From ed09d8d86c81dd0f3d9701683448f9483cf363d4 Mon Sep 17 00:00:00 2001
From: aJuvan <andraz.juvan@heimdall.si>
Date: Tue, 7 Apr 2026 18:36:49 +0200
Subject: [PATCH 1/3] Added initial packages

---
 roles/VP-63774/meta/main.yml    |  5 +++++
 roles/netcat/tasks/main.yml     |  4 ++++
 roles/netcat/tasks/main_lin.yml |  4 ++++
 roles/netcat/tasks/main_win.yml |  4 ++++
 roles/pwndbg/meta/main.yml      |  2 ++
 roles/pwndbg/tasks/main.yml     |  4 ++++
 roles/pwndbg/tasks/main_lin.yml | 19 +++++++++++++++++++
 roles/pwndbg/tasks/main_win.yml |  2 ++
 roles/ropr/meta/main.yml        |  2 ++
 roles/ropr/tasks/main.yml       |  4 ++++
 roles/ropr/tasks/main_lin.yml   |  4 ++++
 roles/ropr/tasks/main_win.yml   |  3 +++
 roles/rust/tasks/main.yml       |  4 ++++
 roles/rust/tasks/main_lin.yml   |  7 +++++++
 roles/rust/tasks/main_win.yml   |  4 ++++
 15 files changed, 72 insertions(+)
 create mode 100644 roles/netcat/tasks/main.yml
 create mode 100644 roles/netcat/tasks/main_lin.yml
 create mode 100644 roles/netcat/tasks/main_win.yml
 create mode 100644 roles/pwndbg/meta/main.yml
 create mode 100644 roles/pwndbg/tasks/main.yml
 create mode 100644 roles/pwndbg/tasks/main_lin.yml
 create mode 100644 roles/pwndbg/tasks/main_win.yml
 create mode 100644 roles/ropr/meta/main.yml
 create mode 100644 roles/ropr/tasks/main.yml
 create mode 100644 roles/ropr/tasks/main_lin.yml
 create mode 100644 roles/ropr/tasks/main_win.yml
 create mode 100644 roles/rust/tasks/main.yml
 create mode 100644 roles/rust/tasks/main_lin.yml
 create mode 100644 roles/rust/tasks/main_win.yml

