<    April 2017    >
Su Mo Tu We Th Fr Sa  
 2  3  4  5  6  7  8  
 9 10 11 12 13 14 15  
16 17 18 19 20 21 22  
23 24 25 26 27 28 _2_9  
00:30 <TemptorSent> jirutka: Personally, I prefer a good ol' clue-by-four :)
01:08 <TemptorSent> Does anyone have a fast way of comparing a potentially long list of file globs against filenames in a file (fnmatch style)?
01:09 <TemptorSent> (without resorting to gawk extensions)
01:20 s33se joined
02:17 Emperor_Earth joined
02:40 blueness joined
05:26 pickfire joined
05:32 blueness joined
05:43 blueness joined
09:02 blueness joined
10:22 blueness joined
10:26 LouisA joined
10:53 <^7heo> hiro: the people on the main channel aren't all knowledgable.
10:53 <^7heo> hiro: look at how many of use are *NOT* on the main channel
10:53 <hiro> hahaha
10:53 <^7heo> hiro: just to avoid them
10:54 <hiro> i guess i'll have to do the same
10:54 <^7heo> yeah it's a sensible thing to do.
10:54 <skarnet> guilty as charged
10:54 <^7heo> exactly
10:54 <hiro> also reminds me: i should run 9front for my irc sessions again
10:54 <hiro> then i don't have to fear being attacked by his stupid 0day irssi exploits
10:55 <^7heo> ?
10:55 <^7heo> How would 9front help with that?
10:55 <hiro> ^7heo: lack of market
10:55 <hiro> ^7heo: for 9front there are no usable exploits sold
10:55 <hiro> ^7heo: so he'll be hopeless
10:56 <hiro> ^7heo: he'd have to understand how to use the rc shell
10:56 <hiro> ^7heo: i'm sure that's too much for him.
10:56 <^7heo> ahhh, that's the sarcastic continuation of the disucssion from the main channel
10:56 <hiro> yes :)
10:56 <hiro> i thought that's what you were refering to
10:57 <^7heo> to make fun of that stupid luser who knows nothing about security whatsoever but has a HUGE mouth
10:57 <^7heo> yeah I was referring to that when I wrote what skarnet answerded to ;)
10:58 <^7heo> but I didn't follow the logic of the joke up to chrome -> opera == anything -> 9front
10:58 <^7heo> while it is completely valid ;)
10:58 <^7heo> (at least about the size of the user base)
11:06 <^7heo> what a fucking waste of time.
11:09 <^7heo> can someone paste the topic of #alpine-linux in a query with me please? ;)
11:09 <^7heo> I can't get it via chanserv...
11:09 <^7heo> (or I don't know how)
11:46 rk324 joined
12:47 <hiro> this reminds me
12:47 <hiro> who in the devil's name has included gr-sec stuff in alpine?
12:47 <hiro> this is the shit that attracts retards like that...
12:48 <hiro> all snakeoil shit giving them an excuse for their existence
12:59 <jirutka> hiro: pardon me?
13:01 <hiro> jirutka: you put it in?
13:01 <jirutka> hiro: grsecurity is in Alpine for very long time, it increases security and Grsecurity project used to be open before… now the situation is very different, actually we’re already discussing about removing grsecurity from Alpine
13:01 <hiro> oh wow!
13:01 <hiro> that makes me quite happy actually, haha
13:01 <jirutka> hiro: no, I didn’t, it was here before I came to Alpine
13:02 <jirutka> hiro: you can talk with kaniini about it, he’s probably most involved in replacing grsecurity
13:02 <hiro> i'm not sure why you're convinced it increased security. but then i'm not that well versed on the topic anyway, so...
13:02 <hiro> what is it being "replaced" with?
13:03 <jirutka> hiro: I don’t know, please ask kaniini
13:04 <hiro> thanks
13:04 <hiro> were the discussions on the mailing list?
13:05 <hiro> i might just read those to waste less time of people here
13:05 <skarnet> it's being replaced with apparmor+PaX, AFAIK. And I don't know much more
13:06 <skarnet> I'm not convinced either that it's useful (it's always been detrimental to me), but apparently corporate loves it, so...
13:08 <hiro> great reason *ugh*
13:09 <skarnet> as an individual user, you don't have to use it
13:09 <hiro> i guess somebody receives money then oO
13:10 <jirutka> hiro: unfortunately no…
13:10 <skarnet> for grsec? no, but Alpine receives users
13:10 <hiro> you shouldn't try to attract users with *features*
13:11 <hiro> then they can just use redhat
13:11 <skarnet> and *you* shouldn't try to tell Alpine devs what they should or should not do. :P
13:11 <hiro> the opposite would be the appropriate behavior for alpine's niche :)
13:11 <hiro> skarnet: you mean it's a waste of my time?
