How it possible to determine encryption status of non APFS volume?
For root disk it possible to use fdesetup status.
For other APFS volumes it possible to extract from diskutil info -all and check field FileVault.
But when I create a new volume by using "Disk Utility" it allow me to create "Mac Os Extended (Journaled)" and encrypt it with AES 128 or 256 but.
How may I get encryption status via terminal for such type volumes?
Following on from your comment, you will need to provide more information if hdiutil does not work for you: macOS version, type of disk image, format of disk image, how you reading the result, etc. With those details someone maybe able to help you.
hdiutil has been tested on High Sierra and Catalina with two images, 128 which is encrypted with AES128, and 256 encrypted with AES256, both HFS+. The result on Catalina:
% hdiutil info
framework : 559.100.2
driver : 559.100.2
images : 2
================================================
image-path : /Users/jacksprat/Desktop/256.dmg
image-alias : /Users/jacksprat/Desktop/256.dmg
shadow-path : <none>
icon-path : /System/Library/PrivateFrameworks/DiskImages.framework/Resources/CDiskImage.icns
image-type : read/write
system-image : false
blockcount : 195353
blocksize : 512
writeable : TRUE
autodiskmount : TRUE
removable : TRUE
image-encrypted : TRUE
mounting user : jacksprat
mounting mode : -rwx------
process ID : 2069
/dev/disk2 GUID_partition_scheme
/dev/disk2s1 48465300-0000-11AA-AA11-00306543ECAC /Volumes/256
================================================
image-path : /Users/jacksprat/Desktop/128.dmg
image-alias : /Users/jacksprat/Desktop/128.dmg
shadow-path : <none>
icon-path : /System/Library/PrivateFrameworks/DiskImages.framework/Resources/CDiskImage.icns
image-type : read/write
system-image : false
blockcount : 195353
blocksize : 512
writeable : TRUE
autodiskmount : TRUE
removable : TRUE
image-encrypted : TRUE
mounting user : jacksprat
mounting mode : -rwx------
process ID : 2068
/dev/disk3 GUID_partition_scheme
/dev/disk3s1 48465300-0000-11AA-AA11-00306543ECAC /Volumes/128
Both disks have image-encrypted : TRUE.
Related
I'm trying to use PowerShell to extra a private key from a certificate stored in the personal store. Most of the tools seem related to Local Machine certificates and are not working, and I hit on the steps in this post: https://hope.mx/2019/recovering-a-certificate-where-the-private-key-is-marked-as-non-exportable/
I tried to use those steps:
PS Cert:\CurrentUser\My> $a = Get-Item Cert:\CurrentUser\My\A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0
PS Cert:\CurrentUser\My> $a.PrivateKey.CspKeyContainerInfo
MachineKeyStore : False
ProviderName : eToken Base Cryptographic Provider
ProviderType : 1
KeyContainerName : te-cd6cd72c-da9c-4862-b02d-419e7ac19123
UniqueKeyContainerName : te-cd6cd72c-da9c-4862-b02d-419e7ac19123
KeyNumber : Exchange
Exportable : False
HardwareDevice : True
Removable : True
Accessible : True
Protected : True
CryptoKeySecurity :
RandomlyGenerated : False
It was my understanding that I should be able to find that file under C:\ProgramData\Microsoft\Crypto\RSA, but it is not there and in fact none of the files in the RSA directories even start with "te-"
Does that value really represent the name of the private key file someplace in the system? If so, where?
I am using SWUpdate to install updates to my Avnger96 board using A+B(dual copy) scheme. I am integrating SWUpdate with Yocto. But while installing updates locally using command line parameters, installation fails with error:
Trying to update with CLI swupdate -H dh-stm32mp1-dhcor-avenger96:1.0 -e stable,copy2 -v -i /tmp/avenger96-swu-v1-dh-stm32mp1-dhcor-avenger96-20220222133501.swu -k /etc/swupdate/swupdate-public.pem
[INFO ] : SWUPDATE started : Software Update started !
