libera/#devuan/ Sunday, 2019-03-31

ashleyk_icarious, nice..00:01
_abc_Hi. Has anyone else had the DST change hour pass with no change in the clock? I have that.01:25
sleepingkirby_abc_: check your locale on your machine. That's the last time I had that happen01:27
sleepingkirbyeither the user's locale (time zone) was set incorrectly or the system's01:27
_abc_The locale is okay. TZ is okay.01:27
_abc_There should be a script run by cron which does this, no?01:28
sleepingkirbywhat is the TZ?01:28
_abc_That script is not installedon ascii.01:28
_abc_sleepingkirby: does it matter? It was 30 minutes ago here.01:28
sleepingkirby_abc_: it's not by cron, last I checked (someone feel free to correct me)01:28
_abc_Interesting. Then what?01:28
sleepingkirbyit's calculated by time and timezone set01:28
sleepingkirbyso like UTC + timezone +/- dst consideration01:29
sleepingkirby_abc_: https://www.unix.com/linux/252289-how-does-linux-handle-dst-daylight-saving-time.html01:32
_abc_I know. The problem is, the systemd people rely on timedatectl for this, and we don't. And they tend to cripple systems which are "not like theirs", meaning, it is likely devuan suystems won't step time when it's needed.01:32
sleepingkirby_abc_: I'm using devuan and it ticked right for me at DST prior to me moving out of the country01:33
sleepingkirbynow that I'm out of a DST timezone, it didn't ticked, which is also correct.01:33
sleepingkirbyyou can also check by having the clock report to you the +- UTC01:35
sleepingkirbyso if you're in PST/PDT, it should read either -7 or -801:35
sleepingkirbywhich, I think right now should be -701:35
sleepingkirby_abc_: oh, also keep in mind that were you picked you are (which city) matters too01:36
sleepingkirbyI think arizona doesn't observe DST?01:36
sleepingkirbyyeah, just changed my timezone (running jessie here) got 5:43pm, which is correct01:38
DonkeyHoteido people still keep their hardware clocks on non-UTC?01:40
sleepingkirbyDonkeyHotei: I think a lot of window users?01:40
DonkeyHoteiw10 has an option to keep it UTC01:41
* sleepingkirby was just guessing01:41
sleepingkirbyBesides, if it has an option, that means people have an option not to.01:42
_abc_So anyone on ascii and past dst shift time in Europe?01:43
_abc_Where this is happening now? Did it shift? ascii?01:43
sleepingkirbyeurope observer DST?01:45
sleepingkirby*observes01:45
_abc_yes01:45
sleepingkirbywhich countries?01:46
_abc_all01:46
_abc_Will become elective per country from next year or 202101:46
sleepingkirbysorry, let me rephrase that what timezone are you in?01:47
sleepingkirbyand that's the tz offset from UTC?01:47
_abc_UTC+2 Eastern Europe. Actually +3 for DST01:47
sleepingkirby(running ascii here)01:47
sleepingkirbygive me a city that I can set?01:48
sleepingkirby_abc_ like moscow? vienna?01:49
_abc_bucharest01:50
_abc_DocScrutinizer05: you on devuan ascii?01:51
* _abc_ knows DocScrutinizer05 was last seen in a pub but I had to ask01:51
_abc_DocScrutinizer05: my dst clock was not updated at 0200AM, am curious if yours works. ascii here.01:52
sleepingkirby_abc_: yep, I don't see it correctly. It says 2:58am on my clock01:53
_abc_So they crippled it. systemd people cripple everything they touch in the kernel and user land libs.01:54
_abc_Will have to read source to find the problem, don't know where to begin.01:54
sleepingkirbyyeah, sorry, can't help you there. It's weird that they would only for europe though01:55
sleepingkirbystill works find in the US timezones01:55
* sleepingkirby is glad to not be in a DST timezone01:55
plasma41What version of the tzdata package is installed?03:00
_abc_Ok the time jumped at 02:59 -> 040003:01
_abc_So the programming is off by one hour, the data in the tzfile is correct (jump at 0200) but the jump occurred one hour later03:01
specinglooks correct to me03:02
sleepingkirby_abc_: Just asked my wife (American) she says that, in the US, the change happens at 3am. So if you're leaping forward, it skips 3am. If you're falling back, it becomes 2am on 2:5903:06
sleepingkirbyso... blame the americans? >.<03:06
_abc_I am not in murica! :)03:06
* sleepingkirby still glad he doesn't live in a DST country03:07
sleepingkirbythough changing my timezone wiped out my custom datetme format string on my clock >.<03:08
* sleepingkirby tries to remember what it was...03:08
