=== jje is now known as Guest11108 === mswart_ is now known as mswart === jje is now known as Guest58944 === jje is now known as Guest57133 === jje is now known as Guest65763 === jje is now known as Guest32157 === Guest32157 is now known as jje === Guest57710 is now known as magic === jje is now known as Guest2321 === Guest2321 is now known as jje === jje is now known as Guest17831 === jje is now known as Guest91245 === Guest91245 is now known as jje === sdx32 is now known as sdx23 [09:03] Good morning. [10:52] Hiyas all [11:51] had 3 bash update/upgrades thru proposed, but the vulnerability check still shows my system still tests positive [11:51] some patch that is [11:52] not sure what's going on there - but it works here - what check are you using? [11:53] elfy, this one, env VAR='() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test" [11:55] and this one, env 'x=() { :;}; echo vulnerable' 'BASH_FUNC_x()=() { :;}; echo vulnerable' bash -c "echo test" [11:56] both show "vulnerable" [11:56] BluesKaj: Could you post those commands with their output? [11:56] http://pastebin.com/JRYFrVxz [11:56] working here [11:58] lordievader, http://paste.kde.org/p2frrd02g [12:00] Hmm, what version of bash are you running? [12:00] * lordievader reboots to Utopic to mess with stuff. [12:05] lordievader, bash 4.3-9ubuntu4 in muon , bash --version the terminal shows: http://paste.kde.org/pdgglrqxj [12:06] 4.3.0? My Trusty install notes 4.3.11. elfy what version of bash do you have on Utopic? (My Utopic is outdated) [12:08] Ah I think he has just updated Bash, my version on Utopic reads: 4.3.24 [12:08] While I do have the same package version number... [12:13] Installed: 4.3-9ubuntu4 [12:14] elfy: And the 'bash --version' version? [12:14] version 4.3.24(1)-release [12:15] Right, BluesKaj I think that is the problem. [12:18] obviously the patches aren't properly installed, but why? [12:19] BluesKaj: Have you reinstalled bash? [12:19] did you restart terminal [12:19] Also what is the output of "apt-cache policy bash"? [12:20] it'll be bash 4.3-9ubuntu4 [12:20] it shows as installed in muon [12:21] apt-cache policy bash shows : Installed: 4.3-9ubuntu4 [12:22] BluesKaj: I'd like to see the full output, please. [12:23] http://paste.kde.org/pogk8eevm [12:23] it's all there [12:24] looks properly installed [12:24] Hmm, should be fine indeed. Have you reinstalled bash? That might solve it... [12:25] the kubuntu daily is right [12:26] Hehe, some gtk thing is trying to tell me my installation is broken... [12:26] installed --reinstalled bash , but the vulnerability test still shows "vulnerable" :/ [12:27] No test shows vulnerable for me o.o [12:33] rebooting didn't help [12:33] something must be blocking it [12:44] Yayy, my Utopic is revived :D [13:05] I must have the wrong proposed repos, because this makes no sense, I just purged and then reinstalled bash, but I still get the GNU bash, version 4.3.0(1)-release [13:07] can someone with proposed pastebin the debs from their sources.list please [13:18] BluesKaj: Err, having proposed with a high priority is a really bad idea. [13:21] lordievader, I know that =, but what choice do i have if the only repos that has the correct bash patches are in porposed? [13:22] Main has it too. I don't have proposed enabled and bash is the newest version. (Not vunerable) [13:23] ok so the advice got was wrong then about adding proposed [13:23] I'll dump them [13:23] Maybe at that time it was still in proposed. [13:23] I've not updated from proposed today either, only did that the first upgrade of bash [13:24] when I did it thursday or friday they were proposed [13:25] BluesKaj, are you using a mirror? [13:25] I mean, a repository mirror. [13:25] Or are you connecting to the main one? [13:25] there are only grub and usb-modeswitch in proposed currently [13:26] using a .ca mirror , Daekdroom [13:26] The mirror might not be up to date [13:26] There's a Launchpad page to check for that, but I don't remember how to access it. [13:26] https://launchpad.net/ubuntu/+archivemirrors [13:28] Daekdroom yeah BluesKaj: they've released the updates [13:29] I'm using the U of Waterloo mirror in Canada which is listed as up to date [13:29] BluesKaj: https://launchpad.net/ubuntu/+source/bash/4.3-9ubuntu4 [13:29] See the first bit of the changelog... [13:30] LP is quite sufficient in the info it gives. [13:33] lordievader, already have the 4.3-9ubuntu4 installed [13:33] but my bash version is old [13:34] so the patch isn't applied. That's what it looks like to me [13:34] BluesKaj: What is the output of: which bash [13:35] /usr/local/bin/bash [13:36] Not /bin/bash? Wut? Here it is /bin/bash [13:37] Likely that /usr/local/bin/bash is an old version. Does /bin/bash exist? [13:38] heh /usr/local/bin/bash is empty [13:39] and so is /bin/bash [13:39] both are empty [13:40] Empty? [13:40] yes , nothing there [13:40] That seems highly implausible [13:40] This is getting wierder and