toddf: interesting question
if the user is removed it gets removed from the /etc/group file wherever it is found
removed via userdel(8)
I have looked at the code, no way to remove a usser from a single group in that code, its a one pass extermination from /etc/group as the only removal code in sight ***: toddf has quit IRC (pratchett.freenode.net irc.freenode.net)
nuke has quit IRC (pratchett.freenode.net irc.freenode.net)
nuke has joined #arpnetworks
nuke has quit IRC (Killed by douglas.freenode.net (Nick collision))
toddf has joined #arpnetworks
nuke has joined #arpnetworks
toddf has quit IRC (Remote closed the connection)
nuke^ has joined #arpnetworks
toddf has joined #arpnetworks
nuke has quit IRC (Connection reset by peer)
nuke^ is now known as nuke
jester1 has quit IRC (pratchett.freenode.net irc.freenode.net)
jester1 has joined #arpnetworks
Mrdbgi has joined #arpnetworks
heavysixer has joined #arpnetworks Mrdbgi: morning ***: vtoms has joined #arpnetworks
vtoms has quit IRC (Remote closed the connection)
vtoms has joined #arpnetworks
baklava has joined #arpnetworks
visinin has joined #arpnetworks
vtoms has left up_the_irons: Mrdbgi: mornin
toddf: i think I had that issue with OpenBSD a long time ago, it boggled me. so there is no way to script removal of a user from a group besides trying to mangle /etc/group? that seems frustrating toddf: as the utilities exist today, no.
how often do you need to remove users from groups? ;-)
vs remove them outright? up_the_irons: i needed it yesterday
reconfiguring some things toddf: I've asked the appropriate people
but I'm realizing why I never ran into this before
I've always munged directly with /etc/group via vi before .. then I found the user*(8) tools and found those eaiser for scripting adds, mods (to add users to new groups) and removing users entirely
it is a rare day when I need to remove a single user from a single group up_the_irons: that's nuts ;) When I de-privilege users, I remove them from certain groups. I like do it all the time; i'm really surprised no one in the OpenBSD community works this way ;) mike-burns: You can, of course, script editing a file.
But I agree. toddf: hmm, seems 'usermod -G group user' should exclude the user from all other groups but 'group' but instead it adds the user to that group only
bugfix may be forthcoming ;-) up_the_irons: toddf: yup, it just keeps adding groups, no way to remove toddf: meaning this may change the behavior, that usermod -G .. user must explicitly list each group they should still be a member of up_the_irons: toddf: when i read the man page, that's what I *thought* would happen; should probably be fixed
anyone know what the FreeBSD behavior is? mike-burns: FreeBSD takes an explict list. toddf: good to know! ***: Nat_RH has quit IRC (Remote closed the connection)
Nat_RH has joined #arpnetworks
cablehead has quit IRC (Read error: 110 (Connection timed out))
cablehead has joined #arpnetworks dbgi: hi ***: samferry has quit IRC (Remote closed the connection)
Nat_UB_ has joined #arpnetworks
favor has joined #arpnetworks
favor has left "Leaving"
samferry has joined #arpnetworks
heavysixer has quit IRC () dj_goku: toddf: From a netbsd.se wiki not sure if its apart of netbsd.org, but it stated: Also, the -G option does not remove the user from any groups. Edit /etc/group if you need to remove a user from a secondary group.
It is kind of weird there is no way to do this though. -: up_the_irons boggles up_the_irons: so NetBSD has no way of doing it either... huh?
that just blows my mind
anyway, time to go home... dj_goku: up_the_irons: that is what it looks like. toddf: openbsd is based on netbsd code, freebsd apparently is a different codebase for this dj_goku: toddf: is a openbsd dev :D ***: heavysixer has joined #arpnetworks
mhoran has quit IRC (Read error: 60 (Operation timed out))
mike-burns has quit IRC (Read error: 60 (Operation timed out))
nuke` has quit IRC (Read error: 60 (Operation timed out)) obsidieth: jeepers. ***: mike-burns has joined #arpnetworks
mhoran has joined #arpnetworks
heavysixer has quit IRC ()
nukeAFK has joined #arpnetworks toddf: creepers ***: bobbyw has joined #arpnetworks bobbyw: how long does it take to get an instance up after signing up? dj_goku: bobbyw: 3-4 for me I think. bobbyw: 3-4 minutes? hours? jeev: bobbyw, usually by next morning if its a business day obsidieth: it depends on when up_the_irons is around jeev: i think he does everything at night
you came here a month back eh ? bobbyw: yeah jeev: hehe bobbyw: I said I was going to come here in a month maybe?
