[06:01:13] <nileshc>	 Hey all, I'm logging into the wikidata-suggester instance through bastion1.pmtpa.wmflabs. My username is nilesh. After creating a new user hadoop, I'm trying to setup password-less authentication to localhost. I've done ssh-keygen and added the pub key to authorized_keys. I had to make a couple of changes to /etc/ssh/sshd_config like uncommenting AuthorizedKeysFile     %h/.ssh/authorized_keys. When I try to do ssh localhost, 
[06:01:31] <nileshc>	 If you are having access problems, please see: https://wikitech.wikimedia.org/wiki/Access#Accessing_public_and_private_instances Connection closed by 127.0.0.1
[06:09:16] <nileshc>	 Can anyone help me out with this? I can email you the verbose log for ssh if you need it.
[06:09:32] <Jasper_Deng>	 http://www.mediawiki.org/w/index.php?title=Extension:SwiftCloudFiles&oldid=602404&diff=cur
[06:09:37] <Jasper_Deng>	 (unrelated)
[11:27:13] <ebraminio>	 Isn't this tool http://toolserver.org/~jarry/templatecount transferred to labs yet?
[11:27:57] <ebraminio>	 jarry1250: are you owner of it? it is super useful tool
[11:39:12] <petan>	 AzaToth ping
[11:39:24] <petan>	 AzaToth how do I create a config file in /etc in .deb package
[11:39:34] <petan>	 AzaToth so that it never get deleted when you update it
[11:42:05] <AzaToth>	 petan: all files ending up in /etc per default is marked as config file, and is not deleted on removal
[11:42:22] <AzaToth>	 this offcourse depends on the fact you are making the deb packages the right™ way
[11:42:28] <petan>	 AzaToth why it doesn't work to me :(
[11:42:30] <AzaToth>	 i.e. not making them manually
[11:42:48] <petan>	 AzaToth can you point me to guide where is described how to do it right way?
[11:42:56] <petan>	 the official guides all seem to do it wrong way
[11:43:00] <AzaToth>	 I don't know what you mean with "never gets deleted when you update it"
[11:43:13] <petan>	 I have a package with config which ends in /etc/blabla
[11:43:22] <AzaToth>	 k
[11:43:23] <petan>	 when I change it and reinstall the package it get reseted
[11:43:32] <petan>	 I don't want that
[11:43:40] <AzaToth>	 oh I see
[11:43:51] <AzaToth>	 well, that's something else
[11:44:12] <petan>	 ok, how can I make dpkg not remove the config file and recreate it?
[11:44:37] <AzaToth>	 you might want to use ucf instead of installing them 
[11:44:47] <petan>	 what is it
[11:45:13] <AzaToth>	 man ucf
[11:46:02] <petan>	 ok is there some example package which use it
[11:46:16] <AzaToth>	 petan: but generally if you update the package, and you haven't made any changes in the config file, it's logical it updates the config file
[11:46:26] <AzaToth>	 otherwize it tries to merge the changes
[11:46:30] <petan>	 yes but I made changes and they got lost
[11:46:33] <AzaToth>	 that's the normal debian behavour
[11:46:43] <AzaToth>	 hmm
[11:46:49] <petan>	 no merge, just merciless overwrite
[11:47:07] <AzaToth>	 and you are not using any funky dpkg options?
[11:47:14] <AzaToth>	 like --force-conf-new
[11:47:15] <petan>	 I am using dpkg-deb --build
[11:47:22] <petan>	 nothing else
[11:49:23] <fale>	 I think that the ssh server is not perfectly configured, because the connection often dies
[11:49:34] <petan>	 fale which one?
[11:50:30] <fale>	 petan: tools-login
[11:50:52] <petan>	 let me check..
[11:52:46] <petan>	 fale are you sure it's not your connection because it works to me
[11:52:58] <petan>	 I mean, I am connected for days
[11:54:11] <fale>	 petan: I have 3 ssh open: 1 to login.toolserver.org, 1 to tools-login.wmflabs.org and 1 to a company server. The other two are still up and the labs one dropped (this happens every 5~10' of inactivity)
[11:54:27] <fale>	 maybe is because is the only US server?
[11:55:01] <petan>	 maybe... :p
[11:55:32] <fale>	 petan: the problems of living in an old continent :D
[11:55:42] <petan>	 I am living in EU as well
[11:56:01] <fale>	 petan: north or south?
[11:56:08] <petan>	 central ;)
[11:56:23] <fale>	 :D good connection in DE-FR
[11:56:30] <valhallasw>	 fale: might be your inactivity. Try setting up pings.
[11:56:44] <petan>	 nah, there is no inactivity timeout, but it may be in your client
[11:56:50] <valhallasw>	 keepalives*
[11:56:54] <petan>	 definitely not server side check
[11:56:55] <fale>	 valhallasw: thanks for suggestion :)
[11:57:10] <fale>	 petan: maybe clientside for some odd reasons
[11:57:14] <valhallasw>	 http://www.howtogeek.com/howto/linux/keep-your-linux-ssh-session-from-disconnecting/
[11:57:22] <petan>	 it may be even your router
[11:57:46] <petan>	 some "intelling modems" are killing open connections that don't transfer any data because they could be some backdoors :P
[11:57:52] <petan>	 * intelligent
[11:57:54] <YuviPanda>	 fale: also try mosh
[11:58:02] <fale>	 petan: good point
[11:58:12] <petan>	 YuviPanda mosh is evil XDD I <3 it but....
[11:58:12] <YuviPanda>	 fale: http://mosh.mit.edu/
[11:58:16] <fale>	 YuviPanda: yep, I think I'll install it
[11:58:18] <petan>	 YuviPanda: did you see memory usage? :D
[11:58:21] <YuviPanda>	 fale: :)
[11:58:36] <fale>	 YuviPanda: or: sudo apt-get install mosh :P
[11:58:37] <petan>	 YuviPanda 30% of memory usage on -login are moshes
[11:58:44] <YuviPanda>	 still better than getting your connection dropped all the time, petan :)
[11:58:58] <YuviPanda>	 heh, well, maybe we should find a solution to running it as a deamon or something... :P
[11:59:04] <petan>	 yes, but someone should write mosh in c++
[11:59:24] <petan>	 LOL fail
[11:59:28] <petan>	 it is written in c++
[11:59:30] <petan>	 :D :D
[12:00:08] <fale>	 petan: good code can be written in java and bad code can be written in C++... I know, it's hard but possible :D
[12:00:58] <petan>	 fale: depends... even best written code in java for simple things will necessarily need more resources than equivalent in c, just because interpretor needs more resources. But that is just for some specific cases
[12:01:15] <petan>	 for all big projects java or c# is definitely good idea, for small daemons or tools c or c++ wins
[12:01:26] <Steinsplitter>	 Android *g* using for irrssi on mobile ...:P
[12:01:46] <petan>	 lol irssi
[12:01:59] <petan>	 that explain why you people still have problems with irc
[12:02:28] <Steinsplitter>	 -r
[12:02:40] * Steinsplitter  dos not user irssi :P

[12:03:07] <Steinsplitter>	 petan: see pm
[12:03:28] <Steinsplitter>	 OMG 14:03 :O
[12:06:45] <YuviPanda>	 oh, mosh is based on protobufs
[12:06:46] <YuviPanda>	 nice
[12:12:27] <fale>	 YuviPanda: its nice to use :) thanks for the suggestion :)
[12:12:32] <YuviPanda>	 :D
[12:12:57] <YuviPanda>	 it feels a little weird to me because it can be disconcertingly fast
[12:13:14] <fale>	 :D
[12:13:34] <valhallasw>	 YuviPanda: I had expected more to be honest :p but it's certainly better
[12:13:52] <valhallasw>	 forcing prediction also helps a bit
[12:14:10] <YuviPanda>	 valhallasw: indeed. Now if only it had a deamon mode of sorts so we can have one deamon running rather than one executable for everyone...