[TRACE] : SWUPDATE running : [network_initializer] : Software update started
[TRACE] : SWUPDATE running : [extract_file_to_tmp] : Found file
[TRACE] : SWUPDATE running : [extract_file_to_tmp] : filename sw-description
[TRACE] : SWUPDATE running : [extract_file_to_tmp] : size 1716
[TRACE] : SWUPDATE running : [extract_file_to_tmp] : Found file
[TRACE] : SWUPDATE running : [extract_file_to_tmp] : filename sw-description.sig
[TRACE] : SWUPDATE running : [extract_file_to_tmp] : size 256
[TRACE] : SWUPDATE running : [swupdate_verify_file] : Verify signed image: Read 1716 bytes
[TRACE] : SWUPDATE running : [swupdate_verify_file] : Verified OK
[TRACE] : SWUPDATE running : [get_common_fields] : Version 0.1.0
[TRACE] : SWUPDATE running : [parse_hw_compatibility] : Accepted Hw Revision : 1.0
[TRACE] : SWUPDATE running : [_parse_images] : Found compressed Image: core-image-minimal-dh-stm32mp1-dhcor-avenger96.ext4.gz in device : /dev/mmcblk0p5 for handler raw
[TRACE] : SWUPDATE running : [_parse_bootloader] : Bootloader var: rootfspart = 5
[TRACE] : SWUPDATE running : [check_hw_compatibility] : Hardware dh-stm32mp1-dhcor-avenger96 Revision: 1.0
[TRACE] : SWUPDATE running : [check_hw_compatibility] : Hardware compatibility verified
[TRACE] : SWUPDATE running : [extract_files] : Found file
[TRACE] : SWUPDATE running : [extract_files] : filename core-image-minimal-dh-stm32mp1-dhcor-avenger96.ext4.gz
[TRACE] : SWUPDATE running : [extract_files] : size 232476044 required
[ERROR] : SWUPDATE failed [0] ERROR : HASH mismatch : 24e9e0e03c5f6efbeb20c6b5da53841c04b9580e8409fa11d5f6307886127576 <--> 4ac608927345a1cdb725f018e20ce54c2840b1012917dffafdc85fe95dc26b14
[ERROR] : SWUPDATE failed [1] Image invalid or corrupted. Not installing ...
[TRACE] : SWUPDATE running : [network_initializer] : Main thread sleep again !
[INFO ] : No SWUPDATE running : Waiting for requests...
[INFO ] : SWUPDATE running : [endupdate] : Swupdate *failed* !
The sw-description is as follows:
software =
{
version = "0.1.0";
dh-stm32mp1-dhcor-avenger96 = {
hardware-compatibility: ["1.0"];
stable : {
copy1 : {
images: ({
filename = "core-image-minimal-dh-stm32mp1-dhcor-avenger96.ext4.gz";
sha256 = "#core-image-minimal-dh-stm32mp1-dhcor-avenger96.ext4.gz";
type = "raw";
compressed = "zlib";
device = "/dev/mmcblk0p4";
});
bootenv: (
{
name = "rootfspart";
value = "4";
},
);
};
copy2 : {
images: ({
filename = "core-image-minimal-dh-stm32mp1-dhcor-avenger96.ext4.gz";
sha256 = "#core-image-minimal-dh-stm32mp1-dhcor-avenger96.ext4.gz";
type = "raw";
compressed = "zlib";
device = "/dev/mmcblk0p5";
});
bootenv: (
{
name = "rootfspart";
value = "5";
},
);
};
};
}
}
I have set "Enable Verification of Signed Images" in menuconfig.
And also i have a question regarding installed rootfs on my device. Currently device is booted with /dev/mmcblk0p4, but I could see in linux user space rootfsB is also mounted(/dev/mmcblk0p5). I am using .wks file from Yocto to build dual partition scheme.
.
.
part / --source rootfs --ondisk mmcblk0 --fstype=ext4 --label root_A --part-name "rootfs_A" --align 4096 --use-uuid --active
part /rootfsB --source rootfs --ondisk mmcblk0 --fstype=ext4 --label root_B --part-name "rootfs_B" --align 4096 --use-uuid
bootloader --ptable gpt
I am not sure why this is happening and is this expected behavior?
Can anyone please let me know what is the issue regarding SWUpdate and how to resolve it?
Your help will be much appreciated.
Thanks in advance.
P.S: Please let me know if any info is missing here.
I seems that the way your hashes are generated in the sw-description file differs from the way they are generated on your target device.
Could be: this bug, maybe you can update your swupdate version?
It seems like you are autogenerating the hashes using the meta-swupdate layer, have you tried generating them manually and tested if that works?
I'm trying to figure out Windows update management via MDM (https://learn.microsoft.com/en-us/windows/client-management/mdm/device-update-management) and I would like to show installed and installable updates details for clients.
So following this guide, I'm getting installed/installable/... update GUIDs from the client using Update-CSP, then try to query GUID from sws.update.microsoft.com to get the metadata.
The problem is, the client is reporting update GUIDs that cannot be found in sws.update.microsoft.com. For example the device returns an update id: "1f36097b-e8c9-41a3-bcc3-baae597f692d" as an installed update.
When I query this Using GetUpdateData, it doesn't exists.
