bindinew microcode out for intel cpus, anyone updated yet? how to :D?00:24
bindithis answer doesn't actually tell you how to update it00:25
naccbindi: have the intel-microcode package installed and keep your system updated00:48
naccyou will get it via -security, I believe for your sytem00:48
bindithat doesnt answer my question :D01:12
bindiwell, how to update with the tool manually, is what i wanted to ask specifically01:12
bindiit isnt updated in the repos yet01:12
=== nchambers is now known as TheMediocreTroll
=== TheMediocreTroll is now known as nchambers
mbffHello! I am trying to configure my interfaces file to get pfsense working inside KVM. Currently my /etc/network/interfaces file looks like this: https://gist.github.com/marshallford/cbf917a9cf8cbd8d23c641b04c193569 What gives? my WAN NIC passes though but the LAN isn't working at al04:14
mbffTo follow up my question: The Ubuntu Host OS should have the ip and allow enp8s0 (LAN NIC) to hook up to a switch or access point. I must be missing something simple...04:15
cpaelzernacc: I thought he was on it, let me check the current state of curl/http205:58
cpaelzernacc: no it is actually fixed by the last merge as locutusofborg and I discussed06:03
cpaelzerjust missing in the changelog06:03
cpaelzerI'll update the bug06:03
cpaelzergood mornign btw07:20
zioprotoupgrading the Kernel on openstack compute nodes we had run into this https://bugs.launchpad.net/ubuntu/+source/linux/+bug/174263008:18
ubottuLaunchpad bug 1742630 in linux (Ubuntu) "Booting from 4.13.0-21-generic leads to Oops: NULL pointer dereference - RIP: isci_task_abort_task+0x30/0x3e0 [isci]" [Undecided,New]08:18
zioprotoanyone else with quanta servers ? :)08:18
lordievaderGood morning08:45
ahasenackgood morning11:11
=== albech1 is now known as albech
Ussatgonna assume the issue with some 16.04 systems getting "bricked" with the newkernel update is fixed ?14:33
masonUssat: I thought the bricking was with newer releases, not Xenial.14:41
masonThere was a post-kernel-side-channel-patch issue that's been resolved, but it didn't brick.14:41
masonThe last kernel could be booted. (It bit my wife's desktop.)14:41
Odd_BlokeYeah, I haven't heard of any _bricking_ issues.14:43
masonI think there was a bricking issue with new kernels on some newish systems. Don't remember the details.14:50
masonAh: https://lwn.net/Articles/741916/rss14:50
hggdhthere were problems with 4.4.0-108, which were resolved with -109. Of course, situation is still fluid-ish14:51
masonI just now saw a SlashDot article talking about 16.04, so I stand corrected.14:51
masonAh, no, that's not bricking.14:51
masonThat's "this kernel won't boot - boot with the last kernel" after which an update works to resolve the issue.14:52
masonBut yeah, that bit my wife's system.14:52
hateballShould perhaps never ever write an article again if you call that bricking14:54
masonThat occurs to me, yes.14:54
hateballNot that it's the first terribly worded or researched thing on slashdot :p14:54
hggdhwell, for the casual user, being unable to boot is just like bricking14:54
hateballBut pretending to be some tech news reporting... I have more faith in 4chan14:55
* hateball goes back to lurking14:55
masonJust like bricking, except that it's easily fixed, as opposed to, you know, bricking.14:55
Ussatwell, I have a 17* system that upgradede fine (its a test box), just spun a 16.04 LTS and testing it now14:58
Ussatmason, ya ya I know...14:58
masonIf you upgrade today, yeah, no problem. They issued errata an hour or two after my wife updated and found herself staring at a blank screen.14:58
UssatOK, kinda figured they would, just testing it out on my test boxes before I go to schedule prod14:59
masonSounds like the safest thing to do, yar.15:00
UssatNow if you and RHEL could scyn your patch releases :)15:01
masonYou and RHEL? :P15:02
UssatYes, I have both RHEL and Ubuntu systems in prod15:02
masonNo, understood - just saying, you and RHEL. Thought you were talking to me. :P15:03
Ussatheh , fair buff15:03
UssatI meant generic you15:03
masonThe embargo should have led to synchronization, but it was all a fustercluck.15:03
masonXen releases fixes early, paper comes out early with details, and suddenly the embargo is off.15:04
masonSome smaller projects still haven't released patches.15:04
masonSlackware, the BSDs are all still lagging as far as I understand it.15:04
masonAh, I spoke too soon. DragonflyBSD has errata out now.15:05
UssatHell, Vmware snuck fixes in about 2 weeks ago15:06
masonAh, didn't realize.15:06
masonAs for me, I want to move my infrastructure over to Raspberry Pis after this.15:07
UssatYea...and the best part, what else is comming now that this vector is public15:08
masonI'm having meetings with customers talking about information hygiene, data classification on multitenant systems, etc.15:09
masonThere's some good, traditional best practise that can help a bit.15:09
UssatI bet, I am in healthcare, so HIPPA etc....fun stuff15:09
masonYou're probably already doing everything we're recommending.15:10
UssatOh ya....all sorts fun15:11
mtlI just got an intel-microcode update, do I need to restart my server again?20:18
Odd_Blokemtl: AIUI, it won't really have much impact until the next kernel drops.20:21
TJ-mtl: you can load it using "echo 1 > /sys/devices/system/cpu/microcode/reload" rather than reboot21:00
masonAnd check dmesg to see that it did its thing.21:40
masonmtl: At the least, update-initramfs so it loads on reboots21:40
boxrickHello! I have a server which has been updated with the meltdown patch. I need to remove this and prevent the install in the future, any hints on how to remove this?22:31
Odd_Blokeboxrick: Why do you need to remove it?22:32
Odd_Bloke(You really, really don't want to run a machine without this patch. :)22:32
boxrickThis is an offline server, where performance is critical and the security is rather irrelevent22:33
Odd_Blokeboxrick: If it's offline, how did you upgrade the kernel? ;)22:34
boxrickI use it for number crunching, and keep it with an airgap and only use my mirror for updates when I need something specific.22:34
Odd_BlokeHah, quick answer. :p22:34
boxrickI was typing that as you asked :)22:34
naccboxrick: it seems like you would need to not run -updates/-security, or pin your linux-generic (or wahtever) package22:36
naccboxrick: as I assume these patches will now exist forever forward22:36
naccboxrick: isn't it easier to just pass nopti?22:36
boxrickYea good point22:36
boxrickCheers, will just update grub.22:38

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!