sleepingkirby _abc_: honestly, I just remembered that in one of my jobs, someone from europe had the same complaint. About systems updating DST incorrectly in Europe...03:11
sleepingkirbyand this was back before systemd took a hold of debian >.<03:11
_abc_So the update occurred and now I know in which library to look for it.03:13
sleepingkirbywhich library? I'm curious now.03:15
DonkeyHoteisleepingkirby: it has never been at 3am anywhere in the usa03:20
DonkeyHotei2am is the hour that gets skipped, and 1am is the hour that gets repeated03:20
DonkeyHoteialways was03:21
sleepingkirbyAhh, then my wife is wrong. Then the mystery continues, why did _abc_'s clock skip/fall back at 3am?03:21
_abc_sleepingkirby: glibc which is called by strftime etc03:28
sleepingkirby_abc_: wow, it's in the c library. Didn't think it ran that deep. Thank you03:29
DocScrutinizer05_abc_: 02:59 -> 0400 ??? That's utterly wrong03:32
DocScrutinizer05it's 1:59:59 ->3:00:00 and 2A:59:59 ->2:00:0003:33
DocScrutinizer05afaik03:34
_abc_yes. And yet. Tell me how it goes in .de tomorrow. I want to sleep a little.03:36
_abc_One thing: I'm on localtime clock. Maybe that's why.03:36
DocScrutinizer05.oO(???)04:59
gnarfacei'm thinking the problem was localtime settings for _abc_10:01
gnarfacethat's just a guess10:01
gnarfacebut usually people doing that are dual-booting10:01
gnarfaceso that introduces the opportunity for both operating systems to change the clock in conflicting ways between reboots10:01
gnarfacethere is a way to set tzdata to assume the hardware clock is localtime, but windows or osx might both still mangle it in some cases (they used to anyway)10:02
gnarfacewith later versions of windows though, there is some way to make it play nice with hardware clocks stored in utc10:03
gnarfaceat least, i've heard that.  i don't know how to make it do it10:03
gnarfaceeither way, if you set the bios time to localtime and tzdata is assuming it is utc, things might still get weird ...10:03
_abc_Hi. Reading refracta2usb docs, I see it says it will NOT copy mods to a running live system to the target. This is for 2.3.6 . Is this true? I remember it copes WITH the mods? Is there a flag for this or an option? Still reading.13:42
_abc_fsmithred: hi. Take a look when you can, please. I'll be around several times today.13:48
_abc_Around here.13:48
_abc_I found 2.4.1 references on the site. The old readme is still valid? I'll dig deeper as I read myself into the matter.14:15
fsmithred_abc_, correct. It copies filesystem.squashfs, not the running system.14:26
fsmithredalso note, if you make a live-usb from a live-usb, the paths in the boot menu will need to be edited.14:26
_abc_Hi.14:26
fsmithredEither add or remove a directory level. I forget which.14:27
fsmithredhi14:27
_abc_Say again, the paths in the boot menu will not be correct? Good to know.14:27
_abc_Is there a way to copy the set up live system with all settings? I14:27
fsmithredyeah, they're close14:27
_abc_assume one can "fake" it with some loop mount? It is dangerous and14:28
fsmithrednot an intended way to do it14:28
_abc_will copy in running files etc which need manual cleaning but I think14:28
_abc_I can wing it?14:28
fsmithrednot fully awake here, but maybe create a new snapshot to a loop mount and then use that???14:28
_abc_fsmithred: no problem, get some sleep, I'll be here tonight my time, that's in like 5+ hours.14:29
fsmithredsince it's set up to copy from fielsystem.squashfs, there no need to exclude anything14:29
fsmithredif you copy from running system, you'll need to exclude the things that should not exist in a system that's not running.14:29
_abc_Yes, I can see how that can backfire. I've copied systems by hand before, no problem, I think I know what to omit. Most of the time.14:29
_abc_Also manually cleaned out run files and all the usual things one does not want in the new syste,14:30
fsmithredsys proc dev tmp mnt...14:30
_abc_*m14:30
_abc_Yes14:30
fsmithredlook at the rsync commands in refractasnapshot or refractainstaller14:30
_abc_Have the guys from linuxcnc.org and #linuxcnc contacted you about making a live distro using refracta2usb?14:30
fsmithredsorry, exclude lists14:30
fsmithredno14:31
_abc_fsmithred: yes I will. I have planned to get much more familiar with rsync since we last talked like last year?14:31
_abc_rsync can do mirroring and reverse mirroring over ftp, right?14:31
fsmithredI don't know anything about rsync over ftp14:32
fsmithredrsync can go in both directions (push or pull) by itself14:32
fsmithredor over ssh14:32
_abc_Yeah I'll find out. I use lftp for mirroring now, been doing that for nearly 10 years.14:32
_abc_It sometimes drops the ball with recursion and such.14:32
_abc_Will try to switch to rsync or another mainline tool soon14:33
_abc_fsmithred: encryped loop boots are okay usually with r2u?14:33
_abc_Also is there a more recent readme than 2.3.6 ?14:33
fsmithredboots?14:33
_abc_Encrypted loop fs debian/devuan etc14:33
fsmithredr2u can create encrypted loopback file for persistence14:34
_abc_used with r2u. I read the readme, there's an example setup there I might use as template, we'll see. But I would like to know if there are snags or problems with this at all?14:34
_abc_fsmithred: sure, but does it work cleanly at present?14:34
_abc_In 2.4.1 ?14:34
fsmithredthat does14:34
_abc_This is not a priority but I will try one system like that, use it later.14:35
fsmithredencrypted loopback file has been working for a few years14:35
_abc_I have to do with some locusts who steal everything they can lay hands on in IP.14:35
fsmithredand I haven't messed with that for a long time, so it should still be good14:35
_abc_Good to know. I knew this but sometimes certain versions are known to have little bugs and snags, so I asked.14:35
_abc_Thanks.14:35
fsmithredyw14:35
_abc_So no contact from linuxcnc?14:36
fsmithredno14:36
fsmithredmaybe they looked at the code and changed their minds14:36
_abc_I dropped a hint there several times about the advantages of using r2u for a live boot / installable linuxcnc release.14:36
_abc_Did not "catch" so far, apparently.14:36
_abc_Okay. So 2.4.1 is latest and 2.3.6 is the most recent readme, and applies to 2.4.1 ? Or should I read the source for extra options? The release notes seem to imply nothing massive changed from 2.3.6 to 2.4.1. in the options and menus areas. Correct?14:37
fsmithredyeah, lemme check the changelog for the latest. Not a lot changed.14:38
fsmithred* Set root's path to include sbins for Buster/Beowulf.14:39
fsmithredand updated files for patch_initrd14:39
fsmithredwhich is for making the first partition read/write for user14:40
fsmithredand allowing the persistent loopback file to be on the first partition (I think it still does that)14:40
_abc_Yes. I need it on another partition though. Are all versions of windows "unable" to see a second or higher partition even if that is vfat32?14:41
_abc_Vista and XP at least cannot see the extra partition(s) if there's an ext2 or anything like that in between.14:41
fsmithreddon't know.14:41
_abc_Also they are chronically unable to see multiple partitions on usb sticks. Is there a registry hack for this perhaps?14:41
fsmithredmaybe. I haven't used it since XP was still supported.14:42
_abc_Basically a r2u made stick with N partitions on it, will have a fat32 1st partition, visible to windows, and all the others not14:42
fsmithredyeah, that's been my experience14:42
_abc_I'd like the 1st visible partition to NOT be the r2u one, but a dummy one.14:42
_abc_So what's the business of putting in an extra boot loader?14:42
fsmithredchange it to grub and you can do that14:43
_abc_Change it how? Instead of syslinux?14:43
_abc_I mean there's an option called ALTERNATE BOOT LOADER in the docs14:43
_abc_this then uses a chain b/l where one manually selects what to boot?14:44
_abc_Or does it honor the set bootable flag on a non -1st partition?14:44
fsmithredit's not in the script14:44
fsmithredhave to do it manually14:44
_abc_You mean add grub2 ?14:44
fsmithredfirst, make sure to leave 2mb free space at beginning of usb14:44
fsmithredyeah14:44
fsmithredalternate uses install-mbr14:44
fsmithredI don't think that can do what you want14:45
_abc_How do I make sure I have 2mb free? create partition then delete it?14:45
fsmithredif your snapshot has uefi support, you'll already have a grub menu that will work14:45
fsmithredstart the first partition 2mb in14:45
_abc_I do not use uefi, legacy systems with hardware hanging off of hw ports.14:45
_abc_fsmithred: ah, and still call it "1st" right?14:46
fsmithredthen you'll need to create /boot/grub/grub.cfg in first partition14:46
fsmithredoh, not necessarily first14:46
_abc_Hm looks like I'll need to read more on grub14:46
fsmithredgrub can deal with config to be anywhere14:46
_abc_So how about this partition plan: 1st_part: 2mb in, as dummy, vfat32, visible to windows; 2nd: vfat32, bootable, root for r2u install; 3rd: ext2, data and loopfs images14:48
_abc_Will r2u work if the 1st partition is not the "root"? Or should I fake the name and then edit it and edit the boot scripts.14:48
fsmithrednot sure if syslinux needs to use first partition or not. I know it needs vfat and needs boot flag.14:49
_abc_Ok, more testing to be done. I will do this, I will dedicate one evening/night to it.14:49
fsmithredto install grub: grub-install --boot-directory=/boot /dev/sdX14:50
fsmithredwith /boot/grub/grub.cfg on same partition as the system14:50
_abc_Yeah I get it. Okay, maybe talk to you in a couple of hours. I am just collecting information and setting up the plan and the time to allot now, won't be doing real work today.14:53
* _abc_ had a flu like thing and needs some r&r 14:54
fsmithredok. let me know what you find out.14:54
fsmithredoh, I've got it now14:54
_abc_Hm?14:54
fsmithredtrying to get well before I fly to AMS on tuesday14:54
fsmithredhead cold14:54
_abc_Oh the flu? Be careful and do not hesitate to go for antivirals like acyclovir if needed, the flu is nasty and can leave you witl months of headaches and low stamina plus muscle pain and so on.14:55
_abc_*with.14:55
fsmithredacyclovir won't help with flu14:55
_abc_I do not know. I think one of the antivirals does help. To prevent too much damage, not to make it shorter.14:55
fsmithredwell, it might keep you from getting a cold sore14:56
_abc_I am not into self medication.14:56
fsmithredtamiflu or something like that14:56
_abc_fsmithred: avoiding nerve damage and encephalitis is more of a priority.14:56
_abc_Yes tamiflu maybe.14:56
ErRandir_abc_: you'll probably want a partition for swap as well.15:04
_abc_No.15:04
ErRandirok, your choice :)15:05
_abc_Why would you swap on a usb stick?! ErRandir have you done this before?!15:06
ErRandirYes I have done this. If you have a swap partition and don't need it that's fine. The other way around and you're suddenly in a bad position.15:07
_abc_One can put in a new stick in another hole and use it as swap if needed.15:07
_abc_Swap is a really bad idea for speed reasons and also for security.15:08
_abc_Unless encrypted swap.15:08
_abc_Why would anyone use ext3fs on a crypto loopfs?! ext2 is not preferred?15:10
gnarface_abc_: did you figure out the issue with your clock?15:16
_abc_gnarface: yes, it stepped one hour too late. instead of 0200am->0300 it stepped at 0259->040015:16
_abc_gnarface: I spent one hour looking for solutions, to no avail15:16
_abc_the tzfile dump shows it is to step at 020015:17
gnarfacei just figured it might have been a complication with localtime in the bios and some other os you might have been dual-bootin15:17
gnarfacedual-booting15:17
_abc_This reminds me I now need to set about 10 devices. One by one as I find them.15:17
_abc_gnarface: the other os was not dual booted into for about half a year15:18
gnarfaceoh15:18
_abc_gnarface: also this system is in sleep when off, so not even it has rebooted in a long long time15:18
gnarfacewell it was just a theory15:18
_abc_okay15:18
gnarfacetzdata should specifically ask, i thought, whether your bios is in localtime or utc15:18
gnarfaceor maybe that was ntp15:19
gnarfacebut either way, if you tell it one but do the other, that could cause weird issues too15:19
gnarfacenewer versions of windows i've heard can support utc now, but it might require a registry change15:19
_abc_I read some BSD source for strformat iirc and it made several mentions to hacks in the glibc version at option %Z which is the tz related one.15:21
_abc_It is easily possible that something odd is going on there.15:21
_abc_In my version of glibc and in combination with running on local time.15:21
asbesto\o/18:06
KatolaZasbesto: back on IRC?18:19
KatolaZo_O18:19
asbestoback? I never left, BIATCH18:20
asbesto:D18:20
Ji-eF[m]Can anyone point me to the package that contains certtool, please ?18:54
mns`Ji-eF[m]: gnutls-bin18:55
Ji-eF[m]woot, thanks mns`18:56
mns`Ji-eF[m]: no problem :)18:56
Ji-eF[m]wow, the backtick in your nickname made my Matrix client to display things in some unusual manner :D18:58
