<     May 2017     >
Su Mo Tu We Th Fr Sa  
    1  2  3  4  5  6  
 7  8  9 10 11 12 13  
14 15 16 17 18 19 20  
21 22 23 24 25 _2_6 27  
28 29 30 31
00:05 dirac1 joined
00:20 grayhemp joined
00:23 czart joined
00:29 czart_ joined
00:36 czart_ joined
00:44 czart_ joined
00:53 czart__ joined
00:56 czart joined
01:02 czart_ joined
01:02 czart joined
01:17 cyborg-one joined
01:35 czart joined
01:36 s33se joined
01:42 czart joined
01:47 czart joined
01:54 ogres joined
02:11 <shodan45> trying to figure out libvirtd.... anyone know if it *requires* dbus?
02:15 <shodan45> looking thru its logs, it's not entirely clear if it can live without it
02:20 doppo joined
02:38 emacsomancer joined
02:49 Graypup_ joined
02:50 dasher00 joined
02:59 kvda joined
03:16 kvda joined
03:37 greguu joined
04:01 dirac1 joined
04:04 Emperor_Earth joined
04:07 <BitL0G1c> shodan45 - libvirt needs dbus-libs in alpine https://pkgs.alpinelinux.org/package/edge/main/x86_64/libvirt - arch has dbus as a depends too
04:20 ahrs joined
04:30 Horachi joined
04:32 kvda joined
04:46 dave0x6d joined
05:19 grayhemp joined
05:22 czart joined
05:28 czart joined
05:32 czart joined
05:49 dirac1 joined
05:59 helpImStuck joined
06:09 grayhemp joined
06:38 serge____ joined
07:04 kvda joined
07:26 rollniak joined
08:08 lesion joined
08:58 dasher00 joined
09:00 fekepp joined
09:46 orbiter joined
09:51 kahiru joined
10:04 tru_tru joined
10:09 LouisA joined
10:40 kvda joined
10:44 minimalism joined
11:03 helpImStuck joined
11:37 ogres joined
11:55 rollniak joined
12:01 Nicop06 joined
12:14 grayhemp joined
12:15 kvda joined
12:19 Horachi joined
12:23 Skele joined
12:29 helpImStuck joined
12:31 k0nsl joined
12:31 k0nsl joined
12:31 <helpImStuck> are there any howto's on how to user alpine xen to virtualize other os:es?
12:41 kvda joined
12:43 fekepp joined
12:44 Horachi left
13:08 fekepp joined
13:53 rollniak joined
14:08 dasher00 joined
14:22 grayhemp joined
14:30 rdutra joined
14:36 sparklyballs joined
15:03 grayhemp joined
15:03 cyborg-one joined
15:06 dirac1 joined
15:25 tmh1999_ joined
15:26 Kruppt joined
15:37 dirac1 joined
15:50 rdutra joined
16:27 leepa joined
17:05 cyteen joined
17:21 tmh1999 joined
17:31 greguu joined
17:35 grayhemp joined
17:51 arnotixe joined
18:05 grayhemp joined
18:29 fekepp joined
18:39 johefernan joined
18:39 <johefernan> Doe anybody tried Xen over Alpine?
18:41 <_ikke_> Probably, but not me
18:51 sigtrm joined
18:52 zocker joined
18:59 johefernan joined
19:08 LouisA joined
19:15 <darkfader> johefernan: what do you mean over alpine?
19:15 <darkfader> i have dom0 and domU in alpine, although only one host these days
19:16 cyborg-one joined
19:17 felixsanz joined
19:35 <johefernan> darkfader: There' s a build-in support for Xen Hypervisor
19:35 <johefernan> https://nl.alpinelinux.org/alpine/v3.5/releases/x86_64/alpine-xen-3.5.2-x86_64.iso
19:36 <darkfader> is there
19:36 <darkfader> ...
