--- Log opened Tue Oct 19 00:00:24 2021 05:09 <@Dolemite> mr0ning, be0tches and h0ez! 05:13 <@Dolemite> Ah, finally, a TV show got it right. If a hacker is breaching your system and you want to stop them, you don't go grabbing a fire axe and chopping away at things. Nor do you go and snip all of your cables. You walk over to the wall and flip the master breaker. 05:13 <@Dolemite> As bad as The Equalizer is about hacking tropes, at least they got this one right 06:55 <@xray> Unless you are like us an have a UPS on the network hardware and the computer. 06:56 <@Dolemite> xray: Code requires that you have a master shunt trip 06:57 <@Dolemite> But the point is that for once, a TV show didn't attack a server farm with an axe 07:11 < Evilpig> oh ncis.... get better writers. "as I recall that cluster uses hyper-v for redundancy, if you take out that facility it won't take the system out" 07:21 <@xray> Dolemite: I agree with your point. They do ridiculous things. Like two people tying on the same keyboard at the same time to keep up with the hacker. 07:21 <@xray> Fisher-Price launches a working Chatter telephone for adults 07:21 <@xray> https://www.engadget.com/fisher-price-working-chatter-telephone-040026739.html 07:21 < PigBot> Fisher-Price launches a working Chatter telephone for adults | Engadget (at www.engadget.com) https://tinyurl.com/yglrzjkh 09:24 -!- Dagmar [~dagmar@user/dagmarx] has quit [Ping timeout: 265 seconds] 10:02 -!- Dagmar [~dagmar@c-69-247-146-235.hsd1.tn.comcast.net] has joined #se2600 10:02 -!- Dagmar [~dagmar@c-69-247-146-235.hsd1.tn.comcast.net] has quit [Changing host] 10:02 -!- Dagmar [~dagmar@user/dagmarx] has joined #se2600 10:02 -!- mode/#se2600 [+o Dagmar] by ChanServ 10:08 -!- Dagmar [~dagmar@user/dagmarx] has quit [Ping timeout: 264 seconds] 10:13 <@Mirage_> India team: "There an alert on usdald-dtms-fs01 for /var. I cannot access, can you please check." 10:14 <@Mirage_> Me: "The last 3 times you've hit me up about this the usage has been ~60%. Wanna place a bet?" 10:14 <@Mirage_> India team: "huh?" 10:14 <@Mirage_> Me: "Yup, 61%" 10:14 <@Mirage_> India Team: "Maybe you could add more space?" 10:15 <@Mirage_> Me: "Maybe fox the check?" 10:15 <@Mirage_> ^s/fox/fix/ 10:20 <@Mirage_> Then I dug in a little bit on why they weren't able to access the box, which I manually joined to the customer domain (kerb/ldap/sssd/winbind). For whatever reason my account was able to login, but the others in the "unixadmins-dell*" groups were getting a "GPO access check failed: [1432158236](Host Access Denied)", "HBAC processing failed: [1432158236](Host Access Denied}", "GPO-based access control 10:20 <@Mirage_> failed." errors logged in sssd. 10:21 <@Mirage_> Which makes no sense given that the user getting the error is in the same unix groups as I am. 10:21 < Evilpig> bad cache? 10:22 <@Mirage_> For grins I added our elevated groups and those worked fine. 10:23 <@Mirage_> I think they made some weird GPO change and that since I'd created the AD object for the box that I'm the "owner" in AD, and therefore allowed access with my 'normal' account. That's the only thing I can think of anyway. 10:23 < Evilpig> i'm having a grand ole time this morning debugging ansible playbooks. they work fine on my laptop but it's running 2.11.6 and fail in our prod enviornment that is running either 2.9 or 2.10 10:24 <@Mirage_> The whole reason I didn't use the elevated accounts in the first place is that you have to be on the customer network to be able to access their password tool in order to check out you adm* account password, which is rotated every 12h 10:25 <@Mirage_> Evilpig: so 'lab' doesn't match 'prod'... 10:27 < Evilpig> yup pretty much. I updated something on my laptop this last week with brew and it updated a bunch of shit 10:27 < Evilpig> we have a test enviornment that does match prod but I was trying to do more rapid dev 10:28 <@Mirage_> I recall royally pissing off a customer a few years ago because they were testing puppet code on their laptop and declared that everything was broken. Once I figure out the testing was being done local on his laptop and not in the lab environment I told him that his testing was completely invalid and that when he decided to follow a sane proces for code validation that he could then escalate 'issues' to 10:28 <@Mirage_> be, but until then his testing was invalid and any/all requests to code changes would be ignored. 10:52 <@Mirage_> Ah, ha!!! I need to set "ad_gpo_access_control = permissive" 10:52 <@Mirage_> https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/windows_integration_guide/sssd-gpo 10:53 < PigBot> 2.6. Group Policy Object Access Control Red Hat Enterprise Linux 7 | Red Hat Customer Portal (at access.redhat.com) https://tinyurl.com/yauvlj7y 11:02 < Evilpig> I guess I should get up off here and get a shower. gonna try to get a pixel 6 at noon when they're supposed to be announced officially, then a department meeting at 12:30, followed up by a 1:1 with my boss at 1, before I head out around 1:40 to get the kid from school to get to a doctor's appt 11:05 < Evilpig> already wasted half my morning on this ansible stuff. I wish F5 could be at least a little consistent with their APIs 11:28 <@Mirage_> setting ad_gpo_access_control worked like a charm. 11:35 <@Mirage_> Oh, and $m3llyc@T was the correct answer in the 'Policies, Standards, and Best Practices for a Secure Workplace" quiz yesterday. =) 11:44 <@Mirage_> And the latest medical/scientific annoucement in the category of "Um, Duh!": https://www.sciencealert.com/scientists-think-that-there-are-people-out-there-who-could-be-genetically-resistant-to-covid 11:44 < PigBot> There May Be People Who Are Genetically Resistant to COVID-19, Scientists Say (at www.sciencealert.com) https://tinyurl.com/yhpau4h3 12:01 < Evilpig> fuckin' google. https://store.google.com/product/pixel_6_pro?hl=en-US 12:01 < PigBot> 500