We Keep Coding

Which WSL distro is using AppData\Local\Docker\wsl\data\ext4.vhdx after docker-desktop-data was exported and unregistered

Due to increasing space consumption of WSL I was forced to move my WSL distros to another disk.
Ubuntu
docker-desktop
docker-desktop-data
I used these commands.
wsl --shutdown
wsl --export (on all three of those distros)
wsl --import (already on another disk)
Now my environment is running fine but the ext4.vhdx in AppData\Local\Docker\wsl\data is still present and I can't remove it due to it still being used.
When I look at process hadnles
Its still being used by system which is not telling much.
If I run WSL --shutdown all virtual disks present on disk E: lose their handles and the one on disk C: is still being used.
Would you know how to find out what part of WSL or if it even is WSL is using?
Since shutting down WSL does not remove that handle it might be used by something else.
Its not docker-for-desktop that one uses different disk.
Thanks for your suggestions.

Docker Desktop for Windows, which uses WSL2, stores all image and container files in a separate virtual volume (vhdx). This virtual hard disk file can automatically grow when it needs more space (to a certain limit). Unfortunately, if you reclaim some space, i.e. by removing unused images, vhdx doesn't shrink automatically. Luckily, you can reduce its size manually by calling this command in PowerShell (as Administrator):
Optimize-VHD -Path $Env:LOCALAPPDATA\Docker\wsl\data\ext4.vhdx -Mode Full
If the above command fails with
The system failed to compact 'C:\Users\Maxx\AppData\Local\Docker\wsl\data\ext4.vhdx':
The process cannot access the file because it is being used by another process. (0x80070020).
exit form Docker Desktop or stop services and tasks using that file:
net stop com.docker.service
taskkill /IM "docker.exe" /F
taskkill /IM "Docker Desktop.exe" /F
wsl --shutdown
I reclaimed 15Gb of 40Gb.
Origin of the solution.

You can just clean data from interface. Troubleshooting -> Clean/Purge data

Upgrading from WSL1 to WSL2 made it a bit messy, but resetting docker-desktop to its default setting and then purging data from WSL (using docker-desktop troublesshot) cleared it for me.

How to configure compatibility mode from a script?

As a part of deployment script I need to add flag "run as admin" for some app. I found where it is configured in registry, but I see that is not enough. For example, I have procexp64.exe in C:\; I'm adding string value C:\procexp64.exe with data ~ RUNASADMIN in registry in HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers. After this I see the checkbox "Run as admin" in exe properties, but actually the app isn't running as admin!
Ok, I removed my registry modification and configured it manually as show on the pic. The registry value appears back with the same data at the same place. I traced with procmon the modification and found that dllhost does it - it adds only one registry modification and doesn't modify anything on file system. dllhosts's modification works, but my modification - not. What I'm doing wrong?
Seems like it is not enough to add reg value...
Registry virtualization was disabled, user has admin rights. Win Srv 2012 R2.

Possible duplicate of: How to set "Run this program as an administrator" programmatically
Make sure you choose HKLM or HKCU correcly
You can try
reg.exe Add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers" /v "C:\procexp64.exe" /d "RUNASADMIN" /f
or
reg.exe Add "HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers" /v "C:\procexp64.exe" /d "RUNASADMIN" /f

Robocopy fails with security error copying "from nas to nas". Why?

tl;dr
robocopy has security problems copying from 'nas to nas'
The system detected a possible attempt to compromise security. Please
ensure that you can contact the server that authenticated you.
Summary
I'm running into "windows permission problems" when making backups using using the following:
powershell
robocopy
Windows 2008R2
Windows task scheduler
Task Scheduler output
Taskscheduler runs under user domain account "OPS\backupuser"
The script succeeds when it copies "from local drive" "to the backup nas"
However it fails when the script copies "from another nas" "to the backup nas"
In pictures...
Success: local drive --copy-to--> backup NAS
Fails: another NAS --copy-to--> backup NAS
Output
Robocopy fails with exit code 16.
Here is detailed output:
-------------------------------------------------------------------------------
ROBOCOPY :: Robust File Copy for Windows
-------------------------------------------------------------------------------
Started : Thu Jul 07 22:22:11 2016
2016/07/07 22:22:26 ERROR 1265 (0x000004F1) Getting File System Type of Source \\app-data-nas.hosting.acme\bazapp$\production\foo_industries_prod\
The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you.
Source - \\app-data-nas.hosting.acme\bazapp$\production\foo_industries_prod\
Dest : \\dr-backup-nas\AppDR$\ALL_DR\FOO_INDUSTRIES_DR\foo_industries_prod\
Files : *.*
Options : *.* /NDL /S /E /COPY:DT /PURGE /MIR /B /NP /R:0 /W:1
------------------------------------------------------------------------------
Other points
1) Because I the environment is 'locked down', I could not run this from the command line, either as :
my own account
my own account with elevated command prompt
OPS\backupuser
2) I tried adding '/NODCOPY' , but robocopy failed; apparently we don't have the hotfix for this option.
Thanks in advance!