[12:14:32] * YuviPanda  considers just going to movies and drinking this weekend, rather than writing cod

[12:14:33] <YuviPanda>	 ee
[12:15:16] <fale>	 YuviPanda: some users have even multiple instances :D
[12:15:28] <YuviPanda>	 fale: not sure if that is intentional, even :)
[12:15:30] <valhallasw>	 now if only the speed of light in fibers was higher than 0.6c
[12:16:12] <YuviPanda>	 hehe :)
[12:16:48] <valhallasw>	 I guess we should have an extra login server once labs is extended into knams
[12:18:10] * YuviPanda  installs his vim scripts on the server

[12:18:49] <fale>	 YuviPanda: whym has 8 and wolf 5 :D
[12:19:00] <YuviPanda>	 zombies maybe?
[12:19:09] <YuviPanda>	 I have only one, right?
[12:19:15] <valhallasw>	 YuviPanda: if your computer crashes with mosh open, the connection is not closed
[12:19:33] <valhallasw>	 and it's impossible to reconnect because the connection info is not stored locally
[12:19:38] <fale>	 YuviPanda: you don't
[12:21:05] <YuviPanda>	 valhallasw: yeah, so... zombies
[12:21:24] <YuviPanda>	 oh, vim powerline works on the terminal?
[12:21:26] <YuviPanda>	 niiice!
[12:24:25] * YuviPanda  tries ctrlp

[12:35:33] <YuviPanda>	 tada, that's a nice setup now :)
[12:35:53] <YuviPanda>	 any idea how I can 'forward' my vimrc files to tool accounts?
[12:35:58] <YuviPanda>	 scfc_de: petan valhallasw ^?
[12:36:04] <petan>	 yes
[12:36:10] <YuviPanda>	 without having to symlink them?
[12:36:12] <petan>	 no
[12:56:00] <scfc_de>	 YuviPanda: Wasn't this discussed on labs-l?  "vim -c ~yuvipanda/.vimrc" or whatever the correct syntax is?
[12:59:51] <YuviPanda>	 scfc_de: hmm, so I just need to have it group readable?
[12:59:56] * YuviPanda  checks

[13:00:23] <valhallasw>	 YuviPanda: http://tech.groups.yahoo.com/group/vim/message/52715
[13:00:28] <scfc_de>	 YuviPanda: No, because your account is in wikidev, but the tool-account not.
[13:00:43] <valhallasw>	 YuviPanda: I enviroment is passed through in become
[13:00:51] <valhallasw>	 YuviPanda: so you can to export VIMRC=...  in your own .profile
[13:01:16] <scfc_de>	 YuviPanda: I think it needs to be world-readable.  Is private information in there?
[13:01:23] <YuviPanda>	 no
[13:01:28] <valhallasw>	 YuviPanda: and you'll have to have it world readable, because it typically will not have the same group
[13:01:36] <valhallasw>	 YuviPanda: also you need to a+x your $HOME
[13:02:12] <YuviPanda>	 hmm
[13:02:15] <YuviPanda>	 valhallasw: so .vimrc is fine
[13:02:24] <YuviPanda>	 but I keep bak, etc files in .vimruntime
[13:02:27] <YuviPanda>	 so I guess I can't share that
[13:02:46] <valhallasw>	 YuviPanda: err, not sure.
[13:02:50] <scfc_de>	 BTW, and not to start a war, Emacs has TRAMP which you can use to ssh to a host, sudo to another account and edit as the latter.  Vim doesn't offer something similar?
[13:03:14] <YuviPanda>	 IIRC it does, but I've never really checked it
[13:03:16] <YuviPanda>	 let me look
[13:04:28] <petan>	 I think emacs just have bunch of memory leaks :P
[13:04:30] <YuviPanda>	 right, netrw is enabled by default
[13:04:37] <YuviPanda>	 haven't personally tried it, but
[13:04:39] <YuviPanda>	 let me try
[13:04:45] <petan>	 everytime there is some process causing troubles on -login it's emacs
[13:05:14] <scfc_de>	 YuviPanda: I use that (on Emacs) so I have only one frame and can copy & paste between different files on different hosts more easily.
[13:05:19] <YuviPanda>	 scfc_de: also, it's different ways of working, I guess. I prefer navigating around in the shell, and opening up vim as and when necessary
[13:05:43] <YuviPanda>	 also I don't think file navigation plugins like CtrlP will work with netrw
[13:05:45] <valhallasw>	 I still think we should just have a way to use scp as another user
[13:05:53] <valhallasw>	 that would make life /so much/ easier
[13:06:02] <petan>	 valhallasw what you mean?
[13:06:43] <YuviPanda>	 valhallasw: yeah, also scp will have issues ownership, I suppose
[13:07:06] <valhallasw>	 petan, YuviPanda: "scp nlwikibots@tools-login.wmflabs.org"
[13:07:20] <petan>	 what would that be for :P
[13:07:22] <YuviPanda>	 :D someday... :)
[13:07:38] <valhallasw>	 to be able to write stuff in /data/project/... *without* having to do take et al
[13:08:06] <petan>	 I just don't understand why Cored dislike idea of -g and changing design of take... there is already sudo policy (even if it doesn't work) which should allow anyone chown anything in their home directories
[13:08:38] <petan>	 if there is security policy made by Ryan I guess it wouldn't be insecure if take allowed that as well...
[13:08:47] <valhallasw>	 ...the point is not having tho chown *at all*.
[13:08:51] <scfc_de>	 petan: Emacs TRAMP uses only /bin/sh on the remote host (VSZ = 4400).
[13:09:10] <YuviPanda>	 scfc_de: IIRC there's no TRAMP equivalent that works as transparently on Vim
[13:09:22] <YuviPanda>	 the usual way of doing this is to ssh through, which of course has problems
[13:09:38] <petan>	 scfc_de: ok, but anyway I don't know if these memory issues comes from plugins or emacs itself, but it uses too much resources, anywhere I saw it
[13:11:33] <scfc_de>	 petan: Hmmm: On my box: VIRT = 57688, RES = 38m.  Hard to find beneath all those memory suckers like Chrome :-).
[13:12:14] <petan>	 scfc_de yes, probably it works on most of configuration, just the one we have in labs is weird, or users who use it don't know how to use it :P
[13:12:28] <valhallasw>	 scfc_de: don't get me started. I never though I would actually use all the 8GB I have...