diff --git a/roles/VP-63774/meta/main.yml b/roles/VP-63774/meta/main.yml
index 7f2ec2b..2e5e989 100644
--- a/roles/VP-63774/meta/main.yml
+++ b/roles/VP-63774/meta/main.yml
@@ -2,3 +2,8 @@
 # matevz.pesek@fri.uni-lj.si
 dependencies:
   - c_development
+  - docker
+  - pwntools
+  - netcat
+  - ropr
+  - pwntools
diff --git a/roles/netcat/tasks/main.yml b/roles/netcat/tasks/main.yml
new file mode 100644
index 0000000..3077b7e
--- /dev/null
+++ b/roles/netcat/tasks/main.yml
@@ -0,0 +1,4 @@
+- import_tasks: main_win.yml
+  when: ansible_os_family == 'Windows'
+- import_tasks: main_lin.yml
+  when: ansible_os_family == 'Debian'
diff --git a/roles/netcat/tasks/main_lin.yml b/roles/netcat/tasks/main_lin.yml
new file mode 100644
index 0000000..5a02200
--- /dev/null
+++ b/roles/netcat/tasks/main_lin.yml
@@ -0,0 +1,4 @@
+- name: Install netcat
+  apt:
+    name: netcat-openbsd
+    state: latest
diff --git a/roles/netcat/tasks/main_win.yml b/roles/netcat/tasks/main_win.yml
new file mode 100644
index 0000000..834f5bd
--- /dev/null
+++ b/roles/netcat/tasks/main_win.yml
@@ -0,0 +1,4 @@
+- name: Install netcat
+  win_chocolatey:
+    name: netcat
+    state: latest
diff --git a/roles/pwndbg/meta/main.yml b/roles/pwndbg/meta/main.yml
new file mode 100644
index 0000000..93ee277
--- /dev/null
+++ b/roles/pwndbg/meta/main.yml
@@ -0,0 +1,2 @@
+dependencies:
+  - c_development
diff --git a/roles/pwndbg/tasks/main.yml b/roles/pwndbg/tasks/main.yml
new file mode 100644
index 0000000..3077b7e
--- /dev/null
+++ b/roles/pwndbg/tasks/main.yml
@@ -0,0 +1,4 @@
+- import_tasks: main_win.yml
+  when: ansible_os_family == 'Windows'
+- import_tasks: main_lin.yml
+  when: ansible_os_family == 'Debian'
diff --git a/roles/pwndbg/tasks/main_lin.yml b/roles/pwndbg/tasks/main_lin.yml
new file mode 100644
index 0000000..015850c
--- /dev/null
+++ b/roles/pwndbg/tasks/main_lin.yml
@@ -0,0 +1,19 @@
+- name: Install dependencies
+  apt:
+    name:
+      - git
+
+- name: Download pwntools
+  command:
+    cmd: git clone https://github.com/pwndbg/pwndbg
+    creates: pwndbg
+
+- name: Pull latest pwntools
+  command:
+    cmd: git pull
+    chdir: pwndbg
+
+- name: Install pwntools
+  command:
+    cmd: ./setup.sh
+    chdir: pwndbg
diff --git a/roles/pwndbg/tasks/main_win.yml b/roles/pwndbg/tasks/main_win.yml
new file mode 100644
index 0000000..4a41d13
--- /dev/null
+++ b/roles/pwndbg/tasks/main_win.yml
@@ -0,0 +1,2 @@
+- name: pwndbg uninstallable
+  msg: "This task is not installable on Windows. Skipping."
diff --git a/roles/ropr/meta/main.yml b/roles/ropr/meta/main.yml
new file mode 100644
index 0000000..ad01fbb
--- /dev/null
+++ b/roles/ropr/meta/main.yml
@@ -0,0 +1,2 @@
+dependencies:
+  - rust
diff --git a/roles/ropr/tasks/main.yml b/roles/ropr/tasks/main.yml
new file mode 100644
index 0000000..3077b7e
--- /dev/null
+++ b/roles/ropr/tasks/main.yml
@@ -0,0 +1,4 @@
+- import_tasks: main_win.yml
+  when: ansible_os_family == 'Windows'
+- import_tasks: main_lin.yml
+  when: ansible_os_family == 'Debian'
diff --git a/roles/ropr/tasks/main_lin.yml b/roles/ropr/tasks/main_lin.yml
new file mode 100644
index 0000000..7c42795
--- /dev/null
+++ b/roles/ropr/tasks/main_lin.yml
@@ -0,0 +1,4 @@
+- name: Install ropr
+  ansible.builtin.command:
+    cmd: cargo install ropr --root /usr/local
+    creates: /usr/local/bin/ropr
diff --git a/roles/ropr/tasks/main_win.yml b/roles/ropr/tasks/main_win.yml
new file mode 100644
index 0000000..2a379d0
--- /dev/null
+++ b/roles/ropr/tasks/main_win.yml
@@ -0,0 +1,3 @@
+- name: Uninstallable
+  debug:
+    msg: "This task is not installable on Windows. Skipping."
diff --git a/roles/rust/tasks/main.yml b/roles/rust/tasks/main.yml
new file mode 100644
index 0000000..3077b7e
--- /dev/null
+++ b/roles/rust/tasks/main.yml
@@ -0,0 +1,4 @@
+- import_tasks: main_win.yml
+  when: ansible_os_family == 'Windows'
+- import_tasks: main_lin.yml
+  when: ansible_os_family == 'Debian'
diff --git a/roles/rust/tasks/main_lin.yml b/roles/rust/tasks/main_lin.yml
new file mode 100644
index 0000000..b3eb406
--- /dev/null
+++ b/roles/rust/tasks/main_lin.yml
@@ -0,0 +1,7 @@
+- name: Install rust tools
+  apt:
+    name: 
+      - rustc
+      - cargo
+      - rustfmt
+    state: latest
diff --git a/roles/rust/tasks/main_win.yml b/roles/rust/tasks/main_win.yml
new file mode 100644
index 0000000..3cbe0ef
--- /dev/null
+++ b/roles/rust/tasks/main_win.yml
@@ -0,0 +1,4 @@
+- name: Install rust
+  win_chocolatey:
+    name: rust
+    state: latest

From 7ec5141a3e82dd0c97175147e20f768fcc8fa442 Mon Sep 17 00:00:00 2001
From: aJuvan <andraz.juvan@heimdall.si>
Date: Thu, 9 Apr 2026 10:50:03 +0200
Subject: [PATCH 2/3] Tested and fixed VP-63774

