--- Log opened Wed Oct 09 00:00:54 2013 |
00:05 | < simon_> | what are you, a security nazi? ;) |
00:06 | < simon_> | that sounds a little worrying, though. |
00:06 | < RichyB> | simon_, a security nazi - about which bit? |
00:07 | < RichyB> | "yum update -y && shutdown -r" is perfectly fine on a hobby box. It's not like I mind the downtime at 5am when it actually runs and if it really breaks I'll just ask someone at the colo to fix it. |
00:37 | < simon_> | RichyB, the part with debian punching holes in firewalls. |
00:37 | < simon_> | RichyB, I didn't know it did that. |
00:37 | < RichyB> | I'm not sure about Debian. From memory I believe that I've seen Ubuntu do that. |
00:38 | < RichyB> | e.g. opening tcp/80 immediately upon "apt-get install httpd" |
00:38 | | You're now known as TheWatcher[T-2] |
00:45 | < [R]> | Yeah, especially diskish when Ubuntu assumes that "recommended" means "required" |
00:45 | < [R]> | Oh, you just wanted the PHP CLI? Here's a DB and webserver invalidating your PCI/DSS certification. |
00:46 | < [R]> | (One of the requirements of PCI/DSS is an extremely common security rule: one server == one purpose) |
00:46 | | You're now known as TheWatcher[zZzZ] |
00:46 | < [R]> | (Can't mix DB and webservers) |
00:52 | | ktemkin[zwol] is now known as ktemkin |
00:55 | < RichyB> | I thought it was a bit more nuanced than that. |
00:56 | < RichyB> | e.g. can't mix _the DB that holds CC#s_ with _the webserver that runs the website_ |
00:58 | < RichyB> | There's no particular security concern with colocating, say, the DB that I store users' shopping cart sessions in with the webserver that runs my e-store. |
00:59 | <@Namegduf> | I've not seen any firewall punching. I like that Debian packages come preconfigured, though. |
00:59 | <@Namegduf> | At the end of the day, that's the distributions reason to exist over Linux From Scratch. |
00:59 | <@Namegduf> | Automating as much of the administrative work as possible. |
01:00 | <@Namegduf> | And minimising sysadmin workload. |
01:21 | < RichyB> | Mm. |
01:22 | < RichyB> | Namegduf, when I talk about "cute" on-install scripts, I'm talking about blatantly-broken crap that I have seen in e.g. Ubuntu's postgresql packages that have been added by some duckloving Debian maintainer. |
01:23 | < RichyB> | Think "oh gods it's fucked everything up and takes most of an afternoon to get rid of", not "saving me time". |
01:23 | <@Namegduf> | I've never encountered any of that. |
01:23 | < RichyB> | Lucky you. |
01:23 | | Derakon[AFK] is now known as Derakon |
01:40 | | AnnoDomi1i [abudhabi@Nightstar-008c3da7.adsl.tpnet.pl] has joined #code |
01:40 | | AnnoDomini [abudhabi@Nightstar-ba60f24d.adsl.tpnet.pl] has quit [Ping timeout: 121 seconds] |
01:41 | | VirusJTG [VirusJTG@Nightstar-09c31e7a.sta.comporium.net] has quit [Connection reset by peer] |
01:41 | | VirusJTG [VirusJTG@Nightstar-09c31e7a.sta.comporium.net] has joined #code |
01:43 | < [R]> | Does postfix's install script still stop any batch update? |
01:44 | < [R]> | Gods that was retarded. I start an update, then it gets to 15% where postfix is, and it stops, waiting for user input. |
01:44 | <@Namegduf> | It downloads, and then installs. |
01:44 | < [R]> | I'll repeat that: an AUTOMATED script holds a BULK install because it's waiting for USER INPUT. |
01:44 | <@Namegduf> | There's a flag for "bulk install". |
01:44 | <@Namegduf> | I'm guessing you weren't using it. |
01:45 | < [R]> | Nope, was using Synergy at the time |
01:45 | <@Namegduf> | But it only halts the install step which takes like three minutes even for a huge update. |
01:45 | < [R]> | Or whatever that GTK apt-interface is |
01:45 | <@Namegduf> | Then I think all your words about it being automated and bulk and stuff were kind of meaningless. |
01:46 | <@Namegduf> | If a GUI-initiated install is an "bulk install" then what's *not* bulk? |
01:46 | < [R]> | Well, an upgrade is a bulk install. |
01:46 | < [R]> | I can't see how it is /not/ a bulk install. |
01:47 | < [R]> | And all those scripts are supposed to be for automation. |
01:47 | <@Namegduf> | In the same sense that all software is, yes. |
01:47 | <@Namegduf> | Read: A pretty limited sense. |
01:47 | <@Namegduf> | They do shit for you. |
01:47 | <@Namegduf> | No rule they can't ask you how. |
01:47 | < [R]> | Right, regardless, it's not expected for such a thing to launch an ncurses GUI. |
02:14 | | Syka [the@Nightstar-459e93f7.iinet.net.au] has joined #code |
02:16 | | Syka_ [the@Nightstar-39e6d723.iinet.net.au] has quit [Ping timeout: 121 seconds] |
02:26 | | Turaiel[Offline] is now known as Turaiel |
02:39 | | VirusJTG [VirusJTG@Nightstar-09c31e7a.sta.comporium.net] has quit [[NS] Quit: Program Shutting down] |
03:35 | | Vornicus [vorn@ServerAdministrator.Nightstar.Net] has quit [[NS] Quit: Leaving] |
04:02 | | Harlow [Harlow@Nightstar-2dbe3d64.il.comcast.net] has joined #code |
