=== CodeMouse92 is now known as CodeMouse92__
[05:32] <bindi> can I bridge a bonded interface?
[05:41] <cpaelzer> good morning
[05:41] <cpaelzer> bindi: https://www.cyberciti.biz/faq/ubuntu-linux-bridging-and-bonding-setup/ maybe?
[05:42] <cpaelzer> I didn't check the content but it looks just like your question
[05:44] <bindi> yeah i need to combine a few guides together to accomplish what i want
[05:44] <bindi> it might be stupid, but want to try at least for the giggles
[05:45] <bindi> I'm going to give a linux VM two physical NICs, bond them, (preferrably give them an address with dhcp), and then bring that bonded connection back to the host OS with an internal virtual switch (10Gbps)
[05:46] <bindi> (because windows doesnt support balance-rr bonding)
[05:47] <cpaelzer> uh that sounds a bit backward-forward-backward :-)
[05:48] <cpaelzer> but I see your point, and at least for experiments there is nothing that shouldn't be tried
[05:48] <bindi> hm but now for some reason the vm wont start up :D
[05:48] <bindi> fun
[05:48] <bindi> nevermind we're back
[05:49] <bindi> care to point me to a direction with some keywords perhaps, on how to tackle this =D
[05:50] <bindi> i wonder if pfSense would be easier..
[06:09] <lordievader> Good morning
[06:15] <cpaelzer> hi lordievader
[06:16] <lordievader> How are you cpaelzer
[06:18] <cpaelzer> good - and you ?
[06:22] <lordievader> I'm doing good too
[07:30] <kickinz1> Yo les gars, petits socis réseau...
[07:31] <kickinz1> Wrong windows sorry...
[08:26] <cpaelzer> kickinz1: wanna come back here :-) ?
[08:26] <kickinz1> cpaelzer, not really, but here just in case someone pings me :)
[08:29] <rbasak> o/
[08:38] <kickinz1> rrêté mon vpn sur pfsense, ca fout plus la grouille qu'autre chose...
[08:39] <cpaelzer> kickinz1: again?
[08:39]  * kickinz1 hates automatic switching when re-connecting.
[08:40] <kickinz1> cpaelzer, yes, networking troubles, and my irc client switch channel automatically when it connects to another server. This is not good. so it did it while I was on another window.
[08:40]  * cpaelzer waits for passwords of kickinz1
[08:41] <kickinz1> :)
[09:17] <bindi> umm
[09:17] <bindi> i just compiled samba 4.6.5 and it says Unknown parameter encountered: "server multi channel support"
[10:12] <bindi> anyone compile the latest samba and enable multichannel support? unknown parameter "server multi channel support
[12:43] <Niller1> Any recommendations for a Beysian based spamfilter that is supported on LTS? I have previously been using DAPM with great success.
[12:43] <Niller1> DSPAM
[12:50] <fallentree> Niller1: spamassassin?
[12:51] <ahasenack> Niller1: I think bayes is nowadays just one component of any spam filter
[12:51] <ahasenack> most should have it
[12:52] <Niller1> I was never a fan of SA in the past. It may have changed. It had a large overhead.
[12:52] <fallentree> Niller1: I hear rspamd is quite nice too
[12:52] <Niller1> was getting 99.5 accuracy with just RBL and DSPAM.
[12:53] <Niller1> fallentree: i may look at that
[12:55] <RoyK> and use dmarc, dkim and spf, please
[12:56] <Niller1> RoyK: Obviously ;)
[13:02] <Niller1> fallentree: That RSPAMD looks very interesting. Just wondering how well supported it is.
[13:10] <ahasenack> cpaelzer: hi, do you have a minute?
[13:19] <ahasenack> rbasak: around?
[13:28] <Bischoop> Hi
[13:28] <Bischoop> Does Ubuntu-server comes with Python,CGI?
[13:30] <fallentree> Bischoop: there are packages you can install yes, depending on what exactly you want.
[13:32] <Bischoop> fallentree: Practically just for learning, I like Python pretty much and would like practise using it, mixing HTML with Python
[13:33] <Bischoop> or you you could give a tips how to prepare running Apache for Python too?
[13:34] <fallentree> Bischoop: you can ask google about setting up Apache with mod_wsgi
[13:34] <Bischoop> I've apache on Ubuntu perhaps I could skip nicely installing new Ubuntu-server
[13:34] <Bischoop> fallentree: well of course I can,I could and I done it.
[13:35] <Bischoop> but the results are giving me ambivalent feelings.
[13:35] <fallentree> I can't give you any tips myself, I use nginx + uwsgi
[13:35] <Bischoop> Every sites has different solution how to do it
[13:36] <fallentree> Bischoop: best to read the mod_wsgi documentation then. https://modwsgi.readthedocs.io/en/develop/
[13:36] <Bischoop> I'll give it a try then, cheers mate fallentree
[13:37] <Bischoop> BTW take care of your roots fallentree ;-)
[13:44] <rbasak> ahasenack: o/
[13:44] <ahasenack> rbasak: hi
[13:44] <ahasenack> rbasak: I'm syncing debian's bind9
[13:45] <ahasenack> rbasak: came across a patch for which I have a question
[13:45] <ahasenack> rbasak: both debian and ubuntu carry this same security patch
[13:45] <ahasenack> rbasak: with two slight differences
[13:45] <ahasenack> rbasak: ubuntu's: http://paste.ubuntu.com/24981252/ it also adds tests
[13:45] <ahasenack> rbasak: debian's: http://paste.ubuntu.com/24981254/ just the secfix, no test changes
[13:46] <ahasenack> rbasak: the dep3 header is also different, but I have been favoring the debian one so we can drop delta
[13:46] <ahasenack> rbasak: but in this case: I favor having the extra tests, but is that enough justification to add a delta and drop a debian patch in favor of ours?