19:36 <darkfader> normally i don't use the iso but install xen after successful install
19:36 <darkfader> you can try the iso
19:37 <Shiz> the -xen iso isn't that different from the normal one afaik
19:37 <darkfader> i thought it boots to ram or so
19:37 <Shiz> it just has a bunch of packages pre-installed
19:37 <Shiz> all isos boot to ram
19:37 <darkfader> ah
19:37 <Shiz> :P
19:37 <johefernan> Exactly
19:37 <johefernan> Ok
19:37 <darkfader> true :)
19:37 <johefernan> Deal is I wanna try alpine
19:37 <johefernan> And Xen
19:37 <johefernan> 1 shot u know
19:38 <johefernan> I got a PowerEdge R320 to play with
19:38 <Shiz> go for it :p
19:44 dirac1 joined
19:56 <stevenroose> Is there a way to give an OpenRC service more time to shutdown?
19:57 <stevenroose> I have a daemon program that wen I shut it down, it takes some seconds, but rc-service restart complaints that it fails to shut down after 3 seconds or so
19:57 <stevenroose> Can I increase that time somehow?
19:59 <Shiz> hmm
19:59 <stevenroose> I guess with start-stop-daemon args
20:00 <stevenroose> Shiz, where can I find the default ones?
20:00 <Shiz> i think you can set retry=
20:00 <Shiz> in /etc/conf.d/<svcname>
20:00 <Shiz> in seconds
20:01 <Shiz> retry Retry schedule to use when stopping the daemon. It can
20:01 <Shiz> either be a timeout in seconds or multiple
20:01 <Shiz> signal/timeout pairs (like SIGTERM/5).
20:01 <Shiz> from the openrc-run manpage
20:01 <stevenroose> yeah start-stop-daemon has --retry
20:01 <stevenroose> oh
20:01 <Shiz> you don't need to set start-stop-daemon args manually
20:01 <stevenroose> retry=[time] ?
20:01 <Shiz> just set retry and openrc will take care of it
20:01 <Shiz> :)
20:01 <Shiz> yeah i believe so
20:02 <stevenroose> Shiz, where can I find documentation on those openrc service variables?
20:02 <Shiz> man openrc-run
20:02 <stevenroose> awesome
20:02 <stevenroose> thanks a lot
20:03 <Shiz> in the openrc-doc package, fwiw
20:03 <Shiz> np
20:06 <stevenroose> I man in google here, don't have man installed on the machine :)
20:06 <Shiz> yeah i usually do something similar, because lazy
20:06 <Shiz> but local manpages may be more uptodate :p
20:14 hecliunyx joined
20:16 dirac1 joined
20:42 rollniak_ joined
20:49 nightmared joined
20:57 <shodan45> what's the difference between qemu-$arch and qemu-system-$arch?
20:57 <shodan45> is qemu-system-$arch for VM "clients"?
20:58 <shodan45> I just installed it, and it installed wayland(?!)
20:59 <shodan45> and, well... this should be obvious :/
20:59 <scv> qemu-system is full system emulation while qemu- is just processor emulation for binaries
21:04 drivero joined
21:05 <Shiz> i... dont think it should install wayland?
21:11 dirac1 joined
21:14 <shodan45> scv: that's what I assumed at first
21:16 <shodan45> but.... https://pastebin.mozilla.org/9022324
21:16 <shodan45> also added alsa-lib
21:16 <shodan45> mesa-gbm
21:16 <shodan45> .... weird
21:18 <shodan45> looks like mesa-gbm is to blame for req'ing wayland
21:20 <stevenroose> I'm trying to set up an OpenVPN and I get ERROR: Linux route add command failed: external program exited with error status: 2
21:20 <stevenroose> Is this because there is a package missing maybe?
21:22 dirac1 joined
21:22 <shodan45> stevenroose: maybe - I would guess that "route" is symlinked to busybox?
21:23 <shodan45> I bet openvpn needs the real route
21:24 <stevenroose> hmm
21:24 <stevenroose> which route gives /sbin/route
21:24 <stevenroose> route --help gives BusyBox v1.25.1 (2016-10-26 16:15:20 GMT) multi-call binary.
21:24 <shodan45> :)
21:25 <Shiz> ah, it's because of the SPICE stuff
21:25 <Shiz> stevenroose: yeah you want uhm
21:25 <ncl> net-tools?
