Posts Tagged ‘Anyways’

Change Windows 10 default lock screen image via win registry LockScreenImage key change

Tuesday, September 21st, 2021

fix-lock-screen-missing-change-option-on-windows-10-windows-registry-icon

If you do work for a corporation on a Windows machine that is part of Windows Active Directory domain or a Microsoft 365 environment and your Domain admimistrator after some of the scheduled updates. Has enforced a Windows lock screen image change.
You  might be surprised to have some annoying corporation logo picture shown as a default Lock Screen image on your computer on next reoboot. Perhaps for some people it doesn't matter but for as a person who seriously like customizations, and a valuer of
freedom having an enforced picture logo each time I press CTRL + L (To lock my computer) is really annoying.

The logical question hence was how to reverse my desired image as  a default lock screen to enkoy. Some would enjoy some relaxing picture of a Woods, Cave or whatever Natural place landscape. I personally prefer simplicity so I simply use a simple purely black
background.

To do it you'll have anyways to have some kind of superuser access to the computer. At the company I'm epmloyeed, it is possible to temporary request Administrator access this is done via a software installed on the machine. So once I request it I become
Administratof of machine for 20 minutes. In that time I do used a 'Run as Administartor' command prompt cmd.exe and inside Windows registry do the following Registry change.

The first logical thing to do is to try to manually set the picture via:
 

Settings ->  Lock Screen

But unfortunately as you can see in below screenshot, there was no way to change the LockScreen background image.

Windows-settings-lockscreen-screenshot

In Windows Registry Editor

I had to go to registry path


[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\.]

And from there in create a new "String Value" key
 

"LockScreenImage"


so full registry key path should be equal to:


[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Personalization\LockScreenImage]"

The value to set is:

C:\Users\a768839\Desktop\var-stuff\background\Desired-background-picture.jpg

windows-registry-change-lock-screen-background-picture-from-registry-screenshot

If you want to set a black background picture for LockScreen like me you can download my black background picture from here.

That's all press CTRL + L  key combination and the black screen background lock screen picture will appear !

Hopefully the Domain admin, would not soon enforce some policty to update the registry keys or return your old registry database from backup if something crashs out with something strange to break just set configuration.

To test whether the setting will stay permanent after the next scheduled Windows PC update of policies enforced by the Active Directory (AD) sysadmin, run manually from CMD.EXE

C:\> gpupdate /force


The command will download latest policies from Windows Domain, try to lock the screen once again with Control + L, if the background picture is still there most likely the Picture change would stay for a long.
If you get again the corporation preset domain background instead,  you're out of luck and will have to follow the same steps every, now and then after a domani policy update.

Enjoy your new smooth LockScreen Image 🙂

 

ASCII Art studio – A powerful ASCII art editor for Windows / Playscii a cool looking text editor for Linux

Monday, June 28th, 2021

This post is just informative for Text Geeks who are in love with ASCII Art, it is a bit of rant as I will say nothing new, but I thought it might be of interest to some console maniac out there 🙂

ascii art studio aas program windows xp professional drawing program screenshot

While checking stuff on Internet I've stumbled on interesting ASCII arts freak software – >ASCII Art Studio. ASCII Art Studio is unfortunately needs licensing is not Free Software. But anyways, for anyone willing to draw pro ASCII art pictures it is a must see. Check it out;

Isn't it like a Plain Text pro Photoshop ? 🙂 Its a pity we don't have a Linux / BSD Release of this wonderful piece of software. I've tried with WINE (Windows Emulator) on Linux to make the Ascii Art Studio work but that was a fail. It seems only way to make it work is have Windows as a worst case install a Virtual Machine with VirtualBox / Vmware and run it inside if you don't have a Windows PC at hand.

Of course there are stuff on Linux to ascii art edit you can use if you want to have a native software to edit ASCIIs such as Playscii. Unfortunately Playscii is not an easy one to install and the software doesn't have a prepared rpm or deb binary you can easily roll on the OS and you have to manually build all required python modules and have a working version of python3 to be able to make it work.

I did not have much time to test to install it and since I faced issues with plascii install I just abandoned it. If some geek has some more time anyways I guess it is worse to give it a try below is 2 screenshots from PLAYSCII official download page. 

playscii_shot1-official.

As you see authors of the open source playscii whose source is available via github choose to have an amazing looking ascii art text menus, though for daily ASCII art editing it is perhaps much more complicated to use than the simlistic ASCII Art Studio

playscii_shot2-official

There is other stuff for Linux to do ASCII Art files text edit like:
JaVE (this one I don't personally like because it is Java Based),  Ascii Art Maker or Pablow Draw Linux (unfortunately this 2 ones are proprietary).

Report haproxy node switch script useful for Zabbix or other monitoring

Tuesday, June 9th, 2020

zabbix-monitoring-logo
For those who administer corosync clustered haproxy and needs to build monitoring in case if the main configured Haproxy node in the cluster is changed, I've developed a small script to be integrated with zabbix-agent installed to report to a central zabbix server via a zabbix proxy.
The script  is very simple it assumed DC1 variable is the default used haproxy node and DC2 and DC3 are 2 backup nodes. The script is made to use crm_mon which is not installed by default on each server by default so if you'll be using it you'll have to install it first, but anyways the script can easily be adapted to use pcs cmd instead.

Below is the bash shell script:

UserParameter=active.dc,f=0; for i in $(sudo /usr/sbin/crm_mon -n -1|grep -i 'Node ' |awk '{ print $2 }'); do ((f++)); DC[$f]="$i"; done; \
DC=$(sudo /usr/sbin/crm_mon -n -1 | grep 'Current DC' | awk '{ print $1 " " $2 " " $3}' | awk '{ print $3 }'); \
if [ “$DC” == “${DC[1]}” ]; then echo “1 Default DC Switched to ${DC[1]}”; elif [ “$DC” == “${DC[2]}” ]; then \
echo "2 Default DC Switched to ${DC[2]}”; elif [ “$DC” == “${DC[3]}” ]; then echo “3 Default DC: ${DC[3]}"; fi


To configure it with zabbix monitoring it can be configured via UserParameterScript.

The way I configured  it in Zabbix is as so:


1. Create the userpameter_active_node.conf

Below script is 3 nodes Haproxy cluster

# cat > /etc/zabbix/zabbix_agentd.d/userparameter_active_node.conf

UserParameter=active.dc,f=0; for i in $(sudo /usr/sbin/crm_mon -n -1|grep -i 'Node ' |awk '{ print $2 }'); do ((f++)); DC[$f]="$i"; done; \
DC=$(sudo /usr/sbin/crm_mon -n -1 | grep 'Current DC' | awk '{ print $1 " " $2 " " $3}' | awk '{ print $3 }'); \
if [ “$DC” == “${DC[1]}” ]; then echo “1 Default DC Switched to ${DC[1]}”; elif [ “$DC” == “${DC[2]}” ]; then \
echo "2 Default DC Switched to ${DC[2]}”; elif [ “$DC” == “${DC[3]}” ]; then echo “3 Default DC: ${DC[3]}"; fi

Once pasted to save the file press CTRL + D


The version of the script with 2 nodes slightly improved is like so:
 

UserParameter=active.dc,f=0; for i in $(sudo /usr/sbin/crm_mon -n -1|grep -i 'Node ' |awk '{ print $2 }' | sed -e 's#:##g'); do DC_ARRAY[$f]=”$i”; ((f++)); done; GET_CURR_DC=$(sudo /usr/sbin/crm_mon -n -1 | grep ‘Current DC’ | awk ‘{ print $1 ” ” $2 ” ” $3}’ | awk ‘{ print $3 }’); if [ “$GET_CURR_DC” == “${DC_ARRAY[0]}” ]; then echo “1 Default DC ${DC_ARRAY[0]}”; fi; if [ “$GET_CURR_DC” == “${DC_ARRAY[1]}” ]; then echo “2 Default Current DC Switched to ${DC_ARRAY[1]} Please check “; fi; if [ -z “$GET_CURR_DC” ] || [ -z “$DC_ARRAY[1]” ]; then printf "Error something might be wrong with HAProxy Cluster on  $HOSTNAME "; fi;


The haproxy_active_DC_zabbix.sh script with a bit of more comments as explanations is available here 
2. Configure access for /usr/sbin/crm_mon for zabbix user in sudoers

 

# vim /etc/sudoers

zabbix          ALL=NOPASSWD: /usr/sbin/crm_mon


3. Configure in Zabbix for active.dc key Trigger and Item

active-node-switch1

Auto insert password for a Trusted SSL Certificate / Automatically enter password for an SSL Certificate during Apache startup on Debian Lenny

Friday, March 26th, 2010

Protect-Your-Private-SSL_keys-Apache-howto
I've recently installed a Trusted certificate that I've previously protected with a pass-phrase to an Apache server running on top of Debian in order to have a better security.
Now everytime I restart Apache it's pretty annyoing and non-practical at the same time, to enter the Passphrase assigned to the SSL certificate.
It's also dangerous because if Apache crashes and tries to resurrect itself restartig it might not start-up again.
Another unpleasant possible scenario is if for example some of the php code developers tries to change something minor in some Virtualhost and afterwards restarts Apache for the new configurations to take place, again Apache won't bring up and a chaos would emerge.
So I decided to configurate my Apache that it auto fills in the passphrase each time it's being started or restarted.To do that I consulted some online resources and I end up redirected by a blog post to the mod_ssl ssl_reference web page

There is plenty of stuff on that document however in my case all I needed was one directive in /etc/apache2/mods-avalable/mods-available/ssl.conf :

SSLPassPhraseDialog exec:/etc/apache2/mods-available/passphrase

The above code must replace:

SSLPassPhraseDialog builtin

Now last step is to prepare the /etc/apache2/mods-available/passphrase .
Make sure the file has the following content:

#!/bin/sh
echo "yoursecretpassword"

Change above yoursecretpassword with your configured passphrase.
Also please make sure /etc/apache2/mods-availabe/passphrase has proper set permissions. In my case I've set the following permissions for the file:

debian:~# chown www-data:www-data /etc/apache2/mods-available/passphrase
debian:~# chmod 700 /etc/apache2/mods-available/passphrase

That should be it, Restart Apache and make sure Apache is properly loaded without anySSL passphrase prompts.
However you should have in mind that auto enabling passphrase loading on starting in Apache is much more insecure than typing in the password every time you restart Apache. Storing the passphrase in a file is quite insecure compared to if you type it every time Apache starts.
For instance if a hacker breaks into your server he might be able to steal your SSL certificate as well as the passphrase file.
And surely this is something you don't want. Anyways flexibility has a price and if you decide to go the way described, please note the risk first.

 

   

If you haven't already added a password to your private key during certficate generation time,

Of course you can add/remove a passphrase at a later time.

    add one (assuming it was an rsa key, else use dsa)

    openssl rsa -des3 -in your.key -out your.encrypted.key
    mv your.encrypted.key your.key

    the -des3 tells openssl to encrypt the key with DES3.

    remove it

    openssl rsa -in your.key -out your.open.key

    you will be asked for your passphrase one last time
    by omitting the -des3 you tell openssl to not encrypt the output.

    mv your.open.key your.key

 

How to update macos from terminal / Check and update remotely Mac OS X software from console

Friday, October 23rd, 2015

../files/how-to-update-mac-osx-notebook-from-terminalsoftware-update-command-line-mac-screnshot-1

If you happen to have to deal with Mac OS X (Apple) notebook or Desktop PC (Hackintosh) etc. and you’re sysadmin or console freak being pissed off Mac’s GUI App Store update interface and you want to “keep it simple stupid” (KISS) in an Debian Linux like apt-get manner then you can also use Mac’s console application (cli) terminal to do the updates manually from command line with:

softwareupdate

command.

how-to-update-mac-osx-notebook-from-terminalsoftware-update-command-line-mac-screnshot

To get help about softwareupdate pass it on the -h flag:

softwareupdate -h

1. Get a list of available Mac OS updates

Though not a very likely scenario of course before installing it is always a wise thing to see what is being updated to make sure you will not upgrade something that you don’t want to.
This is done with:

softwareupdate -l

However in most cases you can simply skip this step as updating directly every package installed on the Mac with a new version from Apple will not affect your PC.
Anyways it is always a good idea to keep a backup image of your OS before proceeding with updates with let’s say Time Machine Mac OS backup app.

2. Install only recommended Updates from Apple store

softwareupdate -irv


Above will download all updates that are critical and thus a must to have in order to keep Mac OS security adequate.
Translated into Debian / Ubuntu Linux language, the command does pretty much the same as Linux’s:

apt-get –yes update

3. Install All Updates available from AppleStore

To install absolutely all updates provided by Apple’s package repositories run:

softwareupdate -iva

One note to make here is that always when you keep updating make sure your notebook is switched on to electricity grid otherwise if due to battery discharge it shutoffs during update your Mac will crash in a very crappy hard to recover state that might even cost you a complete re-install or a need to bring a PC to a Mac Store technical support guy so beware, you’re warned!

4. Installing all updates except Specific Softwares from Terminal

Often if you have a cracked software or a software whose GUI interface changed too much and you don’t want to upgrade it but an update is offered by Apple repos you can add the -i ingnore option:

softwareupdate -i [update_name(s)]

For example:

softwareupdate -i Safari-version-XXXX

5. View Mac OS Software Update History

The quickest way to see the update history is with System Information app, e.g.:

/Applications/Utilities/System Information.app

Malwarebytes a good Anti-Spyware anti-malware Windows program

Saturday, December 11th, 2010

malwarebytes_a_good_Anti-Spyware-anti-malware-windows-program-clean-your-pc-from-malwares-and-viruses
Dave just recommended me a nice software which is able to easily extinguish most of the nowdaysterrible spyware soft.
I had previously installed a cracked version of Spyware Doctor on this Windows machine and it was interesting that even though it’s so seriously praised the Spyware Doctor wasn’t able to find a bunch of stupid spyware.
Talking about Spyware what is a Spyware? Why is not a spyware a virus?

Anyways, I guess they just came up with a hype word to just market some more software as an anti-spyware soft.

To clean up your windows pc with go straigh to Malwarebytes download it and install it.
The full version of malwarebytes is paid but the good news is that the free version available for download lacks only the service of an integrated windows agent to constantly track your pc if a spyware is trying to enter from a website.

Just until recently I used to use the good old Spybot but this program is not anymore finding most of the malicious stuff, so I guess this malwarebytes is something I should install more often on Windows pcs I had to fix up.

safemode_with_networking_windows-PC-boot-option-screen-screenshot

If running Spyware Bytes, doesn’t succeed in cleaining the PC (and just if you want to have better guarantee that Malware will not auto-load on the PC again), run the PC in Safe Mode With Networking or just Safe Mode (keep pressing F8) before Windows boots and then run Malware Bytes again.

Fix audioCD play problems with VLC on GNU Linux

Monday, January 23rd, 2012

I've not played audio CD for ages. Anyways I had to set up one computer with Linux just recently and one of the requirements was to be able to play audiocds.
I was surprised that actually a was having issue with such as simple tasks.
Here is how i come with this article.

If you encounter errors playing Audio CDs on any Linux distro in VLC or other players, you might need to apply the following fix.

root@xubuntu-desktop:~# apt-get install xubuntu-restricted-extras
...
root@xubuntu-desktop:~# apt-get install ubuntu-restricted-extras
...

I'm not sure if this packages are required, anyways having them installed is a good idea especially on computers which will have to support as much multimedia as possible.

Trying to play a CD with VLC the result was not nice, you see in the picture above the error that poped up while trying it with VLC:

Due to wrong configuration of the play device VLC will be looking to read the audio cd from.

To succesfully play the audiocd invoke VLC command with a cdda///dev/sr0 argument like so:

hipo@xubuntu-desktop:~$ vlc cdda:///dev/sr0
...

To permanently fix the error you will have to edit ~/.config/vlc/vlcrc :

Inside ~/.config/vlc/vlcrc find the lines:

dvd=/dev/cdrom

Substitute the above line with:

dvd=/dev/sr0

Next find the line:

vcd=/dev/cdrom

Change the above line with:

vcd=/dev/sr0
Due to a bug in generating vlcrc , the dvd= might be set also to other messy unreadable characters (different from /dev/cdrom). This can also be the reason why it fails to properly read the disc.

If dvd= and vcd is set to a different unreadable characters delete them and substitute with /dev/sr0 .I've experienced this on Xubuntu Linux with a Bulgarian localization (probably the bug can be seen in other Linuxes when GNOME is installed in Russian, Chineese and other UTF-8 languages.

The strange error can be observed also in other players when the localization is set to someone's native language …
Alternative solution is to install and use rhythmbox instead of VLC.
Other program to play audio CDs called workman , you will have to get used to the interface which uses gtk1 and therefore obsolete. Putting aside the ugly interface it works 😉