●● IRC: #boycottnovell @ Techrights IRC Network: Friday, August 12, 2022 ●● ● Aug 12 [00:00] psydruid but in this respect it looks like the distributions employing software developers working on operating systems and application frameworks side with the OEMs or are themselves owned by OEMs [00:03] schestowitz-TR the OEMs are where the money is [00:03] schestowitz-TR server side also [00:09] *psydruid (~psydruid@jevhxkzmtrbww.irc) has left #boycottnovell [00:09] *psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #boycottnovell [00:22] psydruid someone wrote somewhere that sales may be 50% lower on the client side without Windows [00:23] psydruid server side it will be less of an issue as more capacity is naturally going to be needed over time [00:45] schestowitz lol [00:46] schestowitz some idiotic bored lawyer sent me a letter [00:46] schestowitz regarding some photo: [00:46] schestowitz " [00:46] schestowitz Hi, [00:46] schestowitz the post http://techrights.org/2021/12/13/credit-to-norway/ contains memes from a meme site, https://imgflip.com [00:46] schestowitz That's where I got it from. [00:46] -TechrightsBN/#boycottnovell-techrights.org | Only Norway Followed the Advice of EPO Workers and Consulted Relevant Ministries About Unlawful EPO Policies | Techrights [00:46] -TechrightsBN/#boycottnovell-Imgflip - Create and Share Awesome Images [00:46] schestowitz Which specific image are you talking about? [00:46] schestowitz I'll remove it as soon as you identify which one. [00:46] schestowitz " ● Aug 12 [01:01] schestowitz re: [01:01] schestowitz Cloudflare is slowing down Wordpress websites [01:01] schestowitz I don't think they need CloudFlare for this. It's proprietary, it increases risk of downtime, and it can slow things down, add complexity etc. Why use it in the first place? DDOS? [01:07] *psydruid (~psydruid@jevhxkzmtrbww.irc) has left #boycottnovell [01:07] *psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #boycottnovell ● Aug 12 [02:02] schestowitz-TR it is hardly possible anymore to find michael west article as almost all new posts there now are just AAP reprinted :/ [02:02] schestowitz-TR what's the point? If I wanted AAP, I'd subscribe to AAP. [02:11] *u-amarsh04 has quit (Quit: Konversation terminated!) [02:11] *u-amarsh04 has quit (Quit: Konversation terminated!) [02:18] *u-amarsh04 (~amarsh04@5tcc2vuaj9aks.irc) has joined #boycottnovell [02:18] *u-amarsh04 (~amarsh04@freenode-rmogvn.g0d7.dtdf.mc4289.IP) has joined #boycottnovell ● Aug 12 [03:29] *britney has quit (Ping timeout: 2m30s) ● Aug 12 [04:13] *britney (~britney@muarsy2vret2q.irc) has joined #boycottnovell [04:21] *u-amarsh04 has quit (Quit: Konversation terminated!) [04:21] *u-amarsh04 has quit (Quit: Konversation terminated!) [04:26] *u-amarsh04 (~amarsh04@freenode-rmogvn.g0d7.dtdf.mc4289.IP) has joined #boycottnovell [04:26] *u-amarsh04 (~amarsh04@5tcc2vuaj9aks.irc) has joined #boycottnovell [04:46] *britney has quit (Ping timeout: 2m30s) [04:48] *britney (~britney@muarsy2vret2q.irc) has joined #boycottnovell ● Aug 12 [05:59] *britney has quit (Ping timeout: 2m30s) ● Aug 12 [07:02] *psydruid (~psydruid@jevhxkzmtrbww.irc) has left #boycottnovell [07:02] *psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #boycottnovell [07:20] *Seaduck- has quit (Ping timeout: 2m30s) [07:20] *MinceR has quit (Ping timeout: 2m30s) [07:20] *psydruid has quit (Ping timeout: 2m30s) [07:20] *mjg59_ has quit (Ping timeout: 2m30s) [07:20] *XFaCE has quit (Ping timeout: 2m30s) [07:20] *libertybox_ has quit (Ping timeout: 2m30s) [07:20] *Seaduck- (~seaduck@ys9kag65kxsiu.irc) has joined #boycottnovell [07:20] *Despatche_ (~desp@u3xy9z2ifjzci.irc) has joined #boycottnovell [07:20] *libertybox has quit (Ping timeout: 2m30s) [07:33] *Disconnected (Connection reset by peer). [07:34] *Now talking on #boycottnovell [07:34] *Topic for #boycottnovell is: TechRights.org | Channel #boycottnovell for http://TechRights.org | Free Software Sentry watching and reporting maneuvers of those who oppose software freedom :: please also join channels #techrights and #boycottnovell-social [07:34] *Topic for #boycottnovell set by schestowitz!