[01:58] <redtape>  UDS ala-2065 (where only one dev. turns up 'cos of fuel prices) :P            http://i.imgur.com/Jtq1QAj.jpg
[08:00] <popey> morning
[08:04] <JamesTait> Happy International Day of Mine Awareness and Assistance in Mine Action, people! (phew!)
[08:15] <TheOpenSourcerer> Anyone looking for a job in open source in luvly Farnham? http://www.libertus.co.uk/about-us/jobs
[08:15] <TheOpenSourcerer> We are getting busier and busier - had new 5 enquiries this week already and it's only day 2!
[08:21] <KrimZon_2> does anyone know how to change the sudo timeout for one user only?
[08:23] <SuperMatt> http://ubuntuforums.org/showthread.php?t=183418
[08:23] <KrimZon_2> ahh, thanks
[08:27] <kvarley> Does anybody know what the Ubuntu port to the Nexus 7 is called? The one that came before Ubuntu Touch - runs the whole system on it.
[08:28] <kvarley> Ah found it https://wiki.ubuntu.com/Nexus7/Installation
[08:28] <kvarley> Shame there is no port of it for Nexus 10
[08:46] <kvarley> The Google Samsung Chromebook has the same ARM chip in as the Nexus 10 - does that mean that I should technically be able to run the ARM versions of Ubuntu on the tablet?
[09:00] <davmor2> Morning all
[09:02] <daubers> Morning
[09:09] <dwatkins> aloha
[09:37] <marxjohnson> Skype tells me "Today, Alan Pope turns 41"
[09:37] <marxjohnson> Happy popey day
[09:37] <popey> Skype never lies!
[09:37] <popey> Thanks.
[09:46] <SuperMatt> \o/
[09:46]  * SuperMatt fires off the steamers and kicks around some balloons
[09:46] <SuperMatt> *streamers
[09:48]  * daubers rolls out the dancing rodents
[09:48] <daubers> So next year popey is the answer to the great question of life the universe and everything?
[09:49] <daubers> at which point he will design a new, faster, more powerful popey?
[09:49] <dwatkins> ...and multiply six by nine in base thirteen...
[09:54] <SuperMatt> that's just silly
[09:54]  * kvarley always thought of popey as 32
[09:57] <brobostigon> good morning everyone,
[09:57] <SuperMatt> good ning
[09:58] <brobostigon> morning SuperMatt
[09:58] <popey> kvarley: thanks ☺
[09:58] <kvarley> popey: What shiny bit of tech did you buy yourself for your birthday then? :P
[09:59] <popey> heh, I didn't
[09:59] <popey> other people bought me stuff tho
[09:59] <kvarley> Ah, good :)
[09:59] <kvarley> Well, enjoy :)
[09:59] <SuperMatt> what did you buy yourself from your children?
[09:59] <kvarley> SuperMatt: hehe
[09:59] <popey> http://www.amazon.co.uk/dp/B008D1M7KE for example
[09:59]  * SuperMatt makes note for next year's secret santa
[10:00] <kvarley> You just overshadowed my Ubuntu mug
[10:01] <kvarley> OT: Does anybody know if Orange uses Virgin Media masts? A phone with an Orange SIM card is showing Virgin media as the provider for some weird reason
[10:02] <Myrtti> I was super boring and bought D a £25 Google Play gift card
[10:02] <SuperMatt> nothing boring about that
[10:02] <SuperMatt> lots of good things can come of it
[10:03] <Myrtti> I'm happy that they brought them out, playing around with prepaid Visas is a bit cumbersome
[10:05] <Myrtti> I can't get any books or magazines with a Finnish credit card, you see.
[10:06] <popey> also got a craft ruler, couple of kitchen utensils, and more cooking classes ☺
[10:07] <popey> also, forgot that skype knows my birthday. it's interesting how I got zero "happy birthdays" until someone noticed skype, because I defriended everyone on facebook, so no HB from there
[10:08] <Myrtti> Google+ isn't telling about birthdays either :-(
[10:08] <popey> yeah, I hid that
[10:09] <popey> I did get a load of HB from various forums around the world though
[10:09] <kvarley> popey: why the defriends? privacy?