04:17 | | ktemkin is now known as ktemkin[awol] |
04:27 | | Kindamoody[zZz] is now known as Kindamoody |
05:02 | | Derakon is now known as Derakon[AFK] |
05:11 | | Attilla [uid13723@Nightstar-1325dff0.irccloud.com] has quit [Ping timeout: 121 seconds] |
05:15 | | AnnoDomi1i [abudhabi@Nightstar-008c3da7.adsl.tpnet.pl] has quit [Ping timeout: 121 seconds] |
05:15 | | AnnoDomini [abudhabi@Nightstar-73d9e0d0.adsl.tpnet.pl] has joined #code |
05:25 | | Harlow [Harlow@Nightstar-2dbe3d64.il.comcast.net] has quit [[NS] Quit: BED] |
06:06 | | RichyB [RichyB@D553D1.68E9F7.02BB7C.3AF784] has quit [[NS] Quit: Gone.] |
06:10 | | RichyB [RichyB@D553D1.68E9F7.02BB7C.3AF784] has joined #code |
06:11 | | ErikMesoy|sleep is now known as ErikMesoy |
06:21 | | AnnoDomini [abudhabi@Nightstar-73d9e0d0.adsl.tpnet.pl] has quit [Ping timeout: 121 seconds] |
06:28 | | AnnoDomini [abudhabi@Nightstar-73d9e0d0.adsl.tpnet.pl] has joined #code |
06:45 | | celticminstrel [celticminst@Nightstar-1afc984c.dsl.bell.ca] has quit [Ping timeout: 121 seconds] |
06:57 | | Vornicus [vorn@ServerAdministrator.Nightstar.Net] has joined #code |
06:57 | | mode/#code [+qo Vornicus Vornicus] by ChanServ |
07:07 | | Attilla [uid13723@Nightstar-1325dff0.irccloud.com] has joined #code |
07:18 | | Turaiel is now known as Turaiel[Offline] |
08:10 | | Stalker [Z@Nightstar-b920a19c.cust.comxnet.dk] has joined #code |
08:43 | | JustLurk [justbob@ServerAdministrator.Nightstar.Net] has joined #code |
08:43 | | JustBob [justbob@ServerAdministrator.Nightstar.Net] has quit [Ping timeout: 121 seconds] |
10:34 | | You're now known as TheWatcher |
10:35 | | AverageJoe [evil1@Nightstar-4b668a07.ph.cox.net] has joined #code |
10:48 | | Kindamoody is now known as Kindamoody|out |
10:55 | < AnnoDomini> | http://japandailypress.com/nissans-self-driving-car-issued-license-to-test-on-ja panese-public-roads-2736705/ |
10:56 | < AverageJoe> | happening |
10:56 | < AverageJoe> | its |
11:01 | < AnnoDomini> | I've heard it argued that in the future, it might be illegal to drive your car, because of the risk. |
11:01 | < AnnoDomini> | Because computer-driven cars would be safer. |
11:01 | < ErikMesoy> | a crucial event is currently taking place |
11:02 | <~Vornicus> | http://www.schlockmercenary.com/2002-08-29 |
11:02 | < AnnoDomini> | Is that the MOUI strip? |
11:03 | < AnnoDomini> | Haha yes. |
11:03 | <~Vornicus> | I literally searched "schlock mercenary moui" |
11:09 | < AverageJoe> | Just wait until chevy produces its own 'self driving car' then we start to see flaws |
11:19 | | AverageJoe [evil1@Nightstar-4b668a07.ph.cox.net] has quit [[NS] Quit: Leaving] |
11:32 | | VirusJTG [VirusJTG@Nightstar-09c31e7a.sta.comporium.net] has joined #code |
11:47 | | VirusJTG_ [VirusJTG@BAD19E.09A45B.582A63.5AE998] has joined #code |
11:50 | | VirusJTG [VirusJTG@Nightstar-09c31e7a.sta.comporium.net] has quit [Ping timeout: 121 seconds] |
11:52 | | VirusJTG__ [VirusJTG@Nightstar-09c31e7a.sta.comporium.net] has joined #code |
11:55 | | VirusJTG_ [VirusJTG@BAD19E.09A45B.582A63.5AE998] has quit [Ping timeout: 121 seconds] |
13:20 | < simon_> | are there any exact rules regarding unix file permissions and when you can read the content of a directory? |
13:21 | < simon_> | I set og+rx and u-r+x (i.e. just missing my own execute flag), and when I `ls`, I get warnings *but* also the content. I'm wondering if it's just my shell giving me beefs because it's confused, but that Linux essentially doesn't mind at all. |
13:22 | < simon_> | it seems even if I have a-x+r, I can still see the content of the directory |
13:23 | < simon_> | it seems +r gives me the list of files, but -x removes any information about them except their filename. |
13:23 | < simon_> | so I doubt this behaviour transcends all unices. I don't even know if it's common to say that directories are listable if they're executable, or if that's just a Unix hack. |
13:23 | < simon_> | (re-using the exec flag for directories) |
13:23 | < simon_> | so... if this were POSIX, I'd be comfortable. does anyone know if it is? |
13:24 | | Alek [omegaboot@Nightstar-4093ec22.il.comcast.net] has quit [Ping timeout: 121 seconds] |
13:28 | | Alek [omegaboot@Nightstar-4093ec22.il.comcast.net] has joined #code |
13:28 | | mode/#code [+o Alek] by ChanServ |
13:34 | <~Vornicus> | arg. Okay, quick: I need to send the current time, nicely printed, as part of a single argument in a bash script. |
13:35 | <@Azash> | date --help |
13:36 | <~Vornicus> | Right, that's actually the easy part |
13:37 | <@Azash> | I'm rusty on my bash, do you mean as a single argument to a program? |
13:39 | <~Vornicus> | Like I'm doing -- because my coworkers are cavement -- git commit -m "Automatic commit at (this time)" |
13:40 | <@Azash> | Can you use a subshell? |
13:40 | <@Azash> | Like $(date blabla) |