[13:12:34] <petan>	 who knows what is going on inside of these emacs :D
[13:13:10] <petan>	 valhallasw lol I have windows in this laptop and I am using almost whole 8gb of memory just by running "my computer"
[13:14:06] <petan>	 seriously I can't even dream of running so many applications as I could on my 486 with windows 95 and 64mb of ram
[13:14:37] <petan>	 modern windows need so much resources that on modern hardware they are slower than old windows on old hardware :D
[13:15:16] <scfc_de>	 I think this box has 2 GByte, and it works pretty well memory-wise.
[13:15:27] <scfc_de>	 (With Emacs.)
[13:15:40] <petan>	 yes, my linux laptop (I had it on hackaton) has 2gb as well and it can do 100 times more than the windows one with 8gb
[13:15:57] * YuviPanda  needs to get back to Linux soon

[13:16:00] <YuviPanda>	 waiting for this machine to die
[13:16:03] <petan>	 I had to replace gnome with lxde in order to make it efficient though
[13:16:11] <petan>	 gnome 3 is like 900mb of ram just after boot
[13:16:17] <petan>	 too many java shit
[13:16:56] <petan>	 YuviPanda so, you are waiting for your mac book pro to die? :D :D
[13:17:04] <YuviPanda>	 Macbook Air, but yes
[13:17:11] <petan>	 <3 air
[13:17:16] <petan>	 but it's too expensive here
[13:17:25] <petan>	 in US apple store they sell it quite cheap
[13:17:36] <petan>	 but here it's like 40% more
[13:18:22] <petan>	 YuviPanda why you don't install linux into it?
[13:18:32] <YuviPanda>	 reduces battery a fair bit
[13:18:35] <YuviPanda>	 plus is a pain
[13:18:37] <petan>	 ah...
[13:18:46] <nileshc>	 hey all, I have been following this interesting conversation for a few minutes, it's a conversation that I have twice every week with my acquaintances. :D 
[13:19:01] <nileshc>	 YuviPanda, why don't you try Pinguy or Ping-EEE linux?
[13:19:31] * YuviPanda  checks

[13:19:32] <nileshc>	 They're ubuntu variations and the EEE version seems to consume a lot less battery power.
[13:19:43] <petan>	 YuviPanda I will happily exchange my windows laptop for your air :D
[13:19:46] <YuviPanda>	 hmm, ideally I'd like to run stock Debian Testing
[13:19:55] <YuviPanda>	 petan: well, once you go Ultrabook you can never go back :)
[13:20:04] <petan>	 YuviPanda I know :/
[13:20:05] <YuviPanda>	 so I need to replace this with either a Carbon X1 or an XPS 13 dev editio
[13:20:06] <YuviPanda>	 n
[13:20:08] <petan>	 but it's expensive :<
[13:20:25] <petan>	 YuviPanda running debian testing are you sure? :D I was trying to install debian on this one
[13:20:34] <petan>	 and I had huge troubles getting UEFI to work
[13:20:41] <YuviPanda>	 nileshc: hmm, looks interesting! But I think my days of experimenting with distros are long over
[13:20:47] <petan>	 debian installer needs a lot of updates for it to work with new hardware
[13:20:50] <YuviPanda>	 :)
[13:21:19] <valhallasw>	 petan: part of the memory use is actually FS caching, but OK
[13:21:26] <petan>	 its hardware is so new, that latest kernel 3.10 doesn't support it yet :(
[13:21:33] <petan>	 I had to write own wi-fi driver :D
[13:21:41] <valhallasw>	 also: try running windows 95 on 486-era hardware. That was so. horribly. slow.
[13:21:53] <YuviPanda>	 nileshc: updates, etc are unsure with custom distros. plus there might be nasty surprises here and there...
[13:22:04] <petan>	 valhallasw I never count the caches :P
[13:22:19] <valhallasw>	 petan: well, where did you get the '8GB in use' number?
[13:22:37] <petan>	 maybe in all that spyware / NSA software preinstalled by company I work for
[13:22:45] <petan>	 we have so many supervising software and shit
[13:23:18] <petan>	 tbh I don't know... but I am happy it handles firefox
[13:24:47] <valhallasw>	 petan: check the memory tab in resource monitor
[13:24:58] <nileshc>	 YuviPanda: umm, you might be right, but till now I really had no problems with the Pinguy variations. They basically pack the raw ubuntu distros with all the goodies that are sometimes missing (all the codecs, file system drivers, wifi blah blah blah). Nothing else changes. When you do a uname -a or start up System Monitor, it's the same old ubuntu. I can't seem to go back to ubuntu after using these. :D
[13:25:10] <petan>	 valhallasw: wow that is even worse than vmstat :D
[13:25:17] <YuviPanda>	 nileshc: oh sure, but in that case I prefer doing the packing myself :P
[13:25:28] <YuviPanda>	 usually they're just extra .debs or ppas...
[13:25:40] <petan>	 free: 535mb
[13:25:44] <YuviPanda>	 nileshc: not saying they're bad / good. Just that I don't do those anymore :)
[13:25:46] <valhallasw>	 petan: and stand-by?
[13:25:53] <petan>	 valhallasw where is it?
[13:25:56] <nileshc>	 Yeah, that's true. :)
[13:26:08] <valhallasw>	 petan: in the memory tab of resource manager
[13:26:21] <petan>	 resource monitor?
[13:26:26] <valhallasw>	 you can also use the 'resource manager' button in task manager>performance tab
[13:26:29] <petan>	 there is no resource manager thing
[13:26:39] <petan>	 there is resource monitor button
[13:26:45] <petan>	 I guess that is it
[13:26:48] <valhallasw>	 click it, and resource manager will start
[13:26:55] <YuviPanda>	 nileshc: I think after playing with puppet here, next time I get a machine I'm going to set everything up with puppet or similar
[13:26:55] <valhallasw>	 then go to the memory tab there
[13:27:00] <YuviPanda>	 think that's going to be a gamechanger
[13:27:09] <valhallasw>	 there you have in use / stand-by (= in use as cache), available
[13:27:11] <petan>	 I would copy paste like from free :D but there is no way to copy other than making a screenshot
[13:27:22] <petan>	 standby 960
[13:27:31] <petan>	 in use 5300
[13:27:38] <petan>	 free 400
[13:27:58] <petan>	 hardware reserved 200 modified 1300
[13:28:01] <petan>	 o.O
[13:28:07] <petan>	 whatever these numbers mean
[13:28:25] <valhallasw>	 hardware reserved = e.g. video ram on laptops
[13:28:35] <petan>	 oh this
[13:28:47] <petan>	 I think linux doesn't even show that
[13:29:33] <valhallasw>	 "Modified (orange) This represents pages of memory that can be used by other programs but would have to be written to the page file before they can be reused."
[13:31:12] <scfc_de>	 YuviPanda: I have been pondering the same thought; till now I've been using a custom RPM that pulls in dependencies and stuff, but that doesn't solve more detailed configuration issues.  So Puppet is probably the way to go for me as well.
[13:31:49] <YuviPanda>	 scfc_de: yeah, but need to explore alternatives, I think. Chef, for example
[13:32:07] <YuviPanda>	 puppet does have an automatic advantage because it is used so much
[13:32:54] <scfc_de>	 YuviPanda: Exactly.  If I need to know Puppet for Wikipedia, no real incentive having to learn another language.
[13:32:58] <YuviPanda>	 indeed
[13:37:24] <nileshc>	 Hey all. I'm setting up password-less login for hadoop on a labs VM that's part of the wikidata-dev project. So, I'm logging into wikidata-suggester from the bastion server.  I've done ssh-keygen and added the pub key to authorized_keys. I had to make a couple of changes to /etc/ssh/sshd_config like uncommenting: AuthorizedKeysFile     %h/.ssh/authorized_keys.
[13:37:32] <nileshc>	 When I try to do ssh localhost, it accepts the key, but says:
[13:37:43] <nileshc>	 If you are having access problems, please see: https://wikitech.wikimedia.org/wiki/Access#Accessing_public_and_private_instances
[13:37:44] <nileshc>	 Connection closed by 127.0.0.1
[13:38:29] <nileshc>	 I'm certain of one thing...it's accepting the pub key but closing the connection.
[13:38:33] <valhallasw>	 nileshc: ssh -v localhost
[13:38:39] <valhallasw>	 nileshc: or possibly -v -v  or -v -v -v
[13:39:00] <YuviPanda>	 or -vvv
[13:39:08] <nileshc>	 yeah i've done ssh -vvvv localhost... should I share a public gist in github?
[13:39:21] <valhallasw>	 YuviPanda: shush, you're making me look like a unix noob
[13:39:26] <valhallasw>	 :-D
[13:39:33] <nileshc>	 :D
[13:39:36] <YuviPanda>	 :P
[13:39:37] <nileshc>	 Any other safer method to share the log?
[13:40:01] <valhallasw>	 nileshc: unlisted pastebin that expires in an hour or so should not be too bad?
[13:40:20] <valhallasw>	 it doesn't include your private keys, so it should be OK to have it public
[13:40:20] <nileshc>	 cool. one moment.
[13:40:27] <nileshc>	 yes.
[13:40:30] <YuviPanda>	 yeah, don't think there's anything that sensitive int that
[13:42:25] <nileshc>	 http://pastebin.com/SvbZvx4V
[13:42:36] * YuviPanda  builds macvim

[13:47:47] <valhallasw>	 nileshc: what is your shell in /etc/passwd?
[13:48:10] <nileshc>	 bash most probably. I'm checking.
[13:49:43] <nileshc>	 valhallasw: it was initially /bin/sh. I changed it to /bin/bash
[13:51:41] <valhallasw>	 nileshc: hmm
[13:52:12] <valhallasw>	 nileshc: compare to http://pastebin.com/z3Uyrw64
[13:52:31] <valhallasw>	 you get connection closed instead of debug1: Authentication succeeded (publickey).
[13:52:59] <valhallasw>	 but I have no clue why. Maybe the server ssh log can tell you something?
[13:55:07] <nileshc>	 Hmm...I'll try tailing that.. :/
[14:06:20] <nileshc>	 valhallasw: Here's the sshd verbose output from /var/log/auth.log : http://pastebin.com/WSh8Gf3K
[14:07:22] <nileshc>	 funny. Found matching RSA key. Postponed publickey for hadoop from 127.0.0.1 port 50299.  fatal: Access denied for user hadoop by PAM account configuration 
[14:07:59] <valhallasw>	 check /etc/pam.d/ssh (according to google)
[14:20:54] <Darkdadaah>	 Hi, is Coren here?
[14:21:02] <Coren>	 No I'm not.
[14:21:04] <petan>	 Coren: are you here? :P
[14:21:07] <petan>	 :D
[14:21:10] <petan>	 Darkdadaah: he is not
[14:21:24] <Darkdadaah>	 damn
[14:21:33] <petan>	 this sounds little bit like if we were all living @ Coren's house
[14:22:17] <Coren>	 Darkdadaah: What's up?
[14:22:19] <petan>	 Coren: is there any plan to enable apache 2.4 on beta? :P
[14:22:25] <petan>	 I tried and I failed
[14:22:37] <petan>	 it doesn't like version of suphp we have
[14:22:38] <Coren>	 petan: There's a lot to do to build it right for Precise.
[14:22:49] <Coren>	 I'm still on it, inbetween everything else.
[14:22:52] <petan>	 ok
[14:22:57] <petan>	 are you using beta for it? :o
[14:23:03] <Darkdadaah>	 Coren: the link http://tools.wmflabs.org/?Rules (when we login via ssh to tools) doesn't link anywhere
[14:23:15] <petan>	 !rules
[14:23:30] <petan>	 !rules is there is only 1 rule in labs: WP:IGNORE
[14:23:30] <wm-bot>	 Key was added
[14:23:35] <Coren>	 Darkdadaah: That's because our Happy Fun Lawyers are almost, but not quite, done working the TOS.  :-)
[14:24:30] <Darkdadaah>	 So until then it's free for all? :P
[14:25:46] <Coren>	 Darkdadaah: No, you are just subject to my capricious whim.  :-)
[14:26:07] <Coren>	 Rule of the day!  No vowels on the command line!  :-)
[14:27:09] <Darkdadaah>	 That's harsh ><
[14:27:43] <Darkdadaah>	 I can't even "become" my tools then :-(
[14:28:17] <petan>	 but you can become my tool... now go and clean the dishes
[14:28:33] <petan>	 :0
[14:28:44] <Darkdadaah>	 I hope you don't mind some broken dishes.
[14:28:52] <petan>	 all my dishes are broken
[14:29:10] <petan>	 everything's broken... except for wm-bot
[14:29:20] <petan>	 wm-bot: <3 u
[14:29:20] <wm-bot>	 Hi petan, there is some error, I am a stupid bot and I am not intelligent enough to hold a conversation with you :-)
[14:29:29] <petan>	 meh
[14:29:37] <Darkdadaah>	 This is sad.
[14:29:37] <petan>	 I need to implement some intelligence to it
[14:46:06] <Coren>	 Darkdadaah: Sure you could.  For instance, to become csbot, I could '/usr/*/b*/b?c?m? $(/bin/ech* csbpt|tr n-q m-p)'
[14:46:35] <Coren>	 Rather '/?sr/*/b*/b?c?m? $(/bin/?ch* csbpt|tr n-q m-p)'
[14:46:52] <Darkdadaah>	 Still one i remaining :-)
[14:47:05] <Coren>	 And a U.  Forgot to check the paths.
[14:50:12] <Coren>	 At any rate, creative use of globs and tr should suffice.  :-)
[14:52:14] <Darkdadaah>	 I wonder what is worst: the command itself, or the fact that I understand what it actually does?
[14:57:22] <YuviPanda>	 glob-N
[14:57:23] <YuviPanda>	 :)
[15:03:31] <nileshc>	 I have half a mind to try that globstrous command on my shell, but it scares me to no end.
[15:04:08] <YuviPanda>	 hmm, the second * after /usr/ could be malicious :)
[15:04:50] <nileshc>	 :P
[15:06:11] <magnus__>	 Just created a tool, but for "become not-in-the-other-language" I keep getting "sudo: sorry, a password is required to run sudo". Wasn't added to the group either.
[15:06:26] <magnus__>	 Can modify files in the tool dir, though
[15:06:31] <Darkdadaah>	 magnus__:  relogin.
[15:06:35] <magnus__>	 tried that
[15:06:50] <Darkdadaah>	 from tools?
[15:06:57] <magnus__>	 tools-login
[15:07:05] <Darkdadaah>	 (er yes, of course...)
[15:07:17] <magnus__>	 just tried again, no joy
[15:09:36] <Darkdadaah>	 You need to ask higher beings then, such as Coren or petan.
[15:09:57] <YuviPanda>	 (or the new(er) admin, scfc_de)
[15:10:06] <petan>	 magnus__ you need to relog
[15:10:18] <YuviPanda>	 petan: read backscroll :P
[15:10:25] <petan>	 ah ok
[15:10:27] <petan>	 hold on
[15:11:20] <petan>	 magnus__ what is a name of your tool?
[15:11:29] <magnus__>	 not-in-the-other-language
[15:11:32] <magnus__>	 really...
[15:12:06] <petan>	 magnus__ can you try to completely log off and ssh back? like completely out of labs
[15:12:15] <petan>	 because I am pretty sure this has something to do with your session
[15:12:40] <magnus__>	 just did, still no joy
[15:12:48] <petan>	 when I switch to you:
[15:12:49] <petan>	 magnus@tools-login:~$ become not-in-the-other-language
[15:12:50] <petan>	 local-not-in-the-other-language@tools-login:~$ 
[15:13:03] <petan>	 which server you try it on?
[15:13:05] <petan>	 -login or -dev
[15:13:26] <magnus__>	 -login
[15:13:50] <petan>	 other tools do work?
[15:13:54] <magnus__>	 yup
[15:13:58] <magnus__>	 hey, dev works!
[15:14:08] <YuviPanda>	 .profile poisoning?
[15:14:15] <petan>	 I don't think so
[15:14:31] <magnus__>	 -login still doesn't work though
[15:14:35] <Darkdadaah>	 restart your whole computer :D
[15:15:04] <petan>	 ^ that could actually fix it :D
[15:15:18] <petan>	 because I believe that your session just hang somewhere there :P
[15:15:26] <petan>	 or maybe sudo -k
[15:16:13] <magnus__>	 also, on -login there is no colorful ascii art anymore
[15:16:35] <petan>	 eh...
[15:16:39] <petan>	 in fact there is :0
[15:17:07] <magnus__>	 yes i still saw it this morning but not now
[15:17:34] <magnus__>	 i'll reboot the machine later, meanwhile work on -dev
[15:17:36] <magnus__>	 thanks
[15:17:37] <Darkdadaah>	 Maybe open a brand new terminal window?
[15:18:24] <AzaToth>	 petan: still probs?
[15:18:41] <petan>	 AzaToth I didn't figure how to do that properly, so I just did it wrong way :P
[15:18:42] <AzaToth>	 had internet fnuckup before so our discussion went fubar
[15:18:58] <petan>	 I use postinst to copy that file to /etc so that it never get removed
[15:19:20] <AzaToth>	 petan: but you are building the debs the right way?
[15:19:28] <petan>	 magnus__ are you sure it isn't something related to mosh etc?
[15:19:36] <petan>	 AzaToth I /think/
[15:19:49] <petan>	 AzaToth hard to ask newbie if guide they were using was right
[15:19:55] <AzaToth>	 petan: I get the feeling you are working in a DEBIAN directory instead of a debian dir
[15:20:00] <magnus__>	 petan not using mosh AFAIK?
[15:20:14] <petan>	 magnus__ mosh definitely doesn't show that colorful logo
[15:20:28] <AzaToth>	 petan: which package are you referring to?
[15:20:33] <petan>	 my own
[15:20:37] <AzaToth>	 linky?
[15:20:44] <AzaToth>	 so I can see wtf you have done
[15:20:45] <petan>	 AzaToth linky to what? :P source code?
[15:20:50] <AzaToth>	 yes
[15:20:55] <petan>	 ok...
[15:21:29] <petan>	 check out, run ./debian https://github.com/benapetr/terminator
[15:22:05] <Cyberpower678>	 petan, how do chmod folders only recursively.
[15:22:06] <AzaToth>	 that's the wrong way™
[15:22:17] <petan>	 Cyberpower678 -R option
[15:22:26] <AzaToth>	 petan: what you are doing is low level deb building
[15:22:35] <Cyberpower678>	 How will it apply to folders and not files?
[15:22:38] <petan>	 AzaToth link me to guide that describe it correctly
[15:22:43] <AzaToth>	 no one except the really perverse do that
[15:22:53] <petan>	 Cyberpower678 sec phone
[15:23:21] <Steinsplitter>	 What the fuck ist this "Selennium user"?
[15:23:24] <AzaToth>	 petan: http://www.debian.org/doc/manuals/maint-guide/index.en.html
[15:23:47] <MaxSem>	 Steinsplitter, used bt Selenium;)
[15:24:04] <Steinsplitter>	 jepp, i know that this is a testing.framework
[15:24:19] <Steinsplitter>	 but what Sellenium_user is testing in the BetaCluster?
[15:24:23] <petan>	 Cyberpower678 chmod some-mode $(find . -type d)
[15:24:58] <petan>	 !chmod is recursively chmod g+s all folders starting with pwd:  chmod g+s $(find . -type d)
[15:24:58] <wm-bot>	 Key was added
[15:25:33] <Steinsplitter>	 MaxSem: it is not possible to interfere the selenniumuser?
[15:25:45] <MaxSem>	 interfere?
[15:26:02] <petan>	 AzaToth is there some more simple guide, like with examples how to do stuff
[15:26:18] <petan>	 this is looking like a bible to me
[15:26:27] <petan>	 bible of debiantology
[15:26:49] <Steinsplitter>	 MaxSem: disturb
[15:27:25] <Cyberpower678>	 petan, now how about files only?  Preferrable in the $HOME/Peachy directory
[15:27:56] <petan>	 Cyberpower678 same just -type f
[15:28:25] <petan>	 chmod 000 ($find $HOME/Peachy -type f)
[15:28:46] <petan>	 that is probably not what you want but it's still more secure than 777 :P
[15:29:30] <petan>	 !bible is debian bible: http://www.debian.org/doc/manuals/maint-guide/index.en.html
[15:29:30] <wm-bot>	 Key was added
[15:30:22] <Cyberpower678>	 petan, -bash: syntax error near unexpected token `('
[15:31:43] <petan>	 scfc_de good to know you are admin, now you can go to #wikimedia-labs-requests and clear the backlog :P
[15:32:09] <petan>	 it's waiting just for you :D
[15:32:39] <petan>	 oh, sorry
[15:32:39] <petan>	 chmod 000 $(find $HOME/Peachy -type f)
[15:32:41] <petan>	 Cyberpower678 ^
[15:40:02] <AzaToth>	 petan: cannot find -lproc
[15:40:11] <AzaToth>	 are you referring to procps?
[15:40:52] <petan>	 depends on version of your system
[15:40:56] <petan>	 you can see 2 makefiles there
[15:40:58] <Cyberpower678>	 petan, can you verify that you cannot access /data/project/cyberbot/Peachy/Configs as a normal user?
[15:41:11] <petan>	 current ubuntu use libproc, latest debian sid needs libprocps, AzaToth
[15:41:20] <petan>	 it's same, just name is different
[15:41:54] <petan>	 petrb@tools-login:~$ cd /data/project/cyberbot/Peachy/Configs/
[15:41:56] <petan>	 -bash: cd: /data/project/cyberbot/Peachy/Configs/: Permission denied
[15:42:26] <Cyberpower678>	 petan try loading a meta.cfg in that directory.
[15:42:52] <petan>	 petrb@tools-login:~$ file /data/project/cyberbot/Peachy/Configs/meta.cfg
[15:43:05] <petan>	 eh
[15:43:11] <petan>	 did you receive the second line too?
[15:43:17] <YuviPanda>	 petan: Coren scfc_de going to post to labs-l about Redis now.
[15:43:17] <petan>	 my bouncer is fucked up lol
[15:43:19] * YuviPanda  drafts blog

[15:43:21] <YuviPanda>	 err
[15:43:24] * YuviPanda  drafs post

[15:43:31] <Cyberpower678>	 petan, what's the result?
[15:43:40] <petan>	 /data/project/cyberbot/Peachy/Configs/meta.cfg: ERROR: cannot open `/data/project/cyberbot/Peachy/Configs/meta.cfg' (Permission denied)
[15:43:47] <Cyberpower678>	 good.
[15:43:48] <AzaToth>	 petan: you have a configure made auto autoconf, but no coonfigure.ac/in
[15:44:17] <petan>	 AzaToth oh I forgot to push the file there... hold on, but it's just a draft anyway
[15:44:23] <AzaToth>	 heh
[15:44:42] <AzaToth>	 petan: you can use pkgconfig for procps
[15:44:53] <petan>	 AzaToth ok
[15:45:08] <petan>	 it's there....
[15:45:13] <Cyberpower678>	 petan, thanks.  I fixed most of the gid and permission problems in that directory.
[15:45:25] <petan>	 good
[15:45:32] <petan>	 YuviPanda I have no idea what you wanted to tell me :P
[15:45:39] <petan>	 who is writing what
[15:45:50] <petan>	 I just know it's about redis :D
[15:47:12] <YuviPanda>	 no just giving a headsup :)
[15:47:16] <YuviPanda>	 that I'm writing it
[15:48:04] <AzaToth>	 undefined reference to `freeproc'
[15:49:08] <petan>	 AzaToth: you need libproc-dev or libprocps-dev
[15:49:34] <petan>	 AzaToth also, make sure that -lproc or -lprocps is in compiler options (the second makefile is for procps)
[15:49:35] <AzaToth>	 yup
[15:50:11] <AzaToth>	 petan: http://paste.debian.net/13162/
[15:50:14] <petan>	 I need to setup configure when I have time
[15:51:21] <AzaToth>	 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681653
[15:51:22] <petan>	 you are using lprocps right?
[15:51:27] <petan>	 let me test on my debian box
[15:51:34] <petan>	 I did latest development on ubuntu
[15:52:13] <AzaToth>	 I only have procps 3.3.3-3
[15:52:44] <petan>	 petanb@linux-dev:~/Documents/terminator/terminatord$ make -f Makefile_debian << works just fine
[15:53:08] <petan>	 libprocps1-dev                                              1:3.3.8-2
[15:53:18] <petan>	 that is what I have in my system
[15:53:31] <AzaToth>	 ok
[15:53:36] <AzaToth>	 it's fixed in 3.3.6
[15:53:40] <petan>	 aha
[15:53:47] <petan>	 what debian you have?
[15:53:51] <petan>	 6?
[15:54:10] <AzaToth>	 7
[15:54:12] <petan>	 ok
[15:54:31] <AzaToth>	 I usually stick to stable half year after release
[15:54:39] <petan>	 that is interesting such outdated version with significant bug is in stable
[15:55:11] <petan>	 without freeproc it's nearly impossible to use the library without leaking memory
[15:56:04] <petan>	 I believe that even top if built with this version would have leak :0
[15:57:28] <petan>	 AzaToth it's likely impossible to build it with that version of libproc it would require to change code significantly and would result in memory not being freed anyway...
[15:59:15] <AzaToth>	 ok
[16:00:33] <petan>	 AzaToth tbh, that library seems to change a lot, when I compile this on some labs instance and scp binary to different instance, with little older image it doesn't run because it has different version of that library o.O packaging would be pretty hard here
[16:01:02] <petan>	 I guess ./configure && make is most easy in this case :P I just need to finish that autoconf
[16:01:24] <AzaToth>	 I hate autohell
[16:01:35] <petan>	 why
[16:01:39] <petan>	 most of GNU tools are using it
[16:02:13] <AzaToth>	 it's a pile of m4 macros ontop of 100 different files
[16:02:13] <petan>	 btw produced ./configure is no "auto shell" it's a regular shell script
[16:02:40] <petan>	 writing this script for every package by hand would be just... meh
[16:02:41] <AzaToth>	 the configure script is a hell as you can't save it in git
[16:02:55] <petan>	 why not?
[16:03:09] <AzaToth>	 have used scons some, and it fits the job better
[16:03:27] <AzaToth>	 because the configure is megabyte of semirandom code
[16:03:33] <petan>	 heh, true
[16:03:39] <petan>	 for large projects yes
[16:03:47] <petan>	 check out wxwidgets :P
[16:03:49] <AzaToth>	 for small projects it's the same
[16:03:54] <petan>	 just make is running 1 day
[16:04:08] <AzaToth>	 autohell is a hell
[16:04:11] <petan>	 it's 100kb now :D
[16:05:13] <petan>	 anyway I just need to make a simple way for people to build it, on any platform with linux kernel 2.4+
[16:05:32] <petan>	 and I don't like idea of precompiling 250 000 different packages for every platform
[16:05:46] <petan>	 autoconf seems like a solution
[16:07:04] <AzaToth>	 petan: there
[16:07:18] <petan>	 ?
[16:07:43] <AzaToth>	 made a pullreq
[16:07:46] <petan>	 btw I need to go now... brb N hours N is element of { 1 ... 8 }
[16:08:28] <AzaToth>	 is that inclusive or exclusive?
[16:08:40] <petan>	 merged
[16:08:45] <petan>	 inclusive :D
[16:09:11] <AzaToth>	 petan: to build, use "git-buildpackage"
[16:09:27] <AzaToth>	 make sure you install git-buildpackage and devscripts
[16:09:36] <petan>	 ok
[16:19:28] <addhere>	 I think we should abuse filter added to wikitech (petan, thoughts?)
[16:24:08] <addhere>	 keep the spam bots out without making blocks
[16:42:29] <YuviPanda>	 :)
[17:05:07] <scfc_de>	 YuviPanda: "standard port 637*p*"?! :-)
[17:05:16] <YuviPanda>	 grr
[17:05:38] <YuviPanda>	 scfc_de: I need to setup monitoring for it, tho
[17:06:02] <YuviPanda>	 scfc_de: fixed it :)
[17:29:19] <Krinkle>	 !log cvn Rebooted cvn-app1
[17:29:20] <labs-morebots>	 Logged the message, Master
[17:38:55] <gerrit-wm_>	 New patchset: coren; "jsub: provide a sane default email address" [labs/toollabs] (master) - https://gerrit.wikimedia.org/r/71081
[17:39:04] <Coren>	 scfc_de: ^^
[18:02:08] <gerrit-wm_>	 New patchset: coren; "jsub: provide a sane default email address" [labs/toollabs] (master) - https://gerrit.wikimedia.org/r/71081
[18:02:53] <gerrit-wm_>	 New review: coren; "Moar email!" [labs/toollabs] (master); V: 2 C: 2;  - https://gerrit.wikimedia.org/r/71081
[18:02:53] <gerrit-wm_>	 Change merged: coren; [labs/toollabs] (master) - https://gerrit.wikimedia.org/r/71081
[18:06:14] <gerrit-wm_>	 New patchset: coren; "jsub: also support -m so that -M is useful.  :-)" [labs/toollabs] (master) - https://gerrit.wikimedia.org/r/71083
[18:06:54] <gerrit-wm_>	 New review: coren; "Duh." [labs/toollabs] (master); V: 2 C: 2;  - https://gerrit.wikimedia.org/r/71083
[18:06:55] <gerrit-wm_>	 Change merged: coren; [labs/toollabs] (master) - https://gerrit.wikimedia.org/r/71083
[19:44:27] <petan>	 back
[19:44:49] <petan>	 YuviPanda, scfc_de don't forget to keep updated !toolsadmin
[19:44:59] <YuviPanda>	 ?
[19:46:55] <petan>	 YuviPanda for example there is nothing about redis
[19:47:01] <YuviPanda>	 oh
[19:47:04] <petan>	 !toolsadmin
[19:47:04] <wm-bot>	 https://wikitech.wikimedia.org/wiki/Nova_Resource:Tools/Documentation/Admin
[19:47:09] <YuviPanda>	 yeah, will update that
[19:47:13] <YuviPanda>	 ty for reminding
[19:47:24] <petan>	 yw XD
[19:53:02] <Ryan_Lane>	 YuviPanda: some basic end-user documentation would be nice as well ;)
[19:53:12] <YuviPanda>	 Ryan_Lane: i added it to the end user docs
[19:53:15] <Ryan_Lane>	 ah
[19:53:16] <Ryan_Lane>	 cool
[19:53:31] <YuviPanda>	 Ryan_Lane: https://wikitech.wikimedia.org/wiki/Nova_Resource:Tools/Help#Redis
[19:53:34] <YuviPanda>	 tell me if it needs more?
[19:54:05] <Ryan_Lane>	 maybe some information about recommended libraries for different languages?
[19:54:13] <YuviPanda>	 Ryan_Lane: okay, I can add that
[19:54:14] <Ryan_Lane>	 and ones that already exist on the system
[19:54:22] <Ryan_Lane>	 well, I'd start with ones that exist on the system :)
[19:54:40] <YuviPanda>	 Ryan_Lane: you mean ones that are already installed?
[19:54:48] <YuviPanda>	 I'm not really sure about that, I always just use virtualenv :D
[19:54:57] <YuviPanda>	 Ryan_Lane: i was going to just link to http://redis.io/clients
[19:55:11] <Ryan_Lane>	 system libraries are greatly preferred :)
[19:55:30] <Ryan_Lane>	 linking to that is also cool, though
[19:55:40] <Ryan_Lane>	 we can follow up on the docs when people request libraries
[19:55:52] <YuviPanda>	 Ryan_Lane: yup.
[19:56:20] <YuviPanda>	 linked
[19:56:38] <Ryan_Lane>	 thanks!
[19:56:45] <YuviPanda>	 Ryan_Lane: at some point I should write more stuff about 'how to do common things on tool labs'
[19:56:58] <Ryan_Lane>	 yeah, better docs are needed in general
[19:57:02] <YuviPanda>	 Running WSGI, enabling tracebacks, running flasks, using Redis as queue, using it for publish subscribe, virtualenv
[19:57:09] <Ryan_Lane>	 we're going to have a doc sprint towards the end of july
[19:57:09] <YuviPanda>	 things I did run into while doing the bot
[19:57:13] <YuviPanda>	 ooo nice
[19:57:20] <Ryan_Lane>	 we're going to put topics on an etherpad
[19:57:29] <Ryan_Lane>	 and work together to document as much as possible :)
[19:58:17] <YuviPanda>	 :D looking forward to that
[19:58:58] <YuviPanda>	 I also need to find some project to do that involves celery, so we can establish a nice 'web server receives task, puts it on queue, SGE picks it up, runs it, puts result on queue, user gets notified / can see on web'
[20:03:30] <gerrit-wm_>	 New review: Tim Landscheidt; "lintian complained, and the Debian policy really seems to allow only one maintainer and require that..." [labs/toollabs] (master) - https://gerrit.wikimedia.org/r/70734
[20:05:45] <scfc_de>	 YuviPanda: Is Redis (for queues) a "reliable" storage, i. e. it doesn't delete data or not survive reboots?
[20:05:56] <scfc_de>	 (Non-transient?)
[20:06:11] <YuviPanda>	 scfc_de: the configuration we have deployed makes reliability guarantees that I think are 'good enough'
[20:06:22] <YuviPanda>	 *worst* case you lose 1 transaction, I think
[20:06:24] <YuviPanda>	 let me dig that up
[20:06:30] <YuviPanda>	 but generally yeah, durable
[20:11:32] <gerrit-wm_>	 New review: Tim Landscheidt; "@AzaToth: If there's a way to have autotools' functionality without autotools, sure." [labs/toollabs] (master) - https://gerrit.wikimedia.org/r/70771
[20:14:35] <gerrit-wm_>	 New patchset: Tim Landscheidt; "Use autotools as build system" [labs/toollabs] (master) - https://gerrit.wikimedia.org/r/70771
[20:18:22] <YuviPanda>	 scfc_de: so, if I want to make a package installed on exec nodes and webservers
[20:18:33] <YuviPanda>	 scfc_de: I should just put up the appropriate puppet changes and submit, right?
[20:18:42] <YuviPanda>	 not hand roll
[20:18:44] <YuviPanda>	 because handrolling bad
[20:20:29] <scfc_de>	 YuviPanda: That's the general spirit.  Though it's usually best to (ask someone to) test manually if the package can be installed without fuzz.
[20:20:39] <YuviPanda>	 scfc_de: yeah, but I don't mind the puppet changes
[20:20:48] <YuviPanda>	 I like doing those, and that'll ensure that it is 'future compatible' too
[20:20:49] <YuviPanda>	 so
[20:22:28] <scfc_de>	 YuviPanda: Oh, forgot you're root on toolsbeta.  So you should be able to test it yourself (almost).
[20:22:37] <YuviPanda>	 scfc_de: yeah, will do that
[20:22:45] <gerrit-wm_>	 New patchset: Tim Landscheidt; "Fix dependencies" [labs/toollabs] (master) - https://gerrit.wikimedia.org/r/70733
[20:22:45] <gerrit-wm_>	 New patchset: Tim Landscheidt; "Fix syntax error in debian/control" [labs/toollabs] (master) - https://gerrit.wikimedia.org/r/70734
[20:22:45] <gerrit-wm_>	 New patchset: Tim Landscheidt; "Use autotools as build system" [labs/toollabs] (master) - https://gerrit.wikimedia.org/r/70771
[20:22:45] <gerrit-wm_>	 New patchset: Tim Landscheidt; "Package take" [labs/toollabs] (master) - https://gerrit.wikimedia.org/r/71112
[20:24:07] <YuviPanda>	 scfc_de: https://gerrit.wikimedia.org/r/71113
[20:24:14] <YuviPanda>	 scfc_de: not too sure how exactly to test that on toolsbeta, however.
[20:24:15] <gerrit-wm_>	 New review: Tim Landscheidt; "@Coren: Could you post what compiler/linker flags are needed to guard take against attacks (LD_PRELO..." [labs/toollabs] (master) C: -1;  - https://gerrit.wikimedia.org/r/71112
[20:24:36] <YuviPanda>	 scfc_de: puppetmaster::self is set on tools-mc, so I could hand-modify these there and run it, but that sounds... odd
[20:25:13] <scfc_de>	 YuviPanda: tools-mc (without beta) isn't managed by central Puppet?
[20:25:21] <YuviPanda>	 scfc_de: err, i meant toolsbeta-mc
[20:25:22] <YuviPanda>	 sorry
[20:32:37] <YuviPanda>	 scfc_de: do you have powers to +2 that change?
[20:32:42] <YuviPanda>	 or is that only with Coren?
[20:33:55] <scfc_de>	 YuviPanda: Only Coren (and other ops people).  Also, if I dry-run a install of php5-redis, it wants to install apache2 :-).
[20:34:22] <Coren>	 Which change?
[20:34:32] <YuviPanda>	 Coren: https://gerrit.wikimedia.org/r/#/c/71113/
[20:34:48] <YuviPanda>	 scfc_de: i'm guessing there's a way to have it not install apache, looking
[20:35:36] <Coren>	 Merged and push.
[20:36:10] <YuviPanda>	 scfc_de: it doesn't actually want apache, just php
[20:36:26] <YuviPanda>	 scfc_de: so that's fine
[20:36:29] <YuviPanda>	 thanks, Coren :)
[20:39:34] <gerrit-wm_>	 New patchset: Tim Landscheidt; "Move test suite from debian/rules to autotools" [labs/toollabs] (master) - https://gerrit.wikimedia.org/r/71114
[20:41:07] <gerrit-wm_>	 New patchset: Tim Landscheidt; "Add tests for jsub" [labs/toollabs] (master) - https://gerrit.wikimedia.org/r/71115
[20:45:42] <gerrit-wm_>	 New patchset: Tim Landscheidt; "Add tests for jsub" [labs/toollabs] (master) - https://gerrit.wikimedia.org/r/71115
[20:49:55] <gerrit-wm_>	 New review: Tim Landscheidt; "Rephrased comments compared to PS1." [labs/toollabs] (master) - https://gerrit.wikimedia.org/r/71115
[21:00:48] <YuviPanda>	 Coren: is the toollabs webproxy apache?
[21:01:01] <YuviPanda>	 the puppet file is empty
[21:01:12] * YuviPanda  is thinking of any possible way at all we can get websockets into our current setup

[21:01:50] <Coren>	 YuviPanda: It is; the webproxy/webserver setup isn't yet in puppet (#2.5 on my todo atm)
[21:02:04] <YuviPanda>	 hmm, okay
[21:02:12] <YuviPanda>	 what exactly is #1, btw? :)
[21:02:13] <YuviPanda>	 and #2?
[21:02:35] <Coren>	 #1 is cleanup/rewrite of the NFS management code; #2 is Apache 2.4
[21:02:50] <YuviPanda>	 ah, nice :)
[21:06:36] <Coren>	 Which is why the puppetization is past 2, because how depends a lot on what. :-)
[21:06:49] <YuviPanda>	 :D
[21:06:51] <YuviPanda>	 indeed
[21:13:29] <gerrit-wm_>	 New patchset: Tim Landscheidt; "Add tests for jsub" [labs/toollabs] (master) - https://gerrit.wikimedia.org/r/71115
[21:14:34] <gerrit-wm_>	 New review: Tim Landscheidt; "... and I should have properly tested it after the rebase to incorporate Coren's change." [labs/toollabs] (master) - https://gerrit.wikimedia.org/r/71115
[21:17:27] <pragunbhutani>	 Coren: Hello! I need some help please
[21:18:06] <Coren>	 pragunbhutani: What what they pay me the big^H^H^H medium-sized bucks for.  :-)  What can I do for you?
[21:18:43] <pragunbhutani>	 haha! I'm trying to ssh into bastion and I keep getting a Permission denied (public key)
[21:19:36] <Coren>	 pragunbhutani: Have you put your public key onto Wikitech yet?
[21:19:41] <pragunbhutani>	 I have
[21:20:14] <Coren>	 Oh!  I see your shell access request is still pending.  Give me a moment to clear it.  :-)
[21:20:20] <aude>	 ok, really?
[21:20:26] <pragunbhutani>	 oh okay :)
[21:20:32] <aude>	 that would explain things
[21:21:17] <pragunbhutani>	 Coren: also, this might be a little silly to ask, but when one adds one's public key, do you have to include the 'ssh-rsa' bit at the beginning?
[21:21:18] <pragunbhutani>	 or just the stuff that comes afterwards?
[21:21:36] <Coren>	 pragunbhutani: Yes you do, that's part of the key as a while.
[21:21:38] <Coren>	 whole*
[21:22:35] <pragunbhutani>	 aude: yes :)
[21:22:42] <Coren>	 That's odd.  I see you as having the shell flag, but I don't see the entry in the logs.
[21:23:36] <Coren>	 Hm.  At any rate, things should work for you.  Would you like to try now?
[21:23:47] <aude>	 i was able to add him to the wikidata project
[21:26:22] <pragunbhutani_>	 Coren: sorry, I got disconnected
[21:26:33] <pragunbhutani_>	 please let me know when the shell access has been granted
[21:26:40] <aude>	 pragunbhutani: can you try accessing bastion now?
[21:26:41] <Coren>	 <Coren> Hm.  At any rate, things should work for you.  Would you like to try now?
[21:27:23] <pragunbhutani_>	 I'll give it a whirl
[21:27:40] <pragunbhutani_>	 nope, still the same
[21:27:54] <Coren>	 Oh!  I see your problem:  You shell account name is all-lowercase.
[21:28:22] <Coren>	 But you're starting it with an uppercase P. :-)
[21:28:47] <pragunbhutani_>	 oh you're right!
[21:28:50] <Coren>	 Jun 28 21:28:22 bastion1 sshd[21334]: Accepted publickey for pragunbhutani from [redacted] port 50808 ssh2
[21:28:50] <pragunbhutani_>	 I'm in! :D
[21:28:54] <aude>	 yay! :)
[21:28:54] <pragunbhutani_>	 thanks Coren 
[21:30:49] <Coren>	 pragunbhutani: No problem.