--- Log opened Wed Dec 30 00:00:26 2020
05:23 <@Dolemite> mr0ning, be0tches and h0ez!
07:14 -!- Synx_hm [~Synx_hm@unaffiliated/synx-hm/x-1623004] has quit [Quit: Ping timeout (120 seconds)]
07:15 -!- Synx_hm [~Synx_hm@unaffiliated/synx-hm/x-1623004] has joined #se2600
09:21 <@Evilpig> Mirage_: https://www.dropbox.com/s/mj77c2xaq9l85ze/Screen%20Shot%202020-12-30%20at%209.21.06%20AM.png?dl=0
09:21 < PigBot> Dropbox - Screen Shot 2020-12-30 at 9.21.06 AM.png - Simplify your life (at www.dropbox.com) https://tinyurl.com/y9pbt2rh
10:41 <@Mirage_> Evilpig: lol
10:41 -!- Mirage_ is now known as Mirage
11:15 -!- xray [~xray@c-71-236-3-132.hsd1.ga.comcast.net] has quit [Quit: The Lounge - https://thelounge.chat]
11:16 -!- xray [~xray@c-71-236-3-132.hsd1.ga.comcast.net] has joined #se2600
12:28 <@Mirage> Damn, I need to work on this... https://ibb.co/HhLS228
12:28 < PigBot> fico — ImgBB (at ibb.co) https://tinyurl.com/y8mwuuvv
12:31 <@Evilpig> Mirage: give me your details and I'll lower that for you
12:33 <@Mirage> I'm sure you could
12:33 <@Evilpig> if I don't have to pay it back, I can definitely do a number on it
13:12 <@Dolemite> I can definitely help out with that.
14:16 <@Dagmar> fuuuuuck
14:17  * Evilpig dumps a bucket of lube on Shadow404 
14:17 <@Dagmar> Can um, someone who has a Linux box using ad-integration try logging in via ssh, but type your username in allcaps
14:17 <@Evilpig> ...  k
14:17 <@Dagmar> I would really, really like this to be somethign I fucked up
14:18 <@Evilpig> give me a sec to find one I didn't put a key on
14:18 <@Dagmar> I'm not sure hte key matters
14:20 <@Dagmar> It seems like this just breaks the shit out of SElinux
14:20 <@Dagmar> Someone started accidentally making aacounts with an uppercase username
14:21 <@Dagmar> When I ssh into this otehrwise pretty normal box with my username in caps, I get permission denied for my homedir
14:21 <@Dagmar> ...which is a bit fucking weird
14:21 <@Evilpig> username and USERNAME are working but all of these have keys so it might not be triggering a hit to ad
14:22 <@Dagmar> Well, mainly it matters that teh account not be listed in /etc/passwd I think
14:23 <@Evilpig> that is weird
14:24 <@Dagmar> This is very fucked up
14:24 <@Evilpig> MacPig:~ wilbur$ ssh WILBUR@10.0.0.238
14:24 <@Evilpig> WILBUR@10.0.0.238's password:
14:24 <@Dagmar> I'm literally the right fucking user
14:24 <@Evilpig> MacPig:~ wilbur$ ssh wilbur@10.0.0.238
14:24 <@Evilpig> Welcome to Ubuntu 20.04.1 LTS (GNU/Linux 5.4.0-52-generic x86_64)
14:24 <@Evilpig> I can type the password and it authenticates me and whoami shows wilbur and not WILBUR
14:24 <@Dagmar> Yeah that part is correct
14:25 <@Dagmar> Usernames in unix are lowercase
14:25 <@Evilpig> wilbur@sonarr3:~$ id
14:25 <@Evilpig> uid=1000(wilbur) gid=1000(wilbur) groups=1000(wilbur),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),116(lxd),1002(rtorrent),50000(domain users),50001(nasaccess),6000001(BUILTIN\users)
14:25 <@Evilpig> wilbur@sonarr3:~$ id
14:25 <@Evilpig> uid=5000(wilbur) gid=5000(homeusers) groups=5000(homeusers),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),116(lxd),1002(rtorrent),50000(domain users),50001(nasaccess),6000001(BUILTIN\users)
14:25 <@Evilpig> seems I have a local user here 
14:25 <@Dagmar> They';re handled in sort of a case-agnostic way by login mechanisms because of the legacy POS machines which only had uppercase keyboards
14:26 <@Dagmar> ...but it's somehow just _breaking shit_ when I ssh using an uppercase username
14:26 <@Dagmar> I can run id and see that I'm the right account... $UID has the right number
14:29 <@Dagmar> I turned off selinux... same shit
14:29 <@Dagmar> Something WEIRD is going on with sssd
14:29 <@Dagmar> ...and I have *no* goddamn idea how
14:30 <@oddball> I meant to ask you about that, after Ben mentioned it.
14:36 <@Dagmar> This should _not_ be possible
14:36 <@Evilpig> ohhhhh stop using sssd
14:37 <@Evilpig> that was the answer I was given and switch to winbind with samba
14:37 <@Dagmar> RHEL is pushing sssd
14:37 <@Dagmar> ...and precisely none of this makes any sense
14:37 <@Dagmar> I figured MAYBE bash is somehow not setting $UID correctly
14:37 <@Dagmar> I touch a file in /tmp to find out who the fuck i am
14:38 <@Dagmar> It shows the expected user:group on the resulting file
14:39 <@Evilpig> RHEL is pushing winbind
14:39 <@Evilpig> who do you think told me to stop using sssd
14:48 <@Evilpig> I just tried my username in all caps against one of our sssd machines are work and it denied my login
14:50 <@Dagmar> Well, at least i's not accepting just whatever crazy password one wishes to throw at it
14:51 <@Dagmar> So... that much is fine
14:51 <@Dagmar> Some folks were suggesting the case_sensitive setting, but apparently if the provider is ad is just ignores the hell out of that
14:52 <@Evilpig> ldap_user_object_class = user
14:52 <@Evilpig> ldap_user_name = sAMAccountName
14:52 <@Evilpig> ldap_force_upper_case_realm = True
14:52 <@Evilpig> ldap_group_object_class = group
14:52 <@Evilpig> only thing we have for case in there.  we're hitting ad but using the ldap connector
14:59 <@Dagmar> I think I might have figured out *some* of it
14:59 <@Dagmar> This account exists both in /etc/passwd and AD
15:04 <@Dagmar> Using the uppercase version, it fails through nss for files, but passes against sss
15:05 <@Dagmar> That results in the user not getting their primary group like they should, but they should still be able to use their own homedir, 700 or not they own it
15:25 <@Mirage> lol..  https://youtu.be/ke9MU7KLIfc?t=695
15:25 < PigBot> FREE Chevy S10 Pickup Will It Run and Drive after many years? | Part 1 - YouTube (at youtu.be) https://tinyurl.com/y8njwf8r
15:25 <@Mirage> That's certainly one way to take care of wasps
15:31 <@Evilpig> damnit Mirage.  bat tree
15:32 <@Mirage> I really like that guy, he's goofy as hell
17:05 <@eryc> if that flight in PA that trump visited was supposed to go down with 4 missiles a2a the whole plan would be plausible because sungard was a former tank factory and datacenter for Sunuco
17:07 <@eryc> we had a modal container worth of storage in tha building with expansive chassis
17:18 <@eryc> means, abvious motive, and a plan
17:37 <@eryc> have you ever solved a reason
17:39 <@eryc> no, you aolve for a goal
18:28 <@eryc> i qant to build a sanitarium on kellog's land in jentycky and cure all these souls
--- Log closed Thu Dec 31 00:00:28 2020