MediaWiki API result
This is the HTML representation of the JSON format. HTML is good for debugging, but is unsuitable for application use.
Specify the format parameter to change the output format. To see the non-HTML representation of the JSON format, set format=json.
See the complete documentation, or the API help for more information.
{
"batchcomplete": "",
"continue": {
"gapcontinue": "Services",
"continue": "gapcontinue||"
},
"query": {
"pages": {
"36": {
"pageid": 36,
"ns": 0,
"title": "Server Hardening",
"revisions": [
{
"contentformat": "text/x-wiki",
"contentmodel": "wikitext",
"*": "Some tips to limit surface attack, and other things to help mitigate obvious script kiddy crap.\n\n'''Note:''' This is a placeholder, we should run through the reference doc below and cherry-pick a couple of things.\n\n== General ==\n\n\n== Linux ==\n=== Comfy setup ==\n* Don't bload APT\n echo 'APT::Install-Recommends \"false\";' > /etc/apt/apt.conf.d/80norecommends\n\n== FreeBSD ==\n\n== References ==\n* https://www.debian.org/doc/manuals/securing-debian-howto/\n* https://github.com/trimstray/the-practical-linux-hardening-guide\n* https://fleximus.org/howto/secure-freebsd\n* http://bsdadventures.com/harden-freebsd\n* https://www.freebsd.org/doc/handbook/audit.html\n* https://www.passbolt.com/\n* find a way to track/analyze log files more effectively\n* https://heipei.io/2015/02/26/SSH-Agent-Forwarding-considered-harmful/\n* 2FA for ssh?\n* https://serverfault.com/questions/116177/whats-the-difference-between-authorized-keys-and-authorized-keys2\n* tinc for accessing delicate services/resources\n\n[[Category: System]]"
}
]
},
"34": {
"pageid": 34,
"ns": 0,
"title": "Service Restart after Upgrades",
"revisions": [
{
"contentformat": "text/x-wiki",
"contentmodel": "wikitext",
"*": "After updating some software on a '''Linux''' machine, some services making use of this software will be restarted to make use of the new version. But most of the time, no. One way to refresh it all is to reboot, but unless there is a kernel update you should not need to do such thing.\n\n=== Find software that needs to be restarted ===\n\nYou can do that with <code>lsof</code> and looking for process that have opened files that are now gone (DEL). They are still in memory (otherwise said process would be quite unhappy), but they changed on disk since the process first opened them. That's a sign these files have been most likely updated, and the processes who need them should be restarted to benefit from their latest versions.\n\n sudo lsof | grep lib | grep DEL # verbosy\n sudo lsof | grep lib | grep DEL | awk '{print $1}' | sort | uniq # less verbosy\n\n=== Restart service ===\n\nWell, you know... Once you have your list of processes who could do with some refreshing, their name should easily hint at the service you need to restart :)\n\n sudo service whatever restart\n\n=== Notes ===\n* Most things can be restarted without creating havoc, in doubt, RTFM.\n* If needed <code>systemd</code> itself will have been most likely restarted by post-install package manager hooks/scripts. If you want to force restart the daemon, use <code>sudo systemctl daemon-reexec</code>. However whether or not the daemon was restarted does not mean that <code>systemd</code> related processes do not need to be restarted as well (for instance <code>journald</code>) but these are best restarted via <code>systemctl</code>. Just check the output of <code>lsof</code> to see if any of this applies to your situation.\n\n\n[[Category: System]]"
}
]
}
}
}
}