---
 roles/VP-63774/meta/main.yml    |  2 +-
 roles/pwndbg/tasks/main_lin.yml | 18 ++++++++++++------
 roles/pwndbg/tasks/main_win.yml |  3 ++-
 3 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/roles/VP-63774/meta/main.yml b/roles/VP-63774/meta/main.yml
index 2e5e989..a9a0892 100644
--- a/roles/VP-63774/meta/main.yml
+++ b/roles/VP-63774/meta/main.yml
@@ -6,4 +6,4 @@ dependencies:
   - pwntools
   - netcat
   - ropr
-  - pwntools
+  - pwndbg
diff --git a/roles/pwndbg/tasks/main_lin.yml b/roles/pwndbg/tasks/main_lin.yml
index 015850c..ae97948 100644
--- a/roles/pwndbg/tasks/main_lin.yml
+++ b/roles/pwndbg/tasks/main_lin.yml
@@ -3,17 +3,23 @@
     name:
       - git
 
-- name: Download pwntools
+- name: Download pwndbg
   command:
     cmd: git clone https://github.com/pwndbg/pwndbg
-    creates: pwndbg
+    creates: /opt/pwndbg
+    chdir: /opt
 
-- name: Pull latest pwntools
+- name: Pull latest pwndbg
   command:
     cmd: git pull
-    chdir: pwndbg
+    chdir: /opt/pwndbg
 
-- name: Install pwntools
+- name: Install pwndbg
   command:
     cmd: ./setup.sh
-    chdir: pwndbg
+    chdir: /opt/pwndbg
+
+- name: Update folder permissions (to allow lock files)
+  file:
+    mode: '0777'
+    path: /opt/pwndbg/.venv
diff --git a/roles/pwndbg/tasks/main_win.yml b/roles/pwndbg/tasks/main_win.yml
index 4a41d13..b530adb 100644
--- a/roles/pwndbg/tasks/main_win.yml
+++ b/roles/pwndbg/tasks/main_win.yml
@@ -1,2 +1,3 @@
 - name: pwndbg uninstallable
-  msg: "This task is not installable on Windows. Skipping."
+  debug:
+    msg: "This task is not installable on Windows. Skipping."

From 21154229334ac1d3717006c5e8d019e507621959 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ga=C5=A1per=20Fele-=C5=BDor=C5=BE?= <polz@fri.uni-lj.si>
Date: Mon, 13 Apr 2026 12:55:18 +0200
Subject: [PATCH 3/3] Change CIFS homes mountpoint, options

---
 roles/ad_joined/tasks/main_lin.yml | 22 +++++++++++++++++++---
 1 file changed, 19 insertions(+), 3 deletions(-)

diff --git a/roles/ad_joined/tasks/main_lin.yml b/roles/ad_joined/tasks/main_lin.yml
index a7f7e68..cfb19ef 100644
--- a/roles/ad_joined/tasks/main_lin.yml
+++ b/roles/ad_joined/tasks/main_lin.yml
@@ -47,6 +47,11 @@
     owner: root
     mode: 0600
 
+- name: Fix apparmor HOMEDIRS
+  template:
+    src: apparmor_cifs_homes
+    dest: "/etc/apparmor.d/tunables/home.d/cifs_homes"
+
 #- name: Configure libpam-mount
 #  copy:
 #    src: pam_mount.conf.xml
@@ -60,7 +65,13 @@
   command: pam-auth-update --disable mkhomedir
   become: true
 
-- name: Create kstart service
+- name: Use sssd for cifs idmap
+  file:
+    state: link
+    src: /usr/lib/x86_64-linux-gnu/cifs-utils/cifs_idmap_sss.so
+    path: /etc/alternatives/idmap-plugin
+
+- name: Create service to get and renew machine kerberos tickets
   copy:
     src: kstart.service
     dest: /etc/systemd/system/kstart.service
@@ -70,14 +81,19 @@
     src: kstart.service
     dest: /etc/systemd/system/kstart.service
 
+- name: Create profiles directory
+  file:
+    path: /home/profiles
+    state: directory
+
 - name: Add mount - cifs_home
   mount:
     boot: true
     fstype: cifs
     src: "//ucilnicesmb.fri1.uni-lj.si/ucilnice_d"
-    path: /mnt/cifs_home
+    path: /remote_home
     state: mounted
-    opts: "cruid=0,username={{ inventory_hostname }}-linux@FRI1.UNI-LJ.SI,sec=krb5i,nobrl,sfu,nostrictsync,cache=loose,mfsymlinks,dir_mode=0700,file_mode=0700,fsc,multiuser,x-systemd.requires=kstart.service"
+    opts: "cruid=0,username={{ inventory_hostname }}-linux@FRI1.UNI-LJ.SI,sec=krb5i,nobrl,sfu,cifsacl,setuids,fsc,multiuser,actimeo=65536,nostrictsync,cache=loose,resilienthandles,noatime,x-systemd.requires=kstart.service"
 
 - name: Restart sssd
   service: