--- Day changed

--- Log opened Mon Jun 02 00:00:02 2003
03:52 -!- pirlouit [~peter@64.162.195.202] has quit [Quit: Time to frag!]
04:52 -!- pirlouit [~peter@64.162.195.202] has joined #uml
05:10 -!- sssssssh___ [~chatzilla@66.157.232.32] has quit [Ping timeout: 488 seconds]
06:10 -!- radical [~kernet@202.88.184.39] has joined #uml
06:46 -!- sb98052 [~mobydick2@147.210.177.95] has joined #uml
07:03 -!- sb98052 [~mobydick2@147.210.177.95] has quit [Remote host closed the connection]
07:10 -!- snide [~snide@81.49.162.128] has joined #uml
07:55 -!- radical [~kernet@202.88.184.39] has quit [Quit: Client Exiting]
09:55 -!- stephane [~stephane@82.65.226.73] has joined #uml
09:55 < stephane> hello
09:57 < gump> afternoon
10:16  * gump is away -( uni )- at 03:15p -( P:On / L:On )-
11:40 -!- ASY [~someone@216.221.51.54] has quit [Read error: Connection reset by peer]
11:51 -!- stephane [~stephane@82.65.226.73] has quit [Ping timeout: 488 seconds]
12:29 -!- Ryback_ [~ra993482@143.106.24.143] has joined #uml
14:26 -!- snide [~snide@81.49.162.128] has quit [Quit: [BX] Mr. Peanut uses BitchX. Shouldn't you?]
14:32 -!- radical [~kernet@202.88.184.39] has joined #uml
14:41 -!- radical [~kernet@202.88.184.39] has quit [Ping timeout: 492 seconds]
15:06 -!- eddie-moz [~knoppix@157-188.dsl.scc.net] has joined #uml
15:22 -!- snide [~snide@81.49.162.128] has joined #uml
15:29 -!- snide [~snide@81.49.162.128] has quit [Quit: BitchX: its shagadellic, baby!]
15:44 -!- snide [~snide@AMontsouris-108-1-27-128.w81-49.abo.wanadoo.fr] has joined #uml
15:59 < BB2> hmm anyone got any pointers as to why i get "SIOCSIFFLAGS: Operation not permitted" when i try and bring up eth0 in UML? 
15:59 < caker> BB2: probably because the tap device on the host needs more open permissions ?
15:59 < caker> BB2: or eth device inside uml isn't getting set up right (check dmesg)
16:00 < BB2> caker perms are 777 on /dev/net/tun
16:01 < caker> BB2: also, are you assigning IPs on the ./linux command line?
16:01 < BB2> nope
16:01 < caker> strace the eth0 command? 
16:01 < caker> er, ifconfig
16:01 < caker> but that's just going to show the syscall failed
16:01 < caker> prob not why
16:02 < BB2> i dont have strace on it heh
16:02 < caker> stupid question, but do you ahve tuntap in your host kernel?
16:03 < BB2> yeah, i can see it in ifconfig
16:03 < caker> did you create the tap device w/ the correct user (if that even matters)
16:03 < BB2> caker ah, that could be it
16:04  * snide has a hanging 2.5 uml ;-(
16:05 < caker> automating a password change is a pain
16:05 < BB2> caker that was it, thanks
16:05 < caker> BB2: awesome, no problem
16:06 < snide> caker: use RSA keys ;-)
16:06 < caker> snide: eh?
16:06 < snide> caker: pass authentication is prehistoric ;-)
16:06 < caker> lol
16:07 < caker> well, i'm trying to write a little program that will change password on just about any distro .. so, I can't rely on a common version of passwd command (one that accepts --stdin param anyway)
16:07 < snide> btw, modules don't work in 2.5, right ?
16:07 < caker> i thought about compiling a static passwd command and including that in my little util to do this
16:07 < caker> snide: i think they didn't a while ago, but might work now in 2.5
16:08 < snide> caker: can't u use libpam ? it's a reasonable assumption that it is in all distro now
16:08 < caker> yes, so now what do I do? 
16:08 < caker> let me see what's inside libpam
16:08 < snide> caker: in 2.5 : linux-2.5.69/arch/um/sys-i386/module.c:122: référence indéfinie vers `apply_alternatives'
16:08 < BB2> my slackware doesnt seem to have libpam
16:09 < caker> well, slack is on my list
16:09 < snide> caker: not using libppam is quite a security issue
16:10 < snide> caker: it's perfectly possible, but not for a site w/ real users on it.
16:11 < snide> caker: and i suppose that if u have the need of such an utility, it's designed to handle some users, no ?
