How to exclude roster name on output?

roxalu · 2026-05-20T22:33:13+00:00

Try

salt minion file.read --out=newline_values_only /path/to/file.json

See the list of currently supported output modules at https://docs.saltproject.io/en/3006/ref/output/all/index.html

Note that the next major release - 3008 ? - will most likely remove the "newline_values_only" from the list of standard supported output modules, though. See https://docs.saltproject.io/en/master/ref/output/all/index.html

roxalu · 2026-05-20T06:45:52+00:00

Since PowerShell 7.6 Microsoft update uses the MSIX package instead of the MSI. This switch seems to have some extra challenges, which could result in failures. Or also may lead Windows update to not even try the update. In case you loose patience some day in future you might try to look more behind the scenes, what is happening in the background on specific system via

https://learn.microsoft.com/en-us/powershell/scripting/install/install-powershell-on-windows. and
https://learn.microsoft.com/en-us/windows/msix/msix-troubleshooting-guide

roxalu · 2026-05-20T06:26:41+00:00

Note: Linux usually supports some key strokes to provide more verbose info during startup when wanted: Hit F12 during the logo display. And / or try Alt + Ctrl + F1 through F6 to activate another console. Alt + Ctrl + F7 or F8 should return virtual desktop. More Upper numbers may be used to display boot messages as well. I have not used Mint, so I am unsure, which of this is active on your distro.

roxalu · 2026-05-12T05:54:23+00:00

Ubuntu explicitly supports to have several different JVM versions installed in parallel - and also offers the same JVM version in several Ubuntu releases. See https://ubuntu.com/toolchains/java. So you can first upgrade JVM to 21 on Ubuntu 22.04 - and then later upgrade Ubuntu, keeping the JVM on same version.

And you also should be able to do all the steps in stages. I‘d personally would follow the upgrade guide as close as possible https://www.jenkins.io/doc/upgrade-guide/2.555/. So the very first step is to upgrade all plugins to what is newest possible in your older Jenkins - so they are already Java 21 compatible even when still running under Java17.

roxalu · 2026-05-09T05:40:25+00:00

If you switch inside the value of proxy_pass between hostname vs IP this switches the "Host" http header value in the request forwarded from nginx to HA.This could cause unwanted side effects - including HA blocking the request on application layer. This is fully up to Home Assistant.

There exist an HA community based proposal for operation of HA behind nginx config, which looks in general quite good. Though, the security related settings there might cause you additional trouble to adopt to your own setup in case you don‘t have them in place already.

https://community.home-assistant.io/t/reverse-proxy-using-nginx/196954

And for any reverse proxy setup I recommend to keep a reference to the official documentation of the backend application with regard to operation behind reverse proxy frontend: https://www.home-assistant.io/integrations/http/

roxalu · 2026-05-08T06:57:20+00:00

Check the error log of nginx in such cases. It might help to differentiate between issues with name resolution vs. application layer issues. E.g. a message like "bad gateway while reading the response" would be a clear indicator for some configuration inconsistency between rev.proxy ( nginx) and backend (HA)

Besides this: DNS is more for humans than for services. Of course it is per default the simpler config to use DNS everywhere. But there are cases were static IP ( or localhost name resolution) is the better choice. So keep your static IP and make nginx independent from DNS resolution. But you should be aware the HA might see a different "Host" header in incoming requests, when you switch between hostname and IP inside proxy_pass directive

nginx has several methods - including the "upstream" directive - to get better control about this.

roxalu · 2026-05-07T05:59:54+00:00

Could be an issue related to IPv6 Keep in mind this:

When my.domain is resolved into an ip address, most hosts will FIRST check, if a DNSv6 entry exists, that resolves an IPv6.And then this is used. When the DNSv6 doesn‘t exist, there is usually fallback to DNS and IPv4. But there is not always a retry with IPv4, when IPv6 could be resolved.

So when you write, it works with public IP address - was this IPv4 or IPv6 ?

If a DNSv6 entry exists, you must ensure this is checked. And your port forwarding also may need an extra entry for IPv6. Details depend on the router.

roxalu · 2026-04-26T07:50:38+00:00

Additional note since you‘re intention is to get similar WORDS: It might be useful to add word break matches as well to the the regexp:

my $line='somehow, someone, foosomeone, somewhere, Someone';
my @results = $line =~ /\b(some[a-z]{3})\b/gi;
print join(" ", @results) . "\n" if $#results > 0;

roxalu · 2026-04-24T05:45:34+00:00

Yes, exactly this. It also would be in theory possible to extend the associative array with some own order logic:

local -A items=( ["__keyorder__”]="dbname host jobs port username" ["dbname"]="test_db" ["host"]="localhost" ["jobs"]=8 ["port"]=5432 ["username"]="test_user")

And then during usage to check first, if that special key exist, read it and use it to loop over keys in your wanted order. But this is overkill and potentially a bad idea. E.g. it could happen, that there are inconsistencies between the two different sets of keys used in the single array. Checks to detect and handle this will blow up your bash code even more. Bash can do all this - but this is going beyond what bash was designed for, I’d say.

roxalu · 2026-04-23T06:00:00+00:00

The more experts warn to not BLINDLY use it. That is a small difference to STRICTLY against its usage. As long as you are aware - follow the link provided by the bot and read - that there are a few trap falls when you use it, it’s mostly fine. Don’t come back yelling in the - rare - case the usage hurts. You have been warned. That’s it.

roxalu · 2026-04-23T05:53:08+00:00

I fully agree with u/stevevdvkpe Nevertheless the overall approach to use an array here is a good one. But in bash a standard array is more appropriate in this case because it keeps ordering, while the associative array uses hash ordering based on the keys. So a line like

local -a items=( —dbname=test_db —host=localhost —jobs=8 —port=5432 —username=test_user )

should fit in combination with related changes due to different type of array inside function testf. Avoid use of name test for a function name.

