| sincere_fox | Hello guise | 05:06 |
|---|---|---|
| sincere_fox | is there an ISO to try/install beowulf? | 05:08 |
| sincere_fox | is installing ascii and then upgrading the way to go? | 05:13 |
| sincere_fox | Ok I found the mini.iso | 05:17 |
| pekman | hey all | 09:58 |
| pekman | What is the path to shutdown the system using loginctl poweroff without providing a root password? | 09:58 |
| Kizano | pekman: `sudo shutdown -Fh now` ? | 10:06 |
| pekman | Isn't there a way to shut down the system without providing any password? | 10:07 |
| Kizano | I want to question as to the use case for this - don't you want to be certain it's OK to shut down the system? | 10:07 |
| retak_ | pekman, I read about a way to shut down the system without password. with a special user. hmm | 10:09 |
| VadPerevad | visudo? | 10:09 |
| Kizano | oh ^ yeah, without a password yes... | 10:09 |
| Kizano | but not without root | 10:10 |
| Kizano | :NOPASSWD | 10:10 |
| Kizano | or something similar... | 10:10 |
| pekman | see https://framapic.org/7BWLWSu93DQY/JQsBO5kSYojq.png | 10:10 |
| pekman | i d'ont use sudo | 10:11 |
| pekman | I use Pekwm I think we may be missing some session package... | 10:12 |
| retak_ | pekman, its with /etc/shutdown.allow but I don't find more info about it jet | 10:13 |
| pekman | retak: shutdown.allow didn't solve the problem. I already tried that. Yes I put my user in the file | 10:18 |
| r3boot | pekman ALL=(ALL) NOPASSWD: /sbin/shutdown | 10:18 |
| r3boot | add that to sudo, and you can sudo shutdown whatever you want | 10:18 |
| retak_ | ok | 10:18 |
| onefang | Just pull the power cord. B-) | 10:21 |
| pekman | r3boot: I don't use sudo. And I don't intend to. | 10:21 |
| surrounder | what's wrong with sudo? | 10:22 |
| r3boot | pekman: chmod +s /sbin/shutdown ; chown root: /sbin/shutdown <-- have fun then :) | 10:22 |
| retak_ | pekman, is it a server with BMC/IPMI? you can shutdown with IPMI :) | 10:22 |
| r3boot | (NOTE, DONT DO THAT!!!) | 10:22 |
| pekman | retak: is a normal desktop | 10:23 |
| r3boot | pekman: in principle, you need to authenticate before you can run sysadmin commands. That's how, fundamentally, UNIX works. You can break that rule, sure, but that's not a normal setup | 10:23 |
| r3boot | Now if you want to have passwordless authentication, that's possible as well | 10:24 |
| r3boot | however, there are just 3 ways to do it. One is remove the root password and use su; Two, use sudo, and three, use setuid binaries | 10:24 |
| r3boot | #1 and #3 are not recommended practice | 10:24 |
| r3boot | Maybe you can get it done via dbus btw, not 100% sure tho, and it wont be via /sbin/shutdown | 10:25 |
| onefang | Ctrl Alt Del, then power off once it's starting to reboot back up again? | 10:25 |
| r3boot | is also a possibility yeah | 10:26 |
| retak_ | #4 use su, but write the root pw into a scipt. and hode the script very well ;) | 10:26 |
| r3boot | ACPI shutdown as well | 10:26 |
| retak_ | *hide | 10:26 |
| r3boot | that is *nasty* retak_ :) | 10:26 |
| r3boot | it will work tho :P | 10:26 |
| onefang | If it's a desktop, surely you can logout and hit the shutdown button on the login GUI? | 10:27 |
| retak_ | is there any filesystem which can hide files? chmod -hide script. that would be cool | 10:27 |
| retak_ | oh wait. NSAFS. nevermind | 10:28 |
| r3boot | no, that's not possible unless you use (eg) a hidden crypto volume. | 10:28 |
| r3boot | (otoh, it kind of depends on what you mean with 'hide a file') | 10:28 |
| retak_ | its not visible by 'ls' but executable ^^ | 10:29 |
| pekman | thank you for your attention. | 10:30 |
| pekman | sorry my bad english | 10:30 |
| retak_ | pekman, oh sorry :) I don't have more ideas | 10:30 |
| r3boot | pekman: your options are above :) | 10:31 |
| pekman | I'll look for a solution in the Void Linux or Artix Wiki/Forums. They also use Elogind. I think they should have a solution. | 10:33 |
| r3boot | retak_: hmm, thinking about it for a bit. In principe, UNIX works with a DAC framework, which means that, if the file is on the filesystem and you have read rights on the top level directory, you can read the file. If you want to prevent that, you need a MAC framework (like selinux) to prevent the systemcalls that open the file | 10:33 |
| retak_ | ooooooor | 10:41 |
| retak_ | I write a patch for ls to filter filenames ^^ | 10:41 |
| retak_ | like hacking my own system | 10:42 |
| r3boot | retak_: which will be broken the instant an attacker uploads her/his own binaries ;) | 10:49 |
| r3boot | but have fun nevertheless :) | 10:49 |
| retak_ | hehe | 11:19 |
| fsmithred | loginctl poweroff | 12:30 |
| tlf1138 | Good day Ladies and Gentlemen, Dammen und Herren. | 13:26 |
| tlf1138 | I posted to giuthub that apt-cacher-ng breaks with your new mirror system. This is kind of important to me, because it is where I keep my netboot install files and deb cache. | 13:27 |
| tlf1138 | I'd love to help getting that working again. Some details of the new mirror system would be nice... I need to install 40 servers at once, and it would be a bad idea to overload your and my bandwidth. I will also put up a full mirror once I can pull updates from apt-cacher-ng. | 13:30 |
| r3boot | Alternatively, you could also run Squid with aggressive caching options | 13:30 |
| r3boot | (no clue as to what you are running into with apt-cacher-ng + the devuan repo's tho) | 13:30 |
| tlf1138 | I saw that post by that guy... I'd rather use apt-cacher-ng because it allows me to thin provision and finely tune all the distros and repos I need to cache. I can run updates from google without hammering on their servers, which is a plus. | 13:32 |
| tlf1138 | Disk space is at a premium at the moment. I will hopefully be getting more disks today. | 13:33 |
| r3boot | just wondering, what do you mean with thin provisioning of apt packages? That you only download what you need? | 13:33 |
| rrq | recently I had to change /etc/apt-cacher-ng/acng.conf, to have "VfileUseRangeOps: 0" | 13:34 |
| tlf1138 | It does pdiffs and some smarts to keep only the most used packages around. | 13:35 |
| r3boot | Aha, check | 13:35 |
| r3boot | makes sense if you're short on diskspace | 13:35 |
| rrq | I think one or the other of the mirrors fails to support range headers | 13:35 |
| tlf1138 | It is a pretty old machine... Has two redundant CPUS, Three redundant memory banks, three redundant disks, two redundant gigE... It's 32bit, but you can quite literally put cards in it when it is on and take them out. | 13:36 |
| tlf1138 | Oh, and 2 bit CRC memory on top of the memory redundancy. The thing will live longer than me. | 13:37 |
| r3boot | what kind of system is it? | 13:37 |
| tlf1138 | HP DL360 G2? One of the DL360s. | 13:38 |
| r3boot | Oh, cute | 13:38 |
| r3boot | AlphaServer legacy ;) | 13:38 |
| tlf1138 | Uhhhhh.... It doesn't have an Alpha ISA. I have an Alpha the OpenBSD guys gave me, but this is P4 Xeons. | 13:39 |
| r3boot | HP DL is based on Compaq Proliant, which is based on Compaq AlphaServer | 13:41 |
| r3boot | Which alpha do you have then? :D | 13:41 |
| r3boot | <-- alpha fanboi | 13:41 |
| tlf1138 | AXPpci33 500MHz NoName. It has the VMS microcode loaded right now, and a dead power supply. When November 11 comes around, I'll get it set up | 13:43 |
| tlf1138 | Alpha is fucking amazing. Intel could have owned 64 bit computing with it, but instead Not Invented Here, and Itanic. | 13:43 |
| tlf1138 | I will eventually have my "old soldiers" online, and you guys can metal test other architectur on them. I am in the process of turning my 40 node storage cluster into a compile farm. Anyways, must go. ttyl | 13:45 |
| r3boot | Ah, nice one. Still running a DS10/466MHz 21264/2GB/2x36GB and a DS25/dual 1GHz 21264/6GB/6x146GB/hw raid here. | 13:45 |
| r3boot | All running OpenVMS ofc | 13:46 |
| tlf1138 | Heh... I have a hobbiest license of VMS 8.4 on my VAX. I have a Digital UNIX 10 connection license .iso if that ever interests you >.> <.< | 13:47 |
| tlf1138 | w4r3z pup :P | 13:47 |
| tlf1138 | Anywho back around 3pm PST | 13:48 |
| r3boot | https://r3blog.nl/pakgen.c ;) | 13:48 |
| tlf1138 | Okay, you just got inducted into the Otherhood of W4reZ And Pr0n (Begbie Baillie chapter) | 13:49 |
| r3boot | wait ... this is #devuan, we cant do non-x86/devuan talk here ;+ Anyhoe, hf! | 13:50 |
| Centurion_Dan | r3boot: says who... I'm running non-x86 devuan | 14:47 |
| Centurion_Dan | as are many others... | 14:48 |
| r3boot | Lemme guess, arm? | 14:50 |
| Kizano | r3boot, fsmithred: Do we know who controls the SSL cert for auto.mirrors.devuan.org ? | 15:20 |
| r3boot | Verify return code: 10 (certificate has expired) | 15:23 |
| r3boot | ghe, handy | 15:23 |
| r3boot | I am not affiliated with devuan btw, but you might try freedom@devuan.org (see https://devuan.org/os/contact) | 15:24 |
| r3boot | The cert is bound to auto.mirrors.devuan.org CNAME for auto.mirror.devuan.org CNAME for packages.devuan.org hosted by OVH, but cant find any devuan specific contacts in the whois databases | 15:25 |
| Kizano | thanks r3boot | 16:42 |
| rrq | morning .. I have an hour here ... | 23:34 |
| rrq | oops. wrong audience. | 23:34 |
| rrq | apparently you have LD_PRELOAD set; maybe in a .bashrc or something(?) | 23:35 |
| * rrq wrong again - not woken up yet :( | 23:36 | |
Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!
