Category Archives: sysadmin

Computer, sysadmin, Win10, Windows

The Ultimate Guide to Robocopy

Common Robocopy Syntax Reference

Why such a long blog post on a single utility? Just feast your eyes on the tables below. You have a lot of options to copy or move files with robocopy! You will more options in the individual sections.

These tables were built from the help syntax returned from robocopy /?. They’ve been broken up into more meaningful sections, added to over time and cleaned up to provide more useful info.

Source Options
Switch Explanation Default Behavior Equivalent Switch Notes
/S Copy subfolders
/E Copy subfolders including empty subfolders
/COPY:[DATSOU] Copy options /COPY:DAT D=Data, A=Attributes, T=Timestamps S=Security=NTFS ACLs, O=Owner info, U=aUditing info. File Data (D) always includes file Timestamps (T)
/SEC Copy files with SECurity /COPY:DATS
/DCOPY:T Copy directory timestamps
/COPYALL Copy ALL file info /COPY:DATSOU This will prevent dehydrating offline files and will instead copy the file’s tag (on emc VNX/Unity systems at least). This is not officially documented! If dehydration is what you need (reason i found this issue), you can’t copy the ACLs along your files. CREDIT: Monsieurx (Reddit)
/NOCOPY Copy NO file info useful with /PURGE
/A Copy only files with the Archive attribute set
/M like /A, but remove Archive attribute from source files
/LEV:n Only copy the top n LEVels of the source tree
/MAXAGE:n MAXimum file AGE – exclude files older than n days/date
/MINAGE:n MINimum file AGE – exclude files newer than n days/date If n < 1900 then n = no of days, else n = YYYYMMDD date
/FFT Assume FAT File Times 2-second date/time granularity. This replaces NTFS timestamps. Seems to be more reliable when transferring over a network.
/256 Turn off very long path (> 256 characters) support

Destination Options
Switch Explanation Default Behavior Equivalent Switch Notes
/A+:[RASHCNET] Set file attribute(s) on destination files + add
/A-:[RASHCNET] Remove file attribute(s) on destination files
/FAT Create destination files using 8.3 FAT file names only
/CREATE Create directory tree structure + zero-length files only
/DST Compensate for one-hour DST time differences

Copy Options
Switch Explanation Default Behavior Equivalent Switch Notes
/L List files only Don’t copy, timestamp or delete any files
/MOV Move files Delete from source after copying
/MOVE Move files and directories Delete from source after copying
/sl Copy file symbolic links instead of the target
/Z Copy files in restartable mode Survive a network glitch
/B Copy files in backup mode
/J Copy using unbuffered I/O Recommended for large files
/NOOFFLOAD Copy files without using the Windows copy offload mechanism https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831628(v=ws.11)
/EFSRAW Copy any encrypted files using EFS RAW mode
/TIMFIX Fix file times on all files, even skipped files
/XO Exclude older if destination file exists and is the same date or newer than the source – don’t bother to overwrite it.
/XC Exclude changed files
/XN Exclude newer files
/XX Exclude files present in destination but not source /XX
/XF file [file]… Exclude files matching given names/paths/wildcards
/XD dirs [dirs]… Exclude directories matching given names/paths. /XF and /XD can be used in combination e.g. ROBOCOPY c:\source d:\dest /XF *.doc *.xls /XD c:\unwanted /S
/IA:[RASHCNETO] Include files with any of the given attributes
/XA:[RASHCNETO] Exclude files with any of the given attributes
/IS Overwrite files even if they are already the same
/IT Include tweaked files
/XJ Exclude junction points from source /XJ
/XJD Exclude junction points from source directories
/XJF Exclude junction points from source files
/MAX:n Exclude files bigger than n bytes
/MIN:n Exclude files smaller than n bytes
/MAXLAD:n Exclude files unused since n
/MINLAD:n Exclude files used since n If n < 1900 then n = n days, else n = YYYYMMDD date
/MIR Mirror a directory tree /PURGE /E
/PURGE Delete dest files/folders that no longer exist in source
/XL Exclude files present in source but not destination
/SECFIX Robocopy /secfix fixes file security on all files, even skipped files. Specify the type of security information you want to copy by also using one of these options: /COPYALL /COPY:O /COPY:S /COPY:U /SEC
/ZB Use restartable mode; if access denied use Backup mode

Monitoring Options
Switch Explanation Default Behavior Equivalent Switch Notes
/R:n Number of retries on failed copies /R:1000000 Always try to set this option. I recommend setting this to 10-20 to not waste time retrying.
/W:n Wait time between retries /W:30 Always try to set this option to a lower number to retry more quickly. I suggest 5-10.
/REG Save /R:n and /W:n in the Windows registry as default settings
/RH:hhmm-hhmm times when new copies can be started
/TBD Wait for sharenames to be defined retry error 67
/PF Check run hours on a per file (not per pass) basis
/MON:n Run again when more than n changes seen
/MOT:m Run again in m minutes, if changed

Source: The Ultimate Guide to Robocopy

sysadmin, wordpress

How to hide Send Private Message and Send Public Message – BuddyPress User | https://buddyuser.com/

How to Hide Send Private Message and Send Public Message from the members profile view

Sometimes it becomes prudent to make it more difficult for site members to email other members, for example where you are suffering from spammers.