13:40 | <@Azash> | Or assign the date to a value |
13:40 | <@Azash> | Variable* |
13:42 | <@TheWatcher> | "Automatic commit at $(date)" should work, if be somewhat redundant |
13:43 | <@TheWatcher> | Git commits are timestamped |
13:45 | <~Vornicus> | I forgot about that. |
13:47 | <~Vornicus> | nrg, okay, ssh-agent fell over sometime since last night, so I have to figure out what the heck I need to do to make sure it's up before I can get this as a cron. |
13:50 | | AnnoDomini [abudhabi@Nightstar-73d9e0d0.adsl.tpnet.pl] has quit [Ping timeout: 121 seconds] |
13:54 | <~Vornicus> | Or maybe I -- okay I need to learn more about ssh-agent |
13:56 | | abudhabi [abudhabi@Nightstar-78b47040.adsl.tpnet.pl] has joined #code |
13:58 | | AnnoDomini [abudhabi@Nightstar-78b47040.adsl.tpnet.pl] has joined #code |
13:58 | | * TheWatcher curious |
13:58 | | AnnoDomini [abudhabi@Nightstar-78b47040.adsl.tpnet.pl] has quit [[NS] Quit: leaving] |
13:59 | <~Vornicus> | Okay think I figured it out. |
14:05 | <~Vornicus> | Yeah. Figured out. |
14:06 | <~Vornicus> | (turns out that most people set up ssh-agent to run when the terminal opens, or something like that; I can't do that, I'm running this shit in cron, so the script runs it itself. |
14:10 | <~Vornicus> | Good. Figured out. |
14:16 | | thalass [thalass@Nightstar-4ab061cc.bigpond.net.au] has joined #code |
14:18 | <~Vornicus> | Okay now to figure out what git complaineth about for some of these things. |
14:28 | | Turaiel[Offline] is now known as Turaiel |
14:44 | | celticminstrel [celticminst@Nightstar-1afc984c.dsl.bell.ca] has joined #code |
14:44 | | mode/#code [+o celticminstrel] by ChanServ |
14:49 | < RichyB> | Vornicus, why are you trying to use ssh-agent in a cron job? |
14:51 | < RichyB> | If it's no less permissive than an un-passphrased ssh key, you may as well use the latter. |
14:51 | | * abudhabi wonders how to make his bot get back up after being felled by the instability of the connection. |
14:52 | < RichyB> | abudhabi, does the process terminate when it's disconnected? |
14:52 | < abudhabi> | It does not. |
14:52 | < RichyB> | If so, just stick supervisord on top and you're done. |
14:53 | < abudhabi> | I've set up a cronjob to restart it in the dead of night, but my connection bounces irregularly. |
14:55 | <~Vornicus> | RichyB: I'm using ssh-agent to, um, use the un-passphrased ssh key? |
14:56 | < abudhabi> | I've never managed to get the script to detect that it is disconnected. I unfortunately use a library that has been deprecated and will not be updated anymore. |
14:56 | < RichyB> | Vornicus, you don't need ssh-agent if the ssh key doesn't have a passphrase on it. |
14:56 | <~Vornicus> | I don't use ssh directly in the job; it's a git+ssh connection over to bitbucket |
14:59 | <~Vornicus> | So it's something else invoking ssh, and doing it in a way that I can't directly control. |
14:59 | < abudhabi> | RichyB: Perhaps if I can manage to get it to shut down after being disconnected... |
15:00 | < abudhabi> | What's a supervisord and how is it used? |
15:01 | < RichyB> | supervisord is a daemon for supervising other processes and restarting them if they randomly die. |
15:03 | < RichyB> | It's nice because it saves you the bother of making processes daemonise, which also makes them a bit easier to debug. |
15:03 | < RichyB> | You just write programs that sit in the foreground, and tell supervisor to start them. supervisord itself goes into the background on start and then you use supervisorctl to control it. |
15:04 | <&ToxicFrog> | Vornicus: it should still be able to find the keys automatically. |
15:04 | <&ToxicFrog> | Just make sure it's running as the right user. |
15:05 | <&ToxicFrog> | It'll look for keys in ~/.ssh/ and the receiving end will check them against ~/.ssh/authorized_keys |
15:08 | <~Vornicus> | that didn't seem to be happening. |
15:09 | <&ToxicFrog> | Run ssh -vvv and check the output? what kind of errors were you getting? |
15:09 | <&ToxicFrog> | (and are you quite sure the key doesn't have a passphrase on it?) |
15:09 | <~Vornicus> | THe key doesn't have a passphrase. |
15:09 | <~Vornicus> | But it would give me a complaint about -- hang on |
15:10 | <~Vornicus> | Permission denied (publickey). |
15:10 | <~Vornicus> | fatal: The remote end hung up unexpectedly |
15:10 | <~Vornicus> | That's what it said. |
15:10 | <&ToxicFrog> | But it works if the ssh-agent is running? |
15:10 | <~Vornicus> | Yep. |
15:11 | <~Vornicus> | Also I have to add the key via ssh-add. Without it nothing happens. |
15:11 | <&ToxicFrog> | Where is the key? |
15:12 | < RichyB> | More than one key? |
15:12 | <~Vornicus> | in .ssh |
15:12 | <&ToxicFrog> | Yes, but what is it named? |
15:12 | <~Vornicus> | .ssh/bitbucket-vornicus |
15:12 | <&ToxicFrog> | ssh by default looks for ~/.ssh/identity for ssh1 and ~/.ssh/id_{dsa,ecdsa,rsa} (and the .pub versions for the public key) |
