Does the SUPERMICRO Java KVM application work on any Linux with a GUI? I need it to remotely mount ISOs to machines for installation. Nothing else. (No mounting CD-ROM images over iKVM does not work.)

I just cannot afford the waiting game with this Windows 10 VM anymore. Any click literally takes minutes…

Rant, Raspberry Pi OS, IPv6 

To get a Raspberry Pi with RasPi OS into accepting an IPv6 router advertisement seems to be something that gazillions of people have posted about on their blogs. Only, none of these actually work.

IPv6 is enabled, link-local works. No /etc/network magic seems to make this thing accept RA, get SLAAC working or DHCPv6. My assisted network supports *all* of them.

The Raspi is the only host on the network that doesn't work with IP.

Current status:

$¯sudo port install py39-ansible
---> Computing dependencies for py39-ansible
---> Cleaning py39-ansible
---> Scanning binaries for linking errors
---> No broken files found.
---> No broken ports found.

$¯which ansible-playbook
ansible-playbook not found

1$¯which ansible
ansible not found

1$¯which ansible-vault
ansible-vault not found


What was I thinking, installing a package via a package manager would actually result in an installed package?

Wanted to advance my `ansible` setup and add another host. Now I'm kinda lost debugging this SSH issue which *only* happens when `ansible` connects. Basically it drops the MasterConnection after a few seconds for no apparent reason.

Connecting over `ssh` to that host, with these exact settings from my ~/.ssh/config works perfectly fine.

The by far least helpful `man` page for users is probably `builtin(1)` and especially anything that redirects a there.

A user seeking help on the syntax of a shell builtin command (on the current flavour of the OS/shell combination they're using) is usually left with the enlightenment of “it exists” at best, but no synopsis or syntax available at all.

I consider `builtin(1)` a documentation bug.

Current status:

$ while true ; do curl -sI $URL | grep "Last-Modified" ; done
Last-Modified: Thu, 17 Sep 2020 20:32:37 GMT
Last-Modified: Thu, 17 Sep 2020 20:32:37 GMT
Last-Modified: Thu, 17 Sep 2020 20:15:40 GMT
Last-Modified: Thu, 17 Sep 2020 20:15:40 GMT
Last-Modified: Thu, 17 Sep 2020 20:15:40 GMT
Last-Modified: Thu, 17 Sep 2020 20:32:37 GMT
Last-Modified: Thu, 17 Sep 2020 20:32:37 GMT
Last-Modified: Thu, 17 Sep 2020 20:32:37 GMT

OR: It took very little time to send this message

Some tools just are worth using for the entertainment value of their useless log messages alone.

FreeBSD ezjail-admin problems 

Seems the restore function in ezjail-admin(8) is broken.

ezjail-admin create jail
ezjail-admin start jail
ezjail-admin console jail
works inside jail; ^D
ezjail-admin stop jail
ezjail-admin archive jail
ezjail-admin delete -w jail
ezjail-admin restore jail

Error: Insecure permissions for archive jail-202008061500.55.tar.gz.
Please check the file and fix permission (chmod og-w) if you trust its source.

file mode 400, dir 700, root:wheel.

Circular dependency Yak-shaving. - The Yak that keeps on keeping on.

#SysadminLife IMAP migration 

So there's this *really* old IMAP server, running MDaemon 6.8.5 (ca. 2003) and I need to migrate the data away to something more modern.

imapsync is unable to authenticate successfully, no matter what I try. (Thunderbird is able to connect, authenticate and sync, so I am certain the credentials I got are correct.)

offlineimap crashes from package, and from source.

I've never been let down by offlineimap.

I guess that's a client side migration.

Wie lange dauert dieses „just a moment…“ so im Schnitt?
Sollte ich mir nach mehreren Stunden Warteanimation beginnen Sorgen zu machen oder kann das auch mal länger dauern?


tech I had to deal with during the last weeks

- L2TP/IPSec
- IPSec IKEv1 PSK (with ciphers like PSK_LOLCAT_ROLLINGSUM)
- IKEv1 EAP-MSChapv2
- IKEv2 EAP-TLS (PKI/Certs)
- OpenVPN
- Wireguard
- PPTP

People expect that
- you know each from the top of your head in and out
- they work on every device
- all vendors are compatible with every other vendor
- it's free
- it's instant
- it works flawlessly on every broken, triple NATed, censored network

What I actually prefer: ssh

Dear npmjs: Please get rid of your active attacker, that means Cloudflare.

npm update fails because Cloudflare is actively blocking updates meaning more vulnerable systems out there.

Access denied | registry.npmjs.org used Cloudflare to restrict access


Trying to figure out a way how to bootstrap PostGreSQL database creation and separating the databases into their own ZFS dataset each.

Meaning I would need to know where a new db would get created in advance so I can mount a dataset there.

If you're providing online services, communications or network infrastructure for other people and you have any kind of basic ethical foundation for what you do:

This talk by Paul Vixie gives a good overview about the problems with the current DoH (DNS over HTTPS) advancements by commercial traffic interceptors like Cloudflare and how Mozilla/Firefox is selling you and your private data out to them.

This is an hour *really* well spent!

invidio.us/watch?v=ZxTdEEuyxHU

Some “installation documentations” of open source projects really makes me wonder if anyone ever tried to use them to actually install said application.

And then, there's these bonmots in the “activate background jobs” section:

[root@all] su - openproject -c "bash -l"
[openproject@all] crontab -e

Sadly Tor Project removed the .wmi file which contained just the version numbers of the current tor stable and alpha releases (#404) which kills my version alerts.

For those who wonder what a .wmi file is, that is a WAP file. If you wonder what WAP was…
en.wikipedia.org/wiki/Wireless

Why did I use that .wmi file in the first place? Because it was super-easy to grep. Don't ask why I grep in XML…

Show older
chaos.social

chaos.social – a Fediverse instance for & by the Chaos community