NAS drives are not Windows drives. You have to map to them uniquely and with certain admin privileges to make them "see" you're trying to copy stuff into them.
First map a drive to the NAS system using NET USE
Next copy the file(s) using ROBOCOPY thus...
robocopy <source path> <nas path> <file(s)> /s /j /r:2 /w:5 /log+:robocopy.log
Place it all inside a CMD file and run it from a Task Scheduler on your Windows server.

>
>
>NAS drives are not Windows drives. You have to map to them uniquely and with certain >admin privileges to make them "see" you're trying to copy stuff into them.>
>
>First map a drive to the NAS system using NET USE
>
>Next copy the file(s) using ROBOCOPY thus...
>
>robocopy <source path> <nas path> <file(s)> /s /j /r:2 /w:5 /log+:robocopy.log
>Place it all inside a CMD file and run it from a Task Scheduler on your Windows server.
>
You forgot:
/FFT #":: assume FAT File Times (2-second granularity)" -ensures the copy ignores OS file system while copying in ROBOCOPY
/Z #":: Includes LARGE file copy restart" - restarts large file copying where the copy left off in the file, instead of starting over again. Like in a 500 GB file it restarts at the byte the copy stopped at, in case you need to schedule offline copying and don't want large files to prevent the copy progression (will ONLY start over if the file date changed!)
/xo #"exclude older files" -copies all new files - something useful to retry copies in Scheduled task Job of Robocopy...
All these are useful in NAS copying... as they tend to have issues resolved by these switches in ROBOCOPY.

launchctl - remove enabled/disabled override

On OS X Yosemite (10.10), is there any way to remove the enabled/disabled override setting for a service?
For example, to permanently disable non-existent service 'test' for root, do this:
sudo launchctl disable user/0/test
Check that it has been added to the disabled list:
sudo launchctl print-disabled user/0
Result:
disabled services = {
"test" => true
}
login item associations = {
}
Now, how can I delete "test" from the disabled services list?
(I know I can enable it, but I just want to remove the entry entirely.)
Note:
If I reboot my computer, I see that the 'test' override has been added to a launchd disabled file:
sudo cat /var/db/com.apple.xpc.launchd/disabled.0.plist
Result:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>test</key>
<true/>
</dict>
</plist>
I have tried running this command to manually delete it from the .plist file:
sudo /usr/libexec/Plistbuddy /var/db/com.apple.xpc.launchd/disabled.0.plist -c Delete:test
This does delete it from the file, but it just comes back again when I reboot my computer. Any ideas?

It seems like the nature of the info that used to be in overrides.plist has changed..
According to launchctl's man page for the "legacy" load / unload sub-commands..
-w Overrides the Disabled key and sets it to false or true for the load and unload subcommands respectively. In previous versions, this option would modify the configuration file. Now the state of the Disabled key is stored elsewhere on- disk in a location that may not be directly manipulated by any process other than launchd.
I guess now... the info is stored in the /var/db/com.apple.xpc.launchddirectory.
The contents of mine contained several plists.
config
disabled.0.plist
disabled.200.plist
...
disabled.501.plist
...
disabled.migrated
loginitems.0.plist
...
loginitems.501.plist
...
In this case, the file names are referring to the different Users' id's (501 being mine, 0 being root). Changing the keys in these files (as root, obviously) SHOULD remove the corresponding overrides with dark-overlord launchd.
If not, try editing these same files while booted to recovery, or some other drive - so as you can mess with them whilst launchd is not running/relentlessly trying to be boss.

I was able to do this using Single User Mode. The steps are:
Shut down your computer.
On startup, enter single-user mode (Command + S).
From the command line, type /sbin/mount -uw /
Edit the appropriate /var/db/com.apple.xpc.launchd/disabled.*.plist file, removing disabled items, as desired.
Type exit.