Where to put code Snippets

Code Snippets for BuddyPress can typically be placed in two locations:

/wp-content/themes/yourchildtheme/functions.php

/wp-content/plugins/bp-custom.php

The preference is to create a bp-custom.php file, since this is independent of the theme you happen to be using.

The code snippet must be wrapped in  <?php  and ?> tags in order to tell you server that it is to run the code as PHP.

Remove “Send Private Message” from users who are not friends of the member whose profile they are viewing
1
2
3
4
5
6
7

add_filter( 'bp_get_send_message_button', function( $array ) {
    if ( friends_check_friendship( bp_loggedin_user_id(), bp_displayed_user_id() ) ) {
        return $array;
    } else {
        return '';
    }
} );
Remove “Send Public Message” from users who are not friends of the member whose profile they are viewing
1
2
3
4
5
6
7
8

add_filter( 'bp_get_send_public_message_button', function( $r ) {
    if ( friends_check_friendship( bp_loggedin_user_id(), bp_displayed_user_id() ) ) {
        return $r;
    } else {
        $r['component'] = '';
        return $r;
    }
} );

These code snippets were originally posted by Henry Wright in the BuddyPress Forums:
https://buddypress.org/support/topic/disable-or-hide-private-message-button/

Source: How to hide Send Private Message and Send Public Message – BuddyPress User | https://buddyuser.com/

Software, sysadmin

Turn Off Updates • mozillaZine Forums

Here is the policies documentation.

Manage updates, policies & customization
http://support.mozilla.org/en-US/produc … enterprise

Customizing Firefox Using policies.json
http://support.mozilla.org/en-US/kb/cus … liciesjson

Create a folder called distribution where the firefox.exe is located and place the policies.json file there.

CODE: SELECT ALL
{
"policies": {
"DisableAppUpdate": true
}
}

Customizing Firefox Using Group Policy
http://support.mozilla.org/en-US/kb/cus … cy-windows

Local Group Policy Editor (gpedit.msc) is not available in Home versions of Windows 7, 8 or 10.

How to stop Firefox from showing the update nag screen?
http://superuser.com/questions/1407844

Enterprise Policies
http://klaus-hartnegg.de/gpo/2018-05-26-Firefox-Policies.html

Enterprise Policy Generator
http://addons.mozilla.org/firefox/addon/976971

I never tried the Enterprise Policy Generator addon.

policies.json being removed on browser updates via setup.exe (wontfix)
http://bugzilla.mozilla.org/show_bug.cgi?id=1502188

P.S.

I got the DisableAppUpdate policy working with the policies.json file in Firefox Portable 71.0 32-bit.

* C:\FirefoxPortable\App\Firefox\distribution\policies.json

However, I had to remove the following registry keys before I got it working.

* HKEY_CURRENT_USER\Software\Policies\Mozilla
* HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla

Here is how to test if the DisableAppUpdate policy is working.

Test DisableAppUpdate policy: viewtopic.php?p=14848020#p14848020

Source: Turn Off Updates • mozillaZine Forums

Software, sysadmin

Mozilla Enterprise Policies for Firefox and Thunderbird

Impressum

The Mozilla Enterprise Policies for Firefox (and Thunderbird)

This feature is meant to help enterprise admins, who deploy Firefox as software package to computers in their organization.

Versions

Policies were first added in Firefox 60, and back then were purely optional.

In Firefox 68 some settings from autoconfig stopped working (for example the option to disable automatic updates), thus it became necessary to at least partially switch to policies.

Thunderbird started to implement policies in version 68, and at the same time also stopped respecting some of the autoconfig options.

Overview

The Enterprise Policy feature provides two new ways to configure Firefox (besides the old autoconfig aka mozilla.cfg):

  • Windows Group Policy Objects (GPO)
  • A config file named policies.json

Interactions:

  • If any policies are set with GPO, the json file is ignored.
  • If autoconfig (old) and policies (new) provide conflicting settings, policies win.