wierder... [13:41] BluesKaj: Please paste the output of 'md5sum /bin/bash /usr/local/bin/bash' because I'm having a hard time believing "empty" :-) [13:42] whereis bash [13:42] bash is in /bin tho [13:42] ok [13:45] lordievader, http://paste.kde.org/pgw2x2yka [13:45] So they do exist... both of them. [13:46] the md5 sums are different [13:46] Those are not the md5sums of an empty file [13:46] maxb: ^ [13:46] So, now we've proved they are not empty..... :-) [13:47] BluesKaj: you must have done something to have /usr/local/bin/bash [13:47] yeah, I know they're installed , but not working [13:48] BluesKaj: what does /bin/bash --version give? [13:48] yeah i compiled a patch that someone gave me a couple days ago. it may have ended up in usr/local then [13:49] Would've been helpfull if you mentioned that sooner. [13:49] lordievader, aha , it's the correct version GNU bash, version 4.3.24(1)-release [13:50] lordievader, i deleted it, but as usual there were leftovers [13:51] Hence the "don't compile" policy of Ubuntu ;) [13:52] chsh -s /bin/bash I think [13:52] Or ofcourse have a proper package manager if you do compile (portage :D) [13:53] BluesKaj: Also if you do find the need to compile stuff, let it put its files in /opt. Keeps a good overview. [13:54] yeah I haven't compiled for a long time [14:00] or in a long time rather [14:03] it's still looking for bash in /usr/local [14:04] BluesKaj: Do you remember how you compiled/removed it? [14:18] /usr/local is a perfectly reasonable place to put self-compiled stuff - it's exactly what it's there for [14:18] Of course, it helps if you remember what you've put there [14:22] ok thanks gents, bash problem solved, no longer vulnerable [14:23] BluesKaj: Congratulations. [14:25] heh, don't understand why compiling in the current dir didn't place the bash patch in /usr/bin tho. One would think that would be default [14:26] It is placed in whatever you tell it to place it in. Or if it is unset the default is used. And the default may not be Ubuntu's location. [14:28] that's what I meant, if bash itself is by default installed in /usr/bin on ubuntu then it should follow that make install would point it to /usr/bin ..just makes sense to me [14:30] I assumed , but it's been a long time since i compiled anything so I suffered the consequences, but thanks to your help all seems fine now, lordievader :) [14:31] BluesKaj: Not at all, that makes no sense [14:31] Well behaved source tarballs will always default to installing in /usr/local because that's the proper place for locally compiled stuff to go [14:32] The /usr tree excepting /usr/local is reserved for the system package manager, i.e. official .deb packages [14:32] Besides that, different distro's have different ideas of where things need to go. [14:32] maxb, ok well I'll refrain from compiling in the future [14:32] That's true, but the essence of /usr/local is specified in the Filesystem Hierarchy Standard, a codification of cross-distro practices [14:33] maxb, never mind the codification blah blah ...who reads that anyway :) [14:33] Sensible people [14:34] Hehe ;) [14:34] if you know that it's sensible only [14:35] another geek troll calling people names [14:35] anywayntime to fix the desktop [15:04] ok, desktop is fixed now as well... learned my lesson about compiling ...one can't assume the installation will follow the same path as apt-get or the package manager [15:29] hey penguin42 [15:32] Hey BK [15:46] debating openwrt for the router, dunno if it's worth the trouble [15:50] it depends how much your existing firmware annoys you [15:58] it really doesn't, but it was recommended to me by ppl I respect, but I've never flashed a device other than my pc BIOS before [16:02] ok, so the only thing to be aware of is you can really brick it; make very sure that the firmware you download is really for exactly the model of device you have (not the one from the previous year with the same name etc) [16:11] yeah, that's exactly what concerns me ..hence the reluctance [16:12] TP-Link WDR-3600/N600 router [18:24] CAN I USE THE BETA VERSION AS EVERYDAY USE? [18:42] Hi everyone [18:47] hey [21:49] I'm having some trouble with apparmor profiles when launching docker containers after upgrading to utopic [21:50] Can anyone give me a hand with this? [21:51] depends whats the issue? [21:54] https://gist.github.com/twermund/8766e68bd0c1aadfbe2e [21:54] I get that error when I run `sudo docker run ubuntu` [21:55] anything interesting in the system logs? [21:56] Is there a specific log I should look at? [21:56] I don't really know if the problem is coming from docker or apparmor [21:56] dmesg is a start [21:58] it looks like the docker daemon (docker0) switches from a forwarding mode to diabled mode [21:59] https://gist.github.com/twermund/e57fea46cd101f14b260 [22:00] hm no idea, I don't know docker well [22:00] okay, thanks for lending a hand [22:00] I'm trying to get this stuff answered in #docker