[00:18] <popey> thought systemd already did that
[00:18] <diddledan> this is for kernel panics
[01:33] <diddledan> http://www.zdnet.com/cisco-microsoft-vmware-and-other-tech-giants-unite-behind-critical-open-source-projects-7000028743/
[02:57] <diddledan> *yawn*
[02:58] <diddledan> google has a new easter egg: google for "set a timer for X" where X is either a time, or an offset of time e.g. "30 seconds" or "5 minutes" or "3 hours" or "28 days" etc.
[05:59] <MooDoo> morning all
[06:12] <mapps> morning MooDoo
[06:12] <mapps> any plans for today
[06:14] <MooDoo> mapps: work then chill for the weekend, gutting the garage which I'm soooo looking forward too :D
[06:14] <mapps> gutting..taking everything out?
[06:15] <MooDoo> mapps: yeah clearing the rubbish
[06:16] <mapps> ah
[06:16] <mapps> that doesnt sound fun;p
[08:10] <bashrc_> morning
[08:31] <dvrr> how to redirect website when server is down
[08:32] <dvrr> how to redirect all urls to homepage  please guide me
[08:32] <dvrr> MooDoo:
[08:33] <MooDoo> dvrr: so server is completely down and you can't see the site/  Can you use web forwarding on the domain to point it somewhere else?
[08:36] <dvrr> i am  running tomcat server
[08:37] <bigcalm> Good morning peeps :)
[08:38] <popey> hello bigcalm
[08:40] <bigcalm> Ahoy popey
[08:45] <davmor2> Morning all
[08:46] <MooDoo> hello davmor2 :)
[08:56] <dvrr>  if i do web forwarding on the domain   if down server  automatically  redirect maintenance page
[08:57] <popey> MartijnVdS: oi oi
[08:57] <popey> MartijnVdS: you seeing my telepathy messages?
[08:58] <theukdave> Hiya, I have a system that's deployed in an Ubuntu (12.04) VM (multiple installations across the world) and we need to update the system to disable the recovery mode on the grub menu.  We have a way for users to send an encrypted package into the VM to perform updates.  I have created such a package to do this update but sometimes when running it during testing, it would completely nerf the grub of a VM, and the VM would only boot to the grub command
[08:58] <theukdave> line. The package we send in, contains a simple script (http://paste.ubuntu.com/7328354/), which replaces the standard grub file in our VMs (http://paste.ubuntu.com/7328269/) with the new one (http://paste.ubuntu.com/7328274/), there's only 1 line difference between the 2 files, and that's the uncommenting of the GRUB_DISABLE_RECOVERY="true" line.
[08:58] <theukdave> If anyone has any ideas why this might sometime break the grub config, I'd be really appreciate for your help!
[08:59] <theukdave> Oh, and the script that gets run, is run as sudo
[09:01] <MartijnVdS> popey: I saw one, when I installed it
[09:02] <MartijnVdS> ah there's a new message :)
[09:10] <DJones> theukdave: Looks like thats not something people have come across before
[09:10] <theukdave> Djones: :(
[09:10] <theukdave> *sigh*
[09:11] <theukdave> Djones: The only thing I can think that's a little odd about what I'm doing, is cat'ing the contents to the grub config, rather than cp'ing or mv'ing the file into place, but I can't see what that'd hurt it ... also weird that MOST of the time it works fine, but then sometimes, it doesn't
[09:12] <DJones> My only thought it whether the file permissions are still the same after thye update
[09:13] <theukdave> I think that's why I originally decided to cat the contents in, to be 'sure' of that
[09:13] <DJones> I'm not even sure whether file permission would make a difference
[09:13] <theukdave> But anyway, any forums you might suggesting asking this to?
[09:13] <theukdave> yeah, same.  I'm a dev, not a sys admin, I'm not too familiar with grub in general
[09:14] <DJones> Heh, as a dev I suspect you'll still have a lot more experience than me (I'm an accountant with an interest in computers)
[09:14] <DJones> You could try askubuntu or the ubuntuforums
[09:18] <theukdave> ok cool, cheers
[09:24] <ali1234> theukdave: why do you need to disable grub recovery?
[09:25] <ali1234> i'm confused by your problem because it seems circular
[09:25] <awilkins> Oh excellent. Our new firewall software prevents my laptop making outbound SSH connections unless I'm in the office.
[09:25] <ali1234> ie you need to disable recovery because when you try to disable recovery it goes to recovery
[09:25] <awilkins> And accepting incoming RDP connections. And I don't have any control over it.
[09:26] <theukdave> ali1234: Not quite, I need to disable the recovery boot option, since a user could interrupt the boot process, and gain root access to the whole VM, something they absolutely should not be able to do.  I know that I can manually edit the grub config to uncomment the DISABLE_RECOVERY.. line, then sudo update-grub, reboot, and the security hole is plugged
[09:27] <ali1234> theukdave: disabling those menu options won't prevent them doing that
[09:27] <theukdave> but when I try to do this in an automated way, usually it works, but sometimes it doesn't
[09:27] <ali1234> they can still get a grub shell (in theory anyway)
[09:28] <theukdave> OK, I'm totally keen to hear about other ways they could get access, but at the moment, this is a glaringly obvious way for the user to get root access, and has been raised as something specific we need to fix
[09:28] <ali1234> sure, i understand :)
[09:28] <ali1234> since it's an intermittent problem, could it be because the disk isn't syncing before you restart the VM?
[09:28] <ali1234> thus sometimes the config gets corrupted
[09:28] <theukdave> so yeah, usually my script updater thingy works OK, but sometimes it seems to batter grub in such a way that you don't get the grub menu at all, it just falls to the grub cmd line, and I don't know why
[09:29] <popey> MartijnVdS: www.webupd8.org/2014/04/telegram-unity-webapp-integrates.html
[09:29] <davmor2> popey: you sending messages via telepathy now?  or did you mean telegram?
[09:29] <theukdave> I don't programmatically restart the VM as it goes ... I don't think ... The user loads this patch package through a web interface, and then is instructed to shut down and restart the VM afterwards
[09:30] <ali1234> update-grub can take a LONG time
[09:30] <theukdave> oh OK ...
[09:30] <ali1234> interrupting it would probably cause what you're seeing
[09:30] <theukdave> good to know, I'll check that
[09:30] <ali1234> to know for sure you'd need to inspect the grub files inside the VM
[09:30] <popey> davmor2: telegram webapp on the desktop
[09:30] <MartijnVdS> popey: Unity webapps? Don't you need firefox for that?
