--- Log opened Wed Mar 08 00:00:13 2023
01:07 -!- Mirage [~mirage@ra.thehippo.net] has quit [Ping timeout: 260 seconds]
01:07 -!- Mirage [~mirage@ra.thehippo.net] has joined #se2600
01:07 -!- mode/#se2600 [+o Mirage] by ChanServ
06:57 <@Dolemite> mr0ning, be0tches and h0ez!
07:57 <@Mirage> Just hopped in "Workday" to request a couple days off and boggled at the available balance: 336 hours (96 Holiday + 80 PWT + 160 Vacation).  Keep in mind that Dell doesn't roll over.
08:06 < Evilpig> you best get to taking some time
08:07 < Evilpig> Mirage: we missed hodir last night by half a second or less.  
08:07 < Evilpig> logger recorded it as a hardmode win, server not so much
08:08 <@Mirage> I would have much rather been doing that than the cleaning/organizing the house that was being done instead.
08:08 < Evilpig> we would have rather had you too.  we were also one man down.
08:09 <@Mirage> Wife is working the next 2 days, so she's been frantic about trying to get the house "presentable" for all the company that will be here this weekend.
08:09 <@Mirage> My uncle informing me last night that one of my cousins will be in tonight didn't help.
08:21 <@Mirage> The Rookie is pissing me off w/ the gaps between new episodes.  Starting to feel like Farscape was for a while...
08:47 < Evilpig> i'd blame fox, but it's actually abc this time so I got nothing
08:50 <@Mirage> One downside to my cousin coming to stay with us for an undetermined period of time is that we'll have a live-in cat/chicken sitter...so I'll no longer have any excuses for not going and doing stuff w/ the wife
08:51 <@Mirage> Informed one of my co-workers that I'll be out 4/14 for my b-day.  He's now officially a bastard because he informed me that he was taking off for his b-day as well... it's "Pi day", 3/14
09:02 < Evilpig> have you guys seen this yet?  http://www.thetvdb.com/?tab=series&id=412421
09:02 < PigBot> History of the World, Part II - TheTVDB.com (at www.thetvdb.com) https://tinyurl.com/2zc49nck
09:03 <@Mirage> I got it from you... Watched about half the first episode last night when I was allowed a break from cleaning
09:07 <@Dolemite> haven't started it yet - I'm backlogged from vacation as it is
09:12 < Evilpig> lastchild added it,  Ihaven't checked it out yet
09:12 < Evilpig> been stuck troubleshooting a weird sssd problem and not done much else
09:28 <@Dolemite> You still fighting with that?
09:35 <@Mirage> Weird.. https://dallas.craigslist.org/ndf/fuo/d/mckinney-modern-sofa-set-leather/7591779624.html
09:35 < PigBot> Modern Sofa Set (leather) - furniture - by owner - sale (at dallas.craigslist.org) https://tinyurl.com/2mmgs235
09:36 <@Dolemite> Doesn't look comfortable for one thing, but in terms of design, it's like an Oreo Cookie and a TRON Light Cycle got together and had kids
09:37 < Evilpig> Dolemite:  different day, different problem
09:37 < Evilpig> today's problem is a user's laptop that wiped ewwwbuntu 18 and and is now rolling rhel9 and sssd wasn't starting
09:37 <@Dolemite> Ah, there's your problem.   It's running RHEL.
09:38 < Evilpig> when we took out the smartcard mappings it started right up. so it's looking like a slow harddrive problem
09:38 < Evilpig> I gave system-duh an override to the startuptimeout from 90 sec to 180 sec and it's cleared up
09:39 < Evilpig> the OTHER sssd thing i've been working on would actually resolve this partially too since it would reduce that mapping file from 10000+ entries to a much reduced number
09:51 <@Mirage> Dolemite: When I saw the pic what instantly came to mind was "vroom, vrooom"
09:52 <@Mirage> I also find myself wondering if they have a car bed
10:23 <@Dagmar> I'm trying to be nice but really... screw this guy
10:23 <@Dagmar> https://community.fortinet.com/t5/Support-Forum/Bug-FortiOS-CLI-bad-format-string-making-exec-dhcp-lease-list/m-p/247941
10:23 < PigBot>  Re: Bug: FortiOS CLI bad format string making `exe... - Fortinet Community  (at community.fortinet.com) https://tinyurl.com/2lrrhkxz
10:23 <@Dagmar> Evilpig: Wait... sssd is back in fashion again?