13:11 <hiro> skarnet: i've been probably wasting all my day talking today
13:11 <jirutka> hiro: please calm down with this aggressive attitude…
13:12 <hiro> skarnet: so i agree that it's probably not productive enough.
13:12 <hiro> jirutka: in this channel here?
13:12 <skarnet> that, and also it's disrespectful to Alpine devs, who actually have assessed the advantages and drawbacks of providing, or not providing, those features, and if they've chosen to provide them, maybe there's a reason.
13:13 <jirutka> hiro: if you have better security enhancement for Linux kernel and wanna integrate it into Alpine, we’d welcome it
13:13 <skarnet> Again, I don't like grsec more than you do, but as long as I can opt out, I'm not going to complain, especially if Alpine's success comes at this price.
13:13 <hiro> skarnet: i'm not sure i know the devs personally, as long as i don't i expect them to take a user's complaint professionally and try to concentrate on the actual points rather than it's tone.
13:14 <hiro> jirutka: my security enhancement consists of rebuilding the kernel myself with only the stuff activated that i need.
13:14 <hiro> jirutka: i doubt there's a better way for anybody else, but it requires manual work obviously.
13:14 <hiro> *individual* manual work
13:15 <skarnet> hiro: that's because you control what you run on your machine. grsec, and equivalent functionality, is aimed at sysops who *don't* control their whole stack, and need confinement.
13:15 <skarnet> Yes, I deplore that it's necessary. But that's the real world.
13:15 <hiro> i don't know what alpine devs do, how many there are, how much work it was. i will never know for sure.
13:16 <hiro> and thus i don't *allow* them to feel judged by me, regardless of what i say :P
13:17 <hiro> skarnet: you might be right that alpine would have less users if only individuals like me used it... but i'll always ask for what i *personally* need, cause that's the only thing i know about.
13:17 <skarnet> and that's fine. And the answer is: use alpine-vanilla.
13:17 <hiro> sorry
13:38 <Shiz> ^7heo │ I can't get it via chanserv...
13:38 <Shiz> /list #alpine-linux
14:03 <^7heo> ah thanks Shiz
14:33 Marc_M joined
14:34 <Marc_M> Happy easter. Is anyone of the Wiki admins online?
14:36 <clandmeter> Kind of
14:36 <Marc_M> I'm a technical writer and registered a new Wiki account, but can't post the new documentation I wrote, because the Wiki tells me that new users are not allowed to add links to the Wiki.
14:36 <clandmeter> Yes
14:36 <Marc_M> The only external link my procedure contains is to the Alpine Linux download page
14:36 <clandmeter> Takes 5 hours
14:37 <Marc_M> I can post it 5h after I created the account?
14:37 <clandmeter> That's what they told me
14:37 <clandmeter> It was 5 days before
14:38 <Marc_M> Ok, that's fine. I can try it later again.
14:38 <clandmeter> Sorry about that
14:40 <Marc_M> No problem. In the Samba team, new users have to request a password from us before they can log in to the Wiki. We also had this spam problem in the past.
14:41 <Marc_M> One further question: I added an email address to my Wiki account, but no confirmation mail was sent. When I click to "confirm your email addresses" in my preferences, it tells me that my email address is invalid.
14:41 blueness joined
14:41 <Marc_M> Are mail addresses blocked that contain "alpine.linux" in the prefix? I created an email alias on my mailserver for AL.
14:42 <Shiz> not that i know of
14:44 <Marc_M> I requested the mail again (the same way). Now it was sent. Maybe there's a kind of delay for spam protection, too.
14:46 <Marc_M> I removed the external link to the AL download page for now. I will add it later.
14:48 <Marc_M> And here is the new doc: https://wiki.alpinelinux.org/wiki/LVM_on_LUKS I rewrote the whole procedure because it was outdated and some important steps missing to get a bootable system. Additionally, the previous version was basically just a list of commands without details. I hope the new documentation is useful.
14:48 <Marc_M> Keep up the great work on AL.
14:50 <Shiz> Marc_M: very nice, we needed an updated page on that :)
14:50 <Shiz> good job
14:54 <Marc_M> Shiz, yw
16:46 <jirutka> llvm and clang 4.0: https://github.com/alpinelinux/aports/pull/1261
17:13 <Shiz> jirutka: doing a final compile now
17:13 <Shiz> after pulling apart
17:14 <Shiz> pulling everything apart*
17:15 <kaniini> we are leaving grsec alone for now and seeing what happens actually
17:16 <Shiz> good
17:28 fabled joined
17:58 <Shiz> jirutka: running tests...
18:06 <Shiz> jirutka: all tests passed! \o/
18:06 <algitbot> \o/
18:11 <Shiz> jirutka: just gonna PR this one because it's so many patches
18:11 <Shiz> lol
18:22 <jirutka> Shiz: thanks! I’m very happy that you did it, I was afraid that I will have to refactor them myself
18:23 <jirutka> Shiz: kaniini: you may be interested in helping with https://github.com/alpinelinux/aports/pull/1261 :)
18:24 <kaniini> jirutka doing easter shit but after that i will review it
18:24 <Shiz> jirutka: https://github.com/alpinelinux/aports/pull/1262
18:24 <Shiz> i didn't bump the cargo pkgrel because it's just a change in the APKBUILD, not in its result product, I think
18:26 <Shiz> maybe I'm wrong though -- would need to double-check
18:27 <Shiz> jirutka: looks like Rust will be getting LLVM 4.0 support in 1.18, most likely
18:27 <Shiz> which is ...
18:27 <* Shiz> takes out calendar
18:27 <Shiz> barely not in time for 3.6, i think
18:33 <Shiz> jirutka: you sure there's nothing that depends on llvm3.8?
18:33 <jirutka> Shiz: I’m not, we must to find out
18:34 <Shiz> also, you should update compiler-rt together with llvm, most likely
18:34 <jirutka> Shiz: I hope that all what currently depends on llvm 3.8 can use 4.0, 3.9 or 3.7 :)
18:34 <Shiz> :P
18:34 <Shiz> what do we keep 3.7 around for
18:34 <jirutka> yes, it’s on TODO list ;)
18:34 <Shiz> ghc?
18:34 <jirutka> yes
18:34 <jirutka> 3.9 for Rust and probably Julia
18:34 <Shiz> right
18:34 <jirutka> that needs to be updated as well :/
18:35 <Shiz> so packages im fairly sure will be fine with llvm4:
18:35 <Shiz> main/compiler-rt
18:35 <Shiz> testing/lldb
18:35 <Shiz> (may need updating themselves though)
18:35 <Shiz> i think mesa is fine too with llvm4
18:38 <Shiz> jirutka: does that list also include packages that rely on clang?
18:38 <jirutka> hmm…
18:38 <jirutka> not sure tbh
18:38 <kaniini> crystal & dotnet-core require 4
18:38 <Shiz> because those may rely on libclang or whatever
18:38 <jirutka> no, it does not
18:38 <kaniini> well, crystal can work on 3.8/3.9/4
18:38 <kaniini> but they recommend 4
18:39 <kaniini> i think moving to 4 and dropping 3.8 is safe
18:39 <jirutka> only afl depends on clang-libs
18:39 <kaniini> but i will set up an exp-run when i get back
18:41 <Shiz> i'd really like to put ghc on 3.9 though but i understand it's a bunch of effort
18:41 <jirutka> btw who’s Travis Tilley? is he still active?
18:41 <kaniini> ttilley is not active anymore i do not believe :(
18:44 <jirutka> okay, any volunteer to take mainteinership of llvm packages? :) currently main/llvm is assigned to Tilley, llvm3.7, llvm3.9 and new llvm4 to me, but I don’t feel very competent to maintain llvm pkgs
18:44 <Shiz> wasn't there someone doing ghc stuff lately?
18:44 <Shiz> i seem to recall such a thing
18:45 <jirutka> yes, Mitch
18:45 <Shiz> maybe ask him :P
18:45 <jirutka> not before we move ghc into community… :)
18:45 <Shiz> jirutka: btw, you got to take a look at PR1204?
18:46 <Shiz> i'd feel sorry if we didn't merge after he did everything we asked
18:46 <Shiz> :P
18:47 <jirutka> Shiz: hm, I see, yet another broken daemon how insists to manage PID file itself, even when you tell it to not daemonize
18:47 <jirutka> Shiz: I’ve patched similar case just few days ago in different pkg
18:47 <Shiz> not a problem here at least
18:47 <Shiz> what does it matter if ssd and the daemon write the same pid to the same pidfile
18:47 <Shiz> :P
18:47 <jirutka> "pdns will always format the pid filename as pdns.pid" ?
18:48 <Shiz> jirutka: pdns has a concept of instances
18:48 <Shiz> the main instance is pdns.pid, other named instances are pdns-$name.pid
18:48 <jirutka> but each instance is started by init system, right?
18:48 <Shiz> apparently
18:49 <Shiz> yes
18:49 <jirutka> aha, so it even manages it’s own instances?!
18:49 <Shiz> well 'manages'
18:49 <Shiz> it writes a pidfile for them
18:49 <jirutka> omg, don’t tell this skarnet…
18:49 <Shiz> ln -s pdns /etc/init.d/pdns.myinstancename
18:49 <Shiz> # service start pdns.myinstancename
18:49 <Shiz> is how it works
18:49 <Shiz> so it's still managed by the init system
18:49 <Shiz> all it does is write its own pidfiles
18:50 <jirutka> this is the result of decades with shitty init system like SysV init… software doing work that init system should do
18:50 <jirutka> well, so where’s the problem?