16:11 < caker> It's designed to automate setting up a distro upon first-installation.  I've created a bunch of pre-made filesystems
16:11 < caker> so it needs to do at least: change the root user's passwd
16:12 < snide> caker: i think a good option is to use libpam where it is available. if not, juste use a standart crypt(3) or md5sum(1) 
16:14 < caker> will a good version of 'passwd' fall back to salt/crypt if pam isn't found?
16:14 < snide> passwd(1) ?
16:14  * caker looks at man 1 passwd
16:19 < caker> doesn't look good
16:20 < snide> caker: rely on (1) isn't always a good thing. 
16:20 < caker> I've also realized that some of these distros won't have perl installed either, so perhaps I should look at a "mount on host, make change, unmount" solution
16:21 < caker> instead of "upon first boot, run this script"
16:22 < snide> caker: when i designed my install-over-network, i booted on a nfs-root, and installed a distro in /target
16:23 < snide> caker: so, each time i had to run some config soft (such as LILO) i just did a 'chroot /target /sbin/lilo' 
16:23 < caker> I can't rely on the right things being in the chroot'ed dir, so I think I'll have to copy some stuff in there, run my script, and delete the stuff back out
16:24 < snide> the advantage is, that the perl only had to be on the root nfs. And once loaded, the whole perl script can safely do a chroot
16:24 < caker> hmm
16:24 < caker> just the script can chroot, with the perl binary outsite?
16:24 < caker> s/outsite/outside
16:24 < snide> caker: sure ;-)
16:25 < caker> you're not talking about just calling "chroot" with system calls in perl, right?
16:25 < snide> caker: yep, i do ;-)
16:25 < caker> how? :-)
16:25 < caker> do tell
16:26 < snide> caker: perldoc -f chroot 
16:26 < caker> looking...
16:26 < caker> holy shit
16:27 < snide> caker: the only prob is, that ur perl script has to run as uid=0
16:27 < caker> It has to already, so not a problem :-)  
16:27 < caker> snide: thanks
16:28 < snide> caker: but, actually, u cannot do everything inside a chroot
16:29 < caker> like what kind of things?
16:29 < snide> caker: opening new libs ;-)
16:29 < caker> because of perl's security, or because those libs would be missing
16:30 < snide> caker: because thoses libs would not be the one u really want to load ;-)
16:30 < caker> snide: that makes sense, but I could use/include them before chrooting, right?
16:30 < snide> caker: u should not... u HAVE to ;-p
16:30 < snide> caker: otherwise, strange things might happen
16:31 < caker> I could see how things could go very strange
16:32 < snide> caker: i tracked once a rootkit that did hack /bin/bash with a nice chroot..
16:33 < snide> caker: that's why now my uid=0 has a shell on /sbin/bash, that is statically compiled and / is on a ro device ;-)
16:33 < caker> nice
16:34 < snide> CD-RW in a CDROM-drive make nice RO devices...
16:34 < caker> heh
16:35 < snide> since, / isn't much used --> everything in the slab cache usually ;-) [ and CD-RW because i like to change things in /etc ]
16:35 < caker> sounds perfect
16:37 < snide> caker: but uml iss quite nice now ;-)
16:39 < snide> caker: but the biggest pb is that on server, it's sometimes quite hot. And CD-RW don't really like hotness :-( One melted inside the drive.... was.... ugly ;-)
16:39 < caker> I recommend placing a CD in a microwave for about 6 seconds, must do it on the dark
16:40 < caker> very nice light show
16:40 < snide> caker: i don't have spares m-waves ovens ;-)
16:40 < caker> just use the one in your kitchen :-)
16:40 < caker> seriously, it doesn't hurt it at all
16:40 < caker> but YMMV
16:40 < snide> caker: i don't have any mwo even ;-) 
16:41 < snide> <caker> but YMMV <-- the trailing V annoys me somewhere ;-)
16:46 < caker> hmm, I could mount the filesystem, bind it's passwd and shadow files to the host, run my local passwd command, unbind, unmount. sounds sketchy
16:48 < caker> I think I'll just test of /etc/shadow exists, and generate my own md5hash (right?) and stick it in there, otherwise I'll use crypt and edit the /etc/passwd file
16:48 < caker> that should cover it
16:49 < snide> caker: u can also have a md5 /etc/passwd or a crypt /etc/dhadow
16:49 < caker> hmm
16:49 < caker> I was trying to avoid having to check /etc/pam.d/* to see which is allowed
16:50 < snide> caker: u have to check the pass string $1$ is md5 
16:50 < snide> caker: at the beginning
16:50 < caker> ok makes sense
16:50 < snide> caker: otherwise it's crypt
16:50 < caker> perfect
16:51 < snide> caker: just look first at /etc/passwd. x for an excrypted pass means shadowed pass
16:52 < caker> snide: right
16:52  * snide just discovered evilwm.. ;-) [ niiiiice ]
16:52 < caker> I haven't tried it yet
16:53 < snide> 90k in RAM. ( code + text )
16:55  * BB2 stabs php in gentoo to death
16:56 < snide> BB2: ?
