced with these errors, it most probably means your X11 forwarding authorization is not set up (or messed up).

You will need to manually authorize X11 forwarding.

Here are the steps

`xauth list` --> this cmd will list out all the currently authorized list. They are 3 columns, and in the following format:

dpyname protoname hexkey

<dpyname> = this is your session, and can be gotten by running `echo $DISPLAY`

<protoname> = MIT-MAGIC-COOKIE-1

<hexkey> = can be generate thru `mcookie`

Here's the real example of the above mentioned steps:

>echo $DISPLAY
ascca05411310.sc.amd.com:5.0

>mcookie

e0ec4a52c92cf4c5d0798780eead4515

>xauth add ascca05411310.sc.amd.com:5 MIT-MAGIC-COOKIE-1 e0ec4a52c92cf4c5d0798780eead4515

Test and see if it works now, run `xclock`.

Tuesday, April 4, 2023

How To Bypass Kerberos(kinit) Authentication

Whenever you try to setuid and impersonate as someone else to run something, it is very likely that you will run into kerberos/kinit issues. Example:-

userA:> ssh_as_userB hostC 'someCmd'

This happens because when userA tries to impersonate as userB, and tries to run something from 'hostC' , userB isn't authenticated (yet) at 'hostC', and thus, it requires password authentication from userB (the kerberos/kinit thingie)

Solution #1

In order to prevent it from asking for a password, we can ask userB to ssh to 'hostC'. Once this is done, hostC now has confirmed authentication from userB, and thus, running this command again from userA will now no longer prompt for password:-

userA:> ssh_as_userB hostC 'someCmd'

Solution #2

However, that solution isn't always gonna make sense. We sometimes need to run the command without the need to key in password. Here's what we can do (in layman terms):-

1. create an encrypted password file for userB (keytab)
2. every time, before running any command, we auto-login(kinit) userB with that password file, then only we run the command.

By doing so, we can be sure that the command will not prompt for password anymore (of course unless the password in the keytab file is incorrect :P)

Here's how to do it

###############################
#### To Generate keytab #######
###############################
>ktutil
ktutil: addent -password -p userB@GAR.CORP.INTEL.COM -k 1 -e rc4-hmac
Password for userB@GAR.CORP.INTEL.COM:
ktutil: addent -password -p userB@GAR.CORP.INTEL.COM -k 1 -e aes256-cts
Password for userB@GAR.CORP.INTEL.COM:
ktuil: wkt /nfs/site/home/userB/keytab
ktutil: quit

###############################
##### To run a command ########
###############################

userA:> ssh_as_userB hostC 'unset KRB5CCNAME; /usr/bin/X11/kinit userB@GAR.CORP.INTEL.COM -k -t /nfs/site/home/userB/keytab; "someCmd" '

Monday, April 3, 2023

setuid as someone (ssh as someone)

/* This binary is intended to be a setuid script wrapper for dbRsync.pl.

Usage:-

>gcc setuid_swap.c -o newfilename

>chmod 4755 newfilename

int main(int ac, char **av) {

int uid;

uid = geteuid();

setreuid(uid, uid);

execv( "/usr/bin/ssh", av );

}

Wednesday, July 7, 2021

How To Run ANY COMMAND As The Owner Of The Script (setuid)

1. Save the below code as file a.c

    int main(int ac, char **av) {
        int uid;
        uid = geteuid();
        setreuid(uid, uid);

        char **arguments = av + 1;
        system(*arguments);

        return 0;
    }

2. As userA, compile it, ie

    gcc a.c -o aaa

3. As userA, set the sticky bit, ie

    chmod 4755 aaa

4. now you can run any command as UserA, like this:

    >aaa 'whoami'
    userA

    >aaa 'touch file1'
    >ls -al file1
    -rw-r----- 1 userA group

Tuesday, December 15, 2020

How To Create A Wrapper Script With Customized Environment

When working in a team, everyone will have to conform and work in a same environment. But there are times that, a certain script of yours needs a different environment in order to run. An example would be, everyone in the team has their python version set to 2.7.13. But for some reason, you have a python script that will only work with python 3. Having a wrapper script that customize the environment before running your script would solve this issue. Here's how the wrapper script will look like

#!/bin/tcsh -f

setenv BNR_PATH /some/special/path/
setenv BNR_BIN /another/special/path/bin
setenv BNR_ROOT /special/root/path

/path/to/your/script.py $argv:q

Monday, July 27, 2020

How To Post Codes In Blogs As Html Using Pygmentize

https://pygments.org/download/

For Command Line Help:-

>pygmentize -h
>pygmentize -H

To see all available lexer (language supported), formatter, etc ...

>pygmentize -L

To see all Options available for HTML formatter:-

>pygmentize -H formatter html

To convert lines of codes into html format so that u can post it to a blog:-

>cat report_waiverfile_errors.py | pygmentize -l python -f html -O noclasses

To include line numbers:-

>cat report_waiverfile_errors.py | pygmentize -l python -f html -O 'noclasses,linenos'

To Highlight certain lines:-

>cat report_waiverfile_errors.py | pygmentize -l python -f html -O 'noclasses,linenos,hl_lines="12 13 14 15 16 17"'

Example:-

#!/usr/bin/env python

import os
import sys
#sys.path.insert(0, '/nfs/site/disks/da_infra_1/users/yltan/depot/da/infra/dmx/main/lib/python')
import logging
import dmx.tnrlib.waiver_file


LOGGER = logging.getLogger()


def main():
    wf = dmx.tnrlib.waiver_file.WaiverFile()
    wf.load_from_file(sys.argv[1])

if __name__ == "__main__":
    logging.basicConfig(format='[%(asctime)s] - %(levelname)s-[%(module)s]: %(message)s', level=logging.DEBUG)
    main()

Friday, May 3, 2019

Fromatting Perforce Output For Simple Scripting

Perforce has a global option -ztag

If you run a normal perforce command like this

p4 files -m3 ...
//depot/da/infra/dmx/main/lib/python/dmx/tnrlib/__init__.py#1 - add change 4491003 (text+kx)
//depot/da/infra/dmx/main/lib/python/dmx/tnrlib/audit_check.py#57 - edit change 5716075 (text+kx)
//depot/da/infra/dmx/main/lib/python/dmx/tnrlib/css/style.css#1 - branch change 4757380 (text+k)

With the -ztag ...

p4 -ztag files -m3 ...
... depotFile //depot/da/infra/dmx/main/lib/python/dmx/tnrlib/__init__.py
... rev 1
... change 4491003
... action add
... type text+kx
... time 1473325143

... depotFile //depot/da/infra/dmx/main/lib/python/dmx/tnrlib/audit_check.py
... rev 57
... change 5716075
... action edit
... type text+kx
... time 1556850031

... depotFile //depot/da/infra/dmx/main/lib/python/dmx/tnrlib/css/style.css
... rev 1
... change 4757380
... action branch
... type text+k
... time 1494905434

Now, say, I'd like to have perforce report out the following info in 3 columns, separated by :::, like this

1	depotFile ::: revision ::: type

All I need to do is run the following:-

p42 -ztag -F "%depotFile% ::: %rev% ::: %type%" files -m3 ...
//depot/da/infra/dmx/main/lib/python/dmx/tnrlib/__init__.py ::: 1 ::: text+kx
//depot/da/infra/dmx/main/lib/python/dmx/tnrlib/audit_check.py ::: 57 ::: text+kx
//depot/da/infra/dmx/main/lib/python/dmx/tnrlib/css/style.css ::: 1 ::: text+k

... and here you go :)