18:50 <jirutka> if all instances is started by OpenRC and OpenRC writes the pid file, not the daemon itself, then the daemon should not care about the pidfile name…?
18:51 <Shiz> yeah, it's not a problem
18:51 <Shiz> it's just that there would be multiple pidfiles in /run
18:51 <Shiz> but that's now all resolved
18:51 <Shiz> :p
18:51 <jirutka> aha, I understand now, reading too quickly…
18:51 <Shiz> but
18:52 <Shiz> it seems like it doesn't actually write the pidfile when you tell it --daemon=no
18:52 <Shiz> :P
18:52 <Shiz> so yeah
18:52 <jirutka> so it’s how I assumed, pdns alyways creates pid file, so if you choose different name for pidfile in OpenRC, then you end up with two pid files for one process, right?
18:52 <Shiz> that's what i thought too until i read the pdns code just now
18:52 <Shiz> it doesn't write a pidfile with --daemon=no, which is what we pass it
18:53 <Shiz> so it's a non-issue after all
18:53 <jirutka> okay, so we can replace `/run/${RC_SVCNAME/./-}.pid` with just `/run/$RC_SVCNAME.pid` ?
18:54 <Shiz> lemme double-check
19:01 <Shiz> jirutka: okay i was wrong
19:01 <Shiz> it always writes the pidfile unless you give it a speciifc option
19:01 <Shiz> thati 'm trying to find
19:04 <Shiz> jirutka: --write-pid=no
19:04 <Shiz> :)
19:04 <jirutka> bingo! :)
19:04 <Shiz> jirutka: so replace `/run/${RC_SVCNAME/./-}.pid` with just `/run/$RC_SVCNAME.pid` and add --write-pid=no to the args
19:04 <Shiz> i propose we do it for him, guy has already changed so much
19:04 <Shiz> :P
19:06 <jirutka> okay
19:33 <skarnet> lolpdns
19:45 <kaniini> skarnet: tbh pdns is really good when you're running a hosting company
19:45 <skarnet> and systemd is really good when you don't know anything better
19:46 <kaniini> i don't think that is fair. pdns sql backend is really powerful
19:47 <skarnet> DNS data is key-value, you don't need a relational database to store it, so why is "sql backend for DNS" even a thing
19:47 <skarnet> in fkn 2017
19:48 <kaniini> skarnet: customer portal
19:49 <skarnet> is that the fashionable answer for every bad technical decision?
19:49 <asie> it's not the /fashionable/ answer
19:49 <asie> the fashionable answer is "startup customer portal"
19:50 <asie> but then sql is not fashionable, so it's very hard to determine just how fashionable a startup consumer portal based on sql would be in practice.
19:50 <asie> i would err on the side of "out of style"
20:04 letoram joined
20:08 <yMGJRgi997ZH> actually i like the pdns pipe backend, where i can script my responses, allows for very flexible hacks with different responses based on e.g. who is asking. perfect for abusing dns (clients)
20:43 blueness joined
20:43 czart__ joined
21:16 goberle_ joined
22:01 chris| joined
23:06 Emperor_Earth joined
23:18 <kaniini> skarnet: i managed a DNS server cluster with millions of domains and also many rdns zones and having it all via SQL made it very convenient to build out customer access
23:19 <skarnet> I don't doubt that it's workable
23:19 <skarnet> or even convenient, if the software modules already exist
23:20 <skarnet> I'm just saying that's overengineered.
23:20 <skarnet> (and that sql should die, but that's a personal opinion)
23:21 <Shiz> as if the rest isn't a personal opinion
23:21 <Shiz> :P
23:22 <skarnet> I've backed the rest up with scientific reasoning.
23:22 <Shiz> then i'm either blind or your messages didn't come through
23:22 <Shiz> :P
23:22 <skarnet> <skarnet>DNS data is key-value, you don't need a relational database to store it, so why is "sql backend for DNS" even a thing
23:23 <skarnet> now of course if you mix DNS data with regular user data you need a relational db for... >.>
23:25 <kaniini> its convenient to use the same methods for storing DNS data if you already use SQL for a customer portal :)
23:26 <skarnet> I guess.
23:26 <kaniini> wlel, that is how features at hosting companies like "update my RDNS inside the portal" work :)
23:26 <* Shiz> envisions skarnet's DNS with /var/dns/mydomain.tld/A/ managed by unix permissions
23:26 <Shiz> ;p
23:27 <skarnet> Shiz: I would actually love that :D
23:27 <kaniini> Shiz: don't give him ideas
23:31 blueness joined