[10:09] <popey> because facebook is shit
[10:09] <kvarley> popey: Haha, true
[10:09] <Myrtti> I hid mine from Facebook. People are too preconditioned to do HBD to a person they don't really communicate normally, found it a bit disturbing.
[10:10]  * SuperMatt nods
[10:10] <kvarley> I'm only on FB because everybody else is. Annoying.
[10:10] <SuperMatt> I would rather people stayed off google+
[10:11] <SuperMatt> I like how quiet it is ;)
[10:11] <ali1234> g+ isn't that quiet any more
[10:11] <Myrtti> I've got lots of people in Google+
[10:11] <SuperMatt> it is if you don't add too many people :P
[10:11] <ali1234> loads of people keep adding me and i have no idea who they are
[10:12] <ali1234> but then i follow loads of people who have no idea who i am so yeah
[10:12] <SuperMatt> that keeps happening to me too
[10:12] <SuperMatt> I can only assume they're linuxy types
[10:12] <SuperMatt> I understand following a celeb, but I question why I get followed
[10:12] <popey> my G+ is way more interesting that fb ever was
[10:12] <Myrtti> I have to ignore the fact people are adding me, I get creepy feeling quite often
[10:13] <SuperMatt> I think facebook is for IRL friends, and G+ seems to fit nicely with people who think much like me
[10:13] <ali1234> nope
[10:13] <ali1234> the reason g+ seems better than facebook is because we all learned an important lesson on facebook
[10:14] <ali1234> which is don't try to friend as many people as possible
[10:14] <popey> dunno
[10:15] <popey> i had way more people in G+ circles than fb friends
[10:15] <Myrtti> I never tried to friend as many people as possible... but I find it easier to control who I share stuff with and who's stuff I see in G+
[10:15] <popey> 1116 on fb
[10:15] <Myrtti> I've got way more people in G+ than in Facebook
[10:15] <popey> some dupes though, as some people have multiple accounts
[10:16] <ali1234> facebook doesn't even have a "number of friends" counter any more
[10:17] <Myrtti> has anyone had a good fiddle with Google Pixel, btw? we went to PC World in Peterborough few weeks ago and the Google rep there said that there's about 3 Pixels on display in the country, so if you want to see it live you need to waylay someone who's bought it to get a lookfeel
[10:17] <kvarley> Myrtti: No but everybody who has is in love with it
[10:17] <Myrtti> I know
[10:18] <Myrtti> I'm trying to talk myself out of ordering it
[10:18] <SuperMatt> it's a bit steep price wise
[10:18] <SuperMatt> what's the disk space like?
[10:18] <kvarley> But it is massively over spec
[10:18] <SuperMatt> indeed
[10:18] <Myrtti> 16GB for wifi only model
[10:18] <SuperMatt> I don't understand why a web browser needs such high spec ;)
[10:18] <kvarley> And it's google so it's gonna be a very nice bit of kit
[10:18] <kvarley> With it though you can run Chrome OS and Linux at the same time
[10:18] <popey> i notice it has an internal sata port
[10:19] <Myrtti> I think the LTE version has 32GB
[10:19] <popey> sorry, mini pcie
[10:19] <popey> so without the 3G card you could potentially add an msata card for more storage
[10:19] <AlanBell> it has a useful aspect ratio screen
[10:19] <Myrtti> well I'm using about 8.8 with my Debian at the moment, and I don't game so I don't really care that much. All my bulky data is on an external harddrive
[10:19] <Myrtti> (which is at the moment mounted upstairs on the Viglen)
[10:20] <Myrtti> it just would be nice to have a new, fairly top speck laptop once in my life
[10:20] <Myrtti> -k
[10:21] <kvarley> Myrtti: I tried to talk myself out of the Nexus 10, it didn't happen. Google hardware is so nice & it's probably more open than any other laptop you'd get.
[10:22] <ali1234> doesn't it cost about the same as a macbook pro?
[10:22] <kvarley> ali1234: probably cheaper knowing Apple
[10:22] <kvarley> It's better spec screen wise than the retina macbook anyway isn't it?
[10:22] <Myrtti> ali1234: if it were the same price, I'd pick Google anytime ^____^
[10:23]  * brobostigon hugs his nexus7. 
[10:23] <ali1234> pretty similar really
[10:23] <ali1234> the pixel is slightly cheaper
[10:23] <ali1234> to be honest i think i would pick the mac
[10:23] <Myrtti> with a touch screen (for which I can't think any use for tho)
[10:23] <ali1234> probably get better support
[10:24] <ali1234> it's funny that the two best products are apple and google laptops and nobody cares about microsoft's rubbish tablet
[10:26] <ali1234> so the pixel is $200 cheap than the macbook pro... but the mac completely destroys it in specs
[10:26] <SuperMatt> The one thing that stops me from getting a mac is the bloody keyboard
[10:27] <ali1234> that's a good point
[10:28] <popey> apple support > google support
[10:28] <ali1234> it's a pretty close fight really
[10:28] <ali1234> which is kind of interesting
[10:28] <ali1234> i can't afford either of these things though
[10:28] <ali1234> unless someone is selling them for bitcoins
[10:29] <Myrtti> well if there's any problems while I'd be in Finland, there's no difference between apple and google support. Neither have official direct presence in support there.
[10:34] <directhex> i don't think popey has good things to say about google support
[10:35] <bigcalm_laptop> Hi peeps :)
[10:35] <Myrtti> yeah I've read the saga
[10:35] <Myrtti> bigcalm_laptop: hiya
[10:35] <bigcalm_laptop> Hey Myrtti :)
[10:35] <bigcalm_laptop> Myrtti: you and Duncan joining us for the RAT in September?
[10:36] <Myrtti> he doesn't drink anything with alcohol and I don't drink beer, so it would be a bit of lost cause for us I'm afraid
[10:37] <bigcalm_laptop> Myrtti: they have more than just ale. A rather fine cider for one, wine in the bar and soft drinks as wewll
[10:37] <bigcalm_laptop> But it's not for everybody :)
[10:40] <ali1234> hmmmmmm did a microsoft certificate get revoked recently?
[10:44] <Myrtti> bigcalm_laptop: I'll have to ask him, it's a bit more tricky nowadays tho with his 8.30 - 17.30 office job.
[10:45] <bigcalm_laptop> Myrtti: fair enough :)
[10:45] <Myrtti> bloody meerkats.
[10:45] <Myrtti> ahem.
[10:48] <bigcalm_laptop> Hehe
[11:02] <SuperMatt> dangit! my company meeting is on the same night as what *would* be the raring release party
[11:05] <bigcalm_laptop> SuperMatt: have the meeting at the release party
[11:06] <SuperMatt> well, our company meetings tend to end up at the pub...
[11:07] <SuperMatt> but that'll be here in oxford circus, rather than at the hip south bank of london
[11:17] <MartijnVdS> When/where is the Raring party?
[11:18] <SuperMatt> it hasn't been decided yet
[11:18] <popey> wat! snow!
[11:18] <SuperMatt> it'll probably be on the 25th, which is the predicted release day
[11:19] <SuperMatt> comic shop time!
[11:19] <SuperMatt> back in a mo
[12:37] <bigcalm_laptop> popey: are birthday wishes in order?
[12:37] <popey> I just blew out some candles atop some profiter roles
[12:37] <popey> also.
[12:37] <popey> Snow!
[12:37] <popey> http://popey.com/webcam/ not showing up much
[12:38] <bigcalm_laptop> popey: happy thingy wotsit to you :)
[12:38] <popey> noted
[12:46] <kvarley> OT: are all car cd player bay sizes the same?
[12:47] <popey> kvarley: there are standards
[12:47] <popey> DIN D, DIN E etc
[12:47] <kvarley> popey: Ah ok, if I pull the thing out will it say on it somewhere?