21:25 <Shiz> net-tools
21:25 <Shiz> :P
21:27 <stevenroose> net-tools package?
21:27 <stevenroose> getting the same error, does it require a reboot?
21:28 <ncl> no
21:28 <ncl> try /bin/route/
21:28 <ncl> try /bin/route
21:28 <ncl> may need to unlink /sbin/route or fixup PATH
21:28 <stevenroose> ncl, thing is, I'm not using it
21:29 <shodan45> is there a doc somewhere that lists packages like net-tools and procps? stuff to make alpine more heavy-weight & more like a "normal" distro?
21:29 <stevenroose> i just execute `sudo openvpn vpnconfig.ovpn`
21:30 <shodan45> don't get me wrong, I love alpine's light-weight-ness :)
21:30 <shodan45> but I'm used to centos :)
21:32 <stevenroose> shodan45, there are separate installation "bundles" iirc
21:32 <shodan45> stevenroose: you mean ISOs?
21:33 <shodan45> or like a meta-package?
21:33 <stevenroose> shodan45, uhu, from minimal to somewhat complete distro :p
21:34 <stevenroose> https://alpinelinux.org/downloads/
21:38 <stevenroose> shodan45, if openvpn needs a different route, how can that be fixed?
21:38 <stevenroose> lrwxrwxrwx 1 root root 12 Apr 12 18:01 /sbin/route -> /bin/busybox
21:39 <stevenroose> I installed net-tools
21:40 <scv> fwiw /sbin/route has been deprecated for like ... 15 years?
21:40 <shodan45> stevenroose: just rm /sbin/route.... but busybox's package will re-add it later..... hmm :/
21:41 <shodan45> IIRC I ran into this problem with something else busybox does
21:41 <shodan45> ohh... it was top
21:42 <stevenroose> it's weird that I cannot find anything about this on google, no?
21:42 <stevenroose> scv, what do you mean with deprecated?
21:43 <stevenroose> There is no manual route command in the OpenVPN file, so it must be one of the standard procedures that openvpn does..
21:43 <stevenroose> I have no prior experience with setting up a vpn in linux
21:45 <Shiz> then openvpn uses deprecated tools
21:45 <Shiz> :P
21:45 <Shiz> # route has been superceded by # ip route for a good 10 years now
21:45 <Shiz> but yeah, it should still work
21:45 <shodan45> libvirtd's log file uses UTC, not the system time zone. cute.
21:46 <Shiz> hmm
21:46 <Shiz> it seems net-tools install /bin/route which is then not detected by busybox postinstall as overriding /sbin/route
21:46 <Shiz> this needs fixing
21:47 minimalism joined
21:47 <Shiz> stevenroose: for now i would manually rm /sbin/route
21:47 <Shiz> it will work
21:47 <shodan45> Shiz: like I was saying earlier, the same thing happens with top - procps adds /bin/top, but /usr/bin/top still exists & points to busybox
21:48 <scv> yeah there's quite a few random packages that are like that
21:48 <Shiz> did anyone have that curl oneliner to query the alpine web api for which package a file belongs to?
21:48 <shodan45> deleting the /usr/bin/top symlink only works until the busybox package's script re-runs
21:49 <shodan45> Shiz: such a thing exists? I want that too :)
21:49 <Shiz> someone posted a curl+grep a while back
21:49 <shodan45> heck, one could argue it should be part of apk
21:49 <Shiz> it can't be part of apk right now
21:49 <Shiz> APKINDEX does not have a list of contents for all packages
21:49 <Shiz> pkgs.a.o generates this manually
21:50 <Shiz> and including full file lists in APKINDEX would bloat it severely...
21:51 <Shiz> found it: 2017-04-30 22:07:47 qman__ armin: FILE="host"; curl -s "https://pkgs.alpinelinux.org/contents?file=$FILE" | grep package | cut -d\> -f3 | cut -d\< -f1 | uniq
21:51 <* shodan45> steals that
21:52 <xentec> is out there somewhere a doc about how busybox handles network/interfaces in detail?
