cmaloney | Evening | 00:36 |
---|---|---|
Neff_ | everyone here is from michigan? | 01:04 |
gamerchick02 | yeah most of us are, but some are in other places... | 01:10 |
Neff_ | cool | 01:13 |
gamerchick02 | some have moved. :) | 01:14 |
* greg-g looks around | 01:17 | |
gamerchick02 | greg-g you're still in CA, yes? | 01:18 |
gamerchick02 | unless i'm wrong | 01:18 |
greg-g | yep! | 01:18 |
greg-g | in Petaluma, which is about 40 miles north of SF | 01:18 |
gamerchick02 | ah yes | 01:18 |
gamerchick02 | but you're still a Michigander at heart. | 01:18 |
gamerchick02 | we'll keep ya | 01:18 |
gamerchick02 | :) | 01:18 |
greg-g | northwoods, really | 01:19 |
greg-g | I'll take MN, WI, or MI | 01:19 |
gamerchick02 | :) | 01:21 |
cmaloney | t ls router | 03:19 |
cmaloney | heh | 03:19 |
wolfger | morning | 10:57 |
rick_h_ | morning | 11:35 |
_stink_ | yo | 12:11 |
mrgoodcat | yo | 12:29 |
mrgoodcat | update your bash again http://www.ubuntu.com/usn/usn-2364-1/ | 13:04 |
bookiebot | http://goo.gl/jgzzjG - USN-2364-1: Bash vulnerabilities | Ubuntu | 13:04 |
cmaloney | Morning | 13:13 |
cmaloney | And lovely. | 13:14 |
cmaloney | @sil: tempted to make a shellshock worm which only attacks those with zsh installed, just to marginally decrease the world's wrongly-smug quotient | 14:10 |
mrgoodcat | lol | 14:11 |
mrgoodcat | well it would only work if webservers used zsh as their default shell | 14:11 |
mrgoodcat | which seems really unlikely | 14:11 |
cmaloney | So basically we'd have complete ownership over bookie. ;) | 14:13 |
mrgoodcat | does anybody know if it's possible to upgrade the kernel without rebooting? somebody who i generally consider pretty knowledgeable is saying he has 432 days of uptime but uname -r is saying his kernel is updated | 14:15 |
cmaloney | I think we mentioned this at the past CHC. I've always associated kernel upgrade w/ reboot | 14:26 |
cmaloney | Google search turned up ksplice. | 14:26 |
cmaloney | as well as kgraft and kpatch | 14:27 |
cmaloney | SO it appears possible | 14:27 |
cmaloney | Though I'm of a mind that a reboot every now and again is a "good thing"TM | 14:28 |
cmaloney | If nothing else it cleans out the cruft. | 14:28 |
cmaloney | Also turning off the power for 10 secods to drain out the capacitors for memory | 14:28 |
cmaloney | and give your power supplies a nice jolt to let them know it's time to fail | 14:29 |
brousch_ | mrgoodcat: I think you, can but it involves some really deep voodoo | 14:34 |
brousch_ | https://www.ksplice.com/ | 14:35 |
bookiebot | http://goo.gl/AaNbO - Never Reboot Linux for Linux Security Updates | Ksplice | 14:35 |
brousch_ | Or paying Oracle, it seems | 14:35 |
mrgoodcat | he says he isn't using any magic things | 14:35 |
mrgoodcat | he thinks you just don't need to reboot after a kernel update | 14:36 |
brousch_ | So he's installing the new kernel but still running on the original | 14:36 |
mrgoodcat | yea afaict | 14:36 |
mrgoodcat | but he's on debian wheezy so the kernel version number isn't bumping on security updates. so i can't tell which package he is running | 14:36 |
mrgoodcat | the kernel he booted with has the same version number as the current package version | 14:37 |
mrgoodcat | so uname -r doesn't help | 14:37 |
cmaloney | mrgoodcat: I think Arch has the magic voodoo baked in | 14:45 |
cmaloney | but unaware of Debian packaging it | 14:45 |
cmaloney | mrgoodcat: or rather unaware of Debian shipping with it by default | 14:46 |
cmaloney | try searching for ksplice, kpatch, or kgraft in the packages list | 14:47 |
cmaloney | It appears that ksplice is packaged for Ubuntu | 14:48 |
cmaloney | Hah, I was thinking earlier that I should listen to some Ozric Tentacles this morinng | 14:52 |
cmaloney | put the Squeezebox on random album shuffle and this came up: | 14:53 |
