IRC Logs for #crux Thursday, 2018-11-01

joacimi have a couple of ports on my switch00:00
joacimbut they're only 1 Gbps00:00
pedjaah. idiot-proof (until nature comes up with more...advanced?...idiots :) ?00:00
joacimwill you step up and be that idiot? :300:00
pedjaI am already an idiot in so many areas :)00:01
jaegerSFP doesn't do 10GbE, SFP+ does... they look basically the same, though00:01
joacimi've heard rumors about the kind that loop cat5 cables back to the same switch00:01
joacimhavent seen those myself yet00:02
pedjatime to expand...what's the opposite of expertise?00:02
joacimis SFP+ backwards compatible tho?00:02
jaegeryes00:02
jaegersame pinout. you can plug an SFP cable or module into an SFP+ port but it won't work at 10GbE00:03
pedjawhat kind of cable is used with sfp? utp?00:06
jaegergenerally twinax00:07
jaegerthere are fiber options, though00:07
jaegertwinax is cheap and good for short range stuff, like 15m or less00:07
jaegerthere's also passive and active. need active to get up to 15m00:07
pedjaso, jaeger, care to share which Halloween costume you chose this year :) ?00:20
pedjaor is that over? time zones are weird00:20
jaegerI didn't dress up00:20
jaegerIt's still halloween here, yeah00:20
pedjahere, kids go trick-or-treating while adults go to dinners and passionately discuss politics when drunk00:24
jaegerI tend to avoid discussing politics whenever I can, but there's trick-or-treating here. Not much in my new neighborhood, though, it seems00:24
pedjabit of a combination of old and new, imported from the West, traditions00:24
jaegerI've seen a few people out with their kids00:25
pedjahalf the table at the dinner I was at discussed politics, our (nerdy) half discussed the science behind The Expanse/Windows vs Linux :)00:26
jaeger:)00:26
pedjathe seasoned IT pros discussed Windows/Linux mostly, I know fuck all about either of their use in the business/enterprise setting, thou00:32
pedjait was fun to listen00:32
jaegerI've been considering a topspin 120 infiniband switch and 3 of those mellanox adapters frinnst bought to use as the storage backend for my vmware lab00:34
jaegercan find one for ~$50 on ebay now00:34
joacimi've had worse arguments about busses than politics00:37
joacimlots of heated discussions about hybrids and old diesel models00:37
*** JanC has quit IRC00:58
*** Workster has joined #crux01:00
*** Workster has quit IRC01:01
*** Workster has joined #crux01:01
*** JanC has joined #crux01:05
cruxbot[opt.git/3.4]: libfastjson: initial import, version 0.99.801:13
cruxbot[opt.git/3.4]: liblogging: initial import, version 1.0.501:13
cruxbot[opt.git/3.4]: libestr: initial import, version 0.1.1001:13
*** pankerini has joined #crux01:45
*** jue has joined #crux01:57
*** MNKyDeth has quit IRC02:19
*** tilman_ has joined #crux04:10
*** mayfrost has joined #crux04:50
*** shynoob has joined #crux04:53
shynoobHey there04:53
ryuoshynoob: small world. Frugalware not your thing?04:55
shynoobxD04:55
shynoobNot sure about it04:55
shynoobWhat do you think? ryuo04:56
ryuoI used to be a major contributor to them, but I haven't used it in like 3+ years.04:56
shynoobLol04:57
shynoobWhat changed04:57
ryuoEh, priorities I guess. I don't feel like tinkering that much anymore.04:58
shynoobryuo what do you do? These dayz04:59
ryuoshynoob: Linux Mint.05:00
pankeriniIs Frugalware still alive?05:00
ryuopankerini: yes.05:00
pankeriniThat's name I haven't heard in years.05:00
shynoobLol ryuo are you messing with me?05:01
ryuoshynoob: no, i use Linux Mint.05:01
shynoobOh lol05:01
shynoobNice05:01
shynoobWhat you doing here then05:01
ryuowhy not? there's still stuff to do here sometimes.05:02
ryuoThere's some interesting stuff in #crux at times.05:02
shynoobOh05:02
ryuobut, ubuntu is still quite usable for advanced users. it's one of the few distros that even offers a stable base for long term use.05:03
shynoobI know05:04
shynoobIm not advanced user ... Im just.. you know looking for fast minimalistic system which will then cater to my game dev needs05:05