[09:30] <theukdave> also, is there any risk/problem with the way that I'm replacing the file (by cat'ing the contents rather than cp'ing or mv'ing)
[09:31] <popey> MartijnVdS: not in 14.04 - it uses oxide
 MartijnVdS: you seeing my telepathy messages? this is the line that threw me
[09:31] <MartijnVdS> popey: because I've only seen the prompts to "add this to unity!" in firefox
[09:31] <ali1234> theukdave: should be fine
[09:31] <popey> MartijnVdS: its not one of them
[09:31] <MartijnVdS> davmor2: nah popey and I have telepathic contact 8-)
[09:32] <ali1234> theukdave: i would consider using a smarter way, if you only want to set one line
[09:32] <theukdave> ali1234: sure, like ..?
[09:32] <ali1234> theukdave: something with sed maybe, that will respect any changes already made to the file
[09:32] <davmor2> MartijnVdS: I have a telepathy connection with popey, via google and facebook :D
[09:32] <theukdave> right, yeah
[09:32] <theukdave> There *should* be no changes, since we ship the VM as is, and (theoretically) no one has access to change anything
[09:33] <theukdave> but yeah, I could sed it
[09:33] <ali1234> yeah theoretically nothing ever goes wrong :)
[09:34] <ali1234> theukdave: so i guess you give the user the VM and don't give them root password, and then you give them signed updates?
[09:34] <davmor2> ali1234: hahahahahahahahahaha,  let me just pick myself upo off the floor after that one :D
[09:35] <theukdave> ali1234: basically, yeah
[09:35] <ali1234> and there's a network kvm that gives the access to the grub menu?
[09:36] <theukdave> they run it inside vmplayer, so can just clic into the console whilst it's booting
[09:36] <ali1234> oh ...
[09:36] <ali1234> well all bets are off them
[09:36] <popey> yeah
[09:36] <ali1234> i can just mount the vmdk?
[09:36] <popey> .. or they could just mount the v...
[09:36] <ali1234> change any file i want
[09:36] <popey> yes ☻
[09:37] <ali1234> it's pointless trying to keep the out
[09:38] <ali1234> i can see why you'd want to hide grub from a UI perspective though
[09:38] <theukdave> :) indeed
[09:39] <popey> davmor2: no you don't ☻
[09:39] <theukdave> I've been saying that physical access is the first layer of security, and we just don't have it :(
[09:40] <diddledan> as the security mantra goes, once physical access is available (by alice to bob's computer) bob's computer is as good as compromised
[09:40] <ali1234> get into the cloud services business :)
[09:40] <ali1234> hey diddledan, i decided to switch to less since i'm using bootstrap anyway and i can clean up my html classes :)
[09:40] <diddledan> ali1234: nice
[09:40] <davmor2> popey: okay maybe not via facebook
[09:41] <ali1234> i'll probably have questions for you later :)
[09:41] <dwatkins> doesn't that mean that the company which hosts my data then has unlimited access to it?
[09:41] <diddledan> dwatkins: yes
[09:41] <ali1234> really impressed with this so far though... bootstrap + less makes webdesign fun again
[09:41] <dwatkins> mind you, in some cases it's encrypted before it's sent
[09:42] <diddledan> ali1234: less is really cool - sass/scss combined with compass is arguably more feature-full ootb but with less that's mitigates by downloadable "mixins"
[09:43] <ali1234> bootstrap uses less, so it seemed logical
[09:43] <diddledan> compass does things like pre-packaged mixins for the various browser-prefixed rules where the standards process hasn't ratified yet
[09:43] <diddledan> e.g. -moz-border-radius
[09:44] <diddledan> though border-radius is pretty standard these days
[09:44] <theukdave> ali1234: As for cloud services, it's not something we can do unfortunately, since this is deployed in places with no connectivity whatsoever
[09:45] <ali1234> theukdave: you're completely out of luck then
[09:46] <dwatkins> if you can boot from USB or ISO, you can get root access
[09:46] <diddledan> or just mount the disk image
[09:47] <brobostigon> morning boys and girls.
[09:47] <dwatkins> hiya brobostigon
[09:48] <brobostigon> morning dwatkins
[09:48] <dwatkins> theukdave: what part of the VM do you need to secure? e.g. your compiled binaries, data within it etc.?
[09:48] <theukdave> dwatkins: just the mysql database really
[09:49] <theukdave> but of course with root access ...
[09:49] <dwatkins> I suppose even if you encrypt the data in the database, you still have to have the key on the server.
[09:49] <ali1234> this is the fundamental problem with all drm systems
[09:49] <penguin42> store the key in  a tpm
[09:50] <ali1234> it's a VM
[09:50] <penguin42> hmm, there were some tpm hacks for qemu, not sure if they still work
[09:50] <ali1234> running on customer's own hardware
[09:50] <MartijnVdS> PKCS#11 \o/
[09:52] <penguin42> ali1234: Oh that gets even trickier
[09:52] <dwatkins> smartcards, perhaps? something like a credit card, where the encryption (i.e. decryption or checking of data) is done in hardware.
[09:53] <MartijnVdS> dwatkins: that's what PKCS#11 helps with :)
[09:53] <dwatkins> aha I see
[09:53] <MartijnVdS> there are PKCS#11 tools for smartcards, RFID, TPMs, etc.
