[00:07:03] --- haba has become available
[00:20:46] --- Simon Wilkinson has left
[00:25:52] --- lars has left
[00:55:03] --- haba has left
[00:56:09] --- haba has become available
[01:02:41] --- lars.malinowsky@gmail.com has become available
[01:29:53] --- jaltman has left: Disconnected
[01:43:11] --- jaltman has become available
[03:29:18] --- jaltman has left: Disconnected
[04:45:18] --- haba has left
[05:08:17] --- sxw has become available
[05:20:37] --- sxw has left
[06:00:21] --- lars.malinowsky@gmail.com has left
[06:00:26] --- lama has become available
[06:04:47] --- lama has left
[06:05:02] --- lama has become available
[06:54:06] --- reuteras has left
[06:54:56] --- jaltman has become available
[07:17:26] --- jaltman has left: Disconnected
[07:17:29] --- jaltman has become available
[07:36:48] --- deason has left
[07:36:50] --- deason has become available
[07:38:40] --- jaltman has left: Disconnected
[08:18:11] --- jaltman has become available
[08:31:39] --- jaltman has left: Replaced by new connection
[08:31:42] --- jaltman has become available
[09:17:24] <shadow@gmail.com/owl1FDC9F18> in seconds, the web site will finally comment on CVS-2011-0430

i'm not sure what should be said about 0431. i don't think it deserved
a CVE.
[09:22:53] <shadow@gmail.com/owl1FDC9F18> i am not the security officer damnit. however, until simon can deal,
something is there.
[09:26:44] <jaltman> what is the sha1 for 431?
[09:30:16] <shadow@gmail.com/owl1FDC9F18> abe706a7e237d3872db3638d947a14c935370d5 and
f7d298d367cc5deea00a44601f845f543993ef09
[09:30:29] <shadow@gmail.com/owl1FDC9F18> er, 5abe706a7e237d3872db3638d947a14c935370d5
[09:33:14] <meffie> thank you derrick
[09:33:46] <shadow@gmail.com/owl1FDC9F18> what, for taking a long time to not completely do the job?
[09:34:24] <meffie> heh, no, for completing.
[09:35:05] <shadow@gmail.com/owl1FDC9F18> it's not complete. i have no pgp key
[09:36:30] <shadow@gmail.com/owl1FDC9F18> well, not the security officer pgp key
[09:36:35] <shadow@gmail.com/owl1FDC9F18> i certainly have my own
[09:36:59] <jaltman> Since CVE-2011-0431 was published we need to say something about it.   Even if what is said simply corrects the description that was published by Debian.
[09:41:57] <shadow@gmail.com/owl1FDC9F18> lemme look
[09:42:14] <shadow@gmail.com/owl1FDC9F18> fine. 1.4.14 is fine. that's what i'll say
[09:52:45] --- rra has become available
[09:58:33] <kaduk@mit.edu/barnowl> Hmm the FreeBSD "section" on the pre2 release page looks ... rather
inconsistent with the sections for the other OSes.
[09:58:55] <shadow@gmail.com/owl1FDC9F18> the script that generates that page:
/afs/andrew.cmu.edu/usr/shadow/make_www_release.pl
[09:59:04] <shadow@gmail.com/owl1FDC9F18> feel free to submit a patch
[09:59:12] <shadow@gmail.com/owl1FDC9F18> er, without .pl
[09:59:25] <kaduk@mit.edu/barnowl> I knew you were going to say that.
[09:59:30] <rra> Should I make the openafs-tools repo publicly cloneable?
[09:59:32] <shadow@gmail.com/owl1FDC9F18> who me never
[09:59:35] <shadow@gmail.com/owl1FDC9F18> russ, sure
[09:59:38] <rra> I don't think there's anything in there that has to be private.
[09:59:44] <shadow@gmail.com/owl1FDC9F18> there is nothing in it we care about being public
[10:00:04] <rra> Okay, I'll do that later today.  Then people can just git clone it and have a basis for patches.
[10:00:10] <shadow@gmail.com/owl1FDC9F18> that works
[10:00:26] <shadow@gmail.com/owl1FDC9F18> thing is when i run it i run it from my homedir, usually on johnstown
[10:01:09] <rra> In theory, it's supposed to have the bits on git.openafs.org that would let you run it from there, but I don't think we ever sorted out all the issues.
[10:01:15] <rra> Plus, it's probably easier for you to do it elsewhere.  :)
[10:01:32] <kaduk@mit.edu/barnowl> Maybe I will try to learn some perl ... after work.
[10:27:19] <shadow@gmail.com/owl1FDC9F18> http://andrewvos.com/2011/02/21/amount-of-profanity-in-git-commit-messages-per-programming-language/
[10:32:48] --- jaltman has left: Disconnected
[10:44:04] <deason> every time I see that linked, I think 'andrew vos' is some kind of afs joke
[11:12:57] --- jaltman has become available
[11:38:52] --- jaltman has left: Disconnected
[12:36:58] --- jaltman has become available
[12:37:33] --- jaltman has left: Replaced by new connection
[12:37:34] --- jaltman has become available
[13:32:39] --- jaltman has left: Disconnected
[13:55:06] --- jaltman has become available
[15:18:35] --- deason has left
[18:05:12] --- deason_ has become available
[18:20:37] --- rra has left: Disconnected
[18:28:30] <kaduk@mit.edu/barnowl> Is it considered best practice to 'fs setcrypt on' in a default init
script configuration?
[18:30:54] <andersk> That’s already the default these days, right?
[18:31:16] <jaltman> it is the default on Windows and only on Windows
[18:35:21] <kaduk@mit.edu/barnowl> [kaduk@hysteresis /usr/devel/openafs/git/openafs/src/afsd]$ grep crypt *
CellServDB:18.89.1.204                     #crypt.mit.edu
afs.rc.obsd:/usr/vice/bin/fs setcrypt on