shynoobAnd I hear lots of "dont go there" before ..05:06
shynoobLike ubuntu05:06
pankeriniUbuntu is not bad, but if I needed stable I would go with Debian/Devuan05:08
ryuoshynoob: people love to hate on ubuntu. though there's stuff to genuinely hate. ubuntu keeps changing shit like how networking is configured.05:10
ryuothey forced a switch to their homegrown netplan, a steaming pile.05:11
ryuooh, and resolved too.05:11
ryuoyou can still disable them, but it's a pain.05:12
ryuoi'd have just left resolved alone if it wasn't for one broken behavior.05:12
ryuothey switched to a form of asynchronous DNS, which breaks setups that use private DNS servers.05:13
ryuoexcuse me, parallel DNS.05:13
ryuolookups by resolved are done to multiple servers at once. works fine for public DNS, but is utterly broken for private DNS records.05:14
ryuomy network's DNS server helps when you want to know the IP address of local machines.05:15
ryuoespecially DHCP allocations.05:15
ryuodnsmasq is great.05:15
ryuoshynoob: yea, but the issues i've stated are mostly related to systemd, which virtually all distros use now.05:16
ryuoaaaaaa05:19
ryuoerr05:19
ryuorebooted my router.05:19
ryuoshynoob: game development, eh? i can't suggest anything there, but i guess bleeding edge is of interest to you.05:21
ryuoshynoob: if so, arch/manjaro are viable choices.05:23
shynoobVery well05:31
shynoobI'll just go back to using arch05:31
shynoobryuo can I dm u?05:32
ryuoshynoob: sure?05:40
jaegerI'd say you could certainly use crux for that if you want to, but crux does expect some level of tinkering, so if you want to avoid that and focus on your dev tasks, it might not be ideal05:44
jaegerNot trying to run you off, though, I'd say try it in a VM and see if you like it05:44
ryuoshynoob: i just prefer having a measure of stability. Changes on ARCH can break shit that was working previously, due to it being bleeding edge.05:45
jaegerspeaking of gaming, I just played a few hours of Frostpunk, fun game. Great music and I like the gameplay and style05:45
ryuoDebian/Ubuntu/CentOS follow a model of stability where they freeze the major release of the software.05:46
ryuoUbuntu... also has a ton of PPAs if you only want to upgrade a few packages05:46
ryuojust have to keep in mind PPAs are unofficial in general.05:47
shynoobjaeger, Is there proper documentation.. such that in case im stuck.. id know where to go... I dont mind tinkering.. just need to be able to immediately solve issues..05:51
jaegerWe try, but as a small team we haven't covered everything, I'm sure. With that said, this channel is a great place to ask for help05:52
ryuothere's lots that isn't documented here but is general Linux.05:52
jaegeryeah, we tend not to document stuff that applied to any distro, mostly crux-specific stuff05:52
shynoobThat is fine.. but sometimes I can be pretty stupid.. not knowing where to go .. lol05:53
shynoobCoz I'm Linux newbie too05:54
jaegerI think tinkering is the best way to learn but not everyone agrees :)05:54
shynoobI'm inclined to give CRUX a shot.. Let's see06:00
*** elderK has joined #crux06:01
*** pankerini has quit IRC06:09
jaegerone thing you'll run into fairly early is the need to configure and compile your own kernel. How familiar/comfortable with that are you?06:09
shynoobI've installed Gentoo once ... Lol.. but I had alot of help..06:10
shynoobAnd I think I'll need a little hand holding.. or a guide of sorts06:11
jaegerMaybe read through the handbook before you start, see what you think of it06:13
shynoobAlright06:13
ryuoshynoob: Romster <06:14
*** shynoob has quit IRC06:25
*** shynoob has joined #crux06:27
*** shynoob has quit IRC06:33
*** shynoob has joined #crux06:41
shynoobWhat do most crux users refer to for configuring.. compiling kernel?06:41
frinnstwhat do you mean?07:24
frinnstI use the menuconfig descriptions a lot07:24
shynoobGuide of some sorts07:24
shynoobOh07:24
frinnstthe config installed into /usr/src/linux-xx.xx contains some useful defaults07:26
shynoobHmm07:26