[10:03] <theukdave> Guys, I'm really eager to talk through the various security implication for our VM, and it's an important subject to us.  And any genius ideas for how to increase security are well received.  But as someone pointed out, at the moment any encryption done inside the VM, needs to be undoable inside the VM in order to make the (web) application usable.  And generally speaking the way to get access to the keys/methods needed to reverse any encryption can 
[10:03] <theukdave> obtained quite easily if the user ends up as root.  So for now, that's the key issue, and the easiest most obvious way that even a fairly non-techie individual can do that, is by spotting the recovery boot option on the grub menu :)
[10:04] <theukdave> So first off, I'm'a try and get that working, but I'll hang about today, and be back in the future to discuss the rest ... hopefully we can come up with something
[10:04] <MartijnVdS> theukdave: but if they have access to the boot menu, they can just image the drive and pick it apart at their leisure
[10:04] <theukdave> and by the end of the year, we're actually looking to ship a brand new VM with the next major revision of the application, so major overhauls can be entertained
[10:05] <theukdave> MartjinVDS: for sure, although the VM is encrypted, albeit with a password that all end users have ... but at least that would be preventable for a stolen machine
[10:06] <MartijnVdS> theukdave: so it really is the DRM problem
[10:06] <MartijnVdS> theukdave: which is unsolveable in the long run
[10:07] <ali1234> it's solvable in certain well defined circumstances
[10:07] <ali1234> "view but don't copy" isn't one of them though
[10:08] <ali1234> http://en.wikipedia.org/wiki/Mental_poker <- crazy
[10:14] <theukdave> Oh, whilst I appreciate this isn't a jobs forum :) it's worth pointing out that if any of you are interested in a few days consultancy to help us look into this (and plan for the next major release), then I'm sure we'd be more than happy to have you onsite for a bit (we're in London)
[10:15] <foobarry> cooleague says he can't upload files more than 2GB via http upload - is that just a conf setting?
[10:16] <ali1234> foobarry: there's many config settings that could affect that. 2GB might be a hard limit though
[10:16] <foobarry> :S in this day & age?
[10:16] <ali1234> depends on the website
[10:16] <foobarry> apache
[10:16] <foobarry> we run the web site
[10:16] <ali1234> php?
[10:16] <foobarry> i'm aware of php.ini settings,
[10:17] <ali1234> php has all kinds of limiters to stop it running wild
[10:17] <ali1234> many of them could cause the problem (like memory limits etc)
[10:17] <foobarry> don't think its php
[10:17] <ali1234> check the server logs :)
[10:19] <MooDoo> create a phpinfo.php file and check the upload_max_filesize
[10:20] <foobarry> php aint installed :(
[10:21] <MartijnVdS> then it's not a PHP limit :)
[10:21] <foobarry> thanks sherlock :D
[10:21] <MartijnVdS> http://httpd.apache.org/docs/2.2/mod/core.html#limitrequestbody
[10:21] <ali1234> ...and 2GB is the hard limit
[10:22] <MooDoo> foobarry: http://www.cyberciti.biz/faq/apache-limiting-upload-size/
[10:22] <MooDoo> 2gb is the max
[10:23] <MartijnVdS> nginx can do it
[10:23] <foobarry> i wonder if this still applies :(
[10:26] <MartijnVdS> "httpd is now built with support for files larger than 2GB on modern 32-bit Unix systems. Support for handling >2GB request bodies has also been added."
[10:26] <MartijnVdS> that's in the Apache 2.2 changelog
[10:26] <foobarry> so i wonder if its a soft limit now
[10:37] <diddledan> BBC, Y U NO KNO BOUT TIMEZONES?! according to the beeb the heartbleed bug was introduced by a developer working at 23:00 on new year's eve
[10:37] <MartijnVdS> FIAL
[10:37] <diddledan> while I don't doubt that developers work at that time the beeb makes no mention of who and where that was
[10:38] <diddledan> "The fact that the code change which caused the bug was done by an individual working at 23:00 on a New Year's Eve says a lot. The code simply wasn't reviewed enough and it went undetected for two years," he added."
[10:38] <diddledan> the previous paragraph: "The details that have emerged about how the vulnerability came about speaks volumes about how little the industry has cared about the software that was securing their websites"
[10:49] <dwatkins> I wonder if the BSD folks' security checks would have found it.
[10:58] <ali1234> dwatkins: if you believe the BSD folks it would
[10:58] <ali1234> google for "exploit mitigation countermeasures"
[11:04] <ali1234> popey: after i installed ubuntu-sdk yesterday my system is completely messed up :(
[11:04] <popey> ☹
[11:05] <ali1234> i now have "accounts-daemon" using 25% cpu constantly, and a 3 second lag when adjusting volume
[11:05] <ali1234> and my multimedia keys no longer work
[11:25] <MooDoo> oh dear - http://boycottsystemd.org/
[11:28] <bigcalm> Oh dear indeed
[11:30] <diddledan> MooDoo: I agree with a lot of those points
[11:31] <Azelphur> me too, it seems bad.
[11:31] <diddledan> I hate the dbus thing, too
[11:32] <diddledan> network manager is another non-unix-respecting feature
[11:33] <ali1234> most of those points are rubbish
[11:33] <Azelphur> they sound like good points assuming they are correct (I haven't source checked) :P
[11:33] <ali1234> 1. is meh
[11:34] <Azelphur> ali1234: #1 is the thing I think is most important
[11:34] <jussi> LOL
[11:34] <ali1234> 2. isn't a problem because you can make it stream to text logs any query you want, automatically
[11:34] <Azelphur> xD
[11:34] <ali1234> 3. is a big big problem
[11:34] <ali1234> 4. is meh. who doesn't want udev and dbus?
[11:34] <Azelphur> 2 screams major bloat at me...a web server in an init system...wat?
[11:34] <ali1234> 5. is meh. core files aren't useful
[11:35] <MartijnVdS> ali1234: core files are very useful when developing
[11:35] <ali1234> Azelphur: any program written in ython has a built in webserver too. who cares?
[11:35] <ali1234> 6. is just 1. again
[11:35] <Azelphur> ali1234: it does?
[11:35] <ali1234> 7. well, that's a problem with gnome, not systemd
[11:36] <ali1234> 8. is a design flaw but not unfixable
[11:36] <ali1234> 9. is only a problem if you don't use linux
[11:36] <aquarius> this is the "boycott systemd" thing?
[11:36] <MartijnVdS> yeah
[11:37] <ali1234> 10. RTFM SUCKAH
[11:37] <ali1234> 11. is just point 3. again
[11:37] <nigelb> I just have one reply: As a user, I mostly don't care as long as it works.
[11:37] <aquarius> someone should set up "don't boycott systemd" which says "if you want 1979-era SunOS, you know where to find it. Have fun"
[11:37] <Azelphur> lol
[11:38] <ali1234> remember that pulseaudio didn't actually get good until lennart stopped working on it
[11:38] <ali1234> i imagine it will be the same way with systemd
[11:38] <MartijnVdS> has lennart stopped working on systemd yet?
[11:38] <aquarius> none of the issues they bring up have reasons which say *why* they're bad, just *that* they're bad. "It does a lot more than just an init system!" but doesn't explain why that's a problem from their point of view.