15:12 | <&ToxicFrog> | Well there's your problem |
15:13 | <&ToxicFrog> | Try 'ssh -i ~/.ssh/bitbucket-vornicus' |
15:14 | <&ToxicFrog> | Or renaming the key (why do you have a separate keypair for bitbucket?) |
15:14 | <~Vornicus> | I have a separate keypair for bitbucket because the caveman problem is /really really bad/ |
15:15 | <&ToxicFrog> | (by editing ~/.ssh/config, you can tell it to automatically use that key when connecting to bitbucket) |
15:15 | <&ToxicFrog> | Er? |
15:15 | <&ToxicFrog> | How so? |
15:16 | <~Vornicus> | It's worse than "everyone uses the same directory" - it's also "everyone uses the same user" |
15:16 | <~Vornicus> | but, apparently, doing otherwise is "red tape" |
15:16 | <~Vornicus> | I want to strangle them, but they're 3000 miles away. |
15:16 | <&ToxicFrog> | Ok that's really horrifying |
15:16 | <&ToxicFrog> | But isn't the answer in that case just "add that user's public key to the bitbucket authorized_keys"? |
15:18 | <~Vornicus> | I'd already edited .ssh/config, it didn't seem to help. |
15:18 | | thalass [thalass@Nightstar-4ab061cc.bigpond.net.au] has quit [[NS] Quit: Leaving] |
15:22 | <&ToxicFrog> | Try it with -i. |
15:22 | <&ToxicFrog> | If that works, you have a typo in your ~/.ssh/config |
15:23 | <&ToxicFrog> | Alternately, just add the public key for the keypair they're already using, rather than generating a new keypair. |
15:24 | <~Vornicus> | The other keypair /does/ have a passphrase. |
15:24 | <~Vornicus> | I need one that doesn't, because if it has one, it doesn't fucking work. |
15:27 | <&ToxicFrog> | Aah. |
15:27 | <&ToxicFrog> | -i it is, then. |
15:27 | | * abudhabi thinks he's figured out supervisor! |
15:27 | < abudhabi> | We'll see if my program now also detects that it is off[4~line. |
15:33 | | Syloq [Syloq@NetworkAdministrator.Nightstar.Net] has quit [Ping timeout: 121 seconds] |
15:34 | | Syloq [Syloq@NetworkAdministrator.Nightstar.Net] has joined #code |
15:34 | | mode/#code [+o Syloq] by ChanServ |
15:35 | <&ToxicFrog> | Vornicus: so, I take it you're setting up a cron that basically does git add -A && git commit && git push? |
15:36 | < abudhabi> | RichyB: Will it autorestart applications on the default configuration? I just added the command to the config. |
15:37 | <~Vornicus> | TF: yeah. for some reason though there's a bunch of files it says has changed but it hasn't added to the, uh, thingy. |
15:37 | < RichyB> | I can't remember off-hand. Why not try it and see? Run "supervisorctl status" and it'll print the PIDs of the processes it's running for you. Use "kill -11" or something to murder one. |
15:38 | < RichyB> | Bonus: you get to *test* that it works this way, not just take the documentation's word for it. ;) |
15:38 | | Turaiel is now known as Turaiel[Offline] |
15:39 | <~Vornicus> | Or rather, it says "Changed but not updated:" and then lists some files that were modified or removed. And then it says it has nothing to commit. |
15:41 | <&ToxicFrog> | What are the exact git commands you're running? |
15:43 | <~Vornicus> | git add -A; git commit -m "Automatic commit at $(date --rfc-3339=seconds)"; git push |
15:44 | <~Vornicus> | (yes, I know, commits are already timestamped~) |
15:46 | <&ToxicFrog> | There's no other output from git add? If it encounters errors it won't add anything. |
15:46 | <~Vornicus> | No output whatsoever from git add -A |
15:48 | < abudhabi> | RichyB: Thanks! It works! |
15:49 | <&ToxicFrog> | But a subsequent "git status" shows everything as "changed but not updated" and nothing as "changes to be committed"? |
15:49 | <&ToxicFrog> | ...what version of git are you running? |
15:49 | < RichyB> | abudhabi, yay! But don't thank me. Please thank Chris McDonough and Mike Naberezny |
15:50 | < RichyB> | author and maintainer, respectively. |
15:50 | < abudhabi> | Vornicus: Want to help out in the testing process? I need someone with admin powers to kick PainBot off the servers. |
15:50 | <~Vornicus> | now it says there's all these things to be committed. |
15:50 | <~Vornicus> | I have no idea what's going on. |
15:50 | < RichyB> | abudhabi, both are on twitter and would probably be cheerful to hear from +1 happy user. :) |
15:50 | < RichyB> | at least @mcdonc is |
15:50 | < RichyB> | wait, that's not his handle |
15:50 | | celticminstrel [celticminst@Nightstar-1afc984c.dsl.bell.ca] has quit [[NS] Quit: And lo! The computer falls into a deep sleep, to awake again some other day!] |
15:51 | <&ToxicFrog> | Vornicus: sounds like either those changes were made after the add and before the commit, or you ran different commands. |
15:51 | <~Vornicus> | wtfx |
15:51 | <~Vornicus> | okay so I have no idea what's going on, and I need to get a few hours of sleep. |
15:51 | < RichyB> | It's @chrismcdonough. |
15:51 | <&ToxicFrog> | Sleep may be a good idea. |
