--- Log opened Tue Feb 19 00:00:20 2019 00:11 -!- NotLarry [~NotLarry@c-68-53-121-109.hsd1.tn.comcast.net] has quit [Ping timeout: 245 seconds] 00:22 -!- fie [~fie@38.124.1.226] has quit [Ping timeout: 246 seconds] 00:29 < K`Tetch_> put me in the 'I've not been Bob-Barkered' category 00:29 -!- NotLarry [~NotLarry@c-68-53-121-109.hsd1.tn.comcast.net] has joined #se2600 00:29 -!- mode/#se2600 [+o NotLarry] by ChanServ 00:29 < K`Tetch_> speaking of... 00:50 -!- NotLarry [~NotLarry@c-68-53-121-109.hsd1.tn.comcast.net] has quit [Ping timeout: 255 seconds] 01:13 -!- NotLarry [~NotLarry@c-68-53-121-109.hsd1.tn.comcast.net] has joined #se2600 01:13 -!- mode/#se2600 [+o NotLarry] by ChanServ 06:22 <@Dolemite> mr0ning, be0tches and h0ez! 06:22 * aestetix hugs Dolemite 07:45 <@Corydon76> "Weiner Out, Preparing For Reentry" 09:42 <@dasunt> Like most, keep it away from 15 year old girls. 09:45 <@dasunt> Gawd, I'm bored at work now. 10:15 < Evilpig_> all I can say for today is "fuckin' redhat" 10:50 <@Dolemite> seems legit 10:50 <@Corydon76> What did Red Hat do now? 10:51 <@Corydon76> Did they release 8 5 minutes after you bought a license for 7? 11:07 <@Dolemite> Introducing the All New Red Hat Enterprise Linux 8, with only 40% of our packages consisting of EOL versions of software you want to use! 11:07 <@Corydon76> Right, which is why EPEL and other repos exist. 11:16 <@eryc> Debian and Ubuntu have about 50-80 outstanding CVEs 11:16 <@eryc> CentOS has 0 11:17 <@eryc> Alpine has 0 11:58 <@dasunt> So Debian and Ubuntu don't use metrics on CVEs. CentOS and Alpine do. ;) 12:26 <@Dagmar> Those who can, do 12:26 <@Dagmar> Those who can't, make reports 12:26 <@Dagmar> ...or `whereis` 12:26 <@Dagmar> @#$#@ 13:53 < Evilpig_> Corydon76: the pulled in an upstream change to samba that causes sssd to break from rhel7.5 to 7.6 13:54 < Evilpig_> and their answer was "oh, we'll put in a request to update the documentation to say that doesnt' work" 13:54 <@Corydon76> They don't usually adopt breaking changes unless it's a security issue. 13:55 <@Corydon76> Especially that far down in a minor release. 13:57 <@Corydon76> Is this the issue? https://bugs.centos.org/view.php?id=15525 13:57 < PigBot> 0015525: Samba on CentOS 7.x suddenly ceases to authenticate - CentOS Bug Tracker (at bugs.centos.org) http://tinyurl.com/y2o3jakj 13:57 <@Corydon76> The notes say that running winbindd is the solution, and yes, it appears to be for a security reason. 14:01 < Evilpig_> this was a 4.7 -> 4.8 release and just one of those fuckin' dick head things they did 14:01 < Evilpig_> I've been fighting with winbind for the last few weeks and finally got it workingish today 14:03 < Evilpig_> the real bitch of it is if you were using sssd, it would cause sssd to hang the box entirely 14:04 <@Mirage> Evilpig_: not the first time they've done that. Did it back when I was with VU, and again a couple years ago. 14:08 <@Mirage> Evilpig_: https://pastebin.com/AHJkzQCJ 14:08 < PigBot> [Bash] [root@pzxdjump001 scripts]# cat ad_setup #!