[11:38] <ali1234> MartijnVdS: no, it's still just him and a couple of other guys
[11:39] <ali1234> MartijnVdS: however, when it becomes widely used that will change, as with PA
[11:39] <ali1234> nd then the problems will all get fixed
[11:39] <MartijnVdS> ali1234: and Hogwarts is a real place.
[11:39] <nigelb> I remember the hue and cry when ubuntu started using pulseaudio
[11:39] <MartijnVdS> ali1234: and the tooth fairy exists
[11:39] <nigelb> "It's terrible" "horrible piece of software that doesn't work"
[11:39] <nigelb> Now, it actually works pretty well.
[11:39] <ali1234> nigelb: at the time, it was
[11:39] <MartijnVdS> nigelb: the *very first* UDS(-like) thing had a session about "fixing the audio mess". In december 2004
[11:40] <diddledan> I found this thread interesting : http://lkml.iu.edu//hypermail/linux/kernel/1404.0/01331.html
[11:40] <MartijnVdS> diddledan: the banning of Kay Sievers
[11:40] <nigelb> ali1234: I'm sure systemd is not as good as it will be say... 5 years down the line.
[11:40] <nigelb> MartijnVdS: hah.
[11:40] <nigelb> It can only be better with adoption
[11:41] <MartijnVdS> (I think the session's title was "Draining the audio swamp")
[11:41] <diddledan> MartijnVdS: there's a whole thread related to that post which details chauvinism on the systemd side
[11:42] <MartijnVdS> https://wiki.ubuntu.com/MataroSessionsWorkshops/DrainingTheLinuxAudioSwamp "_\
[11:42] <MartijnVdS> diddledan: ooh fun :)
[11:42] <diddledan> in short, they hijacked the "debug" kernel commandline flag and caused the kernel to crash
[11:42] <diddledan> by sending oodles of systemd debug logs to the kmsg device
[11:44] <MartijnVdS> because "you wanted debug right?"
[11:44] <jussi> sigh...
[11:44] <jussi> I am clearly not geeky enough...
[11:45] <ali1234> on the plus side systemd has a bunch of stuff that you can't reasonably do any other way
[11:45] <ali1234> such as cgroups manipulation
[11:45] <jussi> I CANT SEEM TO SOLVE THE FECKING RUBIKS CUBE!!!!!!!!
[11:46] <davmor2> jussi: look at the right websites it will teach you the moves you need to learn to do it
[11:46] <jussi> davmor2: yeah, good point. I was hoping to be smart enough just to "work it out" but clearly not...
[11:47] <ali1234> i never figured out how to do more than one side
[11:47] <davmor2> jussi: matrix rules don't apply to rubix cubes it's a glitch in the program
[11:47] <jussi> doh! :P
[11:49] <diddledan> I found the easy way to complete the rubix cube - the pieces are coercible to separate from each other allowing you to do it jigsaw style
[11:50] <nigelb> hah
[12:06] <diddledan> wtf? apparently there's a "minister for the polar regions"
[12:06] <diddledan> https://www.gov.uk/government/news/chancellor-puts-uk-at-forefront-of-ocean-research-with-new-polar-science-ship
[12:07] <MartijnVdS> The Borealis? :P
[12:08] <shauno> seems hardly surprising?  we can't have 600,000 square miles of 'british antarctic territory' without someone making it their day job
[12:08] <dwatkins> it looks like they're planning on making the ship out of Lego
[12:08] <diddledan> didn't he play "Angel" in "buggy the vampire layer"?
[12:09] <diddledan> borealis, I mean..
[12:09] <dwatkins> http://brickset.com/sets/316-1/Fire-Fighting-Launch
[12:09] <shauno> lol, I like having just "science" emblazoned down the side
[12:09] <shauno> not "research vessel" or anything formal.  just "for science!"
[12:10] <dwatkins> like "for Gondor!"
[12:10] <diddledan> for SPARTA!
[12:10] <dwatkins> for queen and country!
[12:10] <shauno> although I guess if you label it a research vessel, everyone will assume you're whaling
[12:10] <diddledan> or spying
[12:11] <shauno> nah, we use lotus esprits for that :)
[12:11] <diddledan> lol
[12:11] <diddledan> are those the ones that turn into submarines?
[12:11] <diddledan> is was that the lambo?
[12:12] <dwatkins> the Lotus was also a submarine, yeah
[12:12] <dwatkins> http://www.lotusespritturbo.com/James_Bonds_Lotus_Esprit_S1.htm
[12:17] <diddledan> I didn't realise they actually had real underwater capability
[12:17] <diddledan> albeit a secondary vehicle rather than a convertible
[12:19] <dwatkins> I'm still waiting for my flying car.
[12:21] <shauno> I have neither a drivers licence nor a pilots licence :(
[12:21] <dwatkins> If we do ever make cars which can fly, hoever etc. then we'll have a whole new set of safety issues.
[12:22] <shauno> so I should skip them and just go for my flying car licence?
[12:22] <dwatkins> I imagine (hope) that would be as hard as doing both licenses, if not harder.
[12:23] <shauno> why?  flying's easy!
[12:23] <shauno> it's the whole "hitting the floor on purpose" bit that's messy
[12:24] <dwatkins> indeed, and not hitting other planes, cars, birds and so on
[13:27] <ali1234> diddledan: any idea about this? http://paste.ubuntu.com/7329829/
[13:30] <diddledan> ali1234: I don't believe less does _any_ rewriting of url paths
[13:30] <diddledan> ali1234: there might be mixins which help though
[13:30] <ali1234> yes it does, that's what the -ru option is for
[13:30] <ali1234> those specific paths don't get rewritten because they are escaped
[13:31] <ali1234> but if you just put the pat normally, it will be rewritten
[13:31] <diddledan> aah yes, maybe I'm not understanding the issue?
[13:32] <ali1234> here is a simpler example: http://paste.ubuntu.com/7329858/
[13:32] <ali1234> .b gets remapped, .a doesn't
[13:33] <ali1234> so the problem is that if you ~import bootstrap into your wordpress style.css from a subdirectory, then all the paths are wrong
[13:33] <ali1234> consequently it doesn't work properly
[13:33] <ali1234> my question is who do i blame for this? bootstrap or less?