21:56 kvda joined
21:57 <Shiz> xentec: it's similar to debian's config: the core of it is the ifup utility
21:57 <stevenroose> Shiz, I get the same error
21:58 <stevenroose> and route now is /bin/route
21:58 Caplain joined
21:58 <xentec> Shiz: I've already guessed that :). my question is, how far the config is supported by busybox
21:58 <Shiz> i would try to see if openvpn logs the route output somewhere
21:58 <stevenroose> It looks like it's using ip though
21:58 <Shiz> stevenroose: you can try installing iproute2
21:58 <Shiz> :P
21:59 <stevenroose> Shiz, I have that one, apparently
21:59 <stevenroose> I also did the modprobe tun thing that the wiki describes
22:00 <stevenroose> this is the whole output
22:00 <stevenroose> https://gist.github.com/stevenroose/f70c106b771902a407a36ce0a3210186
22:00 <stevenroose> maybe I'm overseeing things
22:03 <Shiz> i found a bunch of mismatches, oh dear
22:03 <Shiz> stevenroose: hmm
22:04 <Shiz> okay so it seems that addr add command fails
22:05 <Shiz> or does it
22:05 <Shiz> no, it doesn't
22:06 <stevenroose> :p yeah it doesnt seem to be fully synced
22:06 <Shiz> i'd run openvpn in debug mode
22:06 <Shiz> that should make it print D_ROUTE messages that tell you the ip route command it tried to invoke
22:07 <Shiz> --verb 3
22:07 <stevenroose> grep also seems to be symlinked to busybox and doesnt allow grep -5
22:09 <Shiz> that's probably because you don't have the grep package
22:09 <Shiz> (what does grep -5 even do...?)
22:10 <stevenroose> its the same as -C 5
22:11 <stevenroose> context above and below match
22:11 <Shiz> why not just do -C 5 then
22:11 <Shiz> :P
22:12 <stevenroose> ughh openvpn --verb 3 (specify verbosity level) complains "Options error: You must define TUN/TAP device (--dev)"
22:12 <stevenroose> pff
22:12 <stevenroose> yeah did -C 5 :p just used to -5, was curious why it didnt work
22:14 <Shiz> maybe put 'verb 3' in your conf file
22:15 <xentec> I wonder: shouldn't all init scripts which 'need net' also 'need dns'?
22:15 <stevenroose> https://gist.github.com/stevenroose/2b3510774b0839dcbe26af8afe094c1e
22:17 <Shiz> well, there's the route command that fails at least
22:17 <Shiz> yo ucan apk del net-tools btw, it's not relevant
22:19 <stevenroose> thanks
22:19 <Shiz> you can try to re-execute the commands it executes in order
22:20 <Shiz> and then get what the error message it gives you was
22:29 dirac1 joined
22:29 <stevenroose> Shiz, the ones with /sbin/ip, right?
22:29 <Shiz> yus
22:30 <stevenroose> Cannot find device "tun0"
22:30 <stevenroose> for first one /sbin/ip link set dev tun0 up mtu 1500
22:31 <stevenroose> haha, I guess openvpn does some preparation before those commands
22:32 <Shiz> yeah it does create the tun device first
22:32 <Shiz> but that should be easy
22:32 <Shiz> ip tuntap add mode tun dev tun0
22:32 <Shiz> :)
22:42 drivero joined
22:49 drivero joined
22:53 Nobabs27 joined
23:14 <stevenroose> oh missed your message
23:15 <stevenroose> Shiz, RTNETLINK answers: File exists
23:15 <stevenroose> that's what I get
23:15 <stevenroose> I saw that before in my log output, I guess tee only forwards stdout to the file instead of both stdout and stderr
23:15 <stevenroose> can you make anything of that?
23:16 <stevenroose> "Because it's already there - this is what RTNETLINK answers: File exists is telling you."
23:16 <Shiz> on the ip tuntap command?