I've just solved this kinda problem with LaunchControl on yosemite…
its a must have amazing little GUI for managing your daemons and agents on OSX.
It has a lot of features…
So just install it with cask
$ brew cask install launchcontrol
then find your service (under Use Agents or Global Daemons or whatever… ) in the list on the left.
Select it and in the main menu go to Job=>Override Disabled key=>Always False
Then reboot and check...
Should work!

The configuration-files/scripts used by 'launchctl' are located in:
# Location of the LaunchAgents which run under the user own name (and is logged in).
$ cd $HOME/Library/LaunchAgents
# Location for the Deamons for running jobs without logged in user.
$ cd /Library/LaunchDaemons
# Location for the LaunchAgents which run as root when the user is logged in.
$ cd /Library/LaunchAgents
The following quick-and-easy commands for the XML-scripts (ending on .plist) are (assuming you are in one of the above listed directories and you may need a sudo):
# Loads the specified configuration file.
# Jobs that are not on-demand will be started as soon as possible.
$ The -w option overrides the disabled setting.
# The -F option forces the loading and ignores the Disabled key.
$ launchctl load <script-name.plist>
# Unloads the specified configuration file from the current started session.
$ The -w option overrides the disabled setting.
# The -F option forces the loading and ignores the Disabled key.
$ launchctl unload <script-name.plist>
# Removes the specified configuration from the list and does not appear after rebooting
$ launchctl remove <script-name.plist>
See the man page for launchctl at https://ss64.com/osx/launchctl.html for details.

Output of sub-processes in DOS batch script not visible in Apache

I'm running Apache 2.2 (launched via console) on Vista. I have simple batch script in cgi-bin. Unfortunately, Apache does not seem to serve any content generated by sub-processes.
For example, given the following script:
#echo off
echo Content-Type: text/html
echo.
echo Visible in browser
cmd /c echo Hidden from browser
echo End of script
All three lines of text will appear in the console if executed directly from a command prompt. However the middle line ("Hidden from browser") will not appear if the script is launched from Apache.
This script is just illustrative -- I'm actually using the batch file to launch a number of separate console based applications (not cmd.exe)
What am I doing wrong?

I've been looking at this, over at :
Pipe Java output to calling script
FWIW, all of this C:\wamp\bin\apache\apache2.2.22\cgi-bin\testbat.bat's echo output appears in both the command window and the served webpage :
#echo off
rem This works in Wampserver's Apache cgi-bin...
rem http://localhost/cgi-bin/testbat.bat
echo Content-Type: text/html
echo.
echo ^<html^>^<head^>^</head^>^<body^>
echo ^<H1^>Hello world!!!^</H1^>
echo ^<PRE^>
FOR /F "usebackq delims==" %%i IN (`dir`) do echo %%i
echo ^</PRE^>
FOR /F "usebackq delims==" %%i IN (`cmd /c echo NOT hidden!`) do echo %%i
echo ^</body^>^</html^>

Many more details aside, this behavior happens when cmd is invoked via CreateProcess() with DETACHED_PROCESS, which is what Apache does in ap_cgi_build_command() through apr_proc_create() (reference to Apache 2.2.25 source code).
For some reason, the child processes from cmd are also spawned detached. This also happens in other situations (e.g., invoking WScript.CreateObject("WScript.Shell").Run() in the same context) which might or might not involve cmd in the background.
Unrelated lesson learned: if CreateObject(DETACHED_PROCESS) and I/O redirection (STARTF_USESTDHANDLES) are mixed together, results might be surprising.
As far as I know, there is no solution other than avoiding batch, WSH and others. The httpd team might look into this for a workaround in the future.

Maybe you need to redirect the output to your STDOUT. I haven't tried it on Windows machine, but you could try
cmd /c echo Hidden from browser >&1
or redirect it to a temp file and call type on the file.

It would work from the command line as expected but what are the applications that you are trying to run in apache's cgi-bin? I have not heard of Apache's cgi-bin being a batch file...and that could be a potential exploit...maybe the permissions are not set for the batch file...or that there is no plugin available for Apache to actually execute a batch file, think of the mod handlers used for ssl (secure sockets layer)...like this as an example found in Apache's config file...httpd.conf
<LoadModule ssl_module modules/mod_ssl.so>
....
<if mod_ssl>
....
</if>
This would explain why you cannot run a batch file as a cgi-bin script...