[12:47] <kvarley> Actually I could just measure it
[12:47] <davmor2> popey: I second bigcalm_laptop 's sentiment
[12:47] <popey> There is this thing called the internet ☺
[12:47] <kvarley> popey: heh
[12:48] <popey> http://en.wikipedia.org/wiki/ISO_7736
[12:49] <kvarley> thanks popey
[12:50] <popey> np
[13:46] <kvarley> Can I have SSH setup to use authorized hosts but not on a certain IP?
[13:46] <kvarley> As in it will deny any unknown hosts from a foreign IP but from known IPs it will skip the check
[13:47] <brobostigon> how do i view an email header in gmails web view?
[13:48] <Myrtti> "see original"
[14:03] <kvarley> Urgggh apparently uninstalling an app you just bought results in a refund on Android :(
[14:04] <popey> depends on the timeline
[14:04] <kvarley> I had the free version of an app installed then bought the pro and accidentally then removed the pro instead of the free version
[14:05] <brobostigon> thank you Myrtti
[14:36] <kvarley> Buying printers has to be the most boring task ever
[14:37] <popey> printers are devices for causing pain
[14:37] <bigcalm_laptop> Printer is on fire
[14:38] <kvarley> popey: they work fine ... when you don't need them. As soon as you need to print something urgently all hell breaks loose
[14:38] <popey> they also sometimes print stuff
[14:38] <kvarley> hehe yeah
[14:38] <kvarley> The model numbers make my head hurt
[14:38] <kvarley> Why they can just say "Inkjet Mono V3" etc I don't know
[14:44] <Myrtti> inlaws are probably buying Samsung monolaser-multitasker
[14:45] <kvarley> I've got a problem with my parents tho, they both like colour
[14:46] <kvarley> I keep finding good printers then realising they have only 1 colour cartridge. Separate cartridges are meant to be better aren't they?
[15:15] <dogmatic69_> for some reason a ssh tunnel I created keeps breaking. It was working ok yesterday
[15:19] <shauno> they can be quite fussy.  if it drops for any reason (hey, the internet's a scary place), and your end notices first, when it reconnects it won't be able to bind the ports that the remote version still has held open on the 'ghost'.  or vice versa.  especially when ssh-agent comes into play, and can keep them propped open when you're not watching
[15:20] <dogmatic69> shauno: I think this time it was actually my internet that dropped.
[15:21] <dogmatic69> I am gonna just make a cron to keep connecting if the connection is not there.
[15:21] <kvarley> Does anybody know where XFWM4 stores the keyboard shortcuts configuration? I want to change the key used to grab and move windows via a config file. (The gui only lets you choose set options)
[15:45] <bigcalm_laptop> davmor2: http://www.youtube.com/watch?v=2cqg503pqu8
[17:00] <livingdaylight> Hi, anyone know about the lenovo ideapad S206 amd processor?
[17:01] <popey> E1-1200 isnt it?
[17:01] <livingdaylight> also, is dual-booting and generally installing Ubuntu on Windows8 machines as simple and straightforward as it ever has fbee
[17:01] <livingdaylight> *has been?
[17:02] <livingdaylight> http://www.amazon.co.uk/Lenovo-Ideapad-11-6-inch-Laptop-White/dp/B009ENCM0U
[17:03] <livingdaylight> they're going cheap on eBay, and I'm considering it, but, for the amd processor and with the graphics card whether Ubuntu is going to be a smooth experience
[17:03] <livingdaylight> popey: don't know about E1-1200
[17:03] <popey> never used one
[17:03] <popey> http://askubuntu.com/questions/173481/amd-e1-1200-slow
[17:04] <livingdaylight> AMD Dual Core E1200 1.3GHz  i see what you mean now - yes.
