IRC Logs for #crux Saturday, 2012-08-11

*** v33 has quit IRC00:50
Romsterjoe9, create a .nostrip file with regex match of files you don't want to strip iirc01:18
*** acrux_ has joined #crux01:55
*** acrux has quit IRC01:57
*** mike_k_ has joined #crux02:51
*** Romeo` has quit IRC04:01
*** barnabyh has joined #crux04:13
*** barnabyh has quit IRC04:17
*** jue has quit IRC04:46
*** Romeo- has joined #crux04:51
*** Romeo- has joined #crux04:51
cruxbot[opt.git/2.7]: nss: updated to 3.13.605:02
*** lennart_ has joined #crux05:04
*** acrux has joined #crux05:09
*** acrux_ has quit IRC05:09
*** lennart has quit IRC05:09
*** Romeo- has quit IRC05:09
*** lennart_ is now known as lennart05:10
cruxbot[opt-x86_64.git/2.7]: nss: updated to 3.13.605:11
*** jdolan has joined #crux06:31
*** ChanServ sets mode: +o jdolan06:31
*** Romeo- has joined #crux08:03
*** Romeo- has joined #crux08:03
joe9 Romster  that is a good idea. Where does the .nostrip file exist? location of it,08:06
joe9got it, in the directory of the port.08:07
cruxbot[contrib.git/2.7]: skipfish: 2.06b -> 2.07b08:56
cruxbot[opt.git/2.7]: slim: add patch for libpng09:06
teK_thx frinnst honey09:06
teK_:X09:06
horrorStrucknow we know the truth :O09:12
teK_haha09:17
*** Romeo- has quit IRC09:22
*** joacim has quit IRC09:34
*** Reuben has joined #crux10:15
joe9romster, i notice that you use .nostrip without any pattern in some ports.10:18
joe9that does not help with anything. I think you need to add a pattern in that file.10:19
ReubenHi I've just run into something really odd, possibly malicious and i can't do anything. I no longer have permissions for load of files located in /usr/bin/ including sudo, vi, nano and about a hundred more.10:19
joe9Reuben: home machine?10:23
Reubenyes, i should be the only user.10:23
Reubenthe permissions on those files should never just up and change right?10:29
*** joacim has joined #crux11:43
*** mike_k has joined #crux11:55
*** mike_k_ has quit IRC11:58
*** v33 has joined #crux12:06
*** vaddi1 has quit IRC12:08
*** mike_k has quit IRC14:01
*** lasso has joined #crux14:16
jaegeryeah, that would be pretty strange... check through your shell history for anything odd?14:28
Reubeni cant...14:55
Reubenno nano14:56
Reubenor vi14:56
Reubenor anything14:56
frinnstcat ?14:58
Reubenhmn, i think that does work?14:58
Reubenwhat command?14:58
frinnstdunno, cat /etc/passwd ?14:59
frinnstmaybe something did chmod -x on everything?14:59
Reubenit's not everything buy yeah sounds possible..15:00
Reubenthe irritating one ins the sudo15:00
frinnsttry a sh /usr/bin/vim15:00
frinnstwhat are the actual perms on the binaries?15:00
Reubenpermission denied on vim15:00
Reuben???????15:00
Reubeni cant see them15:00
Reubenno permissions15:00
Reubeni'm remote access root login disabled15:01
Reubenand sudo has been deactivated15:01
frinnstmaybe the filesystem is trashed?15:01
frinnstdoes dmesg say anything?15:01
Reubensame as all other commands15:01
ReubenInput/output error15:01
frinnstis the server on physical hardware?15:01
Reubenyes15:02
jaegerwell, that's not necessarily the same as permission denied15:02
frinnstthen im sure a drive is dead or something :)15:02
jaegeryou should probably check the filesystem15:02
Reubenif i try to nedit anything i get permission denied15:02
frinnstpossibly remounted as ro ?15:02
frinnsttry a "mount"15:02
jaegercheck the drive, too, with smartmontools from another system or a livecd15:02
Reubenmount15:02
frinnstwrong terminal :)15:02
ReubenInput output error on mount15:02
Reubeni cant! i'm 150 miles away :P15:03
frinnstsounds fucked :/15:03
Reubennot yed, i can on wednesday15:03
Reuben*yet15:03
Reubencat log15:03
frinnstinvest in a kvm :)15:04
Reubenkvm?15:04
frinnsthttp://en.wikipedia.org/wiki/KVM_switch15:04
frinnstor some form of remote management15:04
jaegerIf it's just one machine an ILOM type thing is an option, too15:05
jaegergot one on my ESXi server and a bunch at work, they're awesome15:05
Reubenthat would be useful at home. but remotely, not so useful15:05
jaegerthere are IP KVMs too15:05
Reubenwell it's going to force reboot at 6am because i put a timer switch on it, it usually shuts down in advance but incase of crash a force powerdown remotely helps15:06
ReubenThink it might fix on reboot? Or do I need to log in as root at the terminal?15:07
frinnstdont think it will come back up again15:07
jaegerIt's possible but unlikely15:07
jaegerif the hardware isn't really bad, it could be a fluke15:07
jaegerbut if it IS bad you risk being unable to access it at all15:07
ReubenI don't get what might have done it. And as of now everything is not working anyway. so no access is only a tiny bit less than current15:07
Reubenyou think it's a hardware error?15:08
jaegerit seems likely that it's a failing drive if you're the only user15:08
Reubenuh, scratch drive?15:08
jaegerunless you run some outward-facing service that got exploited15:08
Reubenor primary? i have them seperate15:08
frinnsti'd bet on hardware15:08
Reubeni have hiawatha server15:08
Reubenand a minecraft server15:08
Reubenand rtorrent was running....15:08
Reubenbut that was it15:09
frinnstharddrives die all the time15:09
