--- Log opened Fri Dec 30 00:00:12 2022
00:09 -!- ShellGh0st [~raoul@50.206.240.178] has joined #se2600
05:07 < aestetix> hahaha
05:08 < aestetix> I got an angry reply about my talk from an ethereum dev
05:08 < aestetix> who... I dunno if he's just young, or if his communication skills suck, but he totally missed the point
05:09 < aestetix> He tried to argue that ENS did not go down, because you could still access the web pages and whatever from the long string, using a command line
05:09 < aestetix> And he also argued that you could replace eth.link with another border domain and it would work
05:09 < aestetix> he completely missed the point
05:09 < aestetix> How many people outside of tech even know what a command line is, lol
07:32 < Evilpig> I've gotta get this power strip off my desk.  fuckin' cat has been walking over the power switch
07:40 < ShellGh0st> EvilPig: yeah my cat does that too
07:45 < Evilpig> she's dealing with some thyroid issues and has been extra clingy lately and wants to sit on top of my desktop while i'm sitting at the desk.  the path she takes up there is behind the laptops and moniitors and that takes her over the power strip I have on the desk for "stuff"
08:07 <@Dagmar> aestetix: I think you got someone who doesn't work in tech at all
08:07 <@Dagmar> Maybe gardening or sometrhing
08:16 < ShellGh0st> EvilPig:  Yeah I usually have 4 monitors and a tower and two laptops plugged into mine, and I keep it on the desk behind the monitors.  My cat walks back there to hide from the dog and conduct secret operations.  And sometimes he turns the switch off and everything just stops.  Pretty sweet.
08:17 <@Dagmar> I do not have exposed kill switches for the cats to play with
08:18 < ShellGh0st> I'm in a hotel in East TN at the moment, I brought a ton of gear just to do my job, but I feel like I'm at Defcon or something, with the way my hotel room looks
08:19 < ShellGh0st> Dagmar: yeah I keep meaning to solve mine.  Fortunately I mostly work on remote servers, so it hasn't caused me to lose work.  And the laptops have battery backup built in :)
08:21 < Evilpig> I've moved the surge protector in a way that the switch is now not as accessible.  debating on hanging this on the wall this morning and completely remove it from the equation
08:23 < Evilpig> https://photos.app.goo.gl/cNqEe9d8cWMNHeBK8
08:23 < PigBot> No Title (at photos.app.goo.gl) https://tinyurl.com/2gzx9ayw
08:46 < ShellGh0st> EvilPig:  I just realized I have suge protectors with the switch on the side in a recess.  Will swap it out when I get home.
10:10 <@Dagmar>  Fuckin' awesome
10:10 <@Dagmar> Another stealth change in RHEL-space
10:10 <@Dagmar> Apparently the way winbindd generates UIDs was changed
10:15 < Evilpig> that has been known to change over time
10:15 <@Dagmar> Yeah well it just broke a bunch of internal processes here
10:15 <@Dagmar> So, that's an awesome thing to do the week before Christmas
10:16 < Evilpig> I'd suggest setting static UIDs in your extended ad attributes and use those instead of the autogenerated ones
10:19 <@Dagmar> That sounds like a thing someone who actually controls AD can do
10:20 <@Dagmar> me and Fortinet are about to have a "come to jesus" call I think
10:20 <@Dagmar> I have submitted three bug reports to them
10:20 <@Dagmar> One of which is apparently now in the hands of developers, which is fine
10:20 <@Dagmar> One has been bouncing around between people who keep coming back to me for more info
10:21 <@Dagmar> One of which they sent me a "workaround" for last week that doesn't actually work
10:21 <@Dagmar> I just put text in that ticket to the effect of "I am submitting this as a bug report to you as a _courtesy_.  Do not waste my time sending me "workarounds" that no one there has actually tested."
10:22 <@Dagmar> I will _eventually_ find a way to get a shell on these fuckin' things
10:22 <@Dagmar> ...and whether or not they waste my time will determine if I report future bugs to them, or just drop them into /r/fortinet
10:23 <@Dagmar> This particular issue was with their policy checker built into the web gui
10:23 <@Dagmar> It's _handy_, but it has some shortcomings.
