[01:55] <Aztec03> Hey who runs this chan/who's got ops
[01:55] <Aztec03> I'm getting spam from shannarawn on join
[01:55] <Aztec03> not too keen on it
[01:55] <compdoc> damn bots
[01:56] <Aztec03> they advertising efnet, too
[01:56] <Aztec03> oh it's l0des minions... -_-
[02:25] <dpb1> go into #freenode and ask
[03:09] <lobubak> ГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  jmrus: techmagus ГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“
[03:09] <lobubak> в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  noezdwqxx: ubot9 в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„
[03:09] <lobubak> в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  jkwxwav: tec__ в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„
[03:09] <lobubak> в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  tbcqdno: ptx0 в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„
[03:09] <lobubak> в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  zjzjdoprv: lamont в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„
[03:09] <lobubak> в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  xarkgjil: beardfac1 в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„
[03:09] <lobubak> ГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  afrpawltu: inteus ГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГў
[03:09] <lobubak> в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  ccupf: micahg в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„
[03:09] <lobubak> в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  loxxokmp: Nebraskka в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„
[03:09] <lobubak> в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  tscioddb: ShellcatZero в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„
[03:09] <lobubak> в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  yvhbolqy: robher в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„
[03:09] <lobubak> в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  tymxq: bvi в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„
[03:09] <lobubak> в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  dxytlom: lionel в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„
[03:09] <lobubak> в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  aytbjlswz: alai в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„
[03:09] <lobubak> ГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  jqrdymc: Arkaniad ГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГў
[03:09] <lobubak> в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  swyrojf: shodan45 в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„
[03:09] <lobubak> ГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  qegdhejdnl: thib ГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“вЂћГўвЂ“
[03:09] <lobubak> в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  gepcsbw: Blueking в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„
[03:09] <lobubak> в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  nqrlyi: eldritch в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„
[03:09] <lobubak> в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  ogcsc: jlacroix в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„
[03:09] <lobubak> в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  uxkkkfcmlk: semiosis в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„
[03:09] <lobubak> в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  eoszozfv: ubuntulog в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„
[03:09] <lobubak> в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„ L0DE RADIO HOUR IS NOW LIVE!! https://www.youtube.com/watch?v=gz3e0LFXsIw TOPIC: COUNTDOWN TO WORLD WAR 3 CALL 315-505-4666  vsekghg: niedbalski в–„в–„в–„в–„в–„в–„в–„в–„в–„в–„
[09:16] <awef_> just been trying out 18.04 before release - I'm finding that even after installing python3-setuptools, easy_install3 command is missing.  Am I doing something silly?
[09:16] <awef_> just thought i'd check in here before i filed a bug
[09:18] <awef_> e.g.:
[09:18] <awef_> ~$ easy_install3  Command 'easy_install3' not found, but can be installed with:  sudo apt install python3-setuptools
[09:18] <awef_> $ sudo apt install python3-setuptools Reading package lists... Done Building dependency tree Reading state information... Done python3-setuptools is already the newest version (39.0.1-2).
[09:20] <awef_> oh interesting i just worked it out
[09:20] <awef_> in the changelog for the package:
[09:20] <awef_> Stop shipping the easy_install scripts.
[09:20] <awef_> guess there's some other things that are gonna need updating given they refer to it still
[12:43] <Sircle> Hi
[12:44] <Sircle> Is there a way to monitor which .php file or function is trying to make outbound connections to other web sites?
[12:49] <blackflow> Sircle: I don't know of a direct method, but you could block outbound connections at the firewall/apparmor/systemd service  level, and then see if anything is logged as error trying to establish a conn
[12:56] <Sircle> legit things might break?
[12:57] <Sircle> oh I got your piont now
[13:00] <blackflow> If you have a mixed  use case, might be wise to separate them into their own functional domains, eg. a fpm process where outbound connections are allowed, and fpm process(es) where it isn't. (I'm assuming you're using fpm). However, a compromised process that's allowed outbound connections could still do stuff. In that case, if you have a limited set of outbound connections to known destinations,
[13:00] <blackflow> some kind of reverse proxy or firewall rules would mitigate that.
[13:15] <Sircle> blackflow,  ok. I do not know whats fpm
[13:16] <Sircle> are you saying to isolate each website by some chroot kind of thing?
[13:18] <blackflow> fpm = php-fpm, the PHP fastcgi process manager
[13:18] <blackflow> chroot is filesystem access. I'm talking about containerization, either through things like lxd, docker, or using systemd's service-level containment features, or different apparmor profiles.
[13:19] <blackflow> but really that all depends on the actual use case. what exactly do you want to block or allow.
[13:24] <Sircle> black if I block outbount port 80, will it disturb my website inbound connections?
[13:25] <Sircle> blackflow,  whats the best way to isolate each website and monitor it?
[13:26] <Sircle> its also strange that there is no way to findout which function is doing what. I will try to block  outbound and see for any errors as you said.
[13:27] <blackflow> Sircle: not if you block outbound to port 80 with SYN flag on only. inbound won't be affected if you have a rule allowing established,connected before the outbound block.
[13:28] <blackflow> Sircle: also, should limit the blocking rule to UID of the PHP process, to allow eg. root normal network access
[13:29] <blackflow> Sircle: to find out what specific functions do, you could eg strace the php process, but that won't tell you which _PHP_ function did it, only the syscall. but with some analysis, might be possible to correlate activity.
[13:29] <blackflow> then again I don't know if PHP specifc tracers exist. probably do, part of profiling tools or something, but I don't have any experience with those
[13:31] <blackflow> Sircle: but eh, again, what's the exact use case. You want to block access to port 80, but what about other ports? 25 is most often abused.  Why not block everything?
[13:31] <blackflow> or in other words, whitelist rahter than blacklist.
[13:36] <blackflow> Sircle: "whats the best way to isolate each website and monitor it?"    We do it by running one fpm service per site, so each site is a systemd service with own containment, own cgroup, and potentially own apparmor profile though atm we're building a single apparmor profile for them all, because the differences are configurable with the "owner" keyword.
[13:36] <blackflow> alternatively, dockerize each site, but that's a bit more complicated. systemd containment + apparmor is nice, assuming you don't need to vary system packages between sites.
[13:38] <Sircle> hm brb
[13:54] <Sircle> just want each site cannot reach other sites via normal php functions to 'ls' or 'cd' etc
[13:55] <Sircle> also, whats the iptables command that relates to the first lines you wrote?
 Sircle: not if you block outbound to port 80 with SYN flag on only. inbound won't be affected if you have a rule allowing established,connected before the outbound block.
[13:55] <Sircle>  Sircle: also, should limit the blocking rule to UID of the PHP process, to allow eg. root normal network access
[13:55] <Sircle> <
[13:57] <blackflow> Sircle: I can't give you exact iptables rule because that depends on your entire setup. Look into -m owner  iptables module documentation in iptables-extensions(8) manpage.
[13:58] <blackflow> Also, you're asking about different things here. Having one site access other site's files via ls or cd has nothing to do with networking. That's filesystem access, most easily accomplished by running different sites as different users, and setting proper filesystem permissions on their files.
[14:01] <blackflow> For example, if you have /home/site1/   and /home/site2/    as homedirs for users of the same name, then configure two fpm pools, one per site, running under appropriate user, and set only owner+group access to homedirs. eg. chmod 750 /home/sites1. This will require you to have the webserver, eg. nginx, belong to those groups in order to access the static files in the homedirs.
[14:51] <Sircle> hm. I though apache was the sole owner