IRC Logs for #crux-devel Sunday, 2015-07-26

*** ______mavric has quit IRC02:35
*** ______mavric has joined #crux-devel02:36
Romsteri need to get onto updates.04:53
Romstergod damn it... why are we using mkdir instead of install -d04:55
Romsterthe former messes up on umask04:56
Romsteron footprints.04:56
*** Workster has quit IRC05:22
teK__I dont speak awk but checking the Pkgfile for mkdir calls in prtverify should be easy09:12
teK__for starters09:12
juefrinnst: ok, will do09:14
juebtw, I'm still using jfs on two very old boxes09:16
jueif we continue to ship reiserfsprogs and jfsutils on our ISO we should keep it in core, otherweise someone else has to take over maintenance09:18
juefrinnst: we build ncurses two times, one time with widec the other one without; it's easier to keep both builds in sync with that variable09:21
jueRomster: good call, we should change that for 3.209:30
Romsterthat'll be nice. :)09:30
juethe team is defined here -> https://crux.nu/Main/About09:37
Romsterjaeger, we need to make sure we get the right docs in the iso this time. last time they pointed to the previous release.09:47
teK__jue: I know that page. All of them/us?09:53
teK__alan actually commited something this month :)09:54
teK__so the list is _not_ outdated.09:54
jueyes, the page is up-to-date now, I just removed the retired contributors09:58
teK__hehe, I thought so09:58
*** teK___ has joined #crux-devel11:01
*** teK__ has quit IRC11:05
frinnstteK___: lighttpd 1.4.36 was just released13:07
frinnsthttps://gist.github.com/anonymous/d1e9c68714ad84233951 <- quick ssd initscript for lighttpd13:16
frinnstalso, installing an empty pid-file is probably a bad idea :-)13:31
frinnstncurses moved and lilo fixed14:49
*** Lukc has joined #crux-devel15:43
teK___:}15:56
teK___escape all strings for logging15:57
teK___awesome15:57
teK___RedHat is bitching about their brain dead userhelper vuln :D15:59
teK___fun starts at http://seclists.org/oss-sec/2015/q3/18816:00
teK___do we have a templade ssd-based rc script somewhere in our wiki?16:01
teK___and I think I touched the pid file for a reason.16:02
teK___done (https://crux.nu/Main/PortGuidelines)16:10
frinnstheh yeah I was reading that yesterday16:37
frinnstIm all for full disclosure but this was a bit stupid I think, actually16:37
frinnstsince there were no patches availabe for centos when i started my weekend16:37
teK___as stupid as the fact that libuser exists? :\16:38
frinnstyeah, stupid all around16:38
teK___but yeah, disclosure has to happen responsibly if done by a company16:38
frinnstI should probably patch our centos machines..16:39
teK___what's the usage profile of these?16:40
frinnstno ssh/login customerfacing16:42
frinnstjust some dns and smtp relays16:43
teK___well if there's a non-privileged daemon that's compromised you get your box popped as root16:43
teK___so yeah you should update but not on a Sunday :)16:43
frinnstno patches available so I guess its not installed?16:45
frinnst<3 ansible for patching16:45
teK___I didnt look at the code but from the description, the fix should be simple?16:45
teK___hehe, I guess. How many machines are there?16:46
frinnstnot many centos. most are debian16:46
frinnstjust 5 centos or something16:46
teK___hm16:46
frinnstthe guy complaining about the exploit works here: http://www.rinnestam.se/nsc/IMG_20130130_154634.jpg16:57
frinnsthe has a few nodes to patch :)16:57
frinnsthttps://www.nsc.liu.se/16:58
teK___then he hopefully has some patching machinery in place :]16:58
teK___we earned a certain reputation <317:01
teK___btw.. my iwlwifi firmware issues went away (I had to wait 60 seconds for wlan0 to appear) with *some* kernel update17:02
frinnstmy kvm/spice issue with keyboard lag went away in a kernel update too17:02
teK___nice17:03
frinnstnow my yubikey works again - no need to paste between host and guest17:03
teK___sounds a lot nicer17:03
teK___I added google authenticator + an android app to serverop17:03
teK___not bad either but a bit messy because the workflow looks like this:17:03
teK___unlock phone with pin17:03
teK___start gauth app17:03
teK___ssh serverop17:03
teK___Enter Keyphrase17:04
teK___enter password17:04
teK___enter 6 digit pin code17:04
teK___:D17:04
frinnsthaha17:04
teK___the mobile pin and keyphrase are optional but necessary imho, according to the howto I need local password auth to have this work (???)17:05
frinnstwe use yubikeys + authlite for windows ad integration for our management network. no dependency on a working wan (if shit really hits the fan)17:05
teK___I only need connectivity to serverop for this work, too17:06
frinnstoh? I thought you were dependent on a 3rd party server17:07
teK___the PIN generation is time based17:07
teK___i.e. the pin generator works offline too ;-)17:08
frinnstanyways. time to get a fat burger and enjoy it with a beer while watching the F1 race17:08
frinnstafk17:08
teK___have fun17:08
jaegerSGDQ has started if any of you like that sort of thing17:08
jaegerhttp://www.twitch.tv/gamesdonequick17:08
teK___my son may be17:09
teK___that chat bar on the right just gave me a seizure17:10
jaegerI don't have the chat opened at all, heh17:10
jaegerIt's usually about as high-quality as youtube comments17:11
teK___uh uh uh uh17:11
teK___I sotted _one_ girl :D17:11
teK___the blone in the back behind the pillar17:11
teK___sorry :P17:11
jaegerthere are a lot more women there this year, looks like. Big group17:14
teK___just being silly :]17:15
jaegerwatching while I work on the ISO updates some more17:15
jaegerHrmm, I think I need to go ahead and build a 3.2 ISO building VM to make this all smooth17:40
*** heroux has quit IRC17:56
*** heroux has joined #crux-devel17:58
*** Feksclaus has joined #crux-devel18:52
teK___we are going to have fun with the Dr20:12
*** Feksclaus has quit IRC20:38
frinnstfredrik@nibbler:/usr/man$ du -sh21:19
frinnst23M.21:19
frinnstnot that much to go :)21:19
teK___ugh21:23
*** Workster has joined #crux-devel23:33
*** Workster has quit IRC23:33
*** Workster has joined #crux-devel23:33

Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!