gnarfacethat seems dangerous19:02
_abc_What the HELL http://www.devuan.org/pwned.html19:33
KatolaZ_abc_: we are working on it :(19:35
buZzapril fools?19:35
KatolaZbuZz: I bad one, since none of the devs knows about it...19:35
_abc_KatolaZ: got it. Again: ascii tracks stretch?19:35
KatolaZ_abc_: do you think this is the moment to ask such a question?19:35
KatolaZo_O19:35
_abc_Yes, I keep forgetting. Is it stretch or wheezy? Idiotic release names should contain a number too.19:36
_abc_Sorry, doing things now, can't help you, don't know how, about the site.19:36
gnarfaceit is stretch19:36
_abc_thanks.19:36
helios21Best of luck regarding the pwning.19:45
* helios21 is sad about the attack19:45
_abc_I would be sadder if they pwned the repos for a while before putting up the crap logo, and someone got a trojaned iso19:45
specing_abc_: maybe they did19:55
_abc_yes.19:56
specingsecurity update for ssh, now with backdoor :)19:56
_abc_People should make a HABIT out of putting the sha256 sums file on ANOTHER server than where the images are.19:56
_abc_I've yet to see someone implementing this. Even as a howto text, one line in the file. "check the sha256sums using the sha256sums file downloaded from ANOTHER mirror than this one"19:57
_abc_Placing the sums file in the same place with the items to be downloaded is completely useless. The http/ftp etc transports already check for file size, checking "integrity" with sha sums is completely useless, sum(1) is much faster19:58
* _abc_ awards a -1 points for security on a scale from 0 to 1119:58
KatolaZ_abc_: your reasoning is totally borked19:58
_abc_Is it now?19:58
KatolaZthe security of SHASUMS is guaranteed by the signature19:58
KatolaZdone with gPG19:58
KatolaZand checked with the corresponding key19:59
_abc_Oh god. Yes, and what if they changed those too since they're on the same server?19:59
KatolaZchanged what?19:59
KatolaZmy own key?19:59
KatolaZjaromil's one?19:59
_abc_Average user downloads, checks sha256 against file provided, installs19:59
KatolaZo_O19:59
specing_abc_ is correct19:59
_abc_Nobody cares about your key, the user will be reassured the sum matches what he just got from the same site19:59
specingand _abc_ is also correct that the gpg public keys are not accessible in multiple locations20:00
_abc_Plus no-one bothers usually20:00
KatolaZspecing: they are on public key servers...20:00
specingKatolaZ: anyone can upload there20:00
KatolaZo_O20:00
KatolaZanyone can use the same key to sign my emails as well?20:00
KatolaZor jaromil's?20:00
KatolaZo_O20:00
KatolaZok, got better things to do20:01
KatolaZwill leave you to your murmurations20:01
KatolaZo/20:01
specingthere are hundreds of key servers, have you uploaded devuan signing key to each and every one?20:02
gnarfacegpg doesn't work like that20:03
gnarfacethere are two keys20:03
gnarfacea public and a private one20:03
specinggnarface: the public part20:03
specingof course20:03
gnarfaceyou sign with the private one, and you upload the public one20:03
specingone person raised the issue of building all packages on the same server20:03
specingI have not looked into this issue, yet20:03
KatolaZspecing: on which server exactly?20:03
gnarfaceit would be pretty difficult to make a forged public key that would match anyone's locally stored copy visually20:03
gnarfacemy suggestion is to find an example20:03
MinceRlol @ deface20:08
MinceR(april fools?)20:12
bluemarlini sure hope so20:13
skyroveRRSo when is the site getting restored?20:13
MinceRmaybe on the second20:13
skyroveRRWhere's the server located?20:13
skyroveRRMinceR: ?20:16
MinceRi don't know20:16
MinceRbut if it's an april fools joke, i'm guessing it would be gone on april 2nd20:17
_abc_whois 1.2.3.4 will tell you where the server is located20:19
_abc_Paris, France, OVH nets20:19
_abc_No, belongs to Sistemi Domotici from IT20:20
_abc_The block20:20
_abc_46.105.191.76 that is, which is what devuan.org resolves to now20:21
bluemarlinMinceR: if this is april fools joke and that email from Jaromil on mailing list is part of it - i consider this a really bad taste.20:21
ashleyk_lol20:21
_abc_Oh I missed the fact today is April 1st20:21
* _abc_ feels fooled.20:21
mns`It's not a nice prank :(20:23
gnarfacei dunno either way i think the gopher theme is funny anyway20:23