10:23 <@Dagmar> Like, it doesn't let you specify the auto-generated ppp0 interface as the source interface for the packets when you do a test
10:24 <@Dagmar> They told me a "workaround" is to use the parent interface
10:24 <@Dagmar> They did not test that, which I know because I tried that originally and it does not work (always matches default deny policy) and I tried it again and it still does not work
10:42 <@Mirage> Oof... just noticed the almost completely forgotten Property Tax Statement on the fridge.  Not due until 1/31, but I think I should go ahead and take care of it today before I forget about it again
11:02 < Evilpig> argggggg
11:03 < Evilpig> I think I just found a bug in sssd that was supposedly fixed a decade ago yet here it is
11:12 < Evilpig> https://pagure.io/SSSD/sssd/issue/2349
11:12 < PigBot> Issue #2349: public key validator is too strict and does not allow newlines anywhere in the public key string, not even at the end - sssd - Pagure.io (at pagure.io) https://tinyurl.com/2qo8umeq
11:22 <@Dagmar> Ouch
11:36 < Evilpig> yeah no shit.  need to test on another OS to be sure that this isn't ubuntu specific first
11:36 < Evilpig> but initial testing I have two accounts.  one works, one does not.  the one that doesn't has two keys stored in ldap.  the other has a single key.  so i'm guessing that the issue is the linebreak between the two keys
12:29 -!- ShellGh0st [~raoul@50.206.240.178] has quit [Ping timeout: 260 seconds]
13:53 <@Dagmar> Damn gotta love Fortinet technical support
13:54 <@Dagmar> I sent them a bug report because their web gui policy tool was broken
13:54 <@Dagmar> When you've got an on-demand VPN connection defined, you can use the policy checker to _try_ and test source/destination selecting the psuedo-interface you just created, but it always matches the default deny policy (which is untrue)
13:55 <@Dagmar> What's going on is that traffic goes through a ppp0 link interface that the policy checker does NOT give you the option to select
13:55 <@Dagmar> Their "response" was to tell me that I should use the named psuedo-interface because it's the parent interface for the ppp0 interface
13:56 <@Dagmar> ...and like, what the absolute fuck guys.  That's the exact thing I was telling them is broken.
13:57 <@Dagmar> It's worth mentioning that there's a way to do this very same sort of check through the command-line interface, and THERE it's just fine with being told the ppp0 interface
13:58 <@Dagmar> It may seem lazy but if you give me a tool that will let me just specify source/destination addresses and ports to test new policy configurations, I'm GOING TO USE THAT FUCKER
13:58 <@Dagmar> ...because it beats the holy hell out of debugging the live configuration by generating packets
13:58 <@Dagmar> I looked at enough Wireshark shit this fall I'm surprised i'm not seeing it in my sleep
13:59 <@Dagmar> There were over 400 pcap files sitting in my Downloads directory
14:41 -!- ShellGh0st [~raoul@c-73-19-205-167.hsd1.tn.comcast.net] has joined #se2600
16:04 -!- ShellGh0st [~raoul@c-73-19-205-167.hsd1.tn.comcast.net] has quit [Quit: leaving]
16:14 -!- ShellGh0st [~raoul@gateway/tor-sasl/shellgh0st] has joined #se2600
19:15 -!- ShellGh0st [~raoul@gateway/tor-sasl/shellgh0st] has quit [Ping timeout: 255 seconds]
21:17 -!- ShellGh0st [~raoul@gateway/tor-sasl/shellgh0st] has joined #se2600
22:59 <@Mirage>  blah.  Was going to snag another LSI 9211-8i vs the 9260-8i that I had TrueNAS (unhappily) running on.  A cheaper clone popped up for ~40% the $$ so I figured I'd go for it.   Wound up being a Fujitsu made 9261-8i clone...which is another Raid card but based on the SAS2108 chip which doesn't support JBOD at all.
23:00 <@Mirage> Normally I'd have been ecstatic to get a raid card vs a jbod card...except that in this case I needed the JBOD card.
23:01 <@Mirage> Anyone need a raid card?  Supports 0/1/5/6/10/60  SAS/SATA
--- Log closed Sat Dec 31 00:00:13 2022