IRC Logs for #crux-devel Wednesday, 2016-03-30

*** Nomius has joined #crux-devel00:09
*** Nomius_ has quit IRC00:09
*** heroux has quit IRC02:12
*** Workster has quit IRC02:17
*** _________mavric6 has quit IRC02:40
*** _________mavric6 has joined #crux-devel02:41
*** heroux has joined #crux-devel02:57
*** heroux has quit IRC04:55
*** sudobaal has joined #crux-devel05:20
*** heroux has joined #crux-devel05:32
Romsteroh for gods sake the wiki spam is on the main wiki page.07:45
Romsterhttps://crux.nu/Wiki/HomePage07:45
frinnstI do have backups, but the site is still being spammed09:12
frinnstblock one ip; returns with another a few hours later09:12
frinnstand setting the wiki in read-only doesnt seem to work09:12
frinnstI had ~2hrs to spend on it yesterday09:12
Romsterthink the whole website wiki engine needs a make over09:14
Romsterdamn... who the heck could it be. open proxies sites? tor exits?09:15
frinnstyesterday it was vodafone gprs from india09:16
frinnstguess we could block the entire /16 block..09:17
frinnstthis is why we cant have nice things..09:17
Romsterargh i go to my dns portal and they are doing maintenance09:18
Romstershame it can't be stuck in read only mode.09:18
Romsterand revert.09:18
frinnstwe chould chmod -w the entire thing, its just flat files09:18
Romsterthere is a way to set only registered accounts can edit pages right?09:18
frinnstI thought so, but the change doesnt seem to apply09:19
Romstermakes me wonder if it's also possible to revert all wiki pages based on a bad users account being removed/locked09:19
frinnstno, since we dont really use any form of credentials or accounts for the wiki09:20
frinnstexcept for some privileged operations09:20
Romsteri know we have accounts for the main pages on the wiki but since the https redirect i can't even edit those now.09:21
Romsterit keeps going to the log in form when i am already logged in09:21
*** sepen has joined #crux-devel10:57
sepenhi10:57
sepenwhat about the timeline?10:58
sepencan I help on something?10:58
sepenwhile find a better solution, could I restore to: "2011-08-04 19:15 by JuergenDaubert - despam" at least for our homepage11:06
sepenany objection?11:06
sepenping -b11:19
*** deus_ex has quit IRC11:45
frinnstgo gogo13:02
frinnstits all fucked up13:02
frinnstI have a backup of wiki.d in my homedir so it wont matter if you fuck up too bad :)13:02
frinnstwhat we need to do is set the wiki read-only13:02
frinnst14:22Wiki page Wiki.KindleCustomerCare1-800-863-0840ContactNumberappleCustomerServiceNumber24HoursipadHelpline edited by henric? (diff)13:03
frinnsthe's still spamming13:03
frinnstI cant do much from work im afraid13:03
jaegerMaybe set the dir that the wiki pages are in read-only?13:04
frinnstyeah13:04
frinnst~/crux/public_html/wiki.d iirc13:06
jaegerI just changed it to 75513:06
frinnstyou could probably remove the contents in that dir and copy over from the wiki.d in my homedir (rehabdoll)13:07
frinnsti did that yesterday anyway :(13:07
jaegerI made a backup in /root/wiki.d-20160330.tar.xz just in case but will replace them with your copy as soon as that xz finishes13:09
frinnstI wish I had done that yesterday :)13:09
frinnstteks signify page was lost :(13:09
jaegermaybe someone in #crux still had it open and could copy the text?13:09
jaegerok, your copy is now copied over13:10
frinnsthttps://crux.nu/Wiki/PageIndex looks good again13:11
frinnsttimeline will still be fucked - not sure how to fix that13:11
jaegerlooks like there's a sqlite db in local13:15
jaegerI'll put a little time into cleaning that up now before work13:18
frinnst<313:20
*** deus_ex has joined #crux-devel13:40
jaegerAlright, it's cleaner now. If I missed something let me know13:42
jaegerThe homepage is an old version reporting CRUX 3.1 as the latest release13:44