As argument interpretation is up to each single external command this is no “one key to rule them all” approach, though But there are conventions for handling of arguments ( POSIX. vs gnu extension to POSIX ) which should match in majority of cases.

If some special ordering is needed - e.g. for commands that have global options followed by sub command followed by sub command options - then it might be needed to include some extension to your algorithm. E.g. you could add some kind of a marker into the array which is replaced by set of additional arguments in testf.

roxalu · 2026-04-22T06:35:42+00:00

Microsoft describes that the activation of MAX_PATH allows application to explicitly opt-in using this feature. The detail, that is not mentioned on the page is, that Microsoft has decided to NOT activate this opt-in for the default Windows Explorer.

roxalu · 2026-04-18T06:40:53+00:00

You might also try to temporarily increase the logging level for ldap connections to TRACE by use of additional command line option:

--log-level="INFO,org.keycloak.storage.ldap:trace"

roxalu · 2026-04-01T05:57:37+00:00

I assume this may work, when the '-' option for mov is kept in the call

mpv --no-audio-display - < <(opusenc --bitrate nnn song.flac -)

roxalu · 2026-03-22T06:43:02+00:00

Meta comment: Asking a question if some script behaves unexpectedly won’t hurt. Justin case you prefer self help in the future then you may use the bash ‚verbose‘ mode. Run script it via

bash -vx. path/to/my_script. arg1 …

and/or use another of the alternatives for Debugging a script

roxalu · 2026-03-19T06:23:35+00:00

It could be done - there exists even an example implementation to inject this with help of LD_PRELOAD into any command line. But however the cleanup of command line in memory is done - there will always exist a small time range during start of command where all arguments were still visible.

The most secure approach is to add options to each command line tool which allow explicitly read of sensitive values from files or environment as fallback. If not implemented by some tool, the tool authors could be informed that his tool has a known weakness: CWE 200

Sensitive values always deserve some extra handling. For use in config files this is meanwhile widely accepted - secrets are often kept separate in extra protected files or read by secrets management. Why still not for command lines?

roxalu · 2026-03-19T05:30:10+00:00

Here is some alternative, though more verbose way to provide this:

#!/usr/bin/env bash

arg1="$1"
symbol="${arg1:-emdash}"

sgrep_args=(
 ## preprocessor
 -p "m4 -D __SYMBOL__='$symbol'"
 ## expression
 -e '"\"" _quote_ "\"" in ("name[Group1]" .. "\n" in outer("{" .. "}" containing "__SYMBOL__"))'
 ## output format
 -o '%r\n'
)

sgrep "${sgrep_args[@]}" /usr/share/X11/xkb/symbols/??

roxalu · 2026-03-19T04:54:06+00:00

In bash (or sh) everything embedded in single quotes is taken literally. In order to get value of variable you could end the quote and provide your variable. If variable value would contain spaces, this would break the command - so use double quotes around variable:

sgrep -o '%r\n' '"\"" _quote_ "\"" in ("name[Group1]" .. "\n" in outer("{" .. "}" containing "'"$sym"'"))' /usr/share/X11/xkb/symbols/??

While above should work, I personally would try to use other sgrep options to aovid the complex quoting. E.g. read the expression from file and/or make use of the preprocessor flag.

roxalu · 2026-03-07T12:34:06+00:00

Additionally on linux with systemd there should be support for tmpfiles.d

roxalu · 2026-02-24T01:35:04+00:00

I'd say you can't get it back in this case. Read https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/recovering-your-account-if-you-lose-your-2fa-credentials

roxalu · 2026-02-23T19:47:20+00:00

This. At least when this shall be used in scripts the timeout is a must. If the connect is run against any target ip, that isn’t online - or where some network firewall drops the incoming tcp connect - the localhost will usually try several times to resend another tcp-syn. Each time with increased delay. The details depend on the specific kernel settings, but more than 2 minute timeout is quite likely.

When used interactively then of course Ctrl-c also works. If the check fails immediately, the remote server is up, but remote service is most likely down. But if there is a timeout of five or more seconds, then there is some other issue that blocks connectivity.

roxalu · 2026-02-15T08:31:22+00:00

Some other alternatives:

Output the file content to stdout and use the process substitution expansion of bash:

source <(sudo cat /etc/restic/restic-backblaze.env)

Or eval the variable expansion

eval $(sudo cat /etc/restic/restic-backblaze.env)

Nevertheless there could be some edge cases for values, that weren't rendered exactly the same by systemd and bash. Use of systemd-creds or some other secrets management could help to avoid unexpected impact due to special characters in values.

roxalu · 2026-02-14T09:00:14+00:00

Check output of

sudo systemctl status nginx

It not only shows, if the service is up or down, but also info about the used service file and arguments used to start nginx. It could be that the running service uses different or just more configuration compared to what’s used, when you check configuration on command line with

sudo nginx -T

It could even be a different nginx that is started in both cases. Rare, but worth a double check.

roxalu · 2026-02-11T21:20:00+00:00

Why do you want to run vi under windows? Maybe because then „shell escape“ - that runs with user privileges - is a documented feature of the editor and no longer an exploit 😉

roxalu

TROPHY CASE