15:53 | < abudhabi> | OK. Supervisorctl now shows that the program has EXITED and didn't restart it. |
15:53 | | Vornicus [vorn@ServerAdministrator.Nightstar.Net] has quit [[NS] Quit: Leaving] |
16:00 | < RichyB> | abudhabi, ? |
16:00 | < RichyB> | Prod the docs. There's a state machine for managing restarts. |
16:00 | < RichyB> | it'll give up on purpose if the program seems to be dying repeatedly, in order to spare your server the ordeal of burning CPU on endlessly restarting something that's busted |
16:01 | < abudhabi> | I have altered the configuration. Can someone stab PainBot a second time? |
16:01 | < RichyB> | oh and it the program quits with exit code 0, then supervisor will interpret that as a graceful deliberate shutdown |
16:01 | < RichyB> | it'll only restart things if they quit with nonzero exit codes :) |
16:05 | < abudhabi> | OK. Now it ought to function properly. I think. |
16:13 | < abudhabi> | Awright. Now it works well enough. |
16:14 | < abudhabi> | I still don't know what will happen if connectivity lapses for more than a microsecond. Will have to wait and see. |
16:33 | | JustLurk [justbob@ServerAdministrator.Nightstar.Net] has quit [[NS] Quit: ] |
16:37 | | JustBob [justbob@ServerAdministrator.Nightstar.Net] has joined #code |
17:19 | | himi [fow035@Nightstar-5d05bada.internode.on.net] has quit [Ping timeout: 121 seconds] |
17:32 | | himi [fow035@Nightstar-5d05bada.internode.on.net] has joined #code |
17:32 | | mode/#code [+o himi] by ChanServ |
18:02 | < abudhabi> | http://www.nytimes.com/2013/09/29/fashion/technology-and-the-college-generation. html?pagewanted=all&_r=0 |
18:03 | | himi [fow035@Nightstar-5d05bada.internode.on.net] has quit [Ping timeout: 121 seconds] |
18:15 | | celmin [celticminst@1AB00B.855209.73FD43.D945B4] has joined #code |
18:16 | <@gnolam> | Eedjits. |
18:17 | < celmin> | ? |
18:17 | <@gnolam> | <abudhabi> http://www.nytimes.com/2013/09/29/fashion/technology-and-the-college-generation. html?pagewanted=all&_r=0 |
18:17 | | himi [fow035@Nightstar-5d05bada.internode.on.net] has joined #code |
18:17 | | mode/#code [+o himi] by ChanServ |
18:17 | | mode/#code [+o celmin] by ChanServ |
18:18 | <@celmin> | I'm annoyed at the "Not Now" button being removed from Apple's "Please set security questions" popup. >< |
18:19 | < ErikMesoy> | gnolam: agreed |
18:19 | < ErikMesoy> | Especially the part where they blame badly-written emails for email sucking, as if social networks didn't have absolutely atrocious writing. |
18:19 | <@gnolam> | When an assignment is hidden in the middle of an MS Word document (!), linked in a really dark blue among otherwise black text, three levels in on a useless course page*, you have a reason to be upset. |
18:19 | <@gnolam> | But /this is what e-mail excels at/, people. |
18:20 | <@gnolam> | * actual example from - ironically enough - a usability course. |
18:20 | <@Tamber> | *snrk* |
18:20 | <@celmin> | It prevents me from buying things (or even downloading free things) from the app store unless I select three useless security questions and set answers for them. |
18:21 | <@celmin> | I was considering choosing random questions and setting illogical answers, but I dunno if that's a good idea⦠I might not be able to remember them. |
18:21 | <@gnolam> | How are they used? |
18:22 | <@celmin> | I'm not even sure. |
18:22 | <@gnolam> | (Security questions are always shit, but it's a matter of just /how/ high they are on the Bristol scale) |
18:22 | <@celmin> | http://shaun.net/2012/04/the-insecurity-of-security-questions/ |
18:22 | <@celmin> | The choices of questions differ from that article, but the basic idea is the same. |
18:23 | <@gnolam> | Wait, you can't even set your own questions? |
18:23 | <@celmin> | Yeah. |
18:23 | <@celmin> | That's why they're useless. |
18:23 | <@celmin> | And it's why I've consistently clicked "Not Now" when prompted⦠but that seems to no longer be an option. |
18:24 | | * gnolam slow claps. |
18:24 | <&ToxicFrog> | celmin: I generally pick random questions, generate answers with uuidgen, and store the results in keepass |
18:24 | <@celmin> | Heh. |
18:25 | < JustBob> | Re: College students and technology... I have to say that /engineering/ students are email-intensive. |
18:25 | < JustBob> | I routinely see 5-10 emails a day. Though my various project groups tend to use facebook for scheduling and coordination. |
18:27 | < JustBob> | Well, okay. My project groups depending on field vary. |
18:28 | < JustBob> | My CEM and ENVE stuff tends towards facebook. My NE stuff tends towards email. |
18:28 | < JustBob> | But my NE group is also "older" in the sense that most of us are late-20's, almost 30, Navy veterans. So we're acclimated to using email as our primary means of communication, or doing things face-to-face, since it's rather hard to facebook or text while deployed. |