I queried installed updated on the client and found the detail:
PS C:\Windows\system32> $session.CreateUpdateSearcher().Search("UpdateID='1f36097b-e8c9-41a3-bcc3-baae597f692d'").Updates
Title : 2021-09 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5005565)
AutoSelectOnWebSites : True
BundledUpdates : System.__ComObject
CanRequireSource : False
Categories : System.__ComObject
Deadline :
DeltaCompressedContentAvailable : True
DeltaCompressedContentPreferred : True
Description : Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer.
EulaAccepted : True
EulaText :
HandlerID : http://schemas.microsoft.com/msus/2016/01/UpdateHandlers/OSInstaller
Identity : System.__ComObject
Image :
InstallationBehavior : System.__ComObject
IsBeta : False
IsDownloaded : True
IsHidden : False
IsInstalled : True
IsMandatory : False
IsUninstallable : False
Languages : System.__ComObject
LastDeploymentChangeTime : 9/14/2021 12:00:00 AM
MaxDownloadSize : 110963910278
MinDownloadSize : 0
MoreInfoUrls : System.__ComObject
MsrcSeverity :
RecommendedCpuSpeed : 0
RecommendedHardDiskSpace : 0
RecommendedMemory : 0
ReleaseNotes :
SecurityBulletinIDs : System.__ComObject
SupersededUpdateIDs : System.__ComObject
SupportUrl : https://support.microsoft.com/help/5005565
Type : 1
UninstallationNotes :
UninstallationBehavior :
UninstallationSteps : System.__ComObject
KBArticleIDs : System.__ComObject
DeploymentAction : 1
DownloadPriority : 2
DownloadContents : System.__ComObject
RebootRequired : False
IsPresent : True
CveIDs : System.__ComObject
BrowseOnly : False
PerUser : False
AutoSelection : 1
AutoDownload : 2
But when I look up this update by its name or KB article, I find the correct update id is: 9a11c8f1-525f-4088-8fb7-33d7b56dd6dc
catalog page
I'm not sure why client reports an incorrect (or deprecated?) update id.
Is there a way to make client to correct it?
I run elasticsearch on a digital ocean server and I am short on disk space. So I added a additional volume with 3Gb.
/dev/vda1 59G 47G 9.6G 83% /
/dev/sda 100G 0G 100G 0% /mnt/volume2
on index in my elasticsearch database is quite large
test-index 0 p STARTED 27240256 83.3gb 127.0.0.1 h3awYIM
is it possible to store the elasticsearch data in two volumes?
/var/www# curl -XGET 'localhost:9200'
{
"name" : "WU6cQ-o",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "hKc147QfQqCefLliStLNtw",
"version" : {
"number" : "5.1.1",
"build_hash" : "5395e21",
"build_date" : "2016-12-06T12:36:15.409Z",
"build_snapshot" : false,
"lucene_version" : "6.3.0"
},
"tagline" : "You Know, for Search"
}
EDIT:
Following the suggestion by Val below I provided es with a path.data flag like
-Epath.data=/var/lib/elasticsearch,/mnt/volume2/es_data
this seems to work fine
Yes, you can definitely store your index data in multiple storage locations. Simply open your elasticsearch.yml configuration file and modify the path.data setting to include all the volumes where you want to store data.
In your case, it should look like this (your paths may vary):
path:
data:
- /var/data/elasticsearch
- /mnt/volume2/data/elasticsearch
You'll need to restart ES in order for this change to take effect.
Has anybody ever used Powershell to access the getbinarytype function in the win32 api? I am having some difficulty with it.
Does WMI Win32_Product otherwise contain any information as to the binarytype of an installed software, Office 2010 Professional Plus for instance?
FYI, if you have the PowerShell Community Extensions module, you can use the Get-PEHeader command to get this info e.g.:
PS> Get-PEHeader 'C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE'
Type : PE32
LinkerVersion : 9.0
OperatingSystemVersion : 5.1
ImageVersion : 10.0
SubsystemVersion : 5.1
SizeOfCode : 8192
SizeOfInitializedData : 1408000
SizeOfUninitializedData : 0
AddressOfEntryPoint : 4348
BaseOfCode : 4096
BaseOfData : 16384
ImageBase : 805306368
SectionAlignment : 4096
FileAlignment : 512
Win32VersionValue : 0
SizeOfImage : 1429504
SizeOfHeaders : 1024
Checksum : 1424765
Subsystem : Windows
DllCharacteristics : 32832
SizeOfStackReserve : 1048576
SizeOfStackCommit : 4096
SizeOfHeapReserve : 1048576
SizeOfHeapCommit : 4096
LoaderFlags : 0