[13:47] <ahasenack> rbasak: or should I perhaps split that patch into two: one with just the secfix, so we adopt debian's, and one from ubuntu to just add the tests, which would become added delta?
[13:47] <ahasenack> sorry for the wall of text :)
[13:47] <rbasak> ahasenack: in what version in Debian was the patch introduced please?
[13:48] <cpaelzer> ahasenack: sorry to see you only now
[13:48] <ahasenack> rbasak: 1:9.10.3.dfsg.P4-12
[13:48] <ahasenack> cpaelzer: good morning/afternoon :)
[13:48] <ahasenack> rbasak: it's CVE-2016-8864.patch
[13:49] <ahasenack> rbasak: ah, sorry, it's actually CVE-2016-8864-regression.patch
[13:49] <ahasenack> that patch was a nightmare, it had 2 regressions
[13:50] <ahasenack> rbasak: it's 1:9.10.3.dfsg.P4-12, patch is CVE-2016-8864-regression.patch (debian)
[13:50] <ahasenack> rbasak: in ubuntu, the "same" patch is rt43779.patch
[13:57] <rbasak> ahasenack: I think splitting the test out is a good idea. Also worth asking Debian to add the test.
[13:58] <ahasenack> rbasak: this all might be moot, though, if a new upstream version is released and has these changes incorporated
[13:58] <rbasak> Yeah
[13:59] <ahasenack> for the sake of the exercise, I'll split the test out of the patch
[13:59] <ahasenack> so our delta will be just the test
[13:59] <ahasenack> (for this case)
[13:59] <ahasenack> sounds good?
[13:59] <cpaelzer> I like that approach
[14:00] <cpaelzer> is there any expectation when a new version will be released to incooperate the change?
[14:00] <cpaelzer> any regular schedule we might expect
[14:00] <rbasak> ahasenack: yes
[14:00] <cpaelzer> just to rate the feasibility of submitting the test to debian
[14:01] <ahasenack> cpaelzer: I'll check what upstream is doing
[14:01] <ahasenack> thx
[14:05] <ahasenack> 9.10.5-P1 is out, we and debian are at 9.10.3-P4
[14:05]  * ahasenack checks is the patches are there
[14:07] <ahasenack> yeah, as expected, they are
[14:07] <ahasenack> but I won't update the version now
[14:13] <skylite> what does "no DMA platform data" mean in dmesg?
[14:45] <ahasenack> rbasak: cpaelzer: how does this look for a dep3 description/explanation of the split we just talked about? http://pastebin.ubuntu.com/24981789/
[14:46] <cpaelzer> ahasenack: reading
[14:47] <ahasenack> I'm not finished with it, there are still the other dep3 elements to fill in. This was just the description.
[14:47] <cpaelzer> ahasenack: I like it - a few empty lines to separate paragraphs maybe
[14:47] <ahasenack> cpaelzer: can I use plain empty lines, or do I need to use the . trick?
[14:47] <ahasenack> I forget
[14:47] <cpaelzer> plain is ok
[14:47] <ahasenack> ok
[14:48] <ahasenack> good
[14:48] <ahasenack> thx
=== chiluk_ is now known as chiluk
[15:52] <nacc> rbasak: did you want to do a HO?
[15:52] <rbasak> nacc: I have another HO shortly, sorry.
[15:52] <nacc> rbasak: np
[16:46] <ghost12345> Hello. Can someone help me with MAAS on ubuntu 16.04 ? I have created question https://askubuntu.com/questions/930023/how-to-add-custom-power-type-to-maas-2-1-x-to-use-pc-power-control-using-raspber
[16:48] <nacc> blake_r: --^ could you help direct them?
=== roaksoax_ is now known as roaksaox
=== roaksaox is now known as roaksoax
[18:48] <ahasenack> given a gitweb site, one cannot automatically expect a clonable git repo, right? Or infer the url of the git repo
[18:48] <ahasenack> like https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=summary
[18:48] <ahasenack> ah, found it
[18:48] <ahasenack> https://source.isc.org/git/bind9.git
[18:48] <ahasenack> was missing the /git/ bit in the middle
[18:50] <nacc> ahasenack: yeah they have configured their gitweb (I think) to not show the clone urls at the bottom
[18:50] <nacc> ahasenack: i'm not 100% on that
=== Poster|y is now known as Poster
=== desc is now known as descender
[22:08] <whistler102> so I setup the Livepatch service on ubuntu server 16.04, but I'm still getting kernel updates through unattended-upgrades, and thus, I still need to reboot upon upgrade to a newer kernel. I've also yet to see any actual live patching happending through executing the status command. Am I missing something here?
[22:14] <sdeziel> whistler102: it's normal to still get the kernel updates as normal because they contain more than just the live patches and they also ensure you have everything upon reboot
[22:15] <whistler102> sdeziel, I suspected as much. Livepatching just seems useless if trying to eliminate reboots
[22:16] <sdeziel> whistler102: how so? once you have the live patches applied, you don't need to reboot
[22:16] <sarnold> every site has a different threat model
[22:16] <sdeziel> the full kernel update is just handy if you happen to reboot
[22:16] <sarnold> you may be able to avoid reboots with the live updates
[22:16] <sarnold> maybe not
[22:16] <sarnold> but they should give you a lot more flexibility in when you schedule them
[22:18] <whistler102> Ok, got it.
[22:20] <whistler102> Just curious, would it mess with things if several kernel updates as well as livepatches were installed before a reboot? Or is it safer/proper to always reboot after a kernel update before the next one is released?
[22:22] <sarnold> whatever order you do things in should work fine
[22:22] <whistler102> Alright, cheers
=== JanC_ is now known as JanC