Requirements:

  • Firefox version 60 or later.
  • Thunderbird version 68 or later.
  • In Windows some policies work only if you have either Firefox ESR or domain-joined PCs.
    (It is currently unclear how Firefox detects the domain membership, and whether it must be an Active Directory domain)

Howto use the admx templates (for GPO)

Firefox

  1. Copy firefox.admx to C:\Windows\PolicyDefinitions
  2. Copy firefox.adml to C:\Windows\PolicyDefinitions\en-US
  3. Run <class=”tt”>gpedit.msc or <class=”tt”>RSAT (Remote Server Administration Tools), and open Computer Configuration, Administrative Templates, Firefox.</class=”tt”></class=”tt”>

Thunderbird

Some of the Firefox policies also work in Thunderbird.

There are official (but non-functioning) admx-templates on https://github.com/thundernest/policy-templates. They are just a clone of the templates for Firefox, and thus do not have an effect on Thunderbird.

Inofficial templates are on https://github.com/drlellinger/thunderbird-policies (announced here), and they acually work.

  1. Copy thunderbird.admx to C:\Windows\PolicyDefinitions
  2. Copy thunderbird.adml to C:\Windows\PolicyDefinitions\en-US
  3. Run <class=”tt”>gpedit.msc or <class=”tt”>RSAT (Remote Server Administration Tools), and open Computer Configuration, Administrative Templates, Thunderbird.</class=”tt”></class=”tt”>

You can also copy registry keys from Firefox and rename them. For example this one works:

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\Thunderbird]
"DisableAppUpdate"=dword:00000001

Howto use create the json file (alternative for GPO)

The currently supported policies are listed here. New policies are added with every version, and so far all new policies are available both in the latest RR (Rapid Release), and in the latest ESR (Extended Service Release).

Multiple policies must be separated with commas. Multiple options to one policy must be placed in curly brackets, and separated with commas.

Generator addon was published (german). More info.

The json file must be placed in a subdirectory named distribution in the program directory. In Windows the path will be something like
C:\Program Files\Mozilla Firefox\distribution\policies.json
This directory does usually not yet exist, you must create it.

Sample file:

{
 "policies": {
    "DisableAppUpdate": true,
    "DisableBuiltinPDFViewer": true,
    "DisableFirefoxAccounts": true,
    "DisableFirefoxStudies": true,
    "DisablePocket": true,
    "DisableProfileRefresh": true,
    "DisableTelemetry": true,
    "DontCheckDefaultBrowser": true,
    "EnableTrackingProtection": { "Value": true, "Locked": false },
    "Proxy": { "Mode": "none", "Locked": false },
    "SearchBar": "separate"
  }
}

Errors in the file are reported on the page “about:policies”, but this feature needs at least Firefox version 63. This is the typical way how Mozilla develops new feature: publish it long before its ready.

Howto not document a feature

Mozilla has created this labyrinth:

It seems that Github is now the official place for documentation. But even there a lot of info is missing. For example that this is supposed to replace autoconfig. And that in Windows several of these options only work if either the ESR version is used, or the PCs are members of a Windows Domain. Also how do the two methods relate to each other and to autoconfig: which one does take precedence?

Lets hope that eventually Mozilla will write some decent documentation for this new feature.

No, I’m not gonna read the source to extract infos from there.

Changelog:

  • 2018-10-22 Thunderbird
  • 2018-09-17 corrected directory, add interactions, add sample
  • 2018-05-31 cleanup
  • 2018-05-30 add howto use the admx templates, and links to generator and source.
  • 2018-05-25 new

Impressum

Source: Mozilla Enterprise Policies for Firefox and Thunderbird

Browser, Computer, Software, sysadmin

mod_rewrite Cheat Sheet by DaveChild

A mod_rewrite Cheat Sheet – a quick reference guide for mod_rewrite, with rewrite flags, regular expression syntax and sample rules.

mod_re­write Tutorials

mod_re­write Rewrit­eRule Flags

C
Chained with next rule
CO=cookie
Set specified cookie
E=var:­value
Set enviro­nmental variable “var” to “value”
F
Forbidden (403 header)
G
Gone – no longer exists
H=handler
Set handler
L
Last – stop processing rules
N
Next – continue processing
NC
Case insens­itive
NE
Do not escape output
NS
Ignore if subrequest
P
Proxy
PT
Pass through
R[=code]
Redirect to new URL, with optional code (see below)
QSA
Append query string
S=x
Skip next x rules
T=mime­-type
Set mime type

mod_re­write Rewrit­eCond Flags

NC
Case insens­itive
OR
Combine with next rule using ‘OR’ instead of the default of ‘AND’