10:25 <@Dagmar> Mirage: There's just so much going wrong in that picture
10:26 < Evilpig> Dagmar: when you need MFA locally on linux it's the only real option
10:26 <@Dagmar> Although I can appreciate how the couch combines the best features of being able to eat remote controls, along with the maximum stainability in the white armrests
10:26 < Evilpig> have to have something translate ssl certificates to a user
10:26 <@Dagmar> Evilpig: Winbind is hostile to MFA?
10:27 <@Dagmar> I figured one would normally get those attributes via LDAP
10:28 < Evilpig> it works like this.  user puts smart card or yubikey style device into a desktop. local machine reads the cert and verifies that it's trusted, then connects that cert to a local user and allows them to authenticate if they provide the correct pin for the cert
10:28 < Evilpig> can't use ldap because these can be offline, so the cert has a specific issuer, etc
10:29 <@Dagmar> ldap data is usually cached
10:29 <@Dagmar> I've had to sift throught that cache a few times now
10:29 <@Dagmar> Frankly it's a bit easier than trying to talk to the LDAP server
10:29 < Evilpig> can be, but for these they aren't.  there are several factors that are involved unfortunately. 
10:29 <@Dagmar> bummer
10:30 < Evilpig> ldap is one of the things i've been pushing for and will likely start to be a bigger role here soon
10:30 <@Dagmar> I guess no one's brought up the subject of an offline device not knowing anything about a cert being disavowed
10:30 <@Dagmar> ...not to put nightmare spiders in your coffee
10:31 < Evilpig> that is covered too
10:31 <@Dagmar> Excellent
10:31 < Evilpig> but if a cert is revoked and a pc is offline long enough, there just isn't much you can do there.  they have access to that machine and it's compromised
10:32 < Evilpig> which gets into the other security measures in place like all drives must be encrypted, etc
10:41 -!- NotWarcop [~josh@user/warcop] has joined #se2600
10:43 -!- PigBot [~PigBot@gateway.wilpig.com] has quit [Ping timeout: 268 seconds]
10:43 -!- PigBot [~PigBot@gateway.wilpig.com] has joined #se2600
10:43 -!- Warcop [~josh@user/warcop] has quit [Ping timeout: 268 seconds]
10:53 <@jb7od> Anybody else suffer anxiety whenever "I know just enough to be dangerous" is said? At a point, this was the warcry of one of the most difficult users and now I've got ptsd
11:06 <@Dagmar> Those people almost never admit to that
11:06 <@Dagmar> If someone actually says it it usually means "I don't think any of this will blow back on me so I'm going to be reckless"
11:34 < dasunt> LOL.
11:35 < dasunt> I
11:35 < dasunt> I'm getting PTSD when I start recognizing people who are know just enough to convince others that they are expert.
11:35 < dasunt> "Oh, your email isn't working?  Well, we just have to rebuild the DNS server since the email footers are failing their NTLM authorization."
11:36  * dasunt twitches.
11:41 <@Dagmar> jesus
11:42 <@Dagmar> By the way, these words... "Just to be clear, your recommendation to make all of the fields tab-delimited would never be implemented."
11:42 <@Dagmar> That's exactly the thing NOT to say 
11:43 <@Dagmar> Fucking sales engineers should not be allowed to "help" on those forusm
11:43 <@Dagmar> Dude has a massive DK problem
11:43 <@Dagmar> "I'm not sure why you'd want [the timezone] to be shown by default"
11:43 <@Dagmar> I wanted to say, "It's because you are #00ff00
11:44 <@Dagmar> I don't think I'm wrong in thinking that people selling enterprise-level firewall equipment should have their staff conversant with the problems that happen when your WAN spans more than one time zone
12:25 < Evilpig> duckdns.org seems to be having issues today
12:25 < Evilpig> been getting notices when a couple of people's addresses don't resolve
12:52 <@Dagmar> lol I'm probably goign to pants that fortinet staffer even harder if he responds again
12:52 <@Dagmar> If he comes back trying to talk about how it's not worth storing times as GMT...