[13:35] <diddledan> hmm, that's a tough one, I kinda think they're both to blame
[13:35] <ali1234> yeah me too... and guess what? they each blame the other
[13:35] <diddledan> >.<
[13:44] <ali1234> https://github.com/twbs/bootstrap/issues/13429
[13:44] <ali1234> lets see what they say
[13:55] <SammyMouse> hi
[13:55] <diddledan> 9 seconds.
[13:56] <diddledan> 9 whole seconds.
[13:56] <diddledan> people are so patient
[13:56] <DJones> Must have learned everything they needed to know in the 9 seconds though
[13:58] <SammyMouse_> leave
[13:58] <SammyMouse_> oops
[13:59] <popey> hello
[13:59] <MooDoo> hello
[14:00] <SammyMouse_> hi, how does one switch IRC channels? I am trying to get to the ubuntu Gnome support one...>.>
[14:00] <popey>  /join #channelname
[14:09] <bigcalm> * Cannot join #channelname (Channel is invite only).
[14:09] <bigcalm> :(
[14:14]  * davmor2 invites bigcalm to get a life and not try and join example channels :P
[14:15] <bigcalm> Boo
[14:16] <diddledan> http://www.example.com/
[14:17] <davmor2> bigcalm: don't click it, NO!!!.......AH NO
[14:22] <bigcalm> Silly
[14:22] <dwatkins> I always cringe when people don't use example.com as an example domain.
[14:23] <dwatkins> What's even worse, is abbreviating domain names, e.g. u.com instead of ubuntu.com
[14:24] <diddledan> u.c is common as well
[14:24] <dwatkins> oh dear
[14:28] <dwatkins> one-letter domains are specifically disallowed; I've seen some domain names abbreviated to two letters, in which case the domain is simply incorrect.
[15:31] <guestdw> My nautilus preference settings to be ignored by nautilus. can anyone suggest why please?
[15:32] <daftykins> could you rephrase your question first?
[15:32] <daftykins> it's not grammatically correct
[15:32] <guestdw> When I select which columns I want nautilus to display, it seems to ignore my settings
[15:32] <guestdw> It just carries on doing the same as before I started
[15:32] <daftykins> you need to then hit something to set it as default then re-run i think
[15:33] <guestdw> but what? That is the problem. I cannot see a button to save it as default
[15:33] <daftykins> is this 14.04?
[15:33] <guestdw> Anyway, it does not even chenge them temporarily in the window I have open
[15:33] <guestdw> Yes it is 14.04
[15:34] <daftykins> ok so details view after clicking on files, lets see what it does for me
[15:34] <daftykins> yeah i'm getting an instant update when i click to add 'Location'
[15:34] <daftykins> i take it yours is an upgrade install?
[15:34] <guestdw> I meant that I want to be able to select which columns are displayed in list view - but it ignores my settings
[15:35] <diddledan> http://www.codedwell.com/images/uploaded/security-fail.jpg
[15:35] <daftykins> diddledan: >_<
[15:35] <guestdw> Preferences | List Columns
[15:35] <guestdw> NO. not an upgrade
[15:35] <guestdw> A fresh install
[15:36] <daftykins> totally clean disk or did you keep an existing /home ?
[15:36] <diddledan> my home is messy
[15:36] <diddledan> I need to springclean
[15:37] <guestdw> When the installer gave me the two options I told it do do a fresh install rathe than upgrade - Though I do not recall the exact wording
[15:37] <guestdw> I don't recognize anything old in home, so I think everything from the previous install is gone
[15:38] <guestdw> Oldest directory of file curnetly at top leve in home is three days old
[15:38] <guestdw> leve -> level
[15:39] <daftykins> guestdw: try creating a second user account to test in
[15:39] <daftykins> or just hit guest session
[15:39] <daftykins> i do quite like that feature
[15:40] <guestdw> OK - that's a good idea (but I can ony try it after I have left this login session and the chat, I suppose)
[15:40] <daftykins> i think if you click it, it leaves both running
[15:40] <daftykins> yep
[15:40] <diddledan> use "switch user" not "logout"
[15:40] <daftykins> yeah ^ i'm clicking the 'cog' top right here
[15:41] <daftykins> how is diddledan this fine day?
[15:42] <diddledan> I'm good
[15:42] <guestdw> I don't see a switch user option on my desktop
[15:42] <daftykins> guestdw: click the cog top right then select 'guest session'
[15:42] <diddledan> busy doing a new commission which is, as per usual, a rushjob
[15:42] <guestdw> Is there a package that would give me that funcitonality (it sounds useful for many porposes)
[15:42] <diddledan> I'm actually trying to "do it right" on this one though
[15:42] <guestdw> There is no cog top right
[15:42] <daftykins> diddledan: hehehe
[15:43] <daftykins> guestdw: is this something other than standard 'ubuntu' ?
[15:43] <guestdw> Not as far as I know. I tried to ask for standard ubuntu during the install
[15:43] <guestdw> Is there a way to check?
[15:43] <daftykins> lsb_release -a
[15:43] <daftykins> ^in a terminal
[15:44] <diddledan> that doesn't work on my OS X :-p
[15:44] <diddledan> $ lsb_release -a
[15:44] <diddledan> -sh: lsb_release: command not found
[15:44] <guestdw> No LSB modules are available.
[15:44] <guestdw> Distributor ID:	Ubuntu
[15:44] <guestdw> Description:	Ubuntu 14.04 LTS
[15:44] <guestdw> Release:	14.04
[15:44] <guestdw> Codename:	trusty
[15:44] <daftykins> hmm, can't be sure with that
[15:44] <daftykins> guestdw: http://upload.wikimedia.org/wikipedia/commons/b/b4/Ubuntu_Desktop_12.10.png
[15:45] <daftykins> you're really not seeing that little cog shaped icon to the right of the clock in the extreme upper-right?
[15:46] <diddledan> linked-to by popey : https://www.youtube.com/watch?v=qDrrIUujxsw
[15:46] <dw__> Chat crashed
[15:46] <diddledan> serials?!
[15:47] <daftykins> web dev ugh
[15:47] <daftykins> not even THAT can get me doing some web related stuffs
[15:47] <dw__> daftykins:   I don't see that cog on my desktop: the one that is there in your png
[15:47] <daftykins> do you even have the unity sidebar on the left?