Redire­ction Header Codes

301
Moved perman­ently
302
Moved tempor­arily (default)

mod_re­write Directives

Rewrit­eEngine
RewriteMap
Rewrit­eOp­tions
Rewrit­eBase
RewriteLog
Rewrit­eCond
Rewrit­eLo­gLevel
Rewrit­eRule
Rewrit­eLock

Regular Expres­sions Syntax

^
Start of string
$
End of string
.
Any single character
(a|b)
a or b
(…)
Group section
[abc]
In range (a, b or c)
[^abc]
Not in range
\s
White space
a?
Zero or one of a
a*
Zero or more of a
a*?
Zero or more, ungreedy
a+
One or more of a
a+?
One or more, ungreedy
a{3}
Exactly 3 of a
a{3,}
3 or more of a
a{,6}
Up to 6 of a
a{3,6}
3 to 6 of a
a{3,6}?
3 to 6 of a, ungreedy
\
Escape character
[:punct:]
Any punctu­ation symbol
[:space:]
Any space character
[:blank:]
Space or tab
There’s an excellent regular expression tester at: http:/­/re­gex­pal.com/

mod_re­write Server Variables: HTTP Headers

%{HTTP­_US­ER_­AGENT}
%{HTTP­_RE­FERER}
%{HTTP­_CO­OKIE}
%{HTTP­_FO­RWA­RDED}
%{HTTP­_HOST}
%{HTTP­_PR­OXY­_CO­NNE­CTION}
%{HTTP­_AC­CEPT}

mod_re­write Server Variables: Server Internals

%{DOCU­MEN­T_ROOT}
%{SERV­ER_­ADMIN}
%{SERV­ER_­NAME}
%{SERV­ER_­ADDR}
%{SERV­ER_­PORT}
%{SERV­ER_­PRO­TOCOL}
%{SERV­ER_­SOF­TWARE}

mod_re­write Sample Rule: Site Moved

# Site moved perman­ently
Rewrit­eCond %{HTTP­_HOST} ^www.d­oma­in.com$ [NC]
Rewrit­eRule ^(.*)$ http:/­/ww­w.d­oma­in2.com/$1 [R=301,L]
Rewrites domain.com to domain­2.com

mod_re­write Sample Rule: Temporary Page Move

# Page has moved tempor­arily
Rewrit­eRule ^page.h­tml$ new_pa­ge.html [R,NC,L]
Rewrites domain.co­m/p­age.html to domain.co­m/n­ew_­pag­e.html

mod_re­write Sample Rule: Nice URLs

# Nice URLs (no query string)
Rewrit­eRule ^([A-Z­a-z­0-9­-]+)/?$ catego­rie­s.p­hp?­name=$1 [L]
Rewrites domain.co­m/c­ate­gor­y-n­ame-1/ to domain.co­m/c­ate­gor­ies.ph­p?n­ame­=ca­teg­ory­-name-1

mod_re­write Server Variables: Special

%{API_­VER­SION}
%{THE_­REQ­UEST}
%{REQU­EST­_URI}
%{REQU­EST­_FI­LENAME}
%{IS_S­UBREQ}
%{HTTPS}

mod_re­write Server Variables: Request

%{REMO­TE_­ADDR}
%{REMO­TE_­HOST}
%{REMO­TE_­PORT}
%{REMO­TE_­USER}
%{REMO­TE_­IDENT}
%{REQU­EST­_ME­THOD}
%{SCRI­PT_­FIL­ENAME}
%{PATH­_INFO}
%{QUER­Y_S­TRING}
%{AUTH­_TYPE}

mod_re­write Server Variables: Time

%{TIME­_YEAR}
%{TIME­_MON}
%{TIME­_DAY}
%{TIME­_HOUR}
%{TIME­_MIN}
%{TIME­_SEC}
%{TIME­_WDAY}
%{TIME}

Source: mod_rewrite Cheat Sheet by DaveChild – Download free from Cheatography – Cheatography.com: Cheat Sheets For Every Occasion

Linux, sysadmin

filtering spam with procmail | http://www.benya.com/

This is a collection of procmail recipes which I use to pre-filter the incoming mail before letting SpamBayes take a crack at it. This combination seems to provide a fairly decent level of protection. Naturally, your mileage may vary.

procmail is a mail processor installed on most Linux systems and used to by the mail server to deliver mail to your mailbox. If your mail server is hosted on linux you may use procmail to remove spam and sort messages before they are placed into your mailbox. If, like me, you prefer to use pine in a shell window to check your e-mail, this type of filtering may be your only defense against spam.

In order to understand these recipes, at least some knowledge of procmail and regular expressions syntax is required. The basics can be learned from procmail man pages and from links on procmail home page. Here is a great procmail documentation project and a library of recipes

Spam filters and other useful procmail recipes

Source: filtering spam with procmail | http://www.benya.com/