cmaloney | .np squeekyhoho | 14:53 |
bookiebot | squeekyhoho's current track - Cat DNA by Ozric Tentacles on Become The Other | 14:53 |
cmaloney | Actually it's Spice Doubt | 14:53 |
mrgoodcat | arch does not have the voodoo baked in. i just had to reboot my server this morning to get the new kernel running | 15:02 |
jrwren | debian and ubuntu don't use bash as their default shell. they use dash. It doesn't lessen the impact of shellshock. | 15:21 |
jrwren | or maybe it does lessen it, but it is still scary. | 15:21 |
mrgoodcat | it is still scary | 15:22 |
mrgoodcat | also, some services may explicitly use bash as their default shell in /etc/passwd | 15:22 |
jrwren | May, but don't by default AFAIK | 15:22 |
jrwren | hrm, seems the postgres account does. | 15:22 |
mrgoodcat | nginx too iirc | 15:23 |
jrwren | mrgoodcat: i have nginx installed. it doesn't install a special account. | 18:02 |
jrwren | mrgoodcat: it uses www-data, just like apache. | 18:02 |
jrwren | mrgoodcat: nginx MIGHT be vulnerable if a cgi uses /bin/bash, just like apache. | 18:03 |
jrwren | http://www.dailymail.co.uk/news/article-2351881/Inside-Americas-worst-hotel-The-stomach-churning-reviews-guests-stayed-legendary-Detroit-dump-shut-down.html admit I've been in a room, but not slept. | 18:03 |
bookiebot | http://goo.gl/hDnxZ - Inside America's worst hotel: The stomach-churning reviews from guests who stayed at legendary Detroit dump before it shut down | Daily Mail Online | 18:03 |
cmaloney | I think I need someone to watch my butt because it feels like I'm dragging it behind me | 19:16 |
cmaloney | I don't want to accidentally lose it. | 19:17 |
_stink_ | you used to be able to put an ad for that on craigslist | 19:18 |
_stink_ | no pun intended | 19:18 |
cmaloney | seriously? | 19:19 |
_stink_ | no it's a bad joke about adult services. | 19:19 |
_stink_ | ColonelPanic001: please laugh | 19:19 |
ColonelPanic001 | hah | 19:20 |
_stink_ | thanks | 19:20 |
* ColonelPanic001 bills _stink_ for services rendered | 19:20 | |
_stink_ | >:| | 19:20 |
cmaloney | heh | 19:35 |
cmaloney | I think I'm going to bill _stink_ for mental images rendered. | 19:36 |
_stink_ | mail returned: recipient not at this address | 19:37 |
cmaloney | I sent a bitcoin bill | 19:38 |
_stink_ | damn! | 19:39 |
=== mulka_ is now known as mulka | ||
cmaloney | I think I'm going to stop subscribing to This Week in Tech | 21:10 |
cmaloney | the last episode where Baratunde and the guy who wrote "Hatching Twitter" talked over Steve Gibson made me mad. | 21:11 |
cmaloney | I think the words "what is the practical application of ..." should be a signal to anyone that they're being an idiotic pundit. | 21:12 |
mrgoodcat | osx just updated bash | 22:35 |
mrgoodcat | way to be on your game apple | 22:35 |
mrgoodcat | anybody heard of vipe? | 22:52 |
cmaloney | mrgoodcat: That means that someone out there is still using XServe. :) | 23:05 |
mrgoodcat | what do you mean? | 23:05 |
cmaloney | Apple updating bash. :) | 23:05 |
cmaloney | http://en.wikipedia.org/wiki/Xserve | 23:06 |
bookiebot | http://goo.gl/XuXRDG - Xserve - Wikipedia, the free encyclopedia | 23:06 |
mrgoodcat | right i get that, why does apple updating bash have anything to do with xserve though? | 23:07 |
mrgoodcat | clients are affected too | 23:07 |
cmaloney | I'm just messing | 23:07 |
mrgoodcat | ah | 23:07 |
mrgoodcat | because DHCP clients are vulnerable if i'm understanding properly | 23:07 |
cmaloney | Only on evil networks | 23:07 |
mrgoodcat | right | 23:09 |
mrgoodcat | well 'evil' is assumed when talking about vulns | 23:09 |
brousch_ | I think you can still run xserve in a VM on OSX | 23:10 |
mrgoodcat | probably | 23:11 |
mrgoodcat | WMU still uses XServe | 23:11 |
mrgoodcat | i had to administer it | 23:11 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!