Ji-eF[m]Anyone knowledgeable with ngircd and SSL (and services stop/start)? Without SSL, the command `service ngircd start` starts the server OK. Enabling SSL, starting the service fails, but manually starting (ngircd --nodaemon) works.20:23
ashleyk_try it with a gopher client :)20:23
Ji-eF[m]ngircd Devuan package is compiled with GNUtls support if that helps20:25
_abc_ashleyk_: it's a trap!20:27
asbestowhat20:31
asbestothe HELL20:31
asbestohttp://www.devuan.org/pwned.html  <--- that's MADNESS21:36
roo^yi was sent that link. it's the reason this channel has my attention. Now i've just been sent a twitter link that @DevuanOrg posted21:39
sodastabhttps://twitter.com/DevuanOrg/status/111243764666671104621:40
sodastablol21:40
WonkaApril Fool's Joke?21:40
sodastab*checks date* yeah probably21:40
sodastabhope they keep the gopher site up21:40
roo^y:D21:41
asbestoproblem is - we can't acces to GIT anymore21:42
asbestoso it's more than an april's fool :(21:42
Tom-_oh so it's not just me that can't access github.com21:42
Tom-_firefox wouldn't load it, but chromium did.... i missed youtube-dl.org21:42
sodastab?21:44
roo^ywhy'd you lose all the pre-2016 data on your myspace site?21:44
va7lnxTom-_: you looking to download youtube videos?21:44
Tom-_yeah, i got youtube-dl working though, thanks :)21:44
DonkeyHoteiroo^y: https://www.theverge.com/2019/3/18/18271023/myspace-music-videos-deleted-2003-2015-server-migration21:46
va7lnxI use a firefox plugin for that21:46
va7lnxand the web does suck.21:46
roo^yen.savefrom.net is somewhat alright for grabbing vids21:48
va7lnxhttps://technologyto.com/extractor.html21:50
JookiaHi, when will the main site be restored?22:30
KatolaZJookia: we are working on it22:31
JookiaIt's an april fools thing isn't it?22:31
va7lnxgopher site works :)22:34
Jookiait's a lot less accessible22:34
va7lnxthat is true22:35
va7lnxdoes gopher have an equivalent to "post" or is it just a one-way medium?22:35
KatolaZva7lnx: gopher://pkginfo.devuan.org22:35
KatolaZthey also put there a search engine for devuan packages :\22:36
JookiaWho made it that way?22:36
va7lnxneat22:36
va7lnxsomeone really put some thought into that.22:36
tuxd3vGreen Hat... they mean greed RedHat22:37
watchcati like the new look. i vote keep it.22:37
JookiaPlease no22:38
watchcatat least the gopher.22:38
JookiaIs there a mail list or repo or something for whoever did this?22:38
JookiaI want to email them22:38
va7lnxdoes gopher had SSL capabilities?22:39
Jookiano22:39
va7lnxmind you, I guess you could just use stunnel22:39
tuxd3vDoes any one knows the real address of devuan.com?22:40
tuxd3vould this be a dns attack and not on the site?22:40
KatolaZtuxd3v: devuan.com is not devuan.org22:40
tuxd3vyeah sorry22:40
JookiaWho runs the website?22:41
tuxd3v5.196.38.18?22:41
KatolaZJookia: that's Devuan's server22:42
KatolaZ-_-22:42
JookiaKatolaZ: Aren't you involved in the website hosting?22:43
watchcati guess i'll just call devuan 'green hat' from now on. has a nice irish sound.22:45
roo^y"all publicity's good publicity" :P22:45
va7lnxKatolaZ: so they got to the domain registrar, not the web server?22:45
KatolaZva7lnx: no way22:45
KatolaZthe DNS is fine22:45
va7lnxoh. okay.22:45
KatolaZand it's pointing to all the correct servers22:45
va7lnxwww.devuan.org.600INA46.105.191.7622:46
watchcatguys, puhleeze. no doubt in my mind this is a joke.22:46
va7lnxjust in case, that's what I'm getting back22:46
va7lnxwatchcat: I think you are right. :)22:46
KatolaZthat;s correct22:47
va7lnxnobody would put that much effort in to pown a website.22:47
KatolaZwatchcat: if it's a joke, it's a bad one :\22:47
tuxd3vhumm22:48
Jookiait's a meta joke done by katolaz probably22:49
redrickBy an odd coincidence, I've been trying to plant the rumour that EFF will replace HTTPS Everywhere with new codebase Gopher Everywhere in early April, thanks to their chief computer scientist Lirpa Loof.22:49
MinceR:)22:49
watchcatlirpa loof :D22:49
Jookiait would just be nice to get an ETA when the main site gets back22:50
redrickI got an enter local-to-me mailing list convinced that I was serious.22:50
tuxd3vwww.devuan.org.  600 IN A 46.105.191.7622:52
tuxd3vok22:52
tuxd3vand the repos?22:52
tuxd3vare this one?22:52
tuxd3v5.196.38.1822:52
KatolaZtuxd3v: repos are not affected22:53
KatolaZthe machine was not compromised22:53