18:31 | <@gnolam> | If a project is likely to generate more than one mail a day, I usually set up a mailing list. |
18:31 | <@gnolam> | (<3 Mailman) |
18:34 | < RichyB> | What do CEM, ENVE and NE stand for? "Computing, Engineering and Mathematics", "Engineers, Not Virgins to Email" and "Navy Engineering"? |
18:35 | < JustBob> | Construction Engineering Management, Environmental Engineering, Nuclear Engineering. |
18:48 | | Derakon [chriswei@Nightstar-a3b183ae.ca.comcast.net] has joined #code |
18:48 | | mode/#code [+ao Derakon Derakon] by ChanServ |
18:48 | | * Derakon eyes numpy. |
18:48 | <&Derakon> | foo = numpy.zeros((48, 2), dtype = numpy.uint32) |
18:49 | <&Derakon> | foo[0] = [501, -4294967296.0] |
18:49 | <&Derakon> | ValueError: setting an array element with a sequence. |
18:49 | <&Derakon> | Works fine if I change the second value to be 1 instead (and thus avoid the underflow problem). |
18:49 | <&Derakon> | How strange. |
18:50 | | himi [fow035@Nightstar-5d05bada.internode.on.net] has quit [Ping timeout: 121 seconds] |
18:51 | | JustBob [justbob@ServerAdministrator.Nightstar.Net] has quit [[NS] Quit: ] |
18:51 | <&Derakon> | 4294967296 is 2^32, incidentally. |
18:55 | | JustBob [justbob@ServerAdministrator.Nightstar.Net] has joined #code |
19:03 | | himi [fow035@Nightstar-5d05bada.internode.on.net] has joined #code |
19:03 | | mode/#code [+o himi] by ChanServ |
19:03 | | abudhabi [abudhabi@Nightstar-78b47040.adsl.tpnet.pl] has quit [Ping timeout: 121 seconds] |
19:05 | | Derakon [chriswei@Nightstar-a3b183ae.ca.comcast.net] has quit [[NS] Quit: leaving] |
19:10 | | abudhabi [abudhabi@Nightstar-fe3bdc1e.adsl.tpnet.pl] has joined #code |
19:12 | | himi [fow035@Nightstar-5d05bada.internode.on.net] has quit [Ping timeout: 121 seconds] |
19:25 | | himi [fow035@Nightstar-5d05bada.internode.on.net] has joined #code |
19:25 | | mode/#code [+o himi] by ChanServ |
19:39 | | celmin is now known as celmin|class |
19:41 | < abudhabi> | Grr. The program still runs after being de facto disconnected. |
19:52 | | himi [fow035@Nightstar-5d05bada.internode.on.net] has quit [Ping timeout: 121 seconds] |
19:52 | | celmin|class is now known as celmin |
20:01 | < [R]> | <Vornicus> I have a separate keypair for bitbucket because the caveman problem is /really really bad/ <-- caveman problem? |
20:05 | | himi [fow035@Nightstar-5d05bada.internode.on.net] has joined #code |
20:05 | | mode/#code [+o himi] by ChanServ |
20:05 | < [R]> | <celmin> I was considering choosing random questions and setting illogical answers, but I dunno if that's a good idea⦠I might not be able to remember them. <-- on my bank's questionair for such for online access (which my cousin used as well) it provided like 9 questions which you could skip or answer. My cousin answered them all... "1" for the first, "2" for the second, "3" for the third... |
20:05 | <@celmin> | Heh. |
20:07 | < [R]> | It asks them whenever it fails to detect a cookie that says the user logged in successfully already. |
20:07 | < RichyB> | I usually tend to feed long random strings into those questions and type them into "gpg --encrypt --armor --recipient rchrd@brrll.co.uk --output foo_stupid_questions.txt" |
20:08 | < [R]> | (I hope it's more complicated/secure than that, but that explains the basic observed behavior) |
20:08 | < [R]> | I should probably start doing that. |
20:09 | < [R]> | At the moment I just pick the most obscure ones I can. "Who's my eldest brother?" "<name of my dead one>" (I use the same for my youngest too, since he died when he was 18 months) |
20:09 | <@gnolam> | [R]: a bank? Ugh. |
20:09 | < [R]> | Yeah |
20:09 | <@gnolam> | That's... scarily incompetent. |
20:10 | <@celmin> | I ended up choosing the ones that don't have an answer. :P |
20:10 | < [R]> | I hate the mother's maiden name one though |
20:10 | < [R]> | Because my mother kept her maiden name. |
20:10 | <@celmin> | Likewise. |
20:11 | < abudhabi> | Hmm. I need a way to check internet connectivity by way of script. I could put such a script on the crontab to check every five minutes or so, and if it finds that there's no apparent internet connectivity, it would kill the bot's process. |
20:11 | | Turaiel[Offline] is now known as Turaiel |
20:11 | <@celmin> | ... |
20:12 | <@gnolam> | Multifactor authentication, FFS. |
20:12 | < [R]> | Or you could code the bot to handle disconnects. |
20:12 | < RichyB> | abudhabi, what kind of bot is this? An IRC bot? |
20:12 | < abudhabi> | [R]: Tried. Failed. |
20:12 | < [R]> | (PROTIP: you can ping the server you're connected to) |
20:12 | < [R]> | RichyB: yes |
20:12 | <@celmin> | What's multifactor authentication, again? Is that what Steam does? |
20:12 | < abudhabi> | RichyB: It's an IRC bot coded in Perl using the very obsolete Net::IRC library. |