16:57 < BB2> snide its not playing fair :P - I have -java and it still insists on trying to use java
17:21 < caker> Anyone ever have issues, where one of the UML's skas processes remains running on the host, even after powering off the uml?
17:22 < snide> so.... sleeping time ;-)
17:23 -!- snide [~snide@AMontsouris-108-1-27-128.w81-49.abo.wanadoo.fr] has quit [Quit: time's up ;-)]
17:23 < caker> that might be fixed in 5um
17:24 < BB2> i havnt noticed it
18:04 < mistik1> caker: guess what, got this uml connecting outside with a single nic (DSL) setup
18:05 -!- Ryback_ [~ra993482@143.106.24.143] has quit [Read error: Connection reset by peer]
18:15 < caker> mistik1: cool!
18:15 < mistik1> I had it done from the start but the party at the other end was not reporting back corect info :)
18:16 < caker> I hate when that happens
18:17 < mistik1> I just created the bridge, gave it an IP and just added the tapX to it, then just make br0 my internal IF on the firewall
18:24 < caker> wtf is this: -bash: pwd: write error: Success
18:25 < mistik1> o_O
18:25  * mistik1 scratches head
18:26 < mistik1> should send that one to bash.org
18:26 < caker> nothing on google on it
18:26 < caker> nothing looks weird when I strace it
18:27 < mistik1> from pwd?
18:27 < caker> yeah
18:27 < mistik1> that's bloody wierd
18:27 < caker> doesn't matter what dir I'm in
18:27 < mistik1> disk full?
18:27 < caker> no
18:28 < mistik1> If it was file descriptors it would talk about forks
18:28 < mistik1> not write error
18:28 < mistik1> wierd
18:28 < caker> pwd seems to execute fine, but then bash complains about something
18:29 < caker> it must have been a weird environment, because re-logging in cleared it up
18:29 < mistik1> try it in another shell
18:29 < mistik1> heh
18:30 < mistik1> a friend tried to use gcc inside uml and it told him you have a wierd box email such and such :)
20:08 -!- sssssssh____ [~chatzilla@68.17.231.210] has joined #uml
21:24 < david> hello
21:34 < Lathiat> is there anyway to make TTY logging not go to the console?
21:43 -!- ljlane [ljlane@aphrael.net] has joined #uml
22:12 < david> ljlane: heya
22:44 < ljlane> david: greetings. ltns
22:44 < caker> evening
22:46  * gump is back -( uni )- gone 12 hr 30 min 40 s
22:52 < david> ljlane: how's it going?
22:52 < ljlane> david, it goes. How are things with you?
22:53 < david> ljlane: can't complain - what brings you to uml?
22:53 < david> er, #uml
22:53 < ljlane> david, I've been using UML for a while and just noticed the IRC channel. I thought I'd lurk about for a while.
22:54 < caker> welcome ljlane
22:54 < ljlane> caker, thanks
22:54 < david> ljlane: everyone lurks in here - Occasionally there is a flurry of activity, then it dies down again :-)
22:54  * gump has a nice 1u boxen and has been meaning to put uml on it for about 2months
22:54 < ljlane> :)
22:54 < gump> so hi everone
22:55 < caker> I think I've seen 4 of the people that are online right now actually type something
22:55 < gump> first life ive seen in here
22:55 < david> gump: I'm usually pretty active, although it depends on the time
22:55 < gump> i know ichilton and Z-Wing from other irc networks.. but acording to stats they havent spoken
22:56 < gump> thou Z-Wing might be busy doing pop11 work like i should be doing
22:57 < gump> nice article btw david
22:58 < david> gump: which one? :-)
22:59 < gump> the uml one on openconsultancy.com =]
22:59 < david> ah, ok
23:01 < gump> im hoping to colo my daul p3 1u boxen as soon as i get time to setup uml on it to provide accounts for m8s
23:02 < gump> but have another colo bound box i need to finish security testing + tweaking b4 i have time to play with uml :(
23:04 < david> gump: find a nice local ISP with plenty of cheap floor space
23:04 < david> gump: maybe they'll let you colo a low-bandwidth box for cheap/little/nothing
23:05 < gump> well telehouse isnt that far and i have a good quote from a flexable teir2 isp
23:05 < gump> my other option is through a m8 getting cheap colo with vital in derby.. but that involves posting my box
23:06 < gump> and after shitylink sent it to whiltshite instead of berkshire when i bought it im not to keen on posting it + i wanna have a look round telehouse :p
23:07 < caker> what encryption method is used in /etc/shadow? I know it's md5, but is that all that's done do it?