jaegerI've got to get to work, though13:44
sepenhttp://www.pmwiki.org/wiki/Cookbook/Security14:32
jaegerLooks like a pretty good list14:51
sepenwow we finally lost Main.News for 3-2 announce?15:20
sepencan I re-create it manually?15:21
*** jue has joined #crux-devel15:22
juehello15:23
sepenhi jue15:24
juelooks like I've missed some wiki chaos15:24
jaegerhttp://web.archive.org/web/20160327000946/https://crux.nu/ was linked in #crux for the main page15:25
jaegerheyo, jue15:25
sepenjaeger: sorry, now I can't edit the HomePage, maybe due to last changeset in security?15:27
sepen-w adjustment maybe?15:27
juehmm, was it really necessary to reset the whole wiki to such an old version?15:27
juethe main point is the "whole wiki"15:28
sepenATM, can we do a rollback and try to despam?15:31
jueIMO it would be enough to delete all spam files in wikilib.d15:32
jueI mean in the filesystem15:33
jueIIRC that wouldn't hurt pmwiki in any way, but to be sure I can test it here in my local pmwiki installation15:33
jaegerI already deleted them (and there's a backup in /root) as well as cleaned up the timeline15:34
jueof course -> s/wikilib.d/wiki.d/15:34
jaegerI don't think it'd be a good idea to reset permissions until we have some auth in place15:35
jueyeah15:35
jaegerI was curious about the old main page, don't we have more recent backups than that?15:36
juegood question, I don't know15:38
jaegerI think tek and frinnst had set some up but I don't remember the details15:41
jaegerI offered to back it up as well but I vaguely recall they didn't want me to for some reason, can't remember the why15:46
*** sepen has quit IRC15:54
*** sepen has joined #crux-devel15:55
jaegerI'm going to go ahead and set it up15:56
jaegerJust to have another option15:56
sepenhow about to use a git backend to do backups?16:17
jaegerI was just considering a git approach, actually16:18
jaegerI already use zfs snapshots, wouldn't be hard to convert the script to use git instead16:18
sepenI did something similar for maintaining wordpress sites. Easy to rollback changes after receive code injecting16:18
sepenif git diff ... then git-do-autopush16:19
sepenI reverted some broken installations with just git reset16:19
jaegerI created a list of duplicate files in /tmp/fdupes.txt17:24
jaegerunrelated to the backups/etc., just thought it would be interesting to see17:24
jaegerProbably a LOT of stuff we could remove17:24
jueto finally stop the spam I've just removed the @nopass attribute from Wiki.*17:34
jue... and removed the newest spam-pages17:36
jaegerHow were more created? I thought I had made the whole thing read-only17:40
jueno, it is rw for the user17:41
jueseems to work now, only users can edit after, after login oc17:43
juebbl17:58
jaegercan new users be created without us intervening?17:59
*** sepen has quit IRC18:07
teK__oh boy19:07
teK__frinnst19:07
juejaeger: not sure, but I don't think so19:10
teK__did anybody check our daily(?) backup?19:13
jaegerI assumed frinnst did since he was involved with that setup :)19:14
jueteK__: no19:15
teK__will do in a sec.19:16
*** Nomius_ has joined #crux-devel19:54
*** Nomius has quit IRC19:54
teK__well this does not look good20:08
teK__no luck with my local cache either20:14
teK__fsck.....20:14
teK__jaeger / jue: yes we have _current_ backups. But as far as crux.nu is concerned, only from date()-120:18
teK__and it includes the fuckup already20:18
teK__maybe frinnst has more and maybe he can say why he didnt restore from that yesterday -_-20:19
teK__let me know if I can do anything20:21
juewell, I'd say we should use the newest backup we have and do the despam manually, it's easy to delete new spam-files in wiki.d and, sure, we have to restore changed pages manually via pmwiki's restore function20:24
teK__ok, I can restore wiki.d from our backups20:24