haha
here I am jeev: you signed up already ? bobbyw: kinda weird though that it is manual authorize, slicehost and linode were instant
yeah jeev: if you did, you should have it set up probably by morning
bobbyw, yea.. i think he's tight with fraud and stuff
likes to do stuff manually
i'd do the same bobbyw: ugh
annoying dj_goku: hours sorry* jeev: yea i know hehe
but it's worth it
i haven't had any issues bobbyw: cool dj_goku: hehe only one issue for me, after recompile kernel :D jeev: you recompiled?
what are you running dj_goku: jeev: well for reliablity patches, openbsd jeev: ahh bobbyw: yeah so what's up with kernel patches on here? jeev: i run freebsd
haven't rebuilt the kernel bobbyw: yeah jeev: dj_goku, what was your problem bobbyw: I chose freebsd
long time linux user
just switched dj_goku: I never liked compiling my linux kernel, I don't know what the hell is in my computer for sound chipset and .... but yeah :) bobbyw: been playing in vmware with freebsd, enjoying it jeev: yea i switched years back but i still love slackware. bobbyw: slack? dj_goku: jeev: boot never finished. bobbyw: why? jeev: that's what i grew up on
perfect, vanilla kernel dj_goku: jeev: let me find the error jeev: sexy
no lame users
you either know what you're doing or you use something else. bobbyw: not doubting it
I liked arch quite a bit jeev: dunno dj_goku: jeev: http://scie.nti.st/2009/10/4/running-openbsd-4-5-in-kvm-on-ubuntu-linux-9-04 jeev: dj_goku, that wasn't an arp issue though ;) dj_goku: jeev: true, but a issue :D jeev: heh dj_goku: s/a/an/ bobbyw: what is the host os? freebsd? dj_goku: uh, I want to say ubuntu bobbyw: not of the article
on arp dj_goku: bobbyw: iirc up_the_irons wrote what I just posted. jeev: yea it's ubuntu bobbyw: wtf? really? obsidieth: that seems counter insuitive doesnt it.
s/t jeev: i call it ubunti bobbyw: yeah, talk about a bloated POS obsidieth: but i couldnt be happier, for the record. dj_goku: obsidieth: its probably dead simple to get up and running so. bobbyw: well yeah for rookies... but this is a vps host.... obsidieth: theres nothing wrong with ubuntu. bobbyw: just heard a lot from upstream dev guys about ubuntu devs
I guess I should just shut up and wait and see what it's like
:) dj_goku: :D bobbyw: we run ubuntu servers at my current place of work obsidieth: personally, in a server environment i would choose debian dj_goku: bobbyw: you could always start your own company and compete with arpnetworks :) obsidieth: but the differences are just eh. bobbyw: dj_goku: lol, hosting is boring to me
;) dj_goku: but arpnetworks is ran by a rookie OS though... :)
s/ran by/run on/ bobbyw: we'll see -: dj_goku has only has his VPS from arpnetworks for a couple weeks. obsidieth: at this point, it should be noted that all distributions of linux are fundamentally the same bobbyw: yep obsidieth: just becuase its user friendly doesnt make it any worse at serving. bobbyw: yeah, I mean I guess *I* don't have to deal with it so what the fuck do I care up_the_irons: bobbyw: your VPS is coming up; got the order, thanks :) there is no automatic provisioning; guys like linode and slicehost have a few years extra to develop their stuff, i'm still in the manual setup phase. but i offer more choice, more resources, more affordable and rock solid reliability :) bobbyw: up_the_irons: cool man, I'll put my stock in you for a while up_the_irons: and to all you Ubuntu haters, find me an base OS that will run *BSD VMs better than Ubuntu and I'll switch ;)
Ubuntu is ahead of Debian in the VM marketplace, esp. with para-virt jeev: up_the_irons, slackware up_the_irons: When I ran Xen, it was on Debian
Debian, on a VM, however, runs like a bat out of hell. VERY fast bobbyw: I have run xen on centos, arch, and ubuntu up_the_irons: i've heard good things about arch bobbyw: I really like arch visinin: arch is lovely bobbyw: rolling release is brilliant up_the_irons: time to cd $starbucks && hammer-out-orders() visinin: up_the_irons: which starbucks do you chill at? jeev: wonder why he ignored slackware up_the_irons: visinin: i just hit the drive thru at starbucks in City of San Fernando visinin: gotcha up_the_irons: i'm major of it in four square :D
brb bobbyw: wait, so he said my shit was up, but I didn't get an email.......
hah jeev: no
he said he'll hammer them out bobbyw: oh
shit
is this a one-man ops team?
powered by SBUX?
lol jeev: hehe bobbyw: any of you guys use chef for server provisioning? jeev: never heard of it bobbyw: oh
dude
it's sweet
basically a replacement for shell script server provisioning
or whatever manual job
automated recipe to build your stack
but custom
http://wiki.opscode.com/display/chef/Home jeev: eh
i do everything by hand bobbyw: gross
:p jeev: nope bobbyw: do you build packages from source too?