redricks/enter/entire/  (need more coffee)22:53
Jookiawas this done with consensus or just by katolaz22:53
roo^ysome say these guys https://i.imgur.com/zenFToY.jpg22:54
tuxd3vprobabloy they entered with 'nobody' user..22:54
fsmithred Jookia I think anything that's been done so far has been done by whoever could get hands on it first, and that behavior is by consensus.22:57
Jookiafsmithred: what do you mean?22:57
KatolaZfsmithred: jaromil knows nothing, Centurion_Dan knows nothing, rrq just woke up and known nothing, Evilham is still booting up his computer :(22:57
KatolaZnone of us can access any of the machines22:58
KatolaZexcept from d1galaxy, pkgmaster, and amprolla22:58
KatolaZ:(22:58
JookiaKatolaZ: So are you saying you didn't do this22:58
ralpheeeeis the website down?22:58
fsmithredyeah, I just answered Jookia because it sounded like he thought you were acting on your own.22:58
fsmithredoh22:58
fsmithredI misunderstood22:58
fsmithredno, Jookia, KatolaZ would not sabotage his own project22:59
fsmithredhe's one of the main devs22:59
KatolaZyeah, I would kick myself out of the infra *just for fun*...22:59
JookiaSo, you didn't do this?22:59
KatolaZgotta go, we are trying to talk to the provider now22:59
tuxd3vfrom d1galaxy you have no access to those server?22:59
fsmithred'cause you're just sitting around with nothing to do22:59
KatolaZwill update you22:59
fsmithredthanks22:59
redrickKatolaZ: Courage and thanks.  Trying to think of ways I can help without running afoul of Brooks's Law.23:00
Venkerhi people23:00
tuxd3vcan any one access from:23:01
tuxd3vd1galaxy, pkgmaster, and amprolla23:01
tuxd3vto the afected sites?23:01
KatolaZno tuxd3v23:01
tuxd3vin anny way23:01
tuxd3vpossible?23:01
tuxd3vdatabase users23:02
JookiaKatolaZ: It really looks like you did this as an april fool's joke considering you're big in to gopher23:02
KatolaZtuxd3v: what do you think I have been trying to do in the last 5 hours?23:02
KatolaZ:\23:02
tuxd3vI think you are trying anything possible23:02
tuxd3vI am just giving Ideas23:03
tuxd3vand I know its frustrating23:03
KatolaZthanks tuxd3v23:03
KatolaZI appreciate that23:03
KatolaZ:)23:03
tuxd3vdoes you have access do managment console of those servers?23:04
tuxd3vidracs, hilos23:04
KatolaZwe are trying to get hold of that23:04
tuxd3vyou welcome bro!23:04
Venkeris this a joke?23:05
JookiaKatolaZ: can you just say 'No I didn't do this'23:05
tuxd3vguys23:05
KatolaZJookia: how many times should I say that?23:05
KatolaZo_O23:05
tuxd3vC'mon23:05
JookiaKatolaZ: I didn't see you say it at all, so just once to me would be fine23:05
tuxd3vKatolaZ is a respectable person23:05
KatolaZ-_-23:05
JookiaCan you link me to a log of you saying it23:06
tuxd3vyou can't even access the repos23:06
KatolaZJookia: No I didn't do it23:06
KatolaZare you happy now?23:06
KatolaZ:\23:06
Jjp137isn't that basically implied by what's being going on here in the past few hours and what's said on the DNG mailing list23:06
KatolaZbbl23:06
watchcatwe will all know on april 2.23:08
_abc_Well they timed it right, for Sunday April 1st23:08
tuxd3v<Jjp137>, What do you mean23:08
_abc_Nobody reachable to take it down.23:08
redrickBack when I was first in IT in the 1980s, if $FIRM had server downtime, the junior department member got posted to the server room door to intercept the parade of people walking up and wanting briefings -- so that other IT staffers could fix the problem.23:09
ralpheeeewanted to finally try devuan ...tbh joke or no joke ...confidence has totally tanked from my perspective23:09
_abc_Translated: they had the door open before, and just made this happen today imo. Translation2: if you downloaded ANY isos from the main webpage check them again.23:09
_abc_redrick: nice job23:09
KatolaZredrick: devuan servers are not in my living room....23:09
_abc_ralpheeee: lol? The website is related to the distro how?23:09
KatolaZ:\23:10
_abc_ralpheeee: you are so funny. Some isp/web hosting related problem occurred. Patience till tomorrow.23:10
redrickKatolaZ:  Bien sur.23:10
ralpheeeethis is "basic" infra structure23:10
tuxd3v <Jjp137>, What do you mean, by the mailing lists?23:10
_abc_Monday things will be restored, humans will be around etc23:10
_abc_ralpheeee: it does not run on devuan.23:10