~roy@haii6za73zabc.irc at Tue Jun 1 20:22:10 2021 [07:34] *Techrights-sec (~quassel@x6gnqyt8r46u8.irc) has joined #boycottnovell [07:34] *Techrights-sec2 (~quassel@x6gnqyt8r46u8.irc) has joined #boycottnovell [07:34] *liberty_box_ (~liberty@x6gnqyt8r46u8.irc) has joined #boycottnovell [07:35] *schestowitz[TR2] (~schestowitz[TR]@x6gnqyt8r46u8.irc) has joined #boycottnovell [07:36] *spazz (~spazz@urifce6zxwtdi.irc) has joined #boycottnovell [07:36] *DaemonFC (~daemonfc@nwnqkpaj4kzjn.irc) has joined #boycottnovell [07:37] *Noisytoot (~noisytoot@tkbibjhmbkvb8.irc) has joined #boycottnovell [07:37] *XFaCE (~XFaCE@uzfeivw9fp6ba.irc) has joined #boycottnovell [07:37] *u-amarsh04 (~amarsh04@5tcc2vuaj9aks.irc) has joined #boycottnovell [07:38] *MinceR (~mincer@bringer.of.light) has joined #boycottnovell [07:38] *irc.techrights.org sets mode +a #boycottnovell MinceR [07:39] *chunky (~chunky@wa5c3nj9mkua2.irc) has joined #boycottnovell [07:40] *qa2 (~sid145515@frp6gv52kp9fi.irc) has joined #boycottnovell [07:40] *mjg59_ (~mjg59@ajm54sra9b86c.irc) has joined #boycottnovell ● Aug 12 [08:15] schestowitz-TR maybe some connections to the server dropped at your end [08:15] schestowitz-TR brief network issue [08:19] *psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #boycottnovell [08:38] Techrights-sec2 possible what time did it occur? [08:38] Techrights-sec2 TR was unavailable from here 619, 620, 634, and 635 [08:40] schestowitz-TR btw, I got stuck with ipfs cron job [08:40] schestowitz-TR what worked on debian does not seem to work for me on alpine [08:40] schestowitz-TR maybe you can help [08:40] schestowitz-TR the issue is, a job that works OK when run from the cli would not work as a cron job [08:40] schestowitz-TR it seems like the ipfs bits don't run [08:40] schestowitz-TR but I cannot find a way/place to see what output it gets when run as cron [08:40] Techrights-sec2 which account on tr-new? [08:40] schestowitz-TR so it's hard to rebug [08:40] schestowitz-TR *debug [08:51] *britney (~britney@muarsy2vret2q.irc) has joined #boycottnovell ● Aug 12 [09:02] Techrights-sec2 ok checking [09:03] schestowitz-TR i spent 1-2 hours in vain [09:03] schestowitz-TR and that's why it would yield empty output, unless run manually (weird as on the pi I had no such issues) [09:12] Techrights-sec2 there are two different sets of scripts, not in sync, in /home/xxxx and [09:12] Techrights-sec2 /home/xxxx/bin [09:12] Techrights-sec2 cron points to the one in the home directory not in bin [09:12] Techrights-sec2 changing that [09:12] Techrights-sec2 setting it to run at 08:09 for a test [09:12] Techrights-sec2 ok, the longer one is saved as a backup [09:12] Techrights-sec2 running at 08:10 now [09:12] Techrights-sec2 there was no $PATH set [09:13] schestowitz-TR the one in homedir is a reduced version [09:13] schestowitz-TR and should be the one run [09:13] schestowitz-TR it seems to reach the end, entering the second script (called from the first) [09:13] schestowitz-TR but the interactive ipfs add() command either does not run at al or fails at some level [09:13] schestowitz-TR afaik 'ipfs' is already in PATH [09:14] *britney has quit (Ping timeout: 