jaegerit sounds more like hardware than an exploit anyway15:09
jaegeryeah15:09
frinnstany form of raid redundancy?15:09
Reubenthe scratch drive was a bit shakey i'll say15:09
Reubenno, i put an 8gb ssd in as a boot drive and used an old 160gb disk as scratch, i made a partitaion of 40gb in the middle of the drive because i knew it was a bit shakey15:10
Reubenif the scratch went down it could cause this issue?15:10
frinnstscratch? as in esxi ?15:10
frinnstor what do you mean?15:10
Reubenpage file15:11
jaegerIf you knew the drive was shaky I'd be 100% sure it's failing15:11
jaegermagnetic drives only get worse, never better :)15:11
frinnstyeah15:11
ReubenYes but it's not he primary drive and yeah i know :p15:11
jaegerif there's a single bad sector on it they will grow, it's toast15:11
Reubeni was going to replace it next week anyway15:11
jaegerwell, not sure what would cause the SSD to have problems, do you know of any issues with it?15:12
Reubeni did my best to put the partition a loong way from bad sectors but *shrug*15:12
jaegerI assume it's pretty old if it's 8GB15:12
Reubenwas brand new15:12
frinnstcool, hp has android/ios ilo2 clients :)15:12
Reubenunused15:12
Reubeni just wanted a small boot ssd15:12
jaegernice... I wonder if there's an ilo client for my supermicro one15:12
jaegerI've got a nexus 7 tablet now, would be handy15:12
Reubenduring setup the machine told me set one hdd as boot, and partition, which was the ssd, and set one partition for scratch. I assume page file. which was the hdd15:13
Reubenso could a page file issue cause my problem?15:14
jaegerI doubt it15:14
jaegerscratch and swap are probably not the same thing in this case but I don't know that for sure, you'd have to ask the MineOS dev or something15:14
Reubenah yes, swap that was the other name xD15:15
Reubenscratch=swap15:15
jaegerah, ok15:15
jaegeryou should probably refer to it as swap to avoid confusion15:15
jaegerswap is the far more common term in linux terminology15:15
Reubeni will in future :)15:15
Reubenso would a swap partition failure cause this problem?15:16
frinnstscratch = vmware talk for partition containing logfiles15:16
jaegerscratch is used in a lot of ways, vmware, photoshop, etc.15:16
frinnstReuben: probably not, but it's probably pointless to speculate15:16
jaegerit's unlikely that the swap would cause it15:16
Reubenif i can log on as root and everything works...that hints at maliciousness yes?15:17
jaegerthe same commands that were giving i/o errors work now?15:18
ReubenNo, i'm asking so that when i get back i can do some quick checks to point me in the right direction15:18
jaegerAh.15:18
Reubeni'll be back at the machine on wednesday15:18
jaegerI don't think logging in as root will make any difference15:18
jaegerbut without more info it's impossible to tell exactly15:19
Reubenhow would i get more info?15:19
jaegercheck the console, should be something rather obvious on it if hardware is failing15:19
jaegerso there's probably jack you can do until wednesday15:20
Reubenso just sit down at it and try and log in?15:20
jaegerI'm guessing you'll see error messages before you even try to log in, but yeah15:20
Reubenokay thanks. I'll  check that then on wednesday. Thanks for your help.15:22
jaegergood luck15:22
ReubenI'd just set up psk log in too :(15:22
jaegerWhat I would suggest is to take a livecd with you with smartmontools available and run smart tests on the drives15:22
ReubenIt has no cd drive :$15:23
jaegerUSB?15:23
Reubenah yes, sensible, i'll add a partition to my boot tools mem stick15:23
Reubenquick q, make sure i didnt just do something stupid. to disable password log in you change the line uuh, ?PasswordAuth? from yes to no?15:24
Reubeni cant remember the right line name15:24
Reubenin sshd_config15:24
jaegerPasswordAuthentication15:25
jaegerI believe so though it's been a while since I've done that15:25
Reubenyes that's it, if you set that to no, then you cannot log in at all unless psk is enabled yes?15:25
jaegerbasically, yes15:26
Reubenso you think it likely someone might have hacked it, with root disabled psk only login, only frontend minecraft, hiawatha and rtorrent?15:27
jaegerno, I think the hardware is failing15:27
ReubenAwesome, i don't need to call the neighbour to go kill it to prevent me being traced to crimes :)15:27
Reubenthanks very much15:27
jaegernp, good luck15:27
*** Reuben has quit IRC16:05
*** aarch has joined #crux16:46
*** lasso has quit IRC18:03
*** teK_ has quit IRC18:08
*** ente has quit IRC18:09
*** DaViruz has quit IRC18:10
*** DaViruz has joined #crux18:11
*** ente has joined #crux18:14
*** ente has joined #crux18:14
*** teK_ has joined #crux18:16
*** tilman has quit IRC18:26
*** tilman has joined #crux18:34
*** ChanServ sets mode: +o tilman18:34
*** v33 has quit IRC18:40
*** pidsley has joined #crux19:53
*** horrorStruck has quit IRC21:07
*** mavrick61 has quit IRC21:23
*** mavrick61 has joined #crux21:24
*** horrorStruck has joined #crux21:29
*** pidsley has quit IRC22:26
*** horrorStruck has quit IRC22:40
*** horrorStruck has joined #crux22:52
*** horrorStruck has quit IRC23:03
*** vaddi has joined #crux23:48

Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!