20:12 | < RichyB> | The IRC protocol has PING/PONG built right in. Set it to send PING and then throw a violent fit if it doesn't get PONG within a minute. |
20:13 | <@froztbyte> | celmin: kinda |
20:13 | < [R]> | celmin: "Something you know" "something you have" "something you are" |
20:13 | <@gnolam> | celmin: picking more than "Something you know" from that list. |
20:13 | <@froztbyte> | celmin: multifactor means "not just a password, but also a second type" |
20:13 | <@celmin> | Huh? |
20:13 | < [R]> | Pretty much everything on the internet limits itself to the first. |
20:13 | < [R]> | Multifactor requires 2+ of them. |
20:13 | <@froztbyte> | so, on steam, you hit multifactor when you log in from a new IP |
20:13 | <@celmin> | Okay. |
20:13 | < abudhabi> | RichyB: I have no idea how to do periodic executions in this library. |
20:13 | < abudhabi> | It is undocumented, for the most part. |
20:13 | <@celmin> | So, that is multifactor. |
20:14 | <@froztbyte> | abudhabi: use a different one then? |
20:14 | <@celmin> | Most of the multifactor I've seen involves text messages, which is why I don't do it. |
20:14 | < abudhabi> | I'd have to rewrite the whole bot. |
20:14 | <@froztbyte> | and so we learn |
20:14 | < abudhabi> | Because the successor library only faintly resembles it. |
20:15 | <@celmin> | I suppose that one is "something you have"? |
20:15 | <@gnolam> | You can do this any number of ways. Text messages, as you mentioned. Various electronic tokens. Even scratch cards. |
20:15 | <@celmin> | The Steam one. |
20:15 | <@gnolam> | But you should goddamned well be doing it, if you're a bank |
20:15 | <@celmin> | Do security questions count? |
20:15 | < ErikMesoy> | No. |
20:15 | <@gnolam> | That's just more of "something you know". |
20:15 | <@celmin> | Right. |
20:16 | <@gnolam> | But yes, text messages would be "something you have". In this case, that something is "your cell phone". |
20:16 | < ErikMesoy> | I've had experience with the govt sending me a sheet of paper with 16 4-digit codes on. |
20:16 | <@celmin> | So Steam is also "something you have", namely your email account? |
20:16 | < ErikMesoy> | To login, they demand I provide a password and one of the codes, selected at randomly each time. |
20:16 | < ErikMesoy> | This is "something I know" (password) and "something I have" (code sheet). |
20:16 | < abudhabi> | MinID? |
20:17 | <@celmin> | What would be "something you are", then? |
20:17 | < ErikMesoy> | Fingerprint. |
20:17 | < abudhabi> | Cellular body scan! |
20:17 | <@gnolam> | Biometrics, for example, if we're talking computer security. |
20:17 | < [R]> | Yes, biometrics |
20:18 | <@celmin> | Ah. |
20:18 | < [R]> | For some reason I keep thinking there's a fourth. |
20:18 | < ErikMesoy> | If you can steal it, it's something you have. If you can keylog it, it's something you know. :P |
20:18 | <@gnolam> | (That list applies to all authentication, not just computers. It's just as relevant for physical security, for example.) |
20:19 | | Turaiel is now known as Tura[interview] |
20:27 | < abudhabi> | Hmm. OK. I've appropriated a script from Stack Overflow, which, after some light modifications, will serve to detect connectivity and kill certain processes if connectivity is found wanting. |
20:27 | <@celmin> | Link please? |
20:28 | | Vornicus [vorn@ServerAdministrator.Nightstar.Net] has joined #code |
20:28 | | mode/#code [+qo Vornicus Vornicus] by ChanServ |
20:28 | < abudhabi> | http://stackoverflow.com/questions/2922271/bash-script-to-more-or-less-reliably- check-if-the-internet-is-up |
20:28 | < abudhabi> | The last comment has the most useful version. |
20:28 | <@celmin> | Might be useful, I think my bot has had troubles detecting connectivity too. |
20:29 | < abudhabi> | I replaced the "echo up" part with a kill command. |
20:29 | < abudhabi> | Err, echo down. |
20:31 | | * Vornicus discovers one last damn problem with his cron job |
20:31 | <~Vornicus> | I named my file foo_git.sh |
20:31 | <~Vornicus> | the cron job was trying to do foo-git.sh |
20:31 | <@Tamber> | oops |
20:32 | <~Vornicus> | HEY LOOK EVERYTHING WORKS RIGHT NOW |
20:32 | < abudhabi> | \o/ |
20:32 | <~Vornicus> | jesus shit. |
20:34 | | * abudhabi changes crontab to once every minute. Because connection might well go down and get up in under five minutes, which would not be detected. |
20:34 | < abudhabi> | It is significantly less likely to die and be reborn in one. |
20:38 | <~Vornicus> | why are you checking internet upness instead of getting your script to use a heartbeat? |
20:39 | < [R]> | Presumably the bot's process stays open even if the connection dies. |
20:39 | < abudhabi> | I have no idea how to implement a heartbeat in this deprecated undocumented library the bot uses. |
20:41 | < [R]> | Getting it to send/read the ping/pongs should be simple. |
20:41 | < [R]> | Getting it to die when it doesn't get one in time potentially requires threading. |