*** shynoob has left #crux ("AndroIRC")07:26
*** acerbic has quit IRC08:10
*** acerbic has joined #crux08:13
beli3verhi08:32
beli3veris there an update for firefox?08:32
beli3verhttps://www.mozilla.org/en-US/security/advisories/mfsa2018-28/08:32
beli3versorry was thunderbird not firefox08:32
ryuoshocking.08:33
frinnstbeli3ver: I'll push it when I get off from work in about ~7 hrs. It wasnt available yesterday unfortunately last I looked08:48
ryuofrinnst: how many web developers does it take to setup HTTPS?08:54
ryuofrinnst: Only 1, but you may get more than you bargained for.08:55
*** acerbic has quit IRC08:58
*** acerbic has joined #crux08:58
beli3ver@frinnst thanks09:22
*** acerbic has quit IRC09:44
*** acerbic has joined #crux09:46
*** john_cephalopoda has joined #crux10:22
cruxbot[core.git/3.4]: gdbm: update to 1.18.110:38
*** TheCephalopod has joined #crux10:41
*** john_cephalopoda has quit IRC10:42
cruxbot[opt.git/3.4]: libsdl2: update to 2.0.911:00
frinnstjaeger: just ordered the tiny mikrotik switch from yesterday12:30
frinnst135€12:31
*** acerbic has quit IRC12:53
*** acerbic has joined #crux12:55
*** acerbic has quit IRC13:16
*** acerbic has joined #crux13:17
jaegerfrinnst: cool, let me know what you think after you use it for a bit :)13:35
frinnstyep. ~2wks delivery13:35
jaegerwow, bit slow13:36
frinnsti chose the cheap option :-)13:36
jaeger:)13:36
frinnstdownside with the nics was that there were no low profile brackets13:37
jaegerprobably lots of them available on ebay13:45
jaegerThey don't seem to be available in the US currently13:59
jaeger(the switch, I mean)14:00
frinnstyeah our supplier didnt have it either14:14
jaegerI might try the infiniband option as a cheap alternative first14:15
frinnstextra "cool" marks for infiniband14:15
jaeger:)14:16
frinnstethernet is lame!14:16
jaegerFrom what I've read, though, I'll need to replace the extra super loud fan in the topspin 120 if I go that route14:16
jaegerthat should be easy, at least14:17
frinnstdoes it get hot?14:18
frinnstor just "it will be in a DC anyways, fuck noise levels!"?14:18
jaegerI don't know, not much data on heat.14:18
jaegerI need to do some wiring before I can move my rack out to the garage, currently in the house14:19
jaegerSo noise levels are a medium concern14:19
jaegera noctua NF-A4x20 should do nicely14:20
jaegerFLX version instead of PWM, I think the switch only has a 3-pin header14:21
*** acerbic has quit IRC16:05
*** Kruppt has joined #crux16:06
*** acerbic has joined #crux16:10
*** elderK has quit IRC17:47
cruxbot[opt.git/3.4]: Revert "firefox-bin: cleanups"17:47
cruxbot[opt.git/3.4]: thunderbird: updated to 60.3.017:47
cruxbot[opt.git/3.4]: lzip: updated to 1.2017:47
cruxbot[opt.git/3.4]: firefox-bin: cleanups17:47
*** onodera has joined #crux17:56
jaegerAnyone backing this? https://www.kickstarter.com/projects/librecomputer/la-frite-open-source-fries18:38
ryuowow, that's sad. all the old forum posts from TMC are gone.18:39
ryuoall for the sake of modernizing their forum.18:40
ryuothis new website sucks.18:40
jaegerTMC?18:40
ryuohttps://www.mudconnect.com/index.html18:40
ryuothe mud connect.18:40
jaegerah18:40
ryuoit's rather unintuitive...18:42
ryuoa "menu" button doesn't popdown something.18:42
ryuoNo, it opens a side menu all the way on the left. the button is all the way on the right.18:43
ryuosigh. seems like UI and web designers ruin everything.18:43
ryuobye bye TMC. I see no reason to return to such an awful website.18:45
joacimthat looks like the forum software i cannot access from my mac mini19:00
joacimit pushes the cpu up to 100% usage19:00
Anselmox-x19:00
cruxbot[opt.git/3.4]: firefox-pa: updated to 63.0.119:01
cruxbot[opt.git/3.4]: firefox: updated to 63.0.119:01
cruxbot[opt.git/3.4]: firefox-bin: updated to 63.0.119:01
*** Kruppt has quit IRC19:42
*** Kruppt has joined #crux20:04
*** acerbic has quit IRC20:11
*** acerbic has joined #crux20:13
cruxbot[contrib.git/3.4]: vulkan-validation-layers: Update to 1.1.85.020:54
cruxbot[contrib.git/3.4]: vulkan-tools: Update to 1.1.85.020:54
cruxbot[contrib.git/3.4]: vulkan-headers: Update to 1.1.85.020:54
cruxbot[contrib.git/3.4]: vulkan-loader: Update to 1.1.85.020:54
cruxbot[contrib.git/3.4]: glslang: Update to 7.10.290420:54
*** Kruppt has quit IRC20:57
*** onodera has quit IRC21:07
*** pankerini has joined #crux21:09
*** pankerini has quit IRC21:52
frinnstCVE-2018-5407: new side-channel vulnerability on SMT/Hyper-Threading architectures22:15
frinnst## Fix22:16
frinnstDisable SMT/Hyper-Threading in the bios22:16
frinnstUpgrade to OpenSSL 1.1.1 (or >= 1.1.0i if you are looking for patches)22:16
frinnstlovely22:16
pedjauntil when is openssl-1.0.2 supported? 2020?22:23
frinnstend of 1922:25
frinnstOur previous LTS version (1.0.2 series) will continue to be supported until 31st December 2019 (security fixes only during the last year of support).22:25
pedjais the switch to openssl-1.1 one of the goals for 3.5?22:26
frinnsttbh I havent thought about it22:26
frinnstbut now it is22:26
pedjasurely by now most of the upstream using it dealt with the breakage it introduced?22:27
pedjathat would be an interesting experiment, building crux iso with openssl-1.1, see what breaks22:29
WorksterCVE-2018-5407: all i see is it's reserved with no details22:31
pedjaembargo?22:32
pedjainteresting article on STH about bmc/ipmi security practices. 'step 1, change the default password'. well, duh22:34
Worksterfacepalms22:34
pedja'huge number of servers worldwide still use default IPMI and BMC passwords'.22:36
pedja'root/calvin'. I wonder what's the story behind that one22:38
pedja(Dell emc, apparently)22:38
pedjacould be worse. like 'admin/admin' for SCADA system controlling the blast furnaces in a steel mill nearby22:43
jaegerthe number of admin/admin things out there is probably depressing as hell22:43
pedjathe rationale was that they are relying on a physical security of the control room22:45
pedjabut I heard that the management insisted that they can remote into it, for reasons...22:47
pedjanot sure if true (that story was told over many beers)22:48
pedjaI am still not sure what 'experience with z/OS required' was all bout in one of their job postings22:54
frinnstwell, that was painless22:54
frinnstnothing on my desktop broke, more or less22:55
frinnstwell.. everything broke of course but a rebuild solved all but two ports22:55
frinnstbut those could be easily updated22:55
frinnstWorkster: https://seclists.org/oss-sec/2018/q4/12322:57
Workstercheers frinnst22:57
frinnstshodan.io if you want to get depressed pedja :-)22:58
pedjadon't need shodan for that, but opening a free account to play with that is on my TODO list :)22:59
frinnstI searched on of our customer subnets. it was pretty depressing23:00
frinnstbundled old tomcat servers that we can't patch23:00
pedjais consulting them on security part of the job?23:01
pedjaor you just want to be prepared when shit hits the fan eventually :) ?23:02
frinnstwell what can we do? Hey customer your pricy software you bought and was installed by the vendor is vulnerable to xxxx. What do you want us to do about it?23:02
pedjaouch23:02
frinnstI cant even get that customer to buy a few extra GB of storage. now I get 4-5 alerts each night that they are low on storage when their shitty odd application dumps its database to disk23:02
joacimfriend started poking back at IPs that showed up in his firewall for trying to bruteforce his sshd23:03
frinnstAlarm name: Guest disk space23:03
frinnstCurrent State : Error23:03
frinnstPrevious State: Error23:03
frinnstDetails: Amount of free disk space "D:\" (3.0%) is below a defined threshold (5.0%). Current free disk space is 4.14 GB.23:04
joacimhe found a few NAS devices there still using their default password23:04
frinnsthehe yeah those can be fun23:05
*** acerbic has quit IRC23:05
frinnstwe got some scam emails sent to crux@crux.nu a day or so ago. I scanned the smtp server that sent it23:05
*** acerbic has joined #crux23:06

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!