[15:48] <dw__> I have a list that drops down on the left when I select and item headed "Activities"
[15:49] <daftykins> sounds like gnome shell
[15:49] <daftykins> ok so what you have isn't stock ubuntu
[15:50] <dw__> OK - that's useful to know
[15:50] <daftykins> you could well have downloaded gnome-ubuntu instead
[15:52] <daftykins> dw__: perhaps guest session will be off your username menu top right instead?
[15:52] <dw__> No the only option there is "logOut"
[15:53] <daftykins> ok, i have no idea how to proceed with what you have installed then
[15:53] <dw__> But I will try your new user idea anyway, after I log out. It sounds a good idea for diagnosis
[15:53] <daftykins> cool
[15:53] <daftykins> agreed.
[15:53] <dw__> daftykins: thanks for your ideas and info anyway
[15:53] <daftykins> no problem :)
[15:54] <dw__> I'll say gb now and give nautilus a try with as a new user
[15:55] <daftykins> i thought i was onto something by finding a config folder in ~/.config/nautilus
[15:55] <daftykins> but removing that doesn't even reset nautilus to defaults
[15:55] <daftykins> just how is stuff configured these days 0o
[15:55] <diddledan> gnome does that whole windows registry mess
[15:55] <diddledan> they call it dconf though
[15:55] <daftykins> ah yeah just found that folder
[15:55] <diddledan> it's the same thing as the windows registry in essence
[15:56] <diddledan> i.e. an evil homogonised bar steward
[15:56] <daftykins> :D
[15:56] <daftykins> ok installed dconf-editor
[15:57] <bashrc> there is a gnome registry?
[15:57] <diddledan> the problem is unity inherits a lot of that junk
[15:57] <bashrc> the windows registry always struck me as one of the worst ideas ever.  It's a giant den of obfuscation
[15:58] <daftykins> perhaps i'm looking for the wrong thing anyway since it's 'Files' now and not Nautilus
[15:58] <diddledan> :-/
[16:08] <daftykins> heh, i've not even used ubuntu desktop since pre-unity days
[16:08] <daftykins> so i genuinely have no idea
[16:10] <mbs_> does anyone know why my usb keyboard and mouse dont work if i reboot back into windows?
[16:10] <mbs_> i have to hard reboot to get them back again
[16:12] <diddledan> microkia is now a thing: http://www.bbc.co.uk/news/business-27163667
[16:12] <diddledan> in all but name
[16:12] <daftykins> mbs_: 'hard reboot' vs reboot, what's the distinction here? powering of between?
[16:15] <daftykins> hey diddledan you'll appreciate this (SFW) - not sure this pig is spoilt at all - https://www.dropbox.com/s/qixkfifemb0si1d/IMG_20140425_155114.jpg
[16:15] <diddledan> lol
[16:15] <diddledan> they've got pork willies next to it
[16:16] <diddledan> so I'm not so sure about the SFW status : -p
[16:16] <daftykins> you're like that little jonny in those joke emails that can turn anything rude
[16:16] <diddledan> heck yes
[16:17] <diddledan> :-p
[16:17] <mbs_> i mean when windows gets to the log in screen none of my usb stuff works even if i unplug and move to another port until i power off and reboot
[16:17] <dw__> Update on Ubuntu gnome desktop nautilus for anyone interested. I did not try a different user but discovered:
[16:17] <dw__> 1. There are two different ways of choosing which columns are displayed
[16:18] <diddledan> what can I say, I come pre verted
[16:18] <dw__> 2. IF I right-click on the headings of the columuns in nautilus list view, it will change them for just that specific directory
[16:19] <dw__> 3.If I go to the main PReferences | List Columns menu, it seems to set a default
[16:19] <dw__> 4. This default is ignored when browsing any directory which has its own values set
[16:20] <dw__> -That's why my settings using method I number 3 here seemed to me to be ignored: I was only looking in folders that had their own values set which override these
[16:21] <penguin42> dw__: That kind of makes sense if you have some particular directories that you want to use in a different way
[16:21] <dw__> I guess so (although I don't have, as it happens)
[16:23] <dw__> What slightly puzzles me is that I don't recall ever setting the individual directory preferences that seemed to be overriding the global defaults (maybe my memory is worse than I thought?)
[16:28] <dw__> Or perhaps the mere act of browsing to a directory that has no individual preferences yet set, has the effect of setting its own individual preferences to the current value of the global ones - Perhaps that's it.
[16:29] <penguin42> I doubt that, but it might be something as simple as a function key or key binding that caused it to change
[16:29] <dw__> -Maybe
[16:30] <mbs_> anyone know whats going on?
[16:34] <daftykins> mbs_: nope, however when powering off we call that a cold reboot as opposed to a warm reboot
[16:35] <daftykins> so that might help searches
[16:35] <mbs_> i might reset my bios back to stock defaults and see if that helps
[16:35] <penguin42> mbs_: Sometimes you get things where at a reboot the BIOS might forget to reset something in the hardware and thus leave it in a state that's not quite right
[16:35] <mbs_> brb
[16:38] <MooDoo> howdy all
[16:38] <diddledan> moo
[16:40] <popey> yo
[16:40] <penguin42> hey popey
[16:40] <popey> i dont think I've left the house for 3 or more days.
[16:41] <daftykins> popey: O_O
[16:42] <SuperEngineer> Dear Steam, I think but cannot prove that your peak download speed estimate of 3,416,310,272.0 GB/S might just possibly be a tad inaccurate.
[16:43] <SuperEngineer> [but here's hoping] ;)
[16:43] <penguin42> SuperEngineer: Never underestimate the bandwidth of a 747 full of LTO tapes
[16:46] <SuperEngineer> :)
[16:51] <diddledan> SuperEngineer: is that a misspelt gigabit per second or a correctly spelt giga BYTE per second?
[16:52] <penguin42> either way it's a bit on the fast side
[16:52] <diddledan> yeah, but I was wondering whether it's sillyspeed or meh :-p
[16:53] <penguin42> looks very silly
[16:53] <diddledan> becasue that many gigabits per second is so passé
[16:54] <diddledan> whereas that many gigabytes per second is sweet!
[16:54] <diddledan> googlefibre probably goes that fast, right?
[16:54] <diddledan> one internet per second
[16:55] <diddledan> maybe that should be a value. 1internet, 2internets, 3internets....
[16:59] <penguin42> libraries of congress/second?
[16:59] <diddledan> yey for the beeb: "S Korea divers found cabin of bodies" <-- what were they expecting to find in a capsized ship that didn't issue an evacuation alarm?!