[17:05] <livingdaylight> ooops, that's not a resounding endorsement on askubuntu - I'm glad I asked - thank you, popey
[17:05] <livingdaylight> has a nice mac-look and keyboard, no hd and 11.6 - good for on the move
[17:09] <livingdaylight> http://www.ebay.co.uk/itm/190820358660?item=190820358660
[17:10] <livingdaylight> £229 a good price though. One person who responded on askubuntu seems to suggest that the speed issue can be ameliorated if the correct driver is installed
[17:12] <livingdaylight> integrated DirectX 11 graphics so different than the toshiba on askubuntu, popey
[17:52] <livingdaylight> krikey http://clip2net.com/s/4RzTqT
[17:53] <Myrtti> livingdaylight: :-D :-C
[17:53] <livingdaylight> that's new to me
[17:53] <livingdaylight> must be a while since I've gone to a torrent site
[17:54] <MartijnVdS> naughty livingdaylight ;)
[17:57] <livingdaylight> silly cat and mouse games
[18:14] <aquarius> anyone know about bind mounts? I don't think I understand them. Imagine that I have a drive /dev/sdb, not mounted, ext3. In the root of that drive I have a folder, /stuff. Can I mount that /stuff folder on /home/aquarius/things? That is: on the drive, there is /stuff/file.ext. I would like that to be available as /home/aquarius/things/file.ext. I can mount /dev/sdb /somewhereelse and then mount --bind
[18:14] <aquarius> /somewhereelse/stuff /home/aquarius/things, but I'd like to not have to do the somewhereelse step
[18:15] <MartijnVdS> isn't a bind mount just a "symlink" mount?
[18:15] <MartijnVdS> as in, a copy of a mount at a different mount point
[18:16] <MartijnVdS> no wait
[18:16] <aquarius> well. you seem to be able to bind mount a *subfolder* of a mounted thing at a different mountpoint, as well as the mount root.
[18:16] <MartijnVdS> it's a view of a _directory_ in another place on the filesystem
[18:16] <aquarius> but what I want to do is bind mount the subfolder without mounting the drive first :)
[18:16] <MartijnVdS> unpossible, except maybe on network file systems
[18:17] <aquarius> darn. that's what I thought you were going to say.
[18:18] <MartijnVdS> btrfs can sort-of do it with subvolumes
[18:19] <MartijnVdS> you can specify the subvolume to mount
[18:23] <aquarius> I shall just have to mount it and then bind mount it.
[18:23] <aquarius> bah humbug :)
[19:31] <mungbean> mega fail. cannot make payment into wifes isa due to unkonwn error
[19:31] <mungbean> today is last da yright?
[19:32] <penguin42> tomorrow?
[19:34] <penguin42> mungbean: Of course the question is whether the unknown error actually took the money or not
[19:44] <mungbean> nope
[20:14] <bigcalm> davmor2: I went to Halfords and ordered a unit. They'll also fit it. Hope to have it by Tuesday next week
[20:21] <bigcalm> I've made it to the pointless fire puzzles in Opposing Forces. Every good game has its silly bits
[20:23] <popey> bah, just shut my desktop down, its in the middle of being backed up, so wont actually shutdown
[20:23] <popey> this is a good/bad thing
[20:23] <bigcalm> It means you can chat on here for a little longer!
[20:24] <popey> two computers
[20:24] <popey> its the other one
[20:24] <bigcalm> Swish
[20:25] <popey> lol
[20:25] <popey> see the silly mug I got for bday?
[20:25] <bigcalm> No?
[20:25] <popey> http://www.amazon.co.uk/dp/B008D1M7KE
[20:26] <bigcalm> Neat
[20:26] <bigcalm> Does it feel creepy?
[20:26] <bigcalm> Will it explode all other mugs in the cupboard?
[20:32]  * StevenR_ wonders why amazon won't load
[20:33] <StevenR_> and lo, it loads. *sigh*
[20:33] <penguin42> StevenR_: I had a failure to load earlier on amazon as well - worked 2nd time
[20:45] <mungbean> dear car people, why did my car need jump start today? battery and alternator are <1yr old
[20:49] <popey> lights left on?
[20:49] <popey> door left open?