12:53 <@Dagmar> ...this is what I'm getting with the REST API interface: 'expire_time' => '1678805675'
12:54 <@Dagmar> That got me so irritated I actually just modified a bunch of SQL to include the local timezone of the equipmen in question so I can convert those to their timezone to show the user
12:58 <@Mirage> Blah.  Hogwarts had a patch this morning from steam and now I get random crashing when going through doors.
13:02 < Evilpig> nice. 
14:59 <@Dagmar> Some valuable job search skills right here
14:59 <@Dagmar> https://twitter.com/compound248/status/1633271686341578753
14:59 < PigBot> No Title (at twitter.com) https://tinyurl.com/2qzdhfho
18:32 < Evilpig> Dagmar: you were complaining about comcast's shitty 1TB a month cap right?
18:55 -!- xray6 [~xray@c-73-184-58-168.hsd1.ga.comcast.net] has joined #se2600
18:55 -!- mode/#se2600 [+o xray6] by ChanServ
18:56 -!- xray [~xray@c-73-184-58-168.hsd1.ga.comcast.net] has quit [Ping timeout: 255 seconds]
18:56 -!- xray6 is now known as xray
19:05 <@Dagmar> Yes, and thanks to AT&T I have no other options
19:06 <@Dagmar> For whatever reason in _this_ neighborhood the best they offer is 50Mbps
19:06 <@Dagmar> ...and when I called about that the woman wanted to know why I wasn't up for it, I told it "because it's no longer 2003" and she wanted to _argue with me_ that it was fast
19:06 < Evilpig> one of the guys at work today was bitching that his comcast gateway or somethign was showing speeds jumping up and down all day ranging from 5MB/s to 50MB/s and he was the only person home and swore nothing else on in the house
19:07 < Evilpig> he was on the phone with them telling them their reporting crap had to be wrong and was getting nowhere
19:07 <@Dagmar> Comcast might have had some routing changes happening
19:07 <@Dagmar> Support almost never gets notified of those things
19:07 <@Dagmar> ...and they will never, ever admit to it even if they do figure it out on their own.
19:07 < Evilpig> I felt bad for him but mocked him at the same time and pulled my att bill.  I thought I was doing about 10TB a month.  Apparently i've been pushing out about 10TB a month alone for the last several months
19:08 < Evilpig> this month i'm sitting at 13TB out and 7 in
19:08 <@Dagmar> If he checks the management interface on his modem (the Arris/Motorola ones have them) I'll betcha he was losing DOCSIS channels repeatedly
19:09 <@Dagmar> I can definitely pull down 200Mbps through Comcast, but the upstream is a tenth of that and I am tired of them pretending quotas are reasonable
19:10 <@Dagmar> THey are long past the point where they should take some of those large bags of money and actually invest in their infrastructure
19:10 <@Dagmar> ...but clearly they'd rather just bribe people to harass potential new FCC candidates
19:10 < Evilpig> didn't they pay those big bags of money out to some politicians as their cut?
19:11 <@Dagmar> Usualyl yeah
19:11 <@Dagmar> https://www.cnn.com/2023/03/07/politics/gigi-sohn-withdraws-fcc-nomination/index.html
19:11 < PigBot> FCC nominee withdraws her nomination after Manchin opposition | CNN Politics (at www.cnn.com) https://tinyurl.com/2jbgvp4o
19:11 <@Dagmar> Of course Manchin was involved
19:12 <@Dagmar> They oughtta start refusing to let him identify as Democrat, considering how often he votes with the fascists
19:12 <@Dagmar> The GOP isn't going to let any candidate fill that role who isn't pro-fascist
21:15 <@Dagmar> Why aren't we allowed to eat underskilled support staff?
21:16 <@Dagmar> I literally just got an email from someone who should know better asking to "confirm" that our _public interface addresses_ were able to communicate with their 172.16.0.0/12 address over the VPN tunnel.
21:17 <@Dagmar> I told him flat out that will never work, explained what is going to happen, and HOPEFULLY HE WILL NOT FREAKIN' TRY TO ARGUE
21:17 <@Dagmar> ...because I've kind of had it with dumb motherfuckers in support failing so hard they take an attitude about basic shit like whether or not fire is hot
--- Log closed Thu Mar 09 00:00:15 2023