20:43 | < RichyB> | You have another problem here. The specific TCP connection that you are trying to use can quite happily get stuck independently of whether or not ICMP echo messages continue to be delivered. |
20:43 | < abudhabi> | You mean like 8.8.8.8 going down? |
20:46 | < abudhabi> | The solution now still has holes. But they are smaller holes than before! |
20:46 | < abudhabi> | Perhaps I won't have to manually restart the bot several times a day. |
21:09 | < RichyB> | Both can happen. Your TCP connection to one host can get stuck while you're still able to ping another. |
21:09 | < RichyB> | 8.8.8.8 really *can* become inaccessible to you, too. Google doesn't have to go down for that to happen, all it takes is for someone at an ISP to fuck up a routing table. |
21:10 | < abudhabi> | I'll see how this works. |
21:11 | < abudhabi> | Worst case I can see is some silly error making the bot hop up and down every minute. |
21:11 | < abudhabi> | cron kills, supervisor resurrects. |
21:21 | <@Tarinaky> | https://fbcdn-sphotos-a-a.akamaihd.net/hphotos-ak-frc3/q71/s720x720/1394792_2392 25616234452_795716011_n.jpg |
21:22 | < ErikMesoy> | Tarinaky: Funny. My assignments feel like that when I read them, then sort of melt away when I start working. |
21:23 | < abudhabi> | That is pretty funny. |
21:27 | | Tura[interview] is now known as Turaiel |
21:34 | | Turaiel is now known as Turaiel[Offline] |
21:37 | | gnolam [lenin@Nightstar-f7705974.cust.bredbandsbolaget.se] has quit [[NS] Quit: Update] |
21:43 | | gnolam [lenin@Nightstar-f7705974.cust.bredbandsbolaget.se] has joined #code |
21:43 | | mode/#code [+o gnolam] by ChanServ |
21:44 | | celmin [celticminst@1AB00B.855209.73FD43.D945B4] has quit [[NS] Quit: And lo! The minstrel departs, to spread the music to the masses!] |
21:44 | | himi [fow035@Nightstar-5d05bada.internode.on.net] has quit [Ping timeout: 121 seconds] |
21:58 | | himi [fow035@Nightstar-5d05bada.internode.on.net] has joined #code |
21:58 | | mode/#code [+o himi] by ChanServ |
22:04 | | celmin [celticminst@1AB00B.855209.73FD43.D945B4] has joined #code |
22:05 | | Kindamoody|out is now known as Kindamoody |
22:10 | | Alek [omegaboot@Nightstar-4093ec22.il.comcast.net] has quit [[NS] Quit: bbs, beroot] |
22:13 | | celmin [celticminst@1AB00B.855209.73FD43.D945B4] has quit [[NS] Quit: And lo! The minstrel departs, to spread the music to the masses!] |
22:22 | | Kindamoody is now known as Kindamoody[zZz] |
22:28 | | Alek [omegaboot@Nightstar-4093ec22.il.comcast.net] has joined #code |
22:28 | | mode/#code [+o Alek] by ChanServ |
22:31 | | himi [fow035@Nightstar-5d05bada.internode.on.net] has quit [Operation timed out] |
22:33 | | ErikMesoy is now known as ErikMesoy|sleep |
22:47 | | Derakon [chriswei@Nightstar-a3b183ae.ca.comcast.net] has joined #code |
22:47 | | mode/#code [+ao Derakon Derakon] by ChanServ |
22:48 | | * Derakon tries to figure out how to phrase a code comment that says "My boss insists on having this feature, even though I'm pretty sure it's only relevant to a specific camera that we no longer have." |
22:49 | <@Azash> | // Backwards compatibility |
22:50 | <&McMartin> | ^++ |
22:50 | <&Derakon> | It's not even that though! |
22:50 | <&McMartin> | Maybe // Backwards compatibility for {specific camera type} |
22:50 | <&McMartin> | "legacy support" is another one |
22:50 | <&McMartin> | Since "legacy" is as we all know a swear word |
22:50 | <&Derakon> | The feature is displaying how linear the response of the camera is. |
22:51 | <&Derakon> | That is, for each pixel, how the number it reports relates to the number of photons that hit it. |
22:51 | <&Derakon> | We generate a linear fit, get the correlation coefficient (a number from -1 to 1), and make an image where the pixel values are the correlation coefficients. All well and good. |
22:52 | <&Derakon> | Except that he wants me to do this three times: once for the low end (dim images), once for the high end (bright images), and once for a "transition region" which was only ever visible on that specific camera. |
22:52 | <@Azash> | McMartin: From what I grasped of our intro SE lectures, legacy doesn't even seem like too bad a word |
22:52 | <&Derakon> | That last image is completely meaningless for everything we actually use. |
22:59 | < abudhabi> | For those interested in astronomy and/or history: http://www.popehat.com/2013/10/09/history-must-be-curved/ |
23:27 | | Alek [omegaboot@Nightstar-4093ec22.il.comcast.net] has quit [[NS] Quit: bbl] |
23:42 | | Derakon [chriswei@Nightstar-a3b183ae.ca.comcast.net] has quit [[NS] Quit: leaving] |
23:49 | | Alek [omegaboot@Nightstar-4093ec22.il.comcast.net] has joined #code |
23:49 | | mode/#code [+o Alek] by ChanServ |
23:51 | | Vornicus [vorn@ServerAdministrator.Nightstar.Net] has quit [[NS] Quit: Leaving] |
--- Log closed Thu Oct 10 00:00:10 2013 |