Ubuntu Wiki: AppArmor
apparmor.net Wiki
Ubuntu Security Team: AppArmor

SELinux User’s and Administrator’s Guide (PDF)

Wikipedia: SELinux
CentOS Wiki: SELinux
Introduction to SELinux: Don’t let complexity scare you off
Practical SELinux for the beginner: Contexts and labels

Security-Enhanced Linux – User Guide
2.1. Benefits of running SELinux
5.4.2. Disabling SELinux

TFTP

Problem

$ tftp 10.20.30.40 -c get /app-nand.bin
Error code 0: Permission denied

Solution

$ cd /var/lib/tftpboot
$ ls -alZ 
drwxrwxrwx. root root system_u:object_r:tftpdir_rw_t:s0 .
drwxr-xr-x. root root system_u:object_r:var_lib_t:s0   ..
-rwxrwxrwx. root root system_u:object_r:user_home_t:s0 app-nand.bin

$ cd ..
$ restorecon -Rv tftpboot
restorecon reset /var/lib/tftpboot/app-nand.bin context system_u:object_r:user_home_t:s0->system_u:object_r:tftpdir_rw_t:s0
restorecon set context /var/lib/tftpboot/app-nand.bin->system_u:object_r:tftpdir_rw_t:s0 failed:'Operation not permitted'

$ sudo restorecon -Rv tftpboot
restorecon reset /var/lib/tftpboot/app-nand.bin context system_u:object_r:user_home_t:s0->system_u:object_r:tftpdir_rw_t:s0

$ cd tftpboot
$ ls -alZ 
drwxrwxrwx. root root system_u:object_r:tftpdir_rw_t:s0 .
drwxr-xr-x. root root system_u:object_r:var_lib_t:s0   ..
-rwxrwxrwx. root root system_u:object_r:tftpdir_rw_t:s0 app-nand.bin

$ tftp 172.21.6.53 -c get /app-nand.bin
$

Configuration examples
SELinux Contexts – Labeling Files

Discretionary Access Control (DAC), bei allen Linux Systemen für Files/Directories
Role Based Access Control (RBAC), bei SELinux für Prozesse

$ ls -Z file1
-rw-rw-r--  user1  group1  unconfined_u:object_r:user_home_t:s0  file1
       DAC: <user> <group> <user>       <role>   <type>    <level>

[code]
$ cat /etc/selinux/targeted/contexts/files/file_contexts.homedirs
# User-specific file contexts, generated via libsemanage
# use semanage command to manage system users to change the file_context

# Home Context for user unconfined_u
/home/[^/]*/.+ unconfined_u:object_r:user_home_t:s0
/home/[^/]*/.maildir(/.*)? unconfined_u:object_r:mail_home_rw_t:s0
/home/[^/]* -d unconfined_u:object_r:user_home_dir_t:s0
/home/[^/]* -l unconfined_u:object_r:user_home_dir_t:s0
/home/[^/]*/abc — unconfined_u:object_r:mozilla_home_t:s0
/home/[^/]*/tmp -d unconfined_u:object_r:user_tmp_t:s0

$ system-config-selinux

$ yum install policycoreutils-devel
$ yum install policycoreutils-gui
$ sepolicy gui

$ usermod -a -G dialout andreas

$ strace gtkterm
[...]
stat("/var/lock/lockdev", {st_mode=S_IFDIR|0775, st_size=40, ...}) = 0
open("/var/lock/lockdev/LCK..ttyUSB0", O_RDONLY) = -1 ENOENT (No such file or directory)
umask(022)                              = 02
open("/var/lock/lockdev/LCK..ttyUSB0", O_WRONLY|O_CREAT|O_EXCL, 0666) = -1 EACCES (Permission denied)
write(2, "Cannot create lockfile: Permissi"..., 42Cannot create lockfile: Permission denied) = 42
[...]

$ usermod -a -G lock andreas

Chromebrew – The missing package manager for Chrome OS
How can I get a package manager on a Samsung Chromebook?

$ sudo apt-get install exfat-fuse exfat-utils

exFAT

Wikipedia: Unified Extensible Firmware Interface (UEFI)
Was ist UEFI?
UEFI – der BIOS-Nachfolger: Grundlagen und Hilfestellung
BIOS und UEFI: 8 Tipps, die Sie kennen sollten

GPT fdisk

GPT fdisk Tutorial
Converting to or from GPT

Windows Conversion

How to move an existing installation of Window 7 64bit to UEFI (from legacy)
Converting Windows BIOS installation to UEFI
How to convert Windows 7 on MBR/BIOS to GPT/UEFI

GEOM is the main storage framework for the FreeBSD operating system. It is available in FreeBSD 5.0 and higher and provides a standardized way to access storage layers. GEOM is modular and allows for geom modules to connect to the framework.