[17:00] <shauno> I guess the other option was "malaysian jumbo"
[17:02] <shauno> I really shouldn't go to maplins.  I can't remember what I was looking for, but I came out 70e lighter
[17:02] <diddledan> lmao
[17:02] <diddledan> teh shiny is strong
[17:03] <mapps> hello
[17:03] <SuperEngineer> diddledan: re Steam ... I begin to wonder; "is Steam also from my planet????"
[17:03]  * SuperEngineer hums X-Files theme
[17:03] <diddledan> yey for more beeb: "Divers searching a sunken passenger ferry off South Korea found 48 bodies in a single room on the vessel meant to accommodate 38 people, officials say." <-- the vessel could only carry 38 people?
[17:03] <daftykins> perhaps it was the ship bar, licensed only for 38 to stand
[17:04] <diddledan> daftykins: re-read
[17:04] <diddledan> the vessel. the WHOLE vessel.
[17:04] <diddledan> and nothing but the vessel
[17:04] <daftykins> ah
[17:04] <diddledan> daftykins: your pedant gene is weak
[17:05] <SuperEngineer> diddledan: they are correct! for your meaning - ythey would have to write "a vessel"
[17:05] <daftykins> nah i'm just not paying enough attention
[17:05] <diddledan> :-p
[17:05] <penguin42> a life raft?
[17:07] <SuperEngineer> symantics... a very useful word... even better when fully understood  :p
[17:07] <diddledan> and spelt correctly :-p
[17:07] <diddledan> semantics**
[17:08] <SuperEngineer> Here's a good one... repeat the following sentance putting the emphasis on a different word each time...
[17:08] <SuperEngineer> there are as many meanings as there are words in the sentence...
[17:08] <SuperEngineer> "I did not say he stole thew money"
[17:09] <SuperEngineer> *the
[17:09] <diddledan> lol
[17:10] <SuperEngineer> ...or "Canonical are playing games not releasing code name for next release" [that might work the same :D
[17:11] <SuperEngineer> nah... doesn't work as well as the the 1st
[17:12] <daftykins> i'm not sure the next name is all that exciting in the grand scheme ;)
[17:12] <daftykins> perhaps it should be Undecided Ubuntu
[17:12] <SuperEngineer> ...or Unknown Unity
[17:13] <SuperEngineer> Can NOT wait till the "W" release... I've got my suggestion ready to go already!  ;) [..t...f...]
[17:14] <daftykins> i'm still recovering from saucy, people coming in #ubuntu asking if they can ask a saucy question
[17:14] <diddledan> yeah, coming from me that would mean something entirely different ;-)
[17:14] <SuperEngineer> just need to find apreviously unknown animal and name it a theffuk
[17:15] <diddledan> daftykins: can I ask you a "saucy" question? ;-)
[17:15] <SuperEngineer> oh oh!
[17:15] <daftykins> there's not a day goes by that you don't, diddledan
[17:15] <diddledan> daftykins: do you have a beaker full of water for "afterwards cleanup"?
[17:16] <diddledan> that was a weird meme
[17:16] <diddledan> http://www.mumsnet.com/Talk/mumsnet_classics/a1875847-Do-you-dunk-your-penis not safe for anything really
[17:18] <daftykins> >_<
[17:34] <bigcalm> diddledan: if it's not safe for anything, why did you paste it into here? :)
[17:35] <mapps> hm wonder what days are good for the aregon tennis in london
[17:35] <mapps> wanna go to more tennis :)
[17:38] <daftykins> looking for a sore neck, mapps? :)
[17:39] <diddledan> https://www.youtube.com/watch?v=5Krz-dyD-UQ
[17:52] <mapps> LOL NOT especially daftykins
[17:52] <mapps> but tennis is good and ive not actually been to any yet
[18:00] <ali1234> diddledan: https://www.youtube.com/watch?v=bbZ1dXQpq0w
[18:59] <diddledan> http://pastebin.com/qPxR9BRv <-- I wonder if they're trolling or it's a genuine hole
[19:02] <penguin42> diddledan: Wouldn't be impossible
[19:03] <diddledan> that's what worries me - I've not finished patching the first generation heartbleed yet
[19:03] <ali1234> definitely trolling: https://blockchain.info/address/1BKRqnmWNfK5qjhouMaBFHwjHK9ibfrKhx
[19:04] <ali1234> if it was real they would give a unique payment address to each customer
[19:04] <ali1234> and they certainly wouldn't give out an address so heavily tainted - it makes it too easy to trace them
[19:05] <diddledan> "heavily tainted"? I don't understand virtual currency so that term is new to me
[19:06] <ali1234> every transaction is recorded forever
[19:06] <ali1234> and uniquely identifiable
[19:06] <ali1234> which means you can follow the money
[19:07] <ali1234> ah, i see, this is a coin joiner
[19:07] <ali1234> so the churn here is actually an attempt to "wash" the coins
[19:08] <diddledan> uh huh - everything is going to the same account
[19:08] <diddledan> namely: https://blockchain.info/address/16R14EH4v8A9GPXkAAP8gcMFBA8oxA8nbY
[19:09] <ali1234> yes, that's the laundry account. then they send it back out, so you don't know which output came from which nput
[19:09] <ali1234> it's not a great method since likely all the inputs are dodgy
[19:10] <diddledan> the target account has a lot of coinage: 215,637.634057 BTC
[19:10] <diddledan> what's that in english money?
[19:10] <ali1234> that's just how much they processed, not the actual balance
[19:11] <diddledan> aah yes, I see
[19:11] <diddledan> final balance is 0
[19:11] <ali1234> and it's about £60 million
[19:11] <diddledan> yeouch
[19:11] <diddledan> that's a lot of laundry
[19:12] <ali1234> yeah, but it's pointless because you;re trading your own coins that you stole for coins someone else stole :)
[19:16] <ali1234> also that paste is wrong
[19:16] <ali1234> you only use -DOPENSSL_NO_HEARTBEATS if you can't upgrade to 1.0.1g
[19:21] <diddledan> good point
[19:22] <diddledan> also mentioned on the FD mailing list is that it's a compile time option not a variable
[19:22] <ali1234> right
[19:31] <penguin42> sigh - can anyone remember how to persuade gimp to really give me a 1 pixel wide brush?