Of course, I don't fully expect all of these rc scripts to be
up-to-date ...
[18:36:34] <kaduk@mit.edu/barnowl> The Debian configuration appears to check afs.conf.client for a value of
AFS_CRYPT; I'm not sure where the defaults come from.
[18:39:06] --- Russ has become available
[19:04:38] <Russ> debconf and the maintainer scripts.
[19:05:40] <Russ> The Debian packages have been running fs setcrypt on in the init script since 1.2.3final2-1.
[19:06:09] <Russ> Actually, 1.2.3final-1.
[19:06:46] <kaduk@mit.edu/barnowl> So, "yes". :)
[19:10:22] <Russ> Yes.  :)
[19:16:56] <kaduk@mit.edu/barnowl> What's an easy way to tell if a running fileserver is inode or namei?
[19:17:42] <kaduk@mit.edu/barnowl> If I have /vicepr/V0536983430.vol , that means namei, I hope?
[19:50:47] <kaduk@mit.edu/barnowl> Am I doing something obviously wrong?

make[3]: Entering directory `/opt/zone/openafs/openafs-1.6.0pre2/src/sys'
+ case amd64_linux26 in
+ case amd64_linux26 in
/usr/local/bin/install -c -d ../libafs/afs
Bad switch -d
[19:58:34] <jhutz@jis.mit.edu/owl> Where did /usr/local/bin/install come from?
[19:59:16] <kaduk@mit.edu/barnowl> [root@timex sys]# echo $PATH
/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
[20:00:05] <kaduk@mit.edu/barnowl> Grumble.
[20:02:16] <jhutz@jis.mit.edu/owl> Either AC_PROG_INSTALL has incorrectly identified that install as
being good enough when in fact it is not (which would be a bug in
autoconf), or -d is simply not portable.
[20:02:58] <kaduk@mit.edu/barnowl> /usr/local/bin/install is a sixth the size of /usr/bin/install; I'm
giving it another shot with a corrected PATH ordering.
We still seem to have a bug, though.
[20:04:49] <jhutz@jis.mit.edu/owl> One of those is probably a shell script.
[20:04:58] <kaduk@mit.edu/barnowl> Nope.
[20:05:10] <jhutz@jis.mit.edu/owl> Is one of them afs's install?
[20:05:19] <kaduk@mit.edu/barnowl> Looks like it.
[20:05:33] <jhutz@jis.mit.edu/owl> Hrm; I didn't think we installed that any more.
[20:05:50] <kaduk@mit.edu/barnowl> This system has what appears to be 1.4.8 currently installed.
[20:06:46] <jhutz@jis.mit.edu/owl> Oh; in 1.4.x we do for 'make dest', but not for 'make install'
[20:07:29] <jhutz@jis.mit.edu/owl> And that install indeed does not support -d.
And we really shouldn't assume that an install configure finds for us
supports -d either, since it doesn't test for that.
[20:14:51] --- deason_ has left
[20:14:56] --- deason_ has become available
[20:15:14] <deason_> > that means namei, I hope
no, both namei and inode have .vol files
[20:15:23] <deason_> but you can look for the AFSIDat directory
[20:15:42] <deason_> "easiest" way I'veusually