23:17 <stevenroose> no the ones exactly above the error line
23:17 <stevenroose> https://gist.github.com/stevenroose/2b3510774b0839dcbe26af8afe094c1e#file-gistfile1-txt-L42
23:17 <stevenroose> (do I have to undo those commands after doing them manually?)
23:17 <Shiz> that's odd
23:17 <Shiz> the other commands worked?
23:17 <stevenroose> yes
23:17 <stevenroose> well, no output, so I guess so
23:17 <Shiz> yes
23:17 <Shiz> can you do
23:18 <Shiz> ip route list
23:19 <stevenroose> ip route lsit
23:19 <stevenroose> https://gist.github.com/stevenroose/2b3510774b0839dcbe26af8afe094c1e#file-gistfile2-txt
23:19 <stevenroose> (how do I undo those routes?)
23:21 <Shiz> just execute them in reverse order with s/add/del/
23:24 <Shiz> seems like it tries to add duplicate routes
23:25 <stevenroose> yeah indeed
23:25 <stevenroose> google is not very helpful with that error message
23:28 <stevenroose> does this make any sense to you? "yours problem - routes. the simplest method to send all traffic via you VPN gateway - add to the client config: redirect-gateway def1"
23:30 <scv> well
23:30 <scv> the first issue you have that's preventing communication is cipher/hash mismatch
23:30 <scv> Mon May 22 00:14:55 2017 WARNING: 'cipher' is used inconsistently, local='cipher BF-CBC', remote='cipher AES-256-CBC'
23:31 <scv> cipher auth and keysize need to be set properly
23:31 <Shiz> it seems the vpn config is a bit wonkey, yeah
23:31 <ncl> is that
23:31 <ncl> blowfish cbc?
23:31 <Shiz> yes
23:32 <scv> that's the default in openvpn iirc
23:33 <stevenroose> would the config file help?
23:33 <stevenroose> I'll add it to the gist
23:33 <scv> you're missing lines in the config file
23:33 <scv> namely cipher, auth and keysize
23:33 <stevenroose> I downloaded it from my VPN provider
23:33 <stevenroose> but it's an amateur one
23:33 <scv> the warnings in your debug log tell you what options to configure
23:34 <stevenroose> https://gist.github.com/stevenroose/2b3510774b0839dcbe26af8afe094c1e#file-neutrinet-ovpn
23:34 <stevenroose> scv but those are warnings, no?
23:34 <scv> yes?
23:35 <scv> you can't communicate if each end is using a different cipher though
23:35 <stevenroose> isn't the definition of a warning that it's bad but should not hinder further execution? :)
23:35 <scv> it doesn't hinder further execution
23:35 <scv> you're just not able to send any data :p
23:36 <stevenroose> scv, makes sense :D
23:36 <stevenroose> I asked the provider
23:36 <scv> there's no cipher/auth lines in your config at all
23:36 <scv> so it'll default to blowfish and sha1
23:36 <scv> which is incorrect, the correct options are listed in those warnings
23:40 <stevenroose> that might make sense
23:40 <stevenroose> so the mentioned error might not be the cause of it not working?
23:40 <scv> it isn't working because the cipher and auth types are mismatched
23:40 <stevenroose> I sent an email and IRC message to the maintainers of the vpn, I guess they'll have a look at it
23:40 <scv> you'll get a connection with zero traffic passing
23:40 <stevenroose> many thanks for pointing that out though
23:41 <stevenroose> scv, you say the cipher conf values that should be specified are mentioned in the warnings..
23:41 <stevenroose> why doesn't openvpn use those then?
23:42 <scv> because they aren't specified in the config
23:42 <scv> if it isn't specified it defaults to blowfish and sha1
23:42 <scv> defaults are still considered configured options
23:42 <scv> it isn't just going to override what's configured
23:42 <stevenroose> oh
23:43 <stevenroose> well, I have to go to bed now, I'll try to set the cipher details tomorrow
23:43 <stevenroose> should do
23:43 <stevenroose> thanks a lot folks!!
23:43 <stevenroose> you are awesome!
23:46 k0nsl joined
23:46 k0nsl joined
23:59 Classsic joined