2m30s) [09:19] Techrights-sec2 scp is not pointing to a key of any kind [09:19] Techrights-sec2 in bin/complete-index-split.sh [09:19] Techrights-sec2 scp is using id_ed25519 which is missing a passphrase, is not locked down on [09:19] Techrights-sec2 the server end, and allows full shell access :( [09:19] Techrights-sec2 scp should *not* be used in a script [09:19] Techrights-sec2 it should be refitted for sftp [09:19] Techrights-sec2 that's easy [09:20] schestowitz-TR the upload actually works OK [09:20] schestowitz-TR it's the process of adding ipfs sttuff to the files that fails [09:20] schestowitz-TR seemingly giving blank output from ipfs [09:20] schestowitz-TR the use of scp and this whole part is temporary hack as eventually, after migration, those files will move locally [09:20] schestowitz-TR but yes, bad practice [09:20] schestowitz-TR the script never worked fully (yet), unless run manually [09:23] Techrights-sec2 the problem is with "ipfs add" in bin/complete-index-split.sh [09:23] *britney (~britney@muarsy2vret2q.irc) has joined #boycottnovell [09:29] Techrights-sec2 I can look more later but the ipfs add seems to be the problem with the [09:29] Techrights-sec2 split.sh script [09:29] Techrights-sec2 I can look more later but the ipfs add seems to be the problem with the [09:29] Techrights-sec2 split.sh script [09:30] schestowitz-TR ipfs add is run twice in the wrapped script, update [09:30] schestowitz-TR *wrapper [09:30] schestowitz-TR it's hard to tell what goes on [09:30] schestowitz-TR the log files in alpine don't tell me [09:43] *DaemonFC has quit (Quit: Leaving) ● Aug 12 [11:14] *britney has quit (Ping timeout: 2m30s) [11:21] schestowitz-TR (going to be away to cycle in a bit; just checked the nightly pi backups, backups older than 2 days get purges now, it helps secure our "working files") [11:31] schestowitz-TR Record Lows for Number of Brits Who Decide to Take COVID-19 Vaccines https://schestowitz.com/Weblog/archives/2022/08/12/covid-19-low-end-of-the-market/ [11:31] -TechrightsBN/#boycottnovell-schestowitz.com Blog Archive Record Lows for Number of Brits Who Decide to Take COVID-19 Vaccines [11:49] *wallacer has quit (Ping timeout: 2m30s) [11:54] *wallacer (~quassel@6bsu33ajs4zs4.irc) has joined #boycottnovell ● Aug 12 [12:06] *britney (~britney@muarsy2vret2q.irc) has joined #boycottnovell [12:34] *chunky has quit (Ping timeout: 2m30s) [12:34] *britney has quit (Ping timeout: 2m30s) [12:49] *psydruid (~psydruid@jevhxkzmtrbww.irc) has left #boycottnovell [12:50] *chunky (~chunky@wa5c3nj9mkua2.irc) has joined #boycottnovell ● Aug 12 [13:36] Techrights-sec2 back [13:36] Techrights-sec2 2>&1 can redirect from stderr to stdout : [13:36] Techrights-sec2 """ [13:36] Techrights-sec2 sh: error setting limit: Invalid argument [13:36] Techrights-sec2 Error: open /home/xxxx/tr_text_version/irc-log-241120.txt: too many open files [13:36] Techrights-sec2 """ [13:36] schestowitz-TR aha, that's what I suspected was happening and tried making a workaround for [13:47] *psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #boycottnovell ● Aug 12 [14:01] schestowitz-TR seems like per issue [14:01] schestowitz-TR only root can change that [14:01] schestowitz-TR I am trying to no avil to find where to make such changes permanent [14:01] Techrights-sec2 I think it can be set per account. [14:04] Techrights-sec2 There should be a limits.conf or something similiar but the question is how [14:04] Techrights-sec2 Alpine handles the location of those settings. [14:06] schestowitz-TR yes, I have been find / | grep exactly that [14:06] schestowitz-TR but no idea how alpine handles this [14:07] schestowitz-TR