juekeep in mind that only Wiki.* files can be spamed, all other files are password protected20:25
teK__for a test, I'd exchange the wiki.d _directories_20:26
jueand everything besides Wiki.* is more imporant for the CRUX side20:26
teK__i.e. move the current one and copy the backuped up one20:26
jueok20:26
juedone?20:28
teK__yes20:29
teK__wondering why start page still displays 3.1 ....20:29
jueindeed20:29
teK__well there is one simple explanation20:29
teK__frinnst said something about his home dir and a backup20:30
teK__let's see what this has to offer20:30
teK__just a sec. jue20:30
frinnstholy backlog, batman20:31
teK__go read that craefully20:31
teK__I am copying from ~rehabdoll/wiki.d now20:31
frinnstI did restore my latest decompressed backup20:31
frinnstbut looking at the processes on crux.nu something doesnt seem right. lots of old rsync-jobs still running20:32
teK__fixing permissions....20:32
frinnstvery strange 3.1 is the latest..20:33
frinnsti'll look through my backups too20:33
frinnsti snapshot weekly20:33
teK__ok the version from ~rehabdoll is also from 07/201420:34
teK__deleting and replacing by the backup version because of file permissions.20:34
frinnsthttp://c8ec43cd3817fc78.paste.se/20:35
frinnstwhat are we looking for? Main.-something?20:35
teK__not a change from 201620:35
teK__can this be right?20:35
teK__everything plus my signedPort wiki page please20:35
frinnstyeah your signed is probably lost?20:35
teK__s/probably/for shizzle/20:36
frinnstyou did see the major fuckup i did yesterday right?20:36
jueyou didn't make a copy of wiki.d before you overwrite it?20:36
teK__I skimmed through the log20:36
frinnst17:07 <@frinnst> awesome, rm Wiki.Quick <tab> * <enter>20:37
frinnst17:07 <@frinnst> file Wiki.Quick does not exist20:37
frinnstso that deleted *20:37
jueoops20:37
frinnstyeah no kidding20:37
frinnstclassic fuckup20:37
teK__he did a classic bumblebee20:37
teK__things happen :|20:38
teK__frinnst: where is your ls -l from20:38
frinnstmy current backup20:39
frinnst-rw------- 1 12378 12378 9.3G mar 21 01:03 home.tar.gz20:39
frinnstthat should be more current, not sure why the plain file copies are fucked20:40
teK__mind pushing wiki.d first?20:40
teK__and then the hole tarball to compare things at least in ~crux20:41
teK__*whole20:41
frinnstyep20:41
teK__then right after you, gentleman20:41
frinnstuploading wiki.d.tar to my homedir20:44
frinnstdone20:44
frinnstmind doing the rest? i need to go :(20:45
frinnst-rw-rw-r-- 1 nobody users  32K nov 22 18:20 Main.News20:45
frinnstlooks promising20:45
teK__k20:46
teK__I switched th emain age tou our maintenance jpb20:46
teK__jpg20:46
teK__to cheer me up at least a little20:46
frinnstlol20:47
frinnstafk again20:47
teK__please upload home.tar while youre afk20:49
teK__ok jue this is at least somewhat current and benign20:49
juegreat, looks much better :)20:50
juethe first thing I'll do is to disable edit without password20:51
teK__I dont mean to whine but my stuff still is lost and it somewhat sucks that I gave a good part of sleep in a week that I was doing work/no sleeping instead of the vacation I took :O20:52
teK__yes please, do that20:52
jueor maybe better if you do that20:53
juehttps://crux.nu/Wiki/GroupAttributes?action=attr20:53
frinnsthopying20:54
frinnstcopying20:54
jueteK__: works that for you?20:55
frinnst687.0KB/s20:55
frinnstafk for real20:55
teK__frinnst: cleaned your stale rsync processes21:27
teK__you really should debug the backup process21:28
jaegerI added crux.nu to my rsync+zfs backups so it'll run every 8 hours and keep 90 snapshots21:28
teK__just wanted to ask21:28
teK__so my take is you dont need me to set that up? ;)21:28
*** Nomius_ has quit IRC23:33
*** Nomius has joined #crux-devel23:33

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!