↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |
Who | What | When | |
---|---|---|---|
*** | fink has quit IRC (Quit: fink) | [00:32] | |
....... (idle for 34mn) | |||
amdprophet|sleep has quit IRC (Quit: amdprophet|sleep) | [01:06] | ||
.... (idle for 17mn) | |||
schmir has joined #arpnetworks
schmir has quit IRC (Remote host closed the connection) | [01:23] | ||
.... (idle for 19mn) | |||
fink has joined #arpnetworks | [01:43] | ||
fink has quit IRC (Ping timeout: 252 seconds) | [01:48] | ||
....... (idle for 32mn) | |||
schmir has joined #arpnetworks | [02:20] | ||
.......... (idle for 45mn) | |||
nerdd_ has joined #arpnetworks | [03:05] | ||
nerdd has quit IRC (Ping timeout: 264 seconds) | [03:10] | ||
.............. (idle for 1h5mn) | |||
ziyourenxiang has joined #arpnetworks | [04:15] | ||
LT has joined #arpnetworks | [04:27] | ||
.... (idle for 15mn) | |||
infrared has quit IRC (Ping timeout: 276 seconds)
infrared has joined #arpnetworks | [04:42] | ||
cedwards | up_the_irons: ping re: second vps serial console access. | [04:59] | |
.... (idle for 15mn) | |||
*** | heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer | [05:14] | |
............. (idle for 1h2mn) | |||
vtoms has joined #arpnetworks | [06:16] | ||
.... (idle for 17mn) | |||
nesta- has joined #arpnetworks | [06:33] | ||
.... (idle for 19mn) | |||
heavysixer has quit IRC (Quit: heavysixer) | [06:52] | ||
...... (idle for 25mn) | |||
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer | [07:17] | ||
.......... (idle for 46mn) | |||
fink has joined #arpnetworks | [08:03] | ||
....... (idle for 34mn) | |||
mick_laptop has quit IRC (*.net *.split)
coil has quit IRC (*.net *.split) cedwards has quit IRC (*.net *.split) mick_laptop has joined #arpnetworks coil has joined #arpnetworks cedwards has joined #arpnetworks | [08:37] | ||
fink has quit IRC (Quit: fink)
infrared has quit IRC (Read error: Operation timed out) | [08:44] | ||
infrared has joined #arpnetworks
schmir has quit IRC (Remote host closed the connection) | [08:53] | ||
cedwards | good morning everybody. | [09:00] | |
nesta- | heya cedwards :) | [09:02] | |
*** | nesta- is now known as aem
fink has joined #arpnetworks | [09:02] | |
.... (idle for 15mn) | |||
LT has quit IRC (Quit: Leaving) | [09:18] | ||
ziyourenxiang has quit IRC (Quit: ziyourenxiang) | [09:23] | ||
cedwards | question for the BSD folk. how large do you normally make / when you partition? | [09:32] | |
RandalSchwartz | cedwards - using zfs, so it doesn't matter. :) | [09:33] | |
cedwards | I've yet to dabble in the magic that is zfs :( | [09:33] | |
aem | cedwards: about a 1gb but it does not even need that | [09:33] | |
cedwards | perhaps now is a good time to learn
aem: I just reinstalled my second VPS and did 512M, which is my normal default, but it hit 100% on / when I tried rebuilding world. I have /tmp, /var, /usr, and / (1G, 2G, remaining and 512M respectively) | [09:33] | |
aem | yes I had this same issue cedwards | [09:35] | |
cedwards | aem: figure out why? | [09:35] | |
aem | trying to recall heh
but I do remember I reformatted and made my root 1gb and was fine :) | [09:35] | |
cedwards | hmm. hate to lose a morning of work, but I guess that might be worth it. | [09:36] | |
fink | cedwards: i agree with randall, use zfs
less hassle | [09:44] | |
cedwards | I suppose I need to break out the handbook and do some reading them.
s/them/then/ | [09:44] | |
RandalSchwartz | many here have gone on the path ahead of you, and set up signposts. :) | [09:45] | |
fink | cedwards: randall gave me this link: http://wiki.freebsd.org/RootOnZFS/GPTZFSBoot
i'm using it on the 768 slice i mean vps ;) | [09:46] | |
cedwards | old slicehost customer? :) | [09:46] | |
fink | yup | [09:47] | |
cedwards | I was, once upon a time as well. Went to Linode, and then here. | [09:48] | |
fink | fink likes it here | [09:48] | |
cedwards | ok, following those zfs instructions, which option should I select at fixit?
cdrom, usb, floppy, shell | [09:52] | |
RandalSchwartz | cdrom I think
whatever gets you to a shell :) but not the holoshell I think it's "6" then '1" been a whiel
and know that the network interface is "em0", not "re0" and you can't use DHCP, so you have to put your real info there when you get down to step 2.5 I think the rest was just as written | [09:53] | |
cedwards | I'm still stuck on the first gpart command(s)
file exists on create. file busy on destroy. | [09:55] | |
RandalSchwartz | you might have booted wrongly then
ad0 should be free | [09:56] | |
cedwards | i boot from CD. Select fixit, and cdrom.. | [09:57] | |
RandalSchwartz | try df or mount. see what's mounted
make sure ad0 isn't mounted | [09:57] | |
cedwards | just md0 and acd0 | [09:57] | |
RandalSchwartz | ahh. might need to destroy the existing label | [09:58] | |
cedwards | how do i do that? | [09:58] | |
RandalSchwartz | dd if=/dev/random of=/dev/ad0 bs=1m count=1 | [09:58] | |
cedwards | good 'ol dd | [09:58] | |
RandalSchwartz | then you should be able to do the create
gpart was trying to prevent you from hurting yourself | [09:58] | |
cedwards | yup | [09:59] | |
RandalSchwartz | but you... uh... know better. :) | [09:59] | |
cedwards | riggght. | [10:00] | |
*** | j3m has joined #arpnetworks | [10:05] | |
cedwards | what can I prune from 2.2 if I normall just install minimal?
just use base? trying base + lib32 | [10:09] | |
.......... (idle for 48mn) | |||
ok. machine is finally back up and ready to use.
going to have to get used to having so many entries in 'mount' and 'df' using zfs | [11:00] | ||
fink | cedwards: gpart destroy ad0
sorry, late to the party gpart delete -i 1 ad0 | [11:01] | |
cedwards | lol, yeah. we got a little destructive with dd instead :) | [11:03] | |
fink | i had that same problem following that guide | [11:04] | |
dxtr | Hrm, are there any security measures one can take for local users? | [11:04] | |
fink | did you do `zfs unmount -a` yet? | [11:04] | |
dxtr | I mean, so they don't get to root or get any sensitive information | [11:04] | |
fink | dxtr: no sudo | [11:04] | |
dxtr | And, yes, except for jailing them :P | [11:04] | |
cedwards | dxtr: plenty. | [11:04] | |
dxtr | fink: I'm only allowing sudo to myself | [11:04] | |
cedwards | make sure you have a good passwd | [11:05] | |
dxtr | I've actually disabled user passwords too (Except for myself so I can sudo)
Are there any directories and/or files I can change permissions on to make sure they don't get any sensitive information? | [11:05] | |
cedwards | remind me what you're running? BSD? | [11:06] | |
dxtr | FBSD :) | [11:06] | |
cedwards | check out login.conf for additional restrictions.
do you pan on having a lot of (untrusted) users on the machine? | [11:06] | |
dxtr | Not alot, no :P | [11:07] | |
cedwards | I'd say consider what these users do/don't need. if its a simple chroot shell consider ssh chroot config or jails.
definitely check out login.conf, set a more private umask perhaps.. don't allow sudo, etc. | [11:09] | |
dxtr | I'll look into it :) | [11:10] | |
cedwards | does anyone know why bind9 comes as part of base FreeBSD? | [11:17] | |
mike-burns | As opposed to what? | [11:17] | |
cedwards | unless you're going to run / need a name server, why include it?
wouldn't it be enough to make sure resolution works via /etc/resolv.conf, and then install bind from ports as needed for name servers | [11:18] | |
mike-burns | Ah, I see. Nope, no idea. | [11:18] | |
cedwards | just comes to mind because I'm updating /usr/src and the only updates are for src/contrib/bind9/ | [11:19] | |
aem | hm, anyone here use their arp ipv6 with afraid.org for DNS ? | [11:30] | |
...................... (idle for 1h49mn) | |||
toddf | I use my arp IPv6 to serve dns, why use someone else? ;-) | [13:19] | |
aem | please tell me how
lol, I have been reading google links for 2 days I have an _idea_ but DNS is a slippery fish | [13:21] | |
right now I have a seperate dns server on a Debian machine, I am going to try to hget my ipv6 reversed with it
:) aem prays | [13:26] | ||
......... (idle for 41mn) | |||
*** | vtoms has quit IRC (Quit: Leaving.) | [14:07] | |
dxtr | aem: Piece of cake :) | [14:20] | |
aem | hehe
I am still struggling here | [14:21] | |
dxtr | I'm running nsd o/
Thanks to up_the_irons | [14:21] | |
aem | gave up on the Debian, I was completely off track there
nsd is name server daemon yeh? | [14:21] | |
cedwards | I've not done IPV6 with bind, but I can't imagine it would be that much different than IPV4.
AAAA vs A is all as far as I know.. | [14:25] | |
dxtr | cedwards: We're talking reverse here. But yeah, there's no huge difference there either | [14:27] | |
cedwards | of course I am assuming experience maintaining DNS, which not everyone has. | [14:28] | |
aem | yeah heh
i have precisely 0 gettign there though :P | [14:30] | |
......... (idle for 42mn) | |||
*** | fink has quit IRC (Quit: fink) | [15:12] | |
fink has joined #arpnetworks | [15:18] | ||
.......... (idle for 47mn) | |||
fink has quit IRC (Quit: fink) | [16:05] | ||
...... (idle for 29mn) | |||
dbgi has quit IRC (Ping timeout: 240 seconds)
dbgi has joined #arpnetworks dbgi has quit IRC (Changing host) dbgi has joined #arpnetworks | [16:34] | ||
........... (idle for 50mn) | |||
cedwards | anyone have any suggestions on how to auto-start/re-connect to a screen session on login? | [17:24] | |
infrared | screen -r
:P | [17:25] | |
aem | edyou mean like when you login ? | [17:26] | |
DaCa | -xRR | [17:26] | |
aem | cedwards: ^ | [17:26] | |
cedwards | I've seen some examples of: if [ $TERM != "screen" ]; then screen -dr; fi | [17:26] | |
aem | yeah | [17:26] | |
cedwards | I'm not getting it to work consistently though. thought ya'll might have some suggestions. | [17:27] | |
....... (idle for 32mn) | |||
just for documentation sake, I added 'screen -dRR' to .bash_profile and it seems to work as expected. | [17:59] | ||
....... (idle for 34mn) | |||
is it appropriate to run ntpd on these? I recall with xen that the time was only updated via the host. is that the same for kvm/qemu? | [18:33] | ||
aem | cedwards: fwiw, I run ntpd | [18:33] | |
cedwards | do you have a preference between ntpd and openntpd? | [18:34] | |
aem | I don't know enough about either to have one really
I juse used ntpd because it was in the Handbook I think | [18:35] | |
*** | heavysixer has quit IRC (Quit: heavysixer)
heavysixer has joined #arpnetworks ChanServ sets mode: +o heavysixer | [18:48] | |
........... (idle for 50mn) | |||
dbgi has quit IRC (Ping timeout: 276 seconds)
anders has joined #arpnetworks dbgi has joined #arpnetworks dbgi has quit IRC (Changing host) dbgi has joined #arpnetworks | [19:39] | ||
heavysixer has quit IRC (Quit: heavysixer) | [19:51] | ||
mike-burns | cedwards: I use this to shell into my box: ssh -t uesr@server screen -rd
(I've a shell alias locally, obv.) | [19:55] | |
cedwards | mike-burns: I do similar. i run jails at home for local services, one of which is an ssh bastion.
mike-burns: that requires 'ssh -t user@host1 ssh -t user@host2 "screen -dr"' but, that alias will fail if no screen is present on the other end. | [19:59] | |
mike-burns | Ah, I see.
In unrelated news, I just found this on the OpenBSD Journal blog thingie: http://devio.us/ | [20:02] | |
cedwards | yeah. I have an account with them. | [20:04] | |
mike-burns | What do you use it for? | [20:05] | |
cedwards | can't have too many random shell accounts when it comes to external testing and bypassing firewalls ;) | [20:05] | |
mike-burns | Ha true. | [20:05] | |
cedwards | I use distributed shell accounts to test dns propagation and firewall verification. | [20:05] | |
infrared | uh huh
where were you when dalnet was ddos'd? :P | [20:06] | |
cedwards | uhh, i don't know what you're talking about :) | [20:08] | |
infrared | hah | [20:08] | |
cedwards | infrared: I'm afraid to ask, but how's the dvorak coming? | [20:14] | |
infrared | :( | [20:15] | |
cedwards | anyone done zfs based jails? | [20:19] | |
........... (idle for 52mn) | |||
CESSMASTER | cedwards: you sloppy bastard it survived | [21:11] | |
*** | schmir has joined #arpnetworks | [21:16] | |
dbgi has quit IRC (Read error: Connection reset by peer) | [21:24] | ||
...... (idle for 25mn) | |||
anders has left | [21:49] |
↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |