Wednesday, October 21, 2015

Checking file signature on Windows

The sysinternals suite provides the sigcheck.exe tool which is useful to verify the integrity of a file:

https://technet.microsoft.com/en-us/sysinternals/bb897441.aspx

Recently I had a strange issue on my Windows 10 tablet.   The Windows firewall asked me whether I trusted wuapihost.exe to communicate out on my private or public network.  This is an odd issue and is most likely a bug.  Information online is currently not very helpful.

The best thing I could do is simply verify the integrity and signature of the file by using sigcheck.exe

I used it to check both the MD5 hash and the certificate signature.  The tool also offers an option to have it uploaded and checked by "www.virustotal.com"; a subsidiary of Google.

The results of the tool:

c:\windows\system32\wuapihost.exe:
        Verified:       Signed
        Signing date:   2:11 AM 2015-07-10
        Publisher:      Microsoft Windows
        Description:    wuapihost
        Product:        Microsoft« Windows« Operating System
        Prod version:   10.0.10240.16384
        File version:   10.0.10240.16384 (th1.150709-1700)
        MachineType:    32-bit
        MD5:    7B8DF67BCA2EC042ED8B71F5226B51EE
        SHA1:   CEA9E6219086343472D050934CBAF21558DF67B5
        PESHA1: 2B5B80E0E70118E9AD667314CB7FBFD638A340AF
        PE256:  7E7B9738DE54A65D7DD09CB97F51394381BFA1334CE01A774BBC73528A765300
        SHA256: 001FF7CD1D524636F936814B9154C27971723C8B3F652CC3E03BD09BA4B21AA9
        IMP:    50A7A0582886E9AB08BEF947D1B09ADA

Wednesday, October 14, 2015

Authentication is required to create a color managed device kde vnc group

This is the message I get everytime I need to resize the screen with VNC using KDE / Plasma 5.

A bug report has been filed by someone else with Redhat in regards to this issue:

https://bugzilla.redhat.com/show_bug.cgi?id=1149893

And Orion Poplawski posted a workaround which consists of:

"
You can place a .rules file in /etc/polkit-1/rules.d

I'm doing in 02-allow-colord.rules:

polkit.addRule(function(action, subject) {
   if ((action.id == "org.freedesktop.color-manager.create-device" ||
        action.id == "org.freedesktop.color-manager.create-profile" ||
        action.id == "org.freedesktop.color-manager.delete-device" ||
        action.id == "org.freedesktop.color-manager.delete-profile" ||
        action.id == "org.freedesktop.color-manager.modify-device" ||
        action.id == "org.freedesktop.color-manager.modify-profile") &&
       subject.isInGroup("nwra")) {
      return polkit.Result.YES;
   }
});
"

Tuesday, October 6, 2015

RedHat Software Collections - Directory Structure

In order to prevent non-standard Software Collection packages from interfering with standard ones, RedHat came up with a special directory structure to separate each packages into its own little world.

Here is an example of what the directory tree looks like for MySQL 5.5 from SC2:

(note: "tree" won't provide a clear view of only the directories that I want to show, so I had to put the pieces together)

/opt
└── rh
    └── mysql55
        └── root
            ├── bin
            ├── boot
            ├── dev
            ├── etc
            ├── home
            ├── lib
            ├── lib64
            ├── media
            ├── mnt
            ├── opt
            ├── proc
            ├── root
            ├── sbin
            ├── selinux
            ├── srv
            ├── sys
            ├── tmp
            ├── usr
            └── var
                ├── cache
                ├── db
                ├── empty
                ├── games
                ├── lib
                │   ├── games
                │   ├── misc
                │   └── mysql
                ├── local
                ├── lock
                │   └── subsys
                ├── log
                ├── mail -> spool/mail
                ├── nis
                ├── opt
                ├── preserve
                ├── run
                │   └── mysqld
                ├── spool
                │   ├── lpd
                │   └── mail
                ├── tmp
                └── yp

The service names are also somewhat different, with a very precise convention, making it easy to differ between installed versions:

/etc/rc.d/init.d/mysql55-mysqld

Note how the first portion of the service name specifies the name and version of the package.

======

For details on RH and Community Software Collections, visit the documentation at:

https://www.softwarecollections.org/en/docs/