redrickKatolaZ:  I was basically trying to indirectly say 'Hey, give our esteemed Devuan folks some breathing room and enough with the questions.'23:11
Jjp137tuxd3v, here: https://lists.dyne.org/lurker/message/20190331.191104.169aaf9a.en.html23:11
Jjp137and so on and so forth23:11
* roo^y screams "EVERYONE PANIC!!", *runs next door & kills his neighbor's cat*23:12
ralpheeeewell if you folks can take devuan seriously hats off to you folks23:12
roo^ys/devuan/systemd/23:13
watchcatthank, ralpheeee u 223:13
redrickralpheeee:  Are you going to keep trying until you get a rise out of someone?  Asking for a friend.23:13
roo^ymaybe narcissist day falls on another date23:14
unixman_homeWhy would one lose confidence in a distribution over a web site crack? That sort of thing happens all the time. Heck, I'd be more worried about a repository crack in, which has happened to other distributions over the years. :)23:16
watchcatcough mint cough23:17
redrickIn Mint's case, the distro itself was compromised.23:17
tuxd3vroo^y: find a girl, or a good porn movie to entertain yourself..23:17
* roo^y doesn't want to take his unnecessary commentary to the #devuan_april-fools channel23:17
roo^ygaslighter left23:18
Jookiasha1 fingerprint of website TLS is AC:59:5A:2D:37:C6:8E:10:18:F8:DC:CD:D5:01:3A:D2:7D:AA:C8:0B23:19
redrickThese sorts of Web-site incidents do underline the importance of, among other things, gpg-signed checksums for ISOs.23:19
redrickWhich Devuan is good about, and many distros are not.23:19
redrickhttps://pastebin.com/1dX5XG7W23:23
se7enNice april fools joke guys23:26
se7enYou should keep gopher up tho23:26
redrickwatchcat:   In Linux Mint's case, the www.linuxmint.com host got rooted for several hours, during which trojaned ISOs with matching md5sume files were posted by the intruder.  After the incident postmortem, Mint finally starting gpg-signing the ISO checksums, but hadn't until then.23:29
redrickThat was 2016-02-20.  Partial disclosure here:  https://blog.linuxmint.com/?p=299423:30
tuxd3vyeah I remember very well that, with Clem been very patient and working 2 days or so without sleep23:30
redrickNever heard what the vector for site compromise was, but the cynic in me says 'Well, WordPress....'23:31
watchcatyep. i'll just pass on discussion of mint, since i have low regard for the entire organization. 'nuff said.23:32
tuxd3vGuys does the SSL certificate on the Site is valid?23:33
tuxd3vI mean if its from devuan23:33
VenkerHang on, admins! :-)23:33
VenkerI believe in this project23:34
redrickwatchcat:  The fun one to go through was this, and I didn't want to say at the time that the embarrassed firm was my employer VA Linux Systems:  http://linuxmafia.com/faq/Security/breakin-without-remote-vulnerability.html23:34
tuxd3vEverybody with good intentions and been a lover for Free software and respect believe in the project23:34
tuxd3v:)23:34
redrickwatchcat:  In that case, a kid stole a developer ssh password at a university site for access to shells.sourceforge.net, cracked root there, replaced /usr/bin/ssh with a trojaned copy, and waited to see if VA Linux sysadmins were dumb, which they were:23:36
redrickSome yob on the staff ssh'd from corporate into the host (harmless), but then scp'ed a file back into corporate (stupid).23:37
redrickMoral of story:  Mustn't expose your ssh credentials on a host you don't have full confidence in.  shells.sourceforge.net, being a public shared host, was risky.23:38
watchcatthey shouldn't have been using passwords anyway.23:40
redrickwatchcat: Stolen private key and passphrase is not any less stolen.23:40
redrickThere's always someone who claims using keypairs fixes credential theft, when it just doesn't.23:42
redrickI'll hasten to add that I was not the yob in question.  I worked in a different department.23:42
VenkerAre backups affected, too?23:49
tuxd3v-help23:52
_abc_So the answer is yes? I can't help but notice that GREEN HATS RHYMES WITH RED HATS23:54
_abc_Which may point at who was behind this.23:55
_abc_Or just be more smoke.23:56
tuxd3vI think you are in the right track..23:56
tuxd3vthe same criminals has ususal..23:56
_abc_No way to know. False flag is very likely.23:56
tuxd3vdon't believe in false flag, when that only damage foes you do it..23:57
tuxd3vA false flag pretends to get something23:58
tuxd3vwhich is not the case..23:58

Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!