tell me you use something to manage them jeev: packages? bobbyw: oh
right
porst
ports*
that's cool jeev: if i use bsd, i'll use ports if i have to bobbyw: I like that too jeev: slackware, sbopkg or packages maybe
but i prefer everything by hand bobbyw: what about versions, like you go in and recompile? jeev: yep
if it's bsd, i might portupgradei t bobbyw: yeah
me too -: dj_goku uses packages then if I really need something not in package form I use ports. bobbyw: I like ports because it manages source meta data for you etc jeev: excusen moi of my process for the next 20 minutes rapes the server
i'm going to bench it up_the_irons: jeev: probably not a good time; VM provisioning puts a lot of disk I/O onto the system jeev: should i stop
i stopped
should i start it in like 3-4 hours ? up_the_irons: jeev: u can start in a couple hours jeev: ok up_the_irons: bobbyw: just sent ya the welcome packet bobbyw: up_the_irons: thanks up_the_irons: np obsidieth: welcome ping bobbyw: yeah that's it
I got the two emails up_the_irons: bobbyw: oh ok, i had a weird scrollback deja vu... ignore me bobbyw: up_the_irons: ha, it's cool, try to keep posting my email to the public channel to a minimum ;) ha up_the_irons: bobbyw: i've heard of chef actually; i am weary of new tools like that. would have to try it. i mean, like, does it *really* work on OpenBSD? (claims it does) also, it has some strange dependency i remember...
bobbyw: bah, sorry about that bobbyw: up_the_irons: ruby, rubygems, and the chef gem
up_the_irons: I notice you are somewhat partial to ruby, noticed the sinatra app, and using tender up_the_irons: bobbyw: what about the database? bobbyw: up_the_irons: couchdb up_the_irons: bobbyw: yeah, i used to code rails full time bobbyw: up_the_irons: that's what I do now, and I have always been sucked into doing ops stuff up_the_irons: see, couchdb is just a weird dependency for something like that
bobbyw: i've been doing ops for 10 years, but got sucked into rails ;)
i was developing some ebay software several years ago, and wanted a better way to make web apps; found rails bobbyw: up_the_irons: couchdb is a bit of a weird dep, I'll give you that, but it stores json, and that's what chef passes around to the nodes up_the_irons: have been pretty happy since
bobbyw: i c bobbyw: up_the_irons: I am pretty stoked about rails 3
up_the_irons: I am headed to rubyconf in nov
it's in SF up_the_irons: FINALLY a web coast location
*west
maybe i'll go
i was at the NC one in '07 bobbyw: tix sold out already
oh cool up_the_irons: was pretty fun
who needs tix ;) bobbyw: yeah, last year was orlando right? up_the_irons: yup, or-F'in-lando
i'll just show up to the hotel, then code in the lobby, like everyone else does at conferences bobbyw: up_the_irons: haha
up_the_irons: yeah that's about right, the only one that stands out to me that people do that a lot less is future ruby
in toronot
toronto* up_the_irons: i c
interesting bobbyw: really cool conf, anyway.. off topic up_the_irons: no such thing as off topic here
bobbyw: so what brings you to FreeBSD? bobbyw: up_the_irons: well, I have used linux extensively, and basically what it comes down to is I like the structure of development, they keep software up to date, stuff they put in the ports tree is extensively tested, the security team is great, and I just like the philosophy better, I could relate more up_the_irons: right on bobbyw: with the exception to the kernel itself linux seems to be scattered in so many different camps up_the_irons: yeah, you're spot on there
i feel there is little coherency
with such a large community and install base, there really can't be
people just don't agree across the board
on things bobbyw: right, everyone forks when they don't agree up_the_irons: that's why we have so many distros bobbyw: yep
lol
it seems like there are a handful of bsds around but that's cool, I like the way they do it, everything comes from upstream or is patched in upstream, the different flavors are for distinct purposes, but they keep everything cohesive up_the_irons: just noticed dragonfly bsd uses git, nice bobbyw: yeah'
git is sweet
svn is balls
so is csv up_the_irons: haha bobbyw: cvs* up_the_irons: "the different flavors are for distinct purposes" -- yeah, that's really true bobbyw: didn't dragonfly also introduce a different filesysteM? up_the_irons: i think so
or are trying to
to achieve their clustering goals bobbyw: right up_the_irons: and come on, who doesn't dig pf :)
i really like OpenBGPd, which I run on an OpenBSD box, for IPv6 routing
solid as all hell bobbyw: what is openbgpd? up_the_irons: bobbyw: open implementation of the BGP protocol bobbyw: cool up_the_irons: bobbyw: for dynamic routing bobbyw: googled it, sounds pretty cool
turn machines into routers etc up_the_irons: yeah, they also have OpenOSPFd, but I don't use OSPF for anything
we have 29 users in here, i think that is a record :D bobbyw: nice!
how do most people manage dns here? obsidieth: im usin named/bind and webmin.