Wikipedia: GEOM
FreeBSD Handbook: GEOM: Modular Disk Transformation Framework

# fdisk /dev/da1
******* Working on device /dev/da1 *******
parameters extracted from in-core disklabel are:
cylinders=3892 heads=255 sectors/track=63 (16065 blks/cyl)

Figures below won't work with BIOS for partitions not in cyl 1
parameters to be used for BIOS calculations are:
cylinders=3892 heads=255 sectors/track=63 (16065 blks/cyl)

Media sector size is 512
Warning: BIOS sector numbering starts with sector 1
Information from DOS bootblock is:
The data for partition 1 is:
sysid 12 (0x0c),(DOS or Windows 95 with 32 bit FAT (LBA))
    start 32, size 62530592 (30532 Meg), flag 80 (active)
        beg: cyl 0/ head 0/ sector 33;
        end: cyl 1023/ head 254/ sector 63
The data for partition 2 is:
<UNUSED>
The data for partition 3 is:
<UNUSED>
The data for partition 4 is:
<UNUSED>

# gpart show
=>      34  29323661  ada0  GPT  (14G)
        34       128     1  freebsd-boot  (64K)
       162  27262848     2  freebsd-ufs  (13G)
  27263010   1466368     3  freebsd-swap  (716M)
  28729378    594317        - free -  (290M)

=>       1  62533295  da1  MBR  (30G)
         1        31       - free -  (16K)
        32  62530592    1  !12  [active]  (30G)
  62530624      2672       - free -  (1.3M)

=>       1  62533295  diskid/DISK-AA010922140523382836  MBR  (30G)
         1        31                                    - free -  (16K)
        32  62530592                                 1  !12  [active]  (30G)
  62530624      2672                                    - free -  (1.3M)

ar - create, modify, and extract from archives
ranlib - generate index to archive
nm - list symbols from object files

$ ar -r libmine.a mine.o yours.o
$ ranlib libmine.a
or
$ ar -s -r libmine.a mine.o yours.o

32-bit/64-bit Problem

ranlib /home/andreas/src/software/lib/libCompany.xa
g++ -L/home/andreas/src/software/lib -m32 -lpthread -lrt  -ldl -shared -o /home/andreas/src/software/lib/libCompany.so -Wl,-whole-archive /home/andreas/src/software/lib/libCompany.xa -Wl,-no-whole-archive
/usr/bin/ld: cannot find crti.o: No such file or directory
/usr/bin/ld: skipping incompatible /usr/lib64/libpthread.so when searching for -lpthread
/usr/bin/ld: cannot find -lpthread
/usr/bin/ld: skipping incompatible /usr/lib64/librt.so when searching for -lrt
/usr/bin/ld: cannot find -lrt
/usr/bin/ld: skipping incompatible /usr/lib64/libdl.so when searching for -ldl
/usr/bin/ld: cannot find -ldl
/usr/bin/ld: skipping incompatible /usr/lib64/libm.so when searching for -lm
/usr/bin/ld: cannot find -lm
/usr/bin/ld: skipping incompatible /usr/lib64/libc.so when searching for -lc
/usr/bin/ld: cannot find -lc
/usr/bin/ld: cannot find crtn.o: No such file or directory
collect2: error: ld returned 1 exit status
make[1]: *** [/home/andreas/src/software/lib/libCompany.so] Error 1
make: *** [/home/andreas/src/software/common/ipc] Error 2

-Wl,option
Pass option as an option to the linker. If option contains commas,
it is split into multiple options at the commas. You can use thi
syntax to pass an argument to the option.
For example, -Wl,-Map,output.map passes -Map output.map to the linker.
When using the GNU linker, you can also get the same effect
with `-Wl,-Map=output.map'.

--whole-archive
For each archive mentioned on the command line after the
`--whole-archive' option, include every object file in the archive
in the link, rather than searching the archive for the required
object files. This is normally used to turn an archive file into
a shared library, forcing every object to be included in the
resulting shared library. This option may be used more than once.

ranlib /home/andreas/src/software/lib/libCompany.xa
g++ -L/home/andreas/src/software/lib -L/home/andreas/src/software/lib -m32 -lpthread -lrt  -ldl -shared -o /home/andreas/src/software/lib/libCompany.so -Wl,-whole-archive /home/andreas/src/software/lib/libCompany.xa -Wl,-no-whole-archive
/usr/bin/ld: i386:x86-64 architecture of input file `/home/andreas/src/software/lib/libCompany.xa(Ipc.xo)' is incompatible with i386 output
/usr/bin/ld: i386:x86-64 architecture of input file `/home/andreas/src/software/lib/libCompany.xa(IpcEndpoint.xo)' is incompatible with i386 output
/usr/bin/ld: i386:x86-64 architecture of input file `/home/andreas/src/software/lib/libCompany.xa(IpcSock.xo)' is incompatible with i386 output
/usr/bin/ld: i386:x86-64 architecture of input file `/home/andreas/src/software/lib/libCompany.xa(IpcBaseTransport.xo)' is incompatible with i386 output
/usr/bin/ld: i386:x86-64 architecture of input file `/home/andreas/src/software/lib/libCompany.xa(IpcFifoTransport.xo)' is incompatible with i386 output
/usr/bin/ld: i386:x86-64 architecture of input file `/home/andreas/src/software/lib/libCompany.xa(IpcMsgQTransport.xo)' is incompatible with i386 output
/usr/bin/ld: i386:x86-64 architecture of input file `/home/andreas/src/software/lib/libCompany.xa(IpcUdpTransport.xo)' is incompatible with i386 output
/usr/bin/ld: i386:x86-64 architecture of input file `/home/andreas/src/software/lib/libCompany.xa(IpcRelUdpTransport.xo)' is incompatible with i386 output
/usr/bin/ld: i386:x86-64 architecture of input file `/home/andreas/src/software/lib/libCompany.xa(IpcTcpTransport.xo)' is incompatible with i386 output
/usr/bin/ld: i386:x86-64 architecture of input file `/home/andreas/src/software/lib/libCompany.xa(IpcTransportInfo.xo)' is incompatible with i386 output
/usr/bin/ld: i386:x86-64 architecture of input file `/home/andreas/src/software/lib/libCompany.xa(IpcStatus.xo)' is incompatible with i386 output
/usr/bin/ld: i386:x86-64 architecture of input file `/home/andreas/src/software/lib/libCompany.xa(IpcTimer.xo)' is incompatible with i386 output
/usr/bin/ld: i386:x86-64 architecture of input file `/home/andreas/src/software/lib/libCompany.xa(IpcMonotonicTime.xo)' is incompatible with i386 output
/usr/bin/ld: i386:x86-64 architecture of input file `/home/andreas/src/software/lib/libCompany.xa(IpcHeader.xo)' is incompatible with i386 output
/usr/bin/ld: i386:x86-64 architecture of input file `/home/andreas/src/software/lib/libCompany.xa(IpcLog.xo)' is incompatible with i386 output
/usr/bin/ld: i386:x86-64 architecture of input file `/home/andreas/src/software/lib/libCompany.xa(IpcGuard.xo)' is incompatible with i386 output

• LogCat
• android-ndk
• NDK
• AVD
• Dalvik VM
• arm-linux-androideabi-addr2line

Building Your First App

KVM

$ sudo apt-get install cpu-checker
[...]
The following NEW packages will be installed:
  cpu-checker msr-tools
[...]

$ sudo /usr/sbin/kvm-ok
INFO: /dev/kvm does not exist
HINT:   sudo modprobe kvm_intel
INFO: Your CPU supports KVM extensions
INFO: KVM (vmx) is disabled by your BIOS
HINT: Enter your BIOS setup and enable Virtualization Technology (VT),
      and then hard poweroff/poweron your system
KVM acceleration can NOT be used

=== BIOS: Enable Virtualization Technology (VT) ===

$ sudo /usr/sbin/kvm-ok
INFO: /dev/kvm exists
KVM acceleration can be used

KVM, Kernel-based Virtual Machine
kvm
KVM – Introduction

/dev/kvm is not found on Ubuntu 14.04
KVM is not installed on this machine (/dev/kvm is missing)

Training

Developers Training – Getting Started
Android Graphics
Android UI Internal : UI Composition with SurfaceFlinger

Crash Report

How to use addr2line in Android
How to get Crash Point in Java code

Install

Build and Run Your App
Android Debug Bridge (adb)
Apk location in New Android Studio

C:\msys64\home\bachman0\BA18_loma_3_Android_Application\app\build\outputs\apk\debug
C:\Users\bachman0\AppData\Local\Android\Sdk\platform-tools

/c/msys64/home/bachman0/BA18_loma_3_Android_Application/app/build/outputs/apk/debug
/c/Users/bachman0/AppData/Local/Android/Sdk/platform-tools

How to install apps outside of Google Play
How to Install APK Files on Android
How to install APK from PC?

Microsoft Exchange 2010 Visio Stencil
New Office Visio Stencil
Active Directory Visio Stencils 2013 – Directory Services Visio Stencils
VisioCafe Visio Stencil Downloads