Chef-InSpec: Resources for windows OS - ruby

I'm just starting to learn Inspec. I'm wondering to know is there any resources for check installed the driver(e.x virtio-win) or kernel in windows?
or is that possible to looking in one directory and say that test.sys exists?

Check the docs. What you see is what you get. I have no idea how to query a running a Windows kernel for which modules are loaded but if you know how to do that you can probably use a command resource. Otherwise just check for files like normal.

I found that there are no resources for windows kernel. So, I just used driverquery to check the drivers.

Related

How can I remove the need of wpcap.dll in my go program?

I use gopacket in my program. on linux, it runs perfectly.
But on windows the whole program crashes if i did not install WinPcap before.
My plan was to check if WinPcap is installed, and if not to inform the user that he needs this to use 100% of all features.
But i dont come to this point. i cant use gopacket if WinPcap is not available. I mean... not a single line of code of it (=> crash)
Has anyone an idea how i can solve this? im do not need gopacket actually. My plan was, if it is installed, fine, super! If not, dont care... do other things.
But now i have 2 choices... remove gopacket totally or find a way to start my program without the need of wpcap.dll. at least to tell the user that he needs it.
Please help me :(
You're wrong in that you are «not [using] a single line of code of it»: it's not hard to see that
its Windows-specific code calls into winpcap.dll.
What is more fun, is that
its Unix-specific code calls into libpcap.so, and this means you have it working on your local system simply due to the fact you have libpcap package installed (or whatever it's named in your code).
All this means that currently your program is not really portable
anyway (I mean, in the sense you supposedly think it is portable).
You can run something like
$ ldd ./yourbinary
and see it printing a reference to libpcap.so of some version.
There are several ways to solve this.
The easiest is to just try shipping winpcap.dll with your binary. Windows by default looks for DLLs in the current directory of the application trying to load them. Since gopacket uses cgo, it means the winpcap.dll is attempted to be linked it at the application startup, so the application has no chance of changing its working directory before that library is attempted to be found and linked in.
A more complicated approach is to make (or obtain) a static version of the winpcap library (remember that DLL is a library, just a special form of it) and then jump around building gopacket so that it picks that static library.
Install Npcap in "Wpcap API compatibility mode".

Check OSX system

Im development an app for OSX that will check the status of a MAC. I would like check:
Memory in Hard Drive
Memory Ram
OS System...
Does anyone know how I can access these parameters?
Thanks for all!
Best Regards.
Apple's already written that app. It's called System Information.
There is a command-line version of the app, called system_profiler. You can make it print out the information in XML for easy parsing.
The simplest way to get lots of information about the Mac programmatically is by running system_profiler as a child process and parsing its output. You will want to look at using NSTask and NSXMLParser.

Mysterious, Native "A" Registry Key with Path: Registry\A

I recently wrote a native NT registry editor for Windows, and ran it on Windows 7. To my surprise, in addition to the two standard root keys, MACHINE and USER, that are present on Windows XP, there was also a mysterious key named "A", that cannot be opened in any way, whether by permission changes or backup privileges or otherwise:
Does anyone know what this key is for? I don't believe it's for any software, because it was there before I installed anything on the machine, and I believe I saw it on another fresh installation as well. It's rather very suspicious, and I'm curious as to why it's there. (If I'm curious enough, I might end up writing a driver to open it up without a privilege check, to see what happens!)
(I wasn't sure whether to put this on SuperUser or StackOverflow, since I think it could go in either one. I could be wrong, though; sorry if this isn't the appropriate place.)
Edit:
If forgot to say, I don't believe you can even see this key using the Win32 API, like RegOpenKey -- you have to use the native API like NtEnumerateKey instead.
Here is the comment from one of our driver writers: "DISCACHE.sys driver seems to be caching system file attributes and using \REGISTRY\A in an undocumented way. This driver is part of the kernel so it can load any hive wherever it wants."
Interesting...
The key indeed can be opened with a relative path, but not with an absolute path.
And it seems to contain information about all file systems and whatnot. Looks mysterious, indeed...

Remotely debug Linux Kernel from Windows?

I was wondering if anyone knew of a way to remotely debug the Linux kernel running under VMWare (and if so, if there's a way to do it in Windows since linux kind of scares me...). Both are x86. I know VMWare has support for this (I saw a post about remote debugging via gdb), but if there was a way to do it from Windows (i.e. Eclipse CDT or something) that'd be awesome.
Thanks!
-Robert
You're not going to debug the Linux kernel (particularly remotely) using anything but gdb with { kdb | kgdb } extensions in-kernel, unless you write your own debug hooks.
According to Linus, he would prefer if you do not use a kernel debugger, even on Linux. Good luck getting one to work from Windows :)
Granted, this posting is from several years ago. Maybe he has changed his mind since then???
There's a thread where someone got 95% of the way here: http://communities.vmware.com/thread/236251. The one part he's missing is that the source files can't be found, but CDT supports setting a source path different from the symbol file. A bit of messing around and it seems to be working (i.e. I can set breakpoints, see the entire address space, etc.)
I would recommend debugging one Linux VM from another linux VM, if you only have one machine running Windows available.
You're going to have enough difficulty just getting that working, without throwing in something that is as unsupported and untested as what you're currently asking for.

Open Default browser with Mono+gtk#

I need to open an url from my application, on both linux and windows and i want to avoid replacing an existing page on an open browser.
How do i call for it to open?
I know i can use
System.Diagnostics.Process.Start("http://mysite.com");
which should also work under linux, but this will replace any page shown on an already open browser window.
i found this article ( thx to Nissan Fan):
System.Diagnostics.Process.Start("http://mysite.com");
but this only works for windows and i need a solution that will work on both systems.
I think this is what you want:
System.Diagnostics.Process.Start ("xdg-open http://mysite.com");
This will only work on linux, but should work for all linux desktops. Like grombeestje said, you should probably implement it separately for Windows and linux.
i would suggest to check on what OS the app is running, and then implement it for each OS separately.
After searching through the Banshee source code I see that they use Gnome.Url.Show() (In gnome-sharp) to open the users default browser.
If that isn't possible for whatever reason, a couple of other ideas come to mind.
If the user is running Gnome there should be a program called "gnome-open" that should do the trick.
System.Diagnostics.Process.Start("gnome-open http://mysite.com");
And if that doesn't work I know that (at least) all Debian-based systems come with a script called sensible-browser.
System.Diagnostics.Process.Start("sensible-browser http://mysite.com");

Resources