[19:32] <diddledan> penguin42: use the pencil instead of the brush
[19:33] <diddledan> it's been a while since I looked at gimp tbh so I may be off-bat
[19:33] <penguin42> diddledan: Still not giving me 1 pixel
[19:33] <diddledan> hmm
[19:33] <diddledan> use photoshop :-p
[19:33]  * penguin42 has had this sometime before - and there's some obscure option somewhere that means the 'brush' it shows you is not the one you actually get
[19:35] <penguin42> ahha
[19:35] <penguin42> https://uk.answers.yahoo.com/question/index?qid=20120629221425AAmmr9S
[19:35] <penguin42> by default the brush has a size of 20 pixels - even for the tiny 3x3 pixel
[20:21] <diddledan> 5 out of 33 servers left to patch for heartbleed.
[20:21] <diddledan> nearly there
[20:42] <DJones> diddledan: Is it not just sudo apt-get update; sudo apt-get upgrade
[20:42] <diddledan> DJones: not on Gentoo it's not
[20:43] <DJones> Oops, time for a new server :)
[20:43] <DJones> Maybe not
[20:43] <diddledan> a new 33 servers
[20:45] <diddledan> thing is some of the software on a few of them is at the point where it's been so long since it was maintained that nobody wants to look at bringing it up-to-date (namely a series of java war website servlets)
[20:45] <DJones> People complain about Ubuntu making Linux too easy, but for some reason, they don't complain when non-ubuntu systems take days/weeks to fix
[20:46] <DJones> If it works, I guess there's no reason to change
[20:46] <DJones> But must be frustrating at times like this
[20:46] <diddledan> aye
[20:47] <DJones> From a commercial point of view, I'm not sure if Ubuntu would be any better than any other Linux based system
[20:48] <diddledan> I guess a lot depends on how much you're paying for it
[20:48] <diddledan> most folk use ubuntu because they don't need to pay a dime
[20:49] <DJones> Thats probably more personal users though, I suspect business'es would have supprt contracts
[20:54] <shauno> pi butchery :)  http://cl.ly/image/1C05260n0V0z  (I'm not sure why I'm proud of this)
[20:55] <ali1234> i wish they had put the composite video onto a header
[20:56] <bashrc> upgrading the netbook to 14.04
[20:57] <shauno> yeah, the video bugs me.  it just doesn't seem to be worth the protrusion
[21:03] <shauno> although I think I would have preferred most of it on headers, instead of the splayed-out-spider effect you get from fighting for edge space
[23:02] <mapps> so
[23:02] <mapps> what speed should 4g be eh
[23:08] <penguin42> just enough faster than 3g to convince you it's better (* at best times, mileage may vary nothing you've been promised might happen)
[23:09] <mapps> yea mine was 33.21 down 2.92 up
[23:13] <penguin42> that's not bad going - I know people who can't get anywhere near that on vDSL (infinity)
[23:13] <penguin42> and the 2.92 isn't anything to sniff at
[23:14] <penguin42> mapps: How much does that cost you?
[23:15] <mapps> 55quid a month 5gig 4g/unkimited calls and tax
[23:15] <mapps> mate my home dsl is rubbish compared to the 4g;p i get 6mbit adsl have done for 6-7years
[23:15] <mapps> cant get better...yet typically when i moved 3yrs ago old place can now get bt ftc!!
[23:15] <penguin42> are you allowed to tether that for that price?
[23:15] <mapps> but ok so 33mbit down on 4g( ee) howcome i get 3mbit on 3g (ee) got 2 sims
[23:15] <mapps> yea
[23:15] <penguin42> nice
[23:16] <mapps> but only 5gig allowance
[23:16] <penguin42> ah
[23:16] <penguin42> mapps: But I know people on BT fttc that are getting awful rates
[23:16] <mapps> any idea re my 3g and 3g??
[23:16] <mapps> 4g and 3g rather
[23:16] <mapps> same network..and surely 3g should be better than 4mbit
[23:17] <penguin42> I don't know what they're supposed to do - can't you force the phone to drop 4g off?
[23:17] <mapps> Yea you can..just turn 4g off
[23:17] <mapps> but what i mean is i got 2 sims 1 4g and 13g
[23:17] <mapps> 1 3g
[23:18] <shauno> why should 3g be better?
[23:19] <mapps> better than 4mbit i mean
[23:19] <mapps> i thought it should be 10-15 range
[23:19] <shauno> 3g comes in 3.6mbit and 7.2mbit variants, and not many networks picked up 7.2
[23:19] <mapps> ah
[23:19] <penguin42> mapps: I guess there may be more contention from other users on 3g (although maybe not at this time of night)
[23:20] <mapps> yea thats true
[23:20] <mapps> when ive been at the gym at say 4am ive managed around 15mbit iirc
[23:30]  * penguin42 won't ask why you've gone to the gym at 4am
[23:30] <shauno> what else are you meant to do when tesco's full of stoners :/
[23:31] <penguin42> run?
[23:31] <penguin42> or better, sleep
[23:31] <shauno> o_O  what is this "sleep" ?
[23:37] <penguin42> it's what happens if you didn't have enough coffee
[23:38] <shauno> ahh.  I have instant coffee for such emergencies
[23:39] <shauno> not ideal, but much easier to snort than beans
[23:40] <penguin42> yes, snorting beans is not good for breathing
[23:40] <shauno> and snorting instant isn't good for wallpaper  (long story)
[23:44] <penguin42>  'But Dr I always get these terrible migrains after coffee....'
[23:49] <shauno> almost on-topic for a sec .. if I connect to wifi by sticking wpa-ssid & wpa-psk straight into /etc/network/interfaces, is there a sensible way to add credentials for a second network?
[23:50] <penguin42> can I ask the obvious question; why not do it via nm ?
[23:52] <shauno> because they're all headless
[23:55] <penguin42> shauno: nmcli !
[23:55] <shauno> heh
[23:55] <shauno> I might have to look into that, but I still don't trust nm.  I'm used to these things being a whole lot more transparent
[23:55] <penguin42> right, but with wifi being so complex anyway
[23:56] <shauno> well it's kinda straight-forward as long as I stay at home :/
[23:57] <penguin42> there is a NetworkManager-tui around, not sure if there is an ubuntu package
[23:58] <shauno> seems to be a whole load of new things I don't quite understand.  eg, I still have no idea what dbus is, or why
[23:58] <penguin42> yeh I don't really get the details of that stuff