23:07 < gump> there is a uk isp based in redbus who is offering free colo and bandwidth starting from £1/Gb with no comitment
23:07 < david> gump: wow, that's cheap
23:07 < david> gump: check mailbox.net.uk
23:07 < david> caker: it's either crypt() or md5
23:08 < caker> david: I'll give it a shot
23:08 < david> caker: if it's a great long thing, it's md5
23:09 < david> if it's pretty short, it's crypt
23:09 < mistik1> david: thanks for your bridge instructions
23:09 < caker> md5 starts off with $1$
23:09 < mistik1> caker too
23:09 < david> mistik1: np
23:09 < david> caker: oh, ok
23:09 < david> caker: maybe you need to strip that
23:10 < mistik1> david: got uml talking to the outside world with a single NIC connected via DSL and my taps in a bridge
23:10 < caker> well, i just placed a crypt()ed password into /etc/shadow and it didn't let me in, so assuming that I actually DO need to determine md5/crypt
23:10 < david> mistik1: best way to do it - That's what most peope do, AFAIK
23:10 < mistik1> I'm writing a little script i'll send you when i'm done
23:10 < david> caker: did you use a two char salt for it?
23:11 < caker> yes
23:11 < david> mistik1: if it's good I'll post it on uml.org
23:11 < caker> I've had that old perl code laying around for ages
23:11 < david> odd
23:15 < gump> david: ive had a good quote from woaftech but its tsn/spanktastic thats doing the free colo
23:16 < david> gump: never heard of them :-)
23:16 < gump> woaftech host quite a few gsp's .. and tsn are a new startup
23:18 < david> gsp?
23:18 < gump> gaming service providers
23:19 < caker> I wouldn't mind getting into that - some people charge waaay too much
23:19 < gump> woaf host infinity-esports/4k-gaming as well as worldwarx and uh-hosting
23:20 < gump> im gonna try running a number of half life and bf1942 servers on my daul p3 once i get uml on it and in colo
23:20 < gump> will be good load testing for the box as well as comparing with server performance on simlar hardware on the same isp
23:21 < gump> 6-7 12-16 player counter strike servers to a ~2Ghz p4 linux box
23:22 < gump> seems to be the average
23:23 < gump> my box is daul p3 1ghz, 2gb ram, 36 and 9gb 10k and 18gb 7200rpm scsi disks
23:23 < gump> but im hoping for > 30 low load umls
23:23 < gump> mainly email and webdev platform for m8s
23:24 < gump> caker: the market is getting a bit saturated with 13 year old starting gsp's.. a bit like shells a few years ago
23:25 < gump> theres a number of uk gsp selling for < £2.50 player/month
23:26 < gump> and even dedicated servers with unlimited bandwidth for gaing use (usualy capped @ 10mbit) for not much over £100/month
23:26 < caker> well, average cost to co-lo a box is $50-100 or so, so I don't see how they can charge $90/month for a 12-person game
23:26 < gump> s/gaing/gaming
23:27 < gump> depends on a lot of factors
23:27 < gump> how badly their loading the box
23:27 < caker> They must run multiple instances
23:27 < caker> of the game server
23:27 < gump> wether its on a rackshak colo box or a decent low latency isp
23:27 < caker> Still, would be fun to do game hosting
23:27 < gump> yeah.. 6-7 12 players on a p4 seems to be the average
23:27 < caker> does rackshack have the reputation of being slow?
23:28 < gump> and unreliable
23:28 < gump> u can get high transfer rates from them as they have multiple gbit feeds
23:28 < caker> Good, I think that is who one of my competitors is using :-)
23:29 < gump> but their network isnt designed for low latency stuff liek games
23:29 < gump> and they get quite a lot of ddos
23:29 < gump> the low priced servers atrack bad sorts and even worse clueless n00bs who provide free servers for script kiddies
23:30 < caker> hmm
23:30 < gump> are you us based?
23:30 < caker> Yes
23:30 < gump> id sugest concetrating on your part of the country for latency reasons
23:31 < caker> I'm an avid gamer, so I know that is the most important thing
23:31 < caker> :-)
23:31 < gump> and try and find an isp with strong peering and a dislike for irc and you should be ok
23:31 < gump> =]
23:32 < gump> in uk its a bit different as almost all internet connections are routed through london, thats where all the peering happens and where all the international links are
23:33 < gump> telehouse hosts LINX and every isp with a uk presense has kit their
23:34 < gump> thus is the obvious location for a uk gsp and indeed any high bandwidth server
23:34 < gump> out of london places will usualy have cheaper rackspace but limited/expensive badnwidth as their isnt anything like as much fiber as the states
23:44 < gump> neway bed calls
23:44 < gump> nn
23:44  * gump is away -( bed )- at 04:44a -( P:On / L:On )-
--- Log closed Tue Jun 03 00:00:00 2003