#archlinux32 | Logs for 2018-04-17

[00:38:20] <eschwartz> autofsckk: do you or do you not have multilib enabled?
[02:03:34] <autofsckk> eschwartz: i dont have it enabled
[02:03:39] <autofsckk> should i do it?
[02:19:23] <tyzoid> autofsckk: lib32 is only for x86_64 systems
[02:36:08] <autofsckk> tyzoid: ok but why do i have it installed? or should i just uninstall them?
[02:39:18] <tyzoid> autofsckk: Can you paste your uname -a?
[02:40:13] <autofsckk> sure Linux lap 4.15.15-1.0-ARCH #1 SMP PREEMPT Fri Apr 6 15:10:59 CEST 2018 i686 GNU/Linux
[02:41:27] <tyzoid> Yeah, should be safe to remove. I don't know why they'd be installed in the first place
[02:41:51] <autofsckk> but it seems that they dont exist, i already tried to uninstall them
[02:43:49] <autofsckk> tyzoid: i tried to uninstall lin32-mesa and i get this error: no se ha encontrado el objetivo: lib32-mesa
[02:43:59] <autofsckk> it says thet lib32mesa wasnt found
[02:54:04] <autofsckk> this is the error im getting when i try to update aur packages https://bpaste.net
[06:13:59] <tyzoid> autofsckk: can you post a list of the packages you have installed?
[06:14:55] <tyzoid> `pacman -Q` will list that for you.
[06:18:28] <girls> my guess is, that some aur package you have installed dropped the i686 part and made all lib$xy to lib32$xy unconditionally
[06:21:14] <tyzoid> good morning
[06:21:21] <girls> Hi tyzoid
[06:21:34] <tyzoid> I didn't realize it was this late here :P
[06:21:40] <girls> lol
[06:25:24] <tyzoid> girls: That was my guess too
[06:30:56] -!- deep42thought has joined #archlinux32
[06:31:28] <tyzoid> lol
[06:31:33] <tyzoid> so
[06:31:36] <tyzoid> still trying to fix ipv6
[06:31:38] <girls> a) it took him quite a while
[06:31:48] <girls> b) I don't see it in my other connection
[06:32:02] <girls> c) I just _killed_ the thread watching the channel
[06:32:04] <girls> O.o
[06:32:06] <tyzoid> shows up for me
[06:32:16] * girls sees it, too
[06:32:32] <tyzoid> oh, I see
[06:32:45] <girls> looks like deep42thought is connected to a crappy irc server O.o
[06:33:13] <girls> ... romania
[06:33:28] <tyzoid> yup
[06:33:44] <tyzoid> that's why I configured the bouncer to connect to a server within 50km of the system :P
[06:34:01] <girls> how can one do this?
[06:34:56] <tyzoid> http://irc.netsplit.de
[06:34:59] <tyzoid> pick one close to you :P
[06:35:11] <tyzoid> I chose moon.freenode, as that's in atlanta (same city)
[06:35:50] <tyzoid> you can also look at your info block to see the hostname
[06:36:03] <deep42thought> but I don't see it
[06:36:05] <tyzoid> the alternative is to keep reconnecting until you get a good host
[06:36:12] <tyzoid> then configure that instead of irc.freenode
[06:36:15] <tyzoid> don't see what?
[06:37:18] <girls> the message
[06:37:36] <girls> the other account not only does not see the message, it also sends messages wayyyy to late
[06:37:58] <girls> e.g. I sent that 6:32:23
[06:38:09] <tyzoid> odd
[06:38:27] <girls> how do I find out the location of a server?
[06:38:28] <tyzoid> I noticed a 2-3s delay when I had this bouncer talking to the network node in paris
[06:38:30] <tyzoid> geoip
[06:40:59] <tyzoid> I'll run the list for you
[06:42:26] <deep42thought> that one is better :-)
[06:42:28] <deep42thought> Hi buildmaster
[06:42:53] <deep42thought> good night, tyzoid - I'm off for breakfast
[06:48:01] <tyzoid> deep42thought / girls: https://ptpb.pw
[06:48:05] <tyzoid> pick one close :P
[06:48:28] <tyzoid> I've left ips in both columns, so that the geoip results can be cross-matched with the dns results
[06:48:45] <tyzoid> I think I have them all correct, but if the IPs don't line up, that's an error.
[06:50:00] <tyzoid> also, good night :P
[08:21:51] -!- deep42thought has joined #archlinux32
[08:27:25] <deep42thought> thanks tyzoid
[09:11:30] <deep42thought> tyzoid: your pkgapi gives 404's again
[09:11:42] <deep42thought> https://pkgapi.arch32.tyzoid.com
[09:38:14] * buildmaster failed to execute a mysql query - can you have a look at "tmp.mysql-functions.query.stdin.2018-04-17T09:38:03.pjzeye"?.
[12:13:47] <tyzoid> deep42thought: Should be fixed
[12:20:19] <deep42thought> k, thx
[12:54:03] <abaumann> damn. it's implemented. :-)
[12:54:07] <deep42thought> :-D
[12:54:22] <deep42thought> I won't implement every suggestion, but most ;-)(
[12:55:19] <abaumann> https://packages.archlinux32.org
[12:55:35] <abaumann> just seen, there are duplicates in the dependencies which are really duplicates, I think.
[12:55:51] <abaumann> Rather "Required by"
[12:55:57] <deep42thought> different repos
[12:56:05] <deep42thought> but there is "build-list" as well
[12:56:12] * deep42thought thought, he filtered that already ...
[12:56:25] <abaumann> it's always a repo (extra, etc). and build-list.
[12:56:26] <abaumann> aha.
[12:56:43] <deep42thought> sometimes, it's also community/community-testing
[12:56:50] <deep42thought> "build-list" is handled like a repository
[12:59:42] <deep42thought> ah, I fixed it in "Versions Elsewhere"
[12:59:52] <deep42thought> there, we don't have links to the build-list, etc.
[13:05:12] <deep42thought> abaumann: is that ok now?
[13:22:26] <abaumann> yep: now its' transparent :-)
[13:23:29] <deep42thought> shit
[13:23:53] <deep42thought> I accidentally rsync'ed the buildmaster scripts into package.archlinux32.org's webdir
[13:24:04] <tyzoid> lol
[13:24:08] <tyzoid> git reset --hard HEAD
[13:24:14] <deep42thought> no, .git, too
[13:24:19] <tyzoid> git clone :P
[13:24:21] <deep42thought> I already checked that
[13:25:16] <tyzoid> git init && git remote add origin && git fetch?
[13:25:31] <tyzoid> I can fix it if you want
[13:25:47] <deep42thought> no, already on it
[13:25:55] <deep42thought> "git clone" refuses to clone into non-empty dir
[13:26:05] <deep42thought> so I cloned somewhere else and moved .git over
[13:26:17] <tyzoid> yeah
[13:26:36] <tyzoid> Anyway, heading off for work. Be back in ~1hr
[13:26:42] <deep42thought> cu
[13:29:19] <abaumann> cu
[14:38:38] <buildmaster> deepin-daemon is broken (says buildknecht2).
[15:07:31] * buildmaster failed to execute a mysql query - can you have a look at "tmp.mysql-functions.query.stdin.2018-04-17T15:07:29.BFrfd3"?.
[15:07:32] * buildmaster failed to execute a mysql query - can you have a look at "tmp.mysql-functions.query.stdin.2018-04-17T15:07:29.9htnjc"?.
[15:10:11] * buildmaster resumes sanity.
[15:10:31] <deep42thought> hmm, the buildmaster claimed to had a deadlock on those queries
[15:10:35] <tyzoid> that was a long hour :/
[15:10:50] <deep42thought> but he could straightforwardly run them, when I started them manually
[15:10:55] <deep42thought> tyzoid: bad traffic?
[15:11:08] <tyzoid> Got some snow flurries for 10 minutes that resulted in a whiteout
[15:11:18] <tyzoid> Caused 40min of extra traffic on a 40 min commute
[15:11:29] <tyzoid> helped one guy out of a ditch
[15:12:19] <tyzoid> Important bit is everyone was safe, so that's one positive :P
[15:12:49] <tyzoid> deep42thoguht: Were the tables locked by something?
[15:12:58] <tyzoid> deep42thought*
[15:13:02] <deep42thought> possibly, but he was trying it 10 times in a row
[15:13:13] <deep42thought> with a timeout of 1min each, I think
[15:13:17] <tyzoid> was this one with a creation of a temporary table?
[15:13:23] <deep42thought> nope
[15:13:27] <tyzoid> h,,
[15:13:29] <tyzoid> hmm*
[15:13:41] <deep42thought> these two tried to write something into the new ssh_log table
[15:13:58] <tyzoid> can you paste the query in question?
[15:14:13] <deep42thought> sure
[15:14:38] <deep42thought> https://ptpb.pw
[15:14:45] <deep42thought> these are the two queries
[15:15:18] <deep42thought> they look pretty straight-forward for me :-/
[15:15:27] <tyzoid> btw, on a timestamp query you can set the field default to CURRENT_TIMESTAMP
[15:15:33] <tyzoid> so you don't need to select it to insert
[15:15:41] <deep42thought> ah, nice
[15:15:42] <deep42thought> thanks
[15:17:13] * buildmaster failed to execute a mysql query - can you have a look at "tmp.mysql-functions.query.stdin.2018-04-17T15:17:11.PPIJX0"?.
[15:17:30] <deep42thought> similar query
[15:17:58] <tyzoid> Yeah, that was more of a good practice than a fix
[15:18:05] <deep42thought> yes
[15:18:11] <deep42thought> I know
[15:18:18] <tyzoid> does it work without the update?
[15:18:18] <deep42thought> I just wanted to comment on the new error
[15:18:32] <tyzoid> also, is there a place I can grab those query dumps?
[15:18:51] <deep42thought> no
[15:18:53] <deep42thought> :-/
[15:19:13] <deep42thought> i could put them to the webserver
[15:20:37] <tyzoid> Or you could just sync those over
[15:20:54] <tyzoid> (Assuming you didn't want to make them public)
[15:21:05] <deep42thought> we can make them public
[15:21:11] <deep42thought> I have no problem with that
[15:22:22] <deep42thought> let's see, how long it lasts
[15:25:47] * buildmaster failed to execute a mysql query - can you have a look at "tmp.mysql-functions.query.stdin.2018-04-17T15:25:45.P1Zczm"?.
[15:26:30] <deep42thought> https://ptpb.pw
[15:26:49] <deep42thought> great ...
[15:29:51] <deep42thought> tyzoid: are you also interested in stderr and stdout of the queries?
[15:31:53] <tyzoid> both are probably helpful
[15:35:16] <deep42thought> https://buildmaster.archlinux32.org
[15:35:17] <phrik> Title:Index of /mysql-queries/ (at buildmaster.archlinux32.org)
[15:35:19] <deep42thought> here you go
[15:36:25] <tyzoid> index of empty :P
[15:36:37] <deep42thought> well, nothing failed so far
[15:36:48] <tyzoid> I assume the files get removed on resolution?
[15:36:59] <deep42thought> rather: the resolution is to remove the files
[15:37:08] <tyzoid> ah
[16:42:14] <tyzoid> girls / deep42thought: Any reason to use a insert select for that query?
[16:42:28] <tyzoid> It doesn't seem necessary to me, if you've already got the ID of the build slave
[16:48:15] * buildmaster failed to execute a mysql query - can you have a look at "tmp.mysql-functions.query.stdin.2018-04-17T16:48:14.ItGKc2"?.
[16:49:39] <tyzoid> girls / deep42thought: Those files return 403s. Can you make sure that they're world-readable on creation?
[18:21:24] <abaumann> Hi buildmaster! :-)
[18:31:07] <tyzoid> Hi abaumann
[18:32:03] <abaumann> hi
[18:43:51] <tyzoid> abaumann: not sure if you've been following the progress on the infrastructure on my side
[18:44:11] <tyzoid> but the current plan is to re-image srv0 sometime tomorrow or thursday
[18:44:29] <tyzoid> Once that takes place, I'll be able to hook you up with a 486 vm on it.
[18:44:38] <tyzoid> so that'll probably be friday/saturday
[19:02:29] <tyzoid> deep42thought: I'm planning on switching up ipv6 handing during that transition, so ipv6 connectivity may drop/addresses change.
[19:29:41] <abaumann> tyzoid: ah. that's cool. full mirrored and a VM for me. :-)
[20:00:44] <tyzoid> Ok, downtime is scheduled. srv0 will be going offline from 5pm to 11:59pm ET (2100 - 0359 UTC) Wednesday night / Thursday morning. ipv6 connectivity will be impacted during this downtime on srv1 as well.
[20:01:04] <tyzoid> ipv4 on srv1 is not expected to be affected, and the srv1 services should remain online
[21:32:22] <Alina-malina> tyzoid, ah you mean its legit thing? i hope noone rootkit it in to my machine, how to expose rootkit in my machine? i never check that stuff on my box, so wondering how to see if my system is clean and no malicious stuff running on background?
[21:33:22] <tyzoid> Alina-malina: No, it's a virtual device that returns zeroes
[21:33:57] <tyzoid> you can verify by running this command: `head -c 100 /dev/zero | xxd`
[21:34:39] <Alina-malina> oh yes it gives bunch of zeros
[21:35:01] <tyzoid> It's useful for things such as erasing files bit-by-bit
[21:35:04] <Alina-malina> eh there are some things like that /dev and ttys that i dont understand what they meant for
[21:35:05] <tyzoid> or erasing entire hard drives
[21:35:12] <Alina-malina> oh its a function?
[21:35:18] <tyzoid> No, it's a virtual device
[21:35:39] <tyzoid> https://en.wikipedia.org has more info
[21:36:01] <tyzoid> That page should explain what most of the things in /dev are
[21:36:18] <tyzoid> but /dev usually refers to devices - both physical and virtual
[21:36:28] <Alina-malina> is it possible to run a malicious ssh reverse tunnel into my machine running one of those ttys? i am just worried i see many of them in my box
[21:36:54] <tyzoid> it's possible, but you'd need to set up the reverse tunnel / enable ssh on your ssytem
[21:36:56] <tyzoid> system*
[21:37:10] <Alina-malina> eh
[21:37:16] <tyzoid> and reverse tunnels are usually harmless
[21:37:25] <tyzoid> it's forward tunnels that can be a bit different
[21:37:25] <Alina-malina> well someone could set it up i guess
[21:39:16] <tyzoid> possible, but only if they had some way to access your machine
[21:39:36] <Alina-malina> so theoretically if they did, i could see it in netstat listening right?
[21:39:37] <tyzoid> you can check for unusual network traffic via netstat / iftop
[21:39:40] <tyzoid> yup
[21:40:33] <tyzoid> you can also use netstat to monitor long-standing ESTABLISHED connections
[21:40:46] <tyzoid> as that could indicate something on your machine setting up a listening agent on a pull tunnel
[21:41:02] <tyzoid> but it's rare, and few actually monitor that activity
[21:41:10] <tyzoid> more common to audit the process list via ps
[21:41:54] <Alina-malina> ok thank you tyzoid, let me monitor it, i know might not be anything there, but still need to be sure
[21:41:56] <Alina-malina> thanks
[21:42:13] <tyzoid> Np. It's all a learning experience, you'll figure out what you need to check for after a while.
[21:42:37] <tyzoid> And frankly, a lot of it comes from experience. First hand, second hand, or third hand
[21:43:04] <tyzoid> for ex. I once had a host that had a hacked wordpress install, and was spewing out massive http traffic in a botnet-like fashion
[21:43:20] <tyzoid> I fixed it, learned what to look for in the future, and haven't had the issue since
[22:38:07] -!- deep42thought has joined #archlinux32
[22:38:19] <tyzoid> wb
[22:38:23] <deep42thought> hi!
[22:38:34] <deep42thought> tyzoid: I think, I never extract the id of the buildmaster
[22:38:40] <deep42thought> s/buildmaster/buildslave/
[22:39:00] <tyzoid> I would do that in a separate step, since atomacy isn't an issue with that
[22:39:04] <tyzoid> it'll make the insert fast
[22:39:20] <tyzoid> that, and the ids don't change / can be cached
[22:39:54] <deep42thought> https://github.com
[22:39:59] <deep42thought> that's the current query
[22:40:29] <deep42thought> oh, I can spot a typo from over here :-/
[22:40:29] <tyzoid> might be useful to rewrite these as php scripts
[22:41:09] <deep42thought> hmmm
[22:41:33] <deep42thought> you want to do everything via php instead of ssh?
[22:41:44] <tyzoid> php-cli
[22:41:49] <tyzoid> you could do via http, if you want
[22:41:54] <tyzoid> but php-cli would easily integrate
[22:44:10] <deep42thought> btw: rewbycraft is experiencing serious nas issues and is replacing part of his setup
[22:44:19] <tyzoid> oh
[22:44:21] <tyzoid> ok
[22:44:22] <deep42thought> so it should be all get a lot more stable
[22:44:25] <tyzoid> nice
[22:51:33] <tyzoid> deep42thought: Do you have experience with iptables?
[22:51:42] <deep42thought> somewhat
[22:51:59] <deep42thought> nothing advanced, like port-knocking
[22:51:59] <tyzoid> ok, so you know how my host will soon be routing ipv6 properly
[22:52:05] <deep42thought> but basic routing and stuff
[22:52:18] <tyzoid> ipv4 is an on-link /29
[22:52:24] <tyzoid> and there's not much I can do about that
[22:52:35] <tyzoid> since any subnetting will make it pretty much unusable
[22:52:50] <tyzoid> so I'd like to forward ipv4 addresses across to the guests
[22:52:59] <tyzoid> but I don't want to put them on the internal network
[22:53:45] <tyzoid> I have a kind-of workaround, which is to allocate another address inside the 10.10/16 block for the server, then route all traffic on the ipv4 to it
[22:53:53] <tyzoid> but then it still follows nat ruels
[22:53:54] <tyzoid> rules*
[22:54:06] <tyzoid> I'd like for the server to bind to the actual ip
[22:54:11] <tyzoid> if that makes sense
[22:55:03] <deep42thought> what exactly does "on-link /29" mean - you get 8 ips on that interface?
[22:55:11] <tyzoid> 5.
[22:55:19] <tyzoid> 2 broadcast,1 router, and 5 usable
[22:55:33] <tyzoid> but essentially yes, given ARP
[22:55:46] <tyzoid> and unlike ipv6, I have no qualms with binding those ip addresses manually
[22:55:55] <tyzoid> since it's not millions of addresses :P
[22:57:27] <deep42thought> why not bind to them and nat the traffic to local ips?
[22:57:48] <deep42thought> or maybe you can even skip the binding if the traffic arrives at your interface anyway
[22:58:17] <tyzoid> the traffic doesn't arrive at the interface directly, since ARP
[22:58:23] <tyzoid> so I do have to bind them at the host
[23:01:03] <tyzoid> but I wanted to be able to assign those IPs to select machines
[23:01:14] <tyzoid> without exposing the vms to the link itself
[23:01:29] <tyzoid> so somehow bind and forward the ip traffic, but without doing nat
[23:01:33] <deep42thought> ok, I think, I understand the problem
[23:03:00] <deep42thought> as far as I had contact with iptables, it required non-overlapping ip ranges on all interfaces
[23:03:24] <deep42thought> so you can't have local interfaces with the same ip as your external interface
[23:03:39] <tyzoid> well it's on a different adapter in a different system, though
[23:03:46] <tyzoid> since it's a virtual system
[23:03:59] <deep42thought> you could nat twice
[23:04:21] <tyzoid> That's what I tried, but it doesn't seem to be rewriting the ip the second time
[23:04:44] <deep42thought> you tried the second nat inside the vm?
[23:04:59] <deep42thought> or do you have another layer of routing?
[23:05:38] <tyzoid> nat in the vm
[23:05:47] <deep42thought> ok
[23:06:04] <deep42thought> this will not be in prerouting, postrouting and forward but in input and output IIRC
[23:08:52] <tyzoid> deep42thought: I set you up with the testing vm on srv1 -p 2210
[23:09:01] <tyzoid> that's the one that has the ip forwarded
[23:09:34] <tyzoid> I have a preroute DNAT rule on the local box
[23:09:47] <tyzoid> and the iptables rule counts traffic going through it
[23:09:51] <tyzoid> but tcpdump isn't seeing it
[23:10:31] <tyzoid> the forwarded ip is, btw
[23:11:39] <tyzoid> the setup is that eth1 and eth0 are two connections to the same virtual network
[23:11:56] <tyzoid> the only thing routed over that network is
[23:12:08] <tyzoid> so I just assigned to it as a convenient interface
[23:12:31] <tyzoid> hoping that I could rewrite the traffic through to it on the device itself
[23:12:41] <tyzoid> I tried assigning the address to lo, but that didn't work either
[23:14:56] <deep42thought> can't you assign that address to eth0, too?
[23:15:04] <tyzoid> I tried that too
[23:15:06] <deep42thought> but this won't solve the issue, I think
[23:15:12] <tyzoid> it didn't seem to make a difference, though
[23:15:12] <tyzoid> yeah
[23:16:33] <tyzoid> that doesn't look good...
[23:16:55] <deep42thought> I guess, rewbycraft is fiddling with his supervisor/nas/...
[23:17:19] <tyzoid> good thing for https://packages.archlinux32.org ?
[23:17:25] <tyzoid> :P
[23:19:13] <deep42thought> I'm sry, I can't really help you with your iptables problem
[23:19:18] <tyzoid> that's fine
[23:19:19] <deep42thought> I think, I had a similar issue once
[23:19:28] <tyzoid> was more curious if you knew off-hand
[23:19:35] <deep42thought> I wanted to change only the port
[23:19:45] <tyzoid> ?
[23:19:49] <deep42thought> and I ended up simply opening a different one
[23:20:12] <deep42thought> my router's ssh daemon runs on a non-standard port
[23:20:23] <deep42thought> but on the internal network it is 22, of course
[23:20:40] <tyzoid> ah, I see
[23:20:52] <deep42thought> so I tried to forward it somehow from the external obscure port to the internal ip:22 or something like that
[23:20:53] <tyzoid> changing the port seems easier
[23:21:00] <tyzoid> there's docs on how to do that
[23:21:06] <deep42thought> but in the end, I simply made sshd listen on the external obscure port
[23:21:33] <deep42thought> yes, but I still wanted to block incoming traffic on that port from the wire
[23:21:38] <deep42thought> but not the one I rewrote
[23:21:43] <deep42thought> so I also changed the ip
[23:21:58] <deep42thought> and I guess, that part did not work - as it does not work for you currently
[23:23:09] <tyzoid> Ok. I'll work on this some more.
[23:23:29] <tyzoid> I'm heading home. G'night, since you'll probably be gone by the time I get back on