but at least I know for sure this is the issue [14:07] schestowitz-TR when i run the comments manually i'm in a context where the limits are raised already [14:09] Techrights-sec2 What should the limit be, I am guessing it would go in [14:10] Techrights-sec2 /etc/sysctl.d/.....limits.conf [14:11] Techrights-sec2 yes [14:11] Techrights-sec2 but I don't know how large it should be [14:11] Techrights-sec2 so it sounds like a very badly designed program if it consumes resources [14:11] Techrights-sec2 indefinitely; system resources /are/ finite even if they are generous [14:11] schestowitz-TR I can see that now, have you changed that yet? [14:11] schestowitz-TR it keeps growing, I raised from 1k to 2k, 4k, latest was just 20k to be 'safe' [14:11] schestowitz-TR it can be made more efficient, but I can't be bothered tbh [14:11] schestowitz-TR as I nearly gave up on it last year [14:21] schestowitz-TR I see you're just tested it with cron [14:21] schestowitz-TR btw, the "master" copy of these scripts is on the pi and git [14:21] schestowitz-TR so feel free to 'massage' until they 'work' [14:21] schestowitz-TR the ipfs refresh cycle is just a few minutes once a day anyway [14:21] schestowitz-TR the debian.community site shows that planning for disaster is a case of "it matters when it's too late" [14:21] schestowitz-TR ipfs got 2 milestones this past week [14:30] Techrights-sec2 can I try rebooting that container? [14:30] Techrights-sec2 $ ulimit -Sn; ulimit -Hn [14:30] Techrights-sec2 2048 [14:30] Techrights-sec2 2048 [14:32] schestowitz-TR yes, I don't think we have public-sacing stuff on it yet [14:32] schestowitz-TR what we have is in /home [14:33] Techrights-sec2 ok [14:33] Techrights-sec2 I would hope not, it's way too soon for putting it into production [14:33] Techrights-sec2 ok that did not work, I am not sure where the file limits are set in Alpine [14:41] *britney (~britney@muarsy2vret2q.irc) has joined #boycottnovell [14:46] schestowitz-TR the way I did it before, I ran the comment as root before going to the ipfs account [14:46] schestowitz-TR we prob ccheck the same few pages [14:47] Techrights-sec2 yes root is a different class in regards to system resource limits [14:47] Techrights-sec2 that's ok to do once, for debugging, but should not be considered even a [14:47] Techrights-sec2 work-around [14:47] Techrights-sec2 still looking for info about Alpine specifically and how to raise the limits [14:47] Techrights-sec2 probably [14:48] Techrights-sec2 tried another file location for those settings, it did not change anything [14:48] Techrights-sec2 either [14:48] Techrights-sec2 still looking [14:50] schestowitz-TR kaniini is how I got the debian n_files limit set right [14:50] schestowitz-TR after someone in irc asked how to solved thgius [14:50] schestowitz-TR and then I too had that issue [14:50] schestowitz-TR used the same command [14:50] schestowitz-TR kaniini used to be a DD ● Aug 12 [15:03] Techrights-sec2 back when DD was actually a high achievment and meaningful [15:03] schestowitz-TR When the D was literal [15:03] schestowitz-TR You needed to be able to develop [15:03] schestowitz-TR not just gender-balance for optics [15:17] *rianne has quit (Quit: Konversation terminated!) [15:17] *rianne_ has quit (Quit: Konversation terminated!) [15:17] *rianne (~rianne@x6gnqyt8r46u8.irc) has joined #boycottnovell [15:17] *rianne (~rianne@freenode-kg8.cie.7132oi.IP) has joined #boycottnovell [15:23] *psydruid (~psydruid@jevhxkzmtrbww.irc) has left #boycottnovell [15:43] *psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #boycottnovell [15:55] Techrights-sec2 or have blue hair [15:55] Techrights-sec2 anyway Debian and derivatives handle ulimits quite differently than Alpine [15:55] Techrights-sec2 I've tried three ways to do the settings and none took [15:55] Techrights-sec2 so I have the location and/or syntax incorrect [15:55] Techrights-sec2 There is little info on the net about Alpine :/ [15:55] Techrights-sec2 ● Aug 12 [16:13] *britney has quit (Ping timeout: 2m30s) [16:30] *britney (~britney@muarsy2vret2q.irc) has joined #boycottnovell [16:38] schestowitz-TR back [16:38] schestowitz-TR didn't imagine it would be so complictaed for us [16:38] schestowitz-TR had I knows, I'd just run it manually every night [16:38] schestowitz-TR after the pi became weird a lot of the automation did not work [16:38] schestowitz-TR but assuming ipfs runs for years to come it's worth automating addition [16:38] Techrights-sec2 not complicated, just obscure [16:41] Techrights-sec2 yes the automation will be worth it [16:41] Techrights-sec2 can you check the sed modifications? they should run much faster than [16:41] Techrights-sec2 the old arrangement [16:43] schestowitz-TR the new one, if pushed to git, would need to be a separate file as it gutted out quite a few lines [16:43] schestowitz-TR that remain on the pi [16:43] schestowitz-TR so we'd have two very separate things [16:44] schestowitz-TR previously I removed some gemini and systemd stuff, then added the scp at the end [16:44] schestowitz-TR and that was it [16:44] schestowitz-TR at one point you pushed amendments to git (it's still there for that file) [16:44] schestowitz-TR but that caused it not to work correctly [16:44] schestowitz-TR that was about a year ago [16:45] Techrights-sec2 all the changes are still isolated on tr-new until tested [16:45] Techrights-sec2 scp needs to be phased out, it has been deprecated for a few years now [16:49] schestowitz-TR I don't oppose splitting those codebases into two given that the two ends not have different functions [16:49] schestowitz-TR notably, old is a fallback that does not update anything [16:49] schestowitz-TR at a later point I can make it PIN all the newers objects [16:49] schestowitz-TR I've still not automated the ipfs stuff in gemini [16:49] schestowitz-TR it's done manually, periodically [16:49] schestowitz-TR but right now the HTTP pages for IPFS are all blank [16:49] Techrights-sec2 ack [16:49] schestowitz-TR so the priority is to automate this and then build further on top of that [16:49] schestowitz-TR like, splitting those pages to years to make them smaller [16:58] schestowitz-TR lunkuke sick again [16:58] schestowitz-TR i have no solid scientific data on it (btw, I blogged today on covid) [16:58] schestowitz-TR but it seems to me that covid infectionbs lower activity of the immune system overall [16:58] schestowitz-TR and thus people who start getting infected are in for a vicious cycle [16:58] schestowitz-TR of long illnesses and a lot of downtime [16:58] schestowitz-TR re ipfs, no hurry tbh, it's not a critical service [16:58] schestowitz-TR but I am VERY happy that it's back in a good state and never times out, sometimes [16:59] schestowitz-TR returns objects very fast [16:59] schestowitz-TR lunduke is... strange [16:59] schestowitz-TR rerunning things from ages ago... for subs-only [16:59] schestowitz-TR stuff that isn't even relevant or correct anymore [16:59] schestowitz-TR living off his past "glory" ● Aug 12 [17:01] Techrights-sec2 ack [17:01] Techrights-sec2 as mentioned he went around the bend a while back, especially right before [17:01] Techrights-sec2 he got SARS-CoV-2 [17:01] Techrights-sec2 he's been really extra weird and extra irrelevant since then [17:03] schestowitz-TR speaking of weird, I got another mother lode on graveley [17:03] schestowitz-TR trickling that out slowly helps assured there's a dark cloud over github [17:03] schestowitz-TR tomorrow I can finish the other series [17:03] schestowitz-TR and next month epo+montenegro [17:03] schestowitz-TR news is very slow [17:03] schestowitz-TR very very very slow [17:03] schestowitz-TR one has to be creative to keep TR and TM "engaging" [17:03] Techrights-sec2 yes, it has been winding down further and much of the text posted in its place [17:03] Techrights-sec2 is marketing and press-release content [17:05] schestowitz-TR exactly [17:05] schestowitz-TR last night I assume you saw what I had typed on michale west [17:05] schestowitz-TR at first I thought, wow! he sure became active [17:05] schestowitz-TR the oposite happened [17:05] schestowitz-TR it dried up [17:05] schestowitz-TR so he started licensing another source [17:05] Techrights-sec2 yes [17:05] Techrights-sec2 many sites are taking a similar route, pulling in newsfeeds in place of local [17:05] Techrights-sec2 original content ● Aug 12 [18:00] Techrights-sec2 I see that "ii" is running. Can I disturb that? I'd like to try another test [18:01] schestowitz-TR sure [18:01] schestowitz-TR I was about to take a break from the PCs [18:01] schestowitz-TR it's humid [18:01] schestowitz-TR rianne made lots of lemonade, we got the lemons third price, took 4 packs [18:02] Techrights-sec2 thanks [18:02] Techrights-sec2 nope, that didn't work either. :/ [18:03] Techrights-sec2 thanks. I don;t want to disturb him, the answer may turn up somewhere [18:03] Techrights-sec2 I was looking at the wiki and there is mention of using a file and they [18:03] Techrights-sec2 made a point of giving examples of the format but seemed to take it for [18:03] Techrights-sec2 granted that the file name was known [18:03] Techrights-sec2 so the wiki does not mention which file to edit to adjust limits for [18:03] Techrights-sec2 various groups or accounts [18:04] schestowitz-TR I've aksed kaniini [18:04] schestowitz-TR strace-level debugging is one step away from backwar eng [18:05] schestowitz-TR there really ought to be more docs or better docs [18:05] schestowitz-TR I'm sure it is dobale [18:05] schestowitz-TR those numbers do come from somewhere [18:08] schestowitz-TR ii is how the sites/ipfs/gemini etc. communicate with us via irc [18:08] schestowitz-TR it's like the "bots" companies like to add to shit (spelled out "s-l-a-c-k") or discrock [18:08] schestowitz-TR at one point I want to automate stuff for new addition of nodes etc. [18:08] schestowitz-TR like a notification system and alerts via irc [18:08] schestowitz-TR not too hard, but takes work [18:08] Techrights-sec2 maybe the settings are done differently for LXC ? [18:08] Techrights-sec2 I've installed the package 'shadow' and added /etc/security/limits.conf and [18:08] Techrights-sec2 rebooted but the new limits do not show up for xxxx ● Aug 12 [19:11] *britney has quit (Ping timeout: 2m30s) [19:17] *britney (~britney@muarsy2vret2q.irc) has joined #boycottnovell [19:42] *DaemonFC (~daemonfc@2vr2py5ze6bgu.irc) has joined #boycottnovell ● Aug 12 [20:04] *psydruid (~psydruid@jevhxkzmtrbww.irc) has left #boycottnovell [20:04] *psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #boycottnovell [20:09] *psydruid (~psydruid@jevhxkzmtrbww.irc) has left #boycottnovell [20:10] *psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #boycottnovell [20:21] Techrights-sec2 got it! [20:21] Techrights-sec2 shadow linux-pam shadow-login were 'needed' though at the kind of terrible [20:21] Techrights-sec2 cost of inflicting PAM onto the system; I hope that there is another way so [20:21] Techrights-sec2 that those changes can be rolled back [20:21] Techrights-sec2 nope, that did not affect cron :( [20:21] Techrights-sec2 It does affect the interactive shell though, [20:21] Techrights-sec2 $ ulimit -Sn; ulimit -Hn [20:21] Techrights-sec2 8192 [20:21] Techrights-sec2 16384 [20:22] Techrights-sec2 it is runnning manually, so far so good [20:22] Techrights-sec2 it stops in complete-index-split.sh near the end [20:22] Techrights-sec2 here: [20:22] Techrights-sec2 + ipfs stats bw [20:22] Techrights-sec2 Error: this command must be run in online mode. Try running 'ipfs daemon' first [20:22] Techrights-sec2 I added a /etc/pam.d/cron file and restarted crond but that had no effect [20:22] Techrights-sec2 on the file limits [20:22] Techrights-sec2 afaik [20:28] schestowitz-TR back [20:28] schestowitz-TR ipfs is not running [20:28] schestowitz-TR did some settings or paths change? [20:28] schestowitz-TR /var/log/ipfs/ipfs.log says ~/.ipfs/config permission denied [20:28] Techrights-sec2 which system? I don't recall changing that but if the logs were rotated [20:28] Techrights-sec2 by logrotate without the correct settings the permissions can be wrong [20:28] Techrights-sec2 checking [20:29] schestowitz-TR thanks [20:29] schestowitz-TR that would explain the error you saw [20:30] schestowitz-TR service ipfs start fails due to permissions [20:30] schestowitz-TR maybe the pam addeds restrictions [20:31] Techrights-sec2 there are no settings for ipfs logs so they will get the default [20:31] Techrights-sec2 treatment, which will cause the incorrect permissions. [20:38] Techrights-sec2 touch /var/log/ipfs/ipfs.log that line needs to be changed [20:38] Techrights-sec2 in /etc/logrotate.d/ipfs [20:38] Techrights-sec2 does the daemon need a HUP to reload to restart the new log file? [20:38] Techrights-sec2 If so, that's were it goes. [20:38] Techrights-sec2 Please add the right setting there so that it does not break ;) [20:38] schestowitz-TR I've just read it twice and still not sure what to change [20:39] Techrights-sec2 We can roll back the PAM stuff, there were the packages mentioned above and [20:39] Techrights-sec2 a restart to do that [20:41] schestowitz-TR I've just read it twice and still not sure what to change [20:41] schestowitz-TR the pam stuff might be ok so long as we can get ipfs to run again [20:41] schestowitz-TR and [20:41] schestowitz-TR , if the pam thing, makes permanent changes to maax n of files, then the cron [20:41] schestowitz-TR job can be made to work too [20:54] Techrights-sec2 what is the full line, with all options, to start ipfs manually? [20:54] Techrights-sec2 I'm looking at the open-rc file and none of it seems valid, [20:54] Techrights-sec2 what is the full line, with all options, to start ipfs manually? [20:54] Techrights-sec2 checking [20:54] Techrights-sec2 what is the full command to start ipfs manually? [20:54] schestowitz-TR back [20:54] schestowitz-TR sorry, just tried to start it again [20:54] schestowitz-TR same error [20:55] Techrights-sec2 right, I see the failure in the log, but it would help a lot to know the [20:55] Techrights-sec2 actual command [20:55] Techrights-sec2 so as to try manually [20:55] Techrights-sec2 the user ipfs and the group ipfs have full read-write access to the necessary [20:55] Techrights-sec2 directories so the rc-service is using the wrong group perhaps? [20:55] Techrights-sec2 or else it is a PAM thing; ● Aug 12 [21:01] schestowitz-TR yes, [21:01] schestowitz-TR just service ipfs start/stop/status as root afaik [21:01] Techrights-sec2 shadow, linux-pam, and shadow-login are the recently added packages [21:01] Techrights-sec2 if things need to be rolled back [21:01] Techrights-sec2 do you have the actual command to run IPFS manually? [21:04] Techrights-sec2 that's the wrapper script :/ [21:04] Techrights-sec2 that provides virtually no logging [21:04] Techrights-sec2 ?? su -c '/usr/bin/ipfs daemon --enable-gc --migrate' -s /bin/sh ipfs [21:08] schestowitz-TR maybe i never ran it as root in the past [21:08] schestowitz-TR in fact it's likely I never did [21:08] schestowitz-TR I installed it [21:08] schestowitz-TR then ran it [21:09] schestowitz-TR from the user [21:09] Techrights-sec2 if it was run as root the it will likely leave a trail of unknown files [21:09] Techrights-sec2 scattered around with root:root permissions when they need to be ipfs:ipfs [21:09] Techrights-sec2 running it manually works: [21:09] Techrights-sec2 su -c '/usr/bin/ipfs daemon --enable-gc --migrate' -s /bin/sh ipfs [21:09] Techrights-sec2 but running it under open-rc does not: [21:09] Techrights-sec2 # rc-service ipfs start [21:10] Techrights-sec2 * Starting ipfs ... [21:10] Techrights-sec2 * start-stop-daemon: /usr/bin/ipfs died [21:10] Techrights-sec2 * Failed to start ipfs [ !! ] [21:10] Techrights-sec2 * ERROR: ipfs failed to start [21:10] Techrights-sec2 there must be some way to increase logging for open-rc [21:15] Techrights-sec2 /var/log/rc.log will hold the logs once openrc is restarted, but how to do that? [21:16] schestowitz-TR at least we see what it takes to resume ipfs after a restart [21:16] schestowitz-TR and maybe the pam will come in han dy later [21:17] schestowitz-TR if we cannot fix the cron job, I can at least run it manually overnight, for now.. [21:17] schestowitz-TR .I assume no additional restrtuctions on incoming rsync [21:18] Techrights-sec2 ok restart [21:18] Techrights-sec2 logging still not in effect :( [21:18] Techrights-sec2 sure, running it manually will be a work-around [21:18] schestowitz-TR on the pui I always run ipfs manually after reboots or other incidents [21:18] schestowitz-TR *pr [21:18] schestowitz-TR *pi [21:23] schestowitz-TR I can see you are tailing two logs [21:23] schestowitz-TR as I was about to check I can at least get ipfs going again [21:24] Techrights-sec2 481 root 0:00 su -c /usr/bin/ipfs daemon --enable-gc --migrate -s /bin/sh ipfs [21:24] Techrights-sec2 482 ipfs 0:15 /usr/bin/ipfs daemon --enable-gc --migrate [21:24] Techrights-sec2 It's running with nohup and redirecting to /home/ssssssss/ipfs.nohup [21:28] schestowitz-TR just tried running as cron [21:28] schestowitz-TR it uploaded the empty tables [21:28] Techrights-sec2 perhaps there is some interaction between PAM and openrc [21:29] schestowitz-TR running manually now [21:30] Techrights-sec2 now it's running twice, see above :) [21:42] Techrights-sec2 back and then afk again [21:42] Techrights-sec2 some things are glr:glr and some things are ipfs:ipfs one or the other [21:42] Techrights-sec2 account should be chosen. I have the feeling that you run ipfs manually as glr [21:42] Techrights-sec2 and that openrc runs it as ipfs and the group memberships are not right for that [21:42] Techrights-sec2 mixture. [21:42] *psydruid (~psydruid@jevhxkzmtrbww.irc) has left #boycottnovell [21:42] *psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #boycottnovell [21:42] schestowitz-TR I've just up[dated ipfs index in gemini [21:42] schestowitz-TR and made it easier to update ● Aug 12 [23:40] *psydruid (~psydruid@jevhxkzmtrbww.irc) has left #boycottnovell [23:40] *psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #boycottnovell [23:59] *psydruid (~psydruid@jevhxkzmtrbww.irc) has left #boycottnovell