[20:49] <popey> lots of short journeys with lots of power items in use and not enough time to charge
[20:51] <mungbean> a bit of the latter but it a new battery so thought that was a biy extreme
[20:51] <mungbean> not charging anything or blowing air con on max
[20:53] <popey> air con. get you
[20:55] <mungbean> air con = hot blowers :)
[20:55] <popey> my air con has been busted for years
[20:55] <directhex> we have a 12000 btu air con
[20:55] <directhex> for the chinchillas
[20:55] <mungbean> what noise do they ch make?
[20:56] <mungbean> sorry typing one handed, too much to type
[20:56] <popey> I DEMAND YOU TYPE THE ENTIRE ANIMAL NAME - IN LATIN - BEFORE RESPONDING!
[20:56] <mungbean> holding baby, nothing rude
[20:56] <popey> ONE HAND IS NO EXCUSE!
[20:56] <mungbean> ch*
[20:57] <Myrtti> mungbean: something is shorting the system?
[20:57] <mungbean> its possible Myrtti
[20:57] <popey> its not a mini is it?
[20:57] <Myrtti> I want a mini, what's wrong with minis?
[20:57] <mungbean> focus estate diesel
[20:57] <popey> I have had two experiences of shorting out in minis
[20:57] <Myrtti> (I need a licence first)
[20:57] <directhex> they mostly don't make noise
[20:57] <directhex> they quack when annoyed though
[20:57] <mungbean> they are girls cars, but Myrtti is a girl so its ok.
[20:57] <directhex> they bark like a duck when disturbed.
[20:58] <mungbean> they get grumpy too lol
[20:59] <mungbean> my aceqauninatance has a non speakinng one
[20:59] <mungbean> anyone used mediahint.com?
[20:59] <mungbean> they also live for loads of years dony they?
[20:59] <directhex> about the same as a cat
[21:00] <directhex> if they die of old age
[21:00] <popey> on one occasion the earth strap came away from the engine of a mini. So the only way the engine was grounded was through the carb, then through the accelerator cable. but it only grounded when foot was placed hard down on pedal, as the pedal hit the bulkhead
[21:00] <popey> it would spark and then weld the accelerator pedal down to the floor
[21:00] <popey> so the car would be stuck on full blast
[21:00] <popey> which was fun and dangerous in equal measure
[21:01] <popey> on the second occasion the live wire from the battery (which is in the boot) runs along side the (hot) exhaust pipe to the engine at the front.
[21:01] <mungbean> :-|
[21:01] <popey> rattle rattle exhaust, shakey shakey, rubs against live wire, eventually melting coating and shorting out the battery, intermittently cutting out the car
[21:02] <popey> hilarious at 2AM on a dark road
[21:02] <shauno> welding the accelerator pedal down is about the only way my old mini would have got past 70
[21:03] <popey> ali1234: still have your n900? apparently the maemo repos are back up?
[21:06] <Myrtti> now there's a name I've not heard for a while
[21:09] <mungbean> remember when you could actually find the books you want in a library? my london library cataloguie search features an amazon banner..i know why
[21:09] <popey> libraries.. i remember those
[21:10] <ali1234> popey: yes i still have it. i don't use it and i certainly wouldn't try to update the software on it
[21:10] <ali1234> last time i tried, apt-get update took about 2 hours
[21:10] <mungbean> yeah, have been going with my son lately but adult selection across the borough is lame
[21:10] <ali1234> and it does it every time you launch the package manager, and after every time you install a package
[21:11] <mungbean> by adult, i mean books for grown ups, rather than smut, of which there is a lot of
[21:11] <ali1234> i didn't even know the repos went down tbh
[21:11] <mungbean> 50 shades has a lot to answer for
[21:12] <directhex> i support 50 shades
[21:12] <directhex> it's terrible erotica, and a poor portrayal of bdsm lifestyle
[21:12] <directhex> but it's made it okay to talk about bdsm in the supermarket. which i think is healthy for society
[21:12] <mungbean> :-|
[21:13] <mungbean> not sure if joking or not
[21:13] <dwatkins> http://www.firebox.com/product/5442/50-Shades-of-Grey-Poster
[21:13] <directhex> just as sex & the city made it okay for "normal women" to talk about vibes. i don't like the show as a show, but it broke a barrier
[21:13]  * popey chuckles at https://www.youtube.com/watch?v=9DTtyyaPFe8
[21:14] <mungbean> reminds me of the pulp fiction they produced in 1984 to keep the proles from thinking about anything
[21:14] <ali1234> popey that demo is awful
[21:15] <popey> yeah, but it was one of the only ones I saw back in the day
[21:16]  * popey retires with beer, nuts and jonathan creek
[21:17] <mungbean> just realised ive had my white noise running for 2 hrs without noticing,
[21:17] <mungbean> reminds me of working in a modern office with a/c
[21:18] <mungbean> watche jon creek yesterday
[21:22] <andylockran> hey
[21:23] <andylockran> can anyone help me set up a direct ethernet connection between a macbook pro 8,1 and a Acer Revo (running ubuntu) ?
[21:23] <andylockran> i'm not sure if a crossover ethernet cable is required?
[22:04] <dwatkins> andylockran: if the interfaces are gigabit, no
[22:18] <ali1234> so how do i use apparmor then?
[22:18] <ali1234> like say i've got this program and i want to limit the files it can open...
[22:19] <penguin42> ali1234: See some example in /etc/apparmor.d
[22:20] <ali1234> can i do system wde stuff? like "only this binary can access these files"
[22:21] <penguin42> not that I'm aware of with apparmor
[22:21] <ali1234> http://pastebin.com/1NgAVZsH
[22:22] <penguin42> ali1234: Right, so you're trying to do something like only let your bitcoin wrangler have access to your wallet?
[22:23] <ali1234> right
[22:24] <ali1234> specifically i want to stop all the daemons from looking at each other's stuff
[22:24] <penguin42> so I don't think that's possible with apparmor, I think it's only a way to lock down a specific process/tree
[22:25] <ali1234> i currently have: bitcoind, namecoind, litecoind, ixcoind, i0coind, ppcoind, terracoind, nvccoind, solidcoind, mincoind, bytecoind
[22:25] <penguin42> ali1234: You *can* do it with selinux in full enforce mode but it's a true PITA - and somewhere between impossible really hard with Uubntu
[22:25] <ali1234> and i don't want any of them to be stealing my wallets
[22:26] <penguin42> ali1234: Why don't you drop your bitcoins into a vm, and encrypt that VMs storage from the VM side; yes it would be possible to do it from a hacked host but a heck of a lot harder
[22:26] <ali1234> because i would need 11+ VMS
[22:27] <ali1234> i want to prevent terracoind from stealing my bitcoin wallet
[22:27] <penguin42> why?
[22:27] <ali1234> and sending it to terracoin developer
[22:27] <penguin42> why would you need multiple VMs?
[22:28] <ali1234> one for bitcoin, one for terracoin
[22:28] <ali1234> one each for the other 9
[22:28] <penguin42> sorry, I don't know the details of bitcoins/terracoins etc
[22:28] <ali1234> they are all identical
[22:28] <ali1234> they all store a wallet.dat with your private keys
[22:29] <ali1234> i want to protect that file by only allowing one binary on the system to read it
[22:29] <penguin42> ok, then I think the only thing that can do that is selinux
[22:29] <ali1234> so if i make a selinux VM?
[22:30] <penguin42> ali1234: yeh, it's probably easiest to use Fedora/CentOS for that - although you might be able to get away with Ubuntu since you're only trying to protect a few files
[22:30] <penguin42> ali1234: (but you also have to protect all the processes that can access them I guess)
[22:32] <penguin42> ali1234: Be aware that SElinux is quite tricky to get right; but again because you're only really trying to protect a few files it may be easier
[22:35] <penguin42> ali1234: is it not more practical to protect this from a network point of view if your worry is about where it connects to?
[22:36] <penguin42> ali1234: The other thing you could try looking at is either containters or simple chroots
[22:36] <ali1234> it's p2p so that is not really practical
[22:37] <penguin42> ali1234: If you;re worry is about specific processes then you can just run those as different users, and/or run with apparmor, trying to make sure nothing else can access a specific file is much harder