/bin/bash ## AMP AD Integration ec - Pastebin.com (at pastebin.com) http://tinyurl.com/yywl3bo5 14:11 < Evilpig_> about to check that to what I have working now. 14:13 <@Mirage> I can give the more manual/detailed info as well if you want it. 14:13 < Evilpig_> idmap config : unix_primary_group = yes 14:13 < Evilpig_> so this was the magic config item that I was missing to make things work 14:14 < Evilpig_> the issue we were having was I could ssh onto the system by my id wasn't getting mapped so it was all fubar 14:14 < Evilpig_> the smb logins were working too but again, id issues 14:15 <@Mirage> You will have id issues unless the unix extensions are configured in AD 14:16 < Evilpig_> they are 14:16 < Evilpig_> this system was working fine with sssd 14:16 <@Mirage> Winbind should work fine then 14:16 < Evilpig_> the whole issue was that samba 4.8 update broke the living fuck out of sssd 14:17 <@Dolemite> Think we finally fixed the issue with my kubernetes wordpress containers... the damn Isilon NFS server keeps dropping the share 14:17 <@Mirage> I know before I left there was some issues with sssdm but that it worked for the most part. 14:22 <@Mirage> Evilpig_: main gotcha's with samba-winbind are the tbd backend limits when/if there are gillions of AD groups, and the expiration time for machine object accounts 14:23 <@Mirage> Evilpig_: some tweaks to smb.conf https://pastebin.com/4C093G3U 14:23 < PigBot> [Bash] [global] workgroup = <%= @workgroup %> realm = <%= @domaincontroller %> - Pastebin.com (at pastebin.com) http://tinyurl.com/y3dv2jm7 14:23 <@Mirage> Since the extensions are supposed to be in place, the idmap stuff is moot 14:31 <@Mirage> The krb5 enctype overrides are for an AD compatability issue that I ran into with a mixed version environment. They may or may not be required. 16:19 -!- fie [~fie@38.124.1.226] has joined #se2600 16:46 -!- crashcartpro [uid29931@gateway/web/irccloud.com/x-dedjgnurzneatdhy] has joined #se2600 16:51 <@_NSAKEY> lol, you guys made me think of when they removed net-tools from the default install starting in 7.4 16:51 <@_NSAKEY> We had this dinosaur there who was almost in tears over that decision 19:22 <@Mirage> not hard to install...just like bind-utils 19:44 -!- LastChild [LastChild@c-68-53-5-70.hsd1.tn.comcast.net] has quit [Read error: Connection reset by peer] 19:55 < Evilpig_> god damned windows and mac dropping telnet from their default installs 19:55 * Evilpig_ shakes his fist 20:27 -!- crashcartpro [uid29931@gateway/web/irccloud.com/x-dedjgnurzneatdhy] has quit [Quit: Connection closed for inactivity] 20:52 <@rhia> https://www.dallasnews.com/opinion/commentary/2017/12/15/putins-proxies-helped-funnel-millions-gop-campaigns 20:52 < PigBot> How Putin's oligarchs funneled millions into GOP campaigns | Commentary | Dallas News (at www.dallasnews.com) http://tinyurl.com/yal956rp 20:52 -!- LastChild [LastChild@c-68-53-5-70.hsd1.tn.comcast.net] has joined #se2600 20:52 -!- mode/#se2600 [+o LastChild] by ChanServ 20:55 -!- hobbes615 [~hobbes615@unaffiliated/hobbes615] has joined #se2600 20:55 -!- LastChild [LastChild@c-68-53-5-70.hsd1.tn.comcast.net] has quit [Client Quit] 20:56 -!- LastChild [LastChild@c-68-53-5-70.hsd1.tn.comcast.net] has joined #se2600 20:56 -!- mode/#se2600 [+o LastChild] by ChanServ 22:38 -!- hobbes615 [~hobbes615@unaffiliated/hobbes615] has quit [Remote host closed the connection] 22:40 -!- hobbes615 [~hobbes615@c-68-52-51-5.hsd1.ky.comcast.net] has joined #se2600 22:49 -!- hobbes615` [~hobbes615@2601:484:c200:1ee0:f0ff:3103:bf4c:27ba] has joined #se2600 22:51 -!- hobbes615` [~hobbes615@2601:484:c200:1ee0:f0ff:3103:bf4c:27ba] has quit [Read error: Connection reset by peer] 22:52 -!- hobbes615 [~hobbes615@c-68-52-51-5.hsd1.ky.comcast.net] has quit [Ping timeout: 246 seconds] 22:53 -!- hobbes615` [~hobbes615@c-68-52-51-5.hsd1.tn.comcast.net] has joined #se2600 23:28 -!- hobbes615` [~hobbes615@c-68-52-51-5.hsd1.tn.comcast.net] has quit [Quit: Leaving] --- Log closed Wed Feb 20 00:00:22 2019