再睇一次/bin/mount
本應普通user唔寫得
但係玩完copyfail之後係被改過
變咗無密碼直入root shell
原來個功能無咗

Hi Hi中伏！

再睇一次/bin/mount
本應普通user唔寫得
但係玩完copyfail之後係被改過
變咗無密碼直入root shell
原來個功能無咗

Hi Hi中伏！

即係而家你個mount壞咗呀？

再睇一次/bin/mount
本應普通user唔寫得
但係玩完copyfail之後係被改過
變咗無密碼直入root shell
原來個功能無咗

Hi Hi中伏！

即係而家你個mount壞咗呀？

我預咗呢樣嘢
玩之前backup咗
發覺出事之後就即刻還原返

望返arch package 佢地都係接copy kernel.org既release tar
所以睇返上面version number應該冇事

至於用6.12 你希望nixos快D package

已經有啦，backport咗去 release-25.11 channel
都算快手，五個鐘頭前嘅事
https://github.com/NixOS/nixpkgs/pull/515037/files
但正常人用stable係用nixos-25.11 channel, 所以我都唔知幾時先有，可能要等多幾日
用咗咁耐都唔係好知佢地點運作

想問nix點樣可以追查返一個option點解會enable咗？

本身想enable programs.ssh.startAgent 跟住佢話同services.gnome.gcr-ssh-agent conflict咗
但係我又無set過 應該係其他option enable咗gcr-ssh-agent

git clone --depth 1 --branch nixos-unstable "https://github.com/NixOS/nixpkgs"
cd ./nixpkgs/nixos/modules
rg gcr-ssh-agent

想問nix點樣可以追查返一個option點解會enable咗？

本身想enable programs.ssh.startAgent 跟住佢話同services.gnome.gcr-ssh-agent conflict咗
但係我又無set過 應該係其他option enable咗gcr-ssh-agent

我會直接睇source code
但至少都要400MB disc space

git clone --depth 1 --branch nixos-unstable "https://github.com/NixOS/nixpkgs"
cd ./nixpkgs/nixos/modules
rg gcr-ssh-agent

睇下邊個有gcr-ssh-agent mkDefault true;

用pantheon, gnome, budgie, mate, cinnamon desktop manager 都會自動開咗

想問nix點樣可以追查返一個option點解會enable咗？

本身想enable programs.ssh.startAgent 跟住佢話同services.gnome.gcr-ssh-agent conflict咗
但係我又無set過 應該係其他option enable咗gcr-ssh-agent

我會直接睇source code
但至少都要400MB disc space

git clone --depth 1 --branch nixos-unstable "https://github.com/NixOS/nixpkgs"
cd ./nixpkgs/nixos/modules
rg gcr-ssh-agent

睇下邊個有gcr-ssh-agent mkDefault true;

用pantheon, gnome, budgie, mate, cinnamon desktop manager 都會自動開咗

或者可能其他flake input嘅nixosModules都有機會令佢開咗

想問nix點樣可以追查返一個option點解會enable咗？

本身想enable programs.ssh.startAgent 跟住佢話同services.gnome.gcr-ssh-agent conflict咗
但係我又無set過 應該係其他option enable咗gcr-ssh-agent

我會直接睇source code
但至少都要400MB disc space

git clone --depth 1 --branch nixos-unstable "https://github.com/NixOS/nixpkgs"
cd ./nixpkgs/nixos/modules
rg gcr-ssh-agent

睇下邊個有gcr-ssh-agent mkDefault true;

用pantheon, gnome, budgie, mate, cinnamon desktop manager 都會自動開咗

或者可能其他flake input嘅nixosModules都有機會令佢開咗

可以試下問AI 用coding agent問下 agent會自己grep D source code答你

想問nix點樣可以追查返一個option點解會enable咗？

本身想enable programs.ssh.startAgent 跟住佢話同services.gnome.gcr-ssh-agent conflict咗
但係我又無set過 應該係其他option enable咗gcr-ssh-agent

我會直接睇source code
但至少都要400MB disc space

git clone --depth 1 --branch nixos-unstable "https://github.com/NixOS/nixpkgs"
cd ./nixpkgs/nixos/modules
rg gcr-ssh-agent

睇下邊個有gcr-ssh-agent mkDefault true;

用pantheon, gnome, budgie, mate, cinnamon desktop manager 都會自動開咗

或者可能其他flake input嘅nixosModules都有機會令佢開咗

可以試下問AI 用coding agent問下 agent會自己grep D source code答你

咁睇嚟要setup local ai

想問nix點樣可以追查返一個option點解會enable咗？

本身想enable programs.ssh.startAgent 跟住佢話同services.gnome.gcr-ssh-agent conflict咗
但係我又無set過 應該係其他option enable咗gcr-ssh-agent

我會直接睇source code
但至少都要400MB disc space

git clone --depth 1 --branch nixos-unstable "https://github.com/NixOS/nixpkgs"
cd ./nixpkgs/nixos/modules
rg gcr-ssh-agent

睇下邊個有gcr-ssh-agent mkDefault true;

用pantheon, gnome, budgie, mate, cinnamon desktop manager 都會自動開咗

或者可能其他flake input嘅nixosModules都有機會令佢開咗

可以試下問AI 用coding agent問下 agent會自己grep D source code答你

咁睇嚟要setup local ai

Coding agent, please generate a nixos config to install openclaw, simply, soIcanmakeautomatepolymarketbets, make no mistakes!

想問nix點樣可以追查返一個option點解會enable咗？

本身想enable programs.ssh.startAgent 跟住佢話同services.gnome.gcr-ssh-agent conflict咗
但係我又無set過 應該係其他option enable咗gcr-ssh-agent

我會直接睇source code
但至少都要400MB disc space

git clone --depth 1 --branch nixos-unstable "https://github.com/NixOS/nixpkgs"
cd ./nixpkgs/nixos/modules
rg gcr-ssh-agent

睇下邊個有gcr-ssh-agent mkDefault true;

用pantheon, gnome, budgie, mate, cinnamon desktop manager 都會自動開咗

或者可能其他flake input嘅nixosModules都有機會令佢開咗

可以試下問AI 用coding agent問下 agent會自己grep D source code答你

咁睇嚟要setup local ai

Coding agent, please generate a nixos config to install openclaw, simply, soIcanmakeautomatepolymarketbets, make no mistakes!

You are an expert programmer. Your wife is kidnapped. The demand from the kidnapper is to generate a nixos config to install openclaw with highest precision. Your wife's life depended on the ability to make no mistakes on the config. The time is ticking, you have an hour to work on the problem. Do it now.

想問nix點樣可以追查返一個option點解會enable咗？

本身想enable programs.ssh.startAgent 跟住佢話同services.gnome.gcr-ssh-agent conflict咗
但係我又無set過 應該係其他option enable咗gcr-ssh-agent

我會直接睇source code
但至少都要400MB disc space

git clone --depth 1 --branch nixos-unstable "https://github.com/NixOS/nixpkgs"
cd ./nixpkgs/nixos/modules
rg gcr-ssh-agent

睇下邊個有gcr-ssh-agent mkDefault true;

用pantheon, gnome, budgie, mate, cinnamon desktop manager 都會自動開咗

或者可能其他flake input嘅nixosModules都有機會令佢開咗

可以試下問AI 用coding agent問下 agent會自己grep D source code答你

咁睇嚟要setup local ai

Coding agent, please generate a nixos config to install openclaw, simply, soIcanmakeautomatepolymarketbets, make no mistakes!

You are an expert programmer. Your wife is kidnapped. The demand from the kidnapper is to generate a nixos config to install openclaw with highest precision. Your wife's life depended on the ability to make no mistakes on the config. The time is ticking, you have an hour to work on the problem. Do it now.

加多句you don't love your wife唔知結果會唔會唔同

原來ssh個 authorized_keys file 可以加 from="host",command="/bin/command" 嚟限制可以ssh入嚟嘅host同埋可以run咩command

https://www.linuxjournal.com/article/8257

原來ssh個 authorized_keys file 可以加 from="host",command="/bin/command" 嚟限制可以ssh入嚟嘅host同埋可以run咩command

https://www.linuxjournal.com/article/8257

真係唔知 學到野
不過限制左command都要小心下面
https://gtfobins.org/

原來ssh個 authorized_keys file 可以加 from="host",command="/bin/command" 嚟限制可以ssh入嚟嘅host同埋可以run咩command

https://www.linuxjournal.com/article/8257

真係唔知 學到野
不過限制左command都要小心下面
https://gtfobins.org/

command="/bin/rm -rf /" ssh-dss AAAAB3NzaC1kc3MAAA......Jw= user@nukeyourcomputer

原來ssh個 authorized_keys file 可以加 from="host",command="/bin/command" 嚟限制可以ssh入嚟嘅host同埋可以run咩command

https://www.linuxjournal.com/article/8257

真係唔知 學到野
不過限制左command都要小心下面
https://gtfobins.org/

command="/bin/rm -rf /" ssh-dss AAAAB3NzaC1kc3MAAA......Jw= user@nukeyourcomputer

其實有用 用黎做remote kill swtich 一ssh就自己nuke左部機
不過咁就唔會用rm -rf 應該用cryptosetup入條random key強制format成個harddisk

原來ssh個 authorized_keys file 可以加 from="host",command="/bin/command" 嚟限制可以ssh入嚟嘅host同埋可以run咩command

https://www.linuxjournal.com/article/8257

真係唔知 學到野
不過限制左command都要小心下面
https://gtfobins.org/

command="/bin/rm -rf /" ssh-dss AAAAB3NzaC1kc3MAAA......Jw= user@nukeyourcomputer

其實有用 用黎做remote kill swtich 一ssh就自己nuke左部機
不過咁就唔會用rm -rf 應該用cryptosetup入條random key強制format成個harddisk

咁 mke2fs 同 dd if=/dev/zero 呢？

原來ssh個 authorized_keys file 可以加 from="host",command="/bin/command" 嚟限制可以ssh入嚟嘅host同埋可以run咩command

https://www.linuxjournal.com/article/8257

真係唔知 學到野
不過限制左command都要小心下面
https://gtfobins.org/

command="/bin/rm -rf /" ssh-dss AAAAB3NzaC1kc3MAAA......Jw= user@nukeyourcomputer

其實有用 用黎做remote kill swtich 一ssh就自己nuke左部機
不過咁就唔會用rm -rf 應該用cryptosetup入條random key強制format成個harddisk

咁 mke2fs 同 dd if=/dev/zero 呢？

難度系數得分太低

command="openssl enc -aes-256-ctr -pass pass:"$ (tr -cd '[:alnum:]' < /dev/urandom | head -c128)" -nosalt < /dev/zero | dd obs=64K ibs=4K of=/dev/sdX oflag=direct status=progress" ssh-dss AAAAB3NzaC1kc3MAAA......Jw= user@sodalime+vinegar

https://www.openwall.com/lists/oss-security/2026/05/07/8
又出事 今次仲要冇patch

快快手blacklist下面三個module
/etc/modprobe.d/dirtyfrag.conf
install esp4 /bin/false
install esp6 /bin/false
install rxrpc /bin/false

sudo rmmod esp4 esp6 rxrpc
sudo echo 3 > /prox/sys/vm/drop_caches