2018-11-07

MacOS file system check

To see if you new APFS file system is consistent,  you can:

$ sudo fsck_apfs -ln /dev/disk1s1

Let me explain this in details:

  • sudo - assume admin rights
  • fsck_apfs - the low level program to check an APFS file system
  • -ln - scan this in "live mode" and do "no changes"
  • /dev/disk1s1 - the name of your main disk. You can find this by either doing a "df ~" or "diskutil list". The later gives the following output on my system:


$ diskutil list
/dev/disk0 (internal):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                         500.3 GB   disk0
   1:                        EFI EFI                     314.6 MB   disk0s1
   2:                 Apple_APFS Container disk1         500.0 GB   disk0s2

/dev/disk1 (synthesized):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      APFS Container Scheme -                      +500.0 GB   disk1
                                 Physical Store disk0s2
   1:                APFS Volume Macintosh HD            478.9 GB   disk1s1
   2:                APFS Volume Preboot                 47.5 MB    disk1s2
   3:                APFS Volume Recovery                512.8 MB   disk1s3
   4:                APFS Volume VM                      1.1 GB     disk1s4

 If this tells you that you should repair your disk, you must boot your Mac into single user mode (console mode). To do this, reboot and press CMD+S during reboot. You will get a unix console with a root prompt.

here you can run

# fsck_apfs -y /dev/disk1s1

-y means here: repair without asking

2018-07-07

Vortrag: A better language for OWASP Core Rule Set

Ich habe unser Projekt für eine bessere Sprache für das OWASP Core Rule Set auf dem Core Ruleset Summit am Rande der AppSec EU in London vorgestellt.

Die Folien und alle Materialien gibt es hier auf der Projektseite https://github.com/avinetworks/owasp-crs-technical-discussion

2017-01-02

Replizieren von SVN repositories

Ja, ich weiss. SVN ist nicht mehr hip und alle nehmen git. Aus "historischen Gründen" lauft hier aber noch SVN.

Für Backup, Redundanz und eventuell offline work, möchte man manchmal read-only Replikas von SVN haben.

Alles gut dokumentiert, hier eine Kurz-Zusammenfassung:

1. Auf dem Mirror das repository erzeugen:

$ svnadmin create "${SVN_MIRROR}/${REPO_NAME}"

2.  Den pre-revprop-change hook anlegen

$ cat "${SVN_MIRROR}/${REPO_NAME}/hooks/pre-revprop-change"
#!/bin/bash 
exit 0

3. Die Replika initialisieren:

$ svnsync init --source-username "${USERNAME}" "file:///${SVN_MIRROR}/${REPO_NAME}" "${REMOTE_REPO}"

4. Initiales und inkrementelles replizieren

$ svnsync sync --source-username "${USERNAME}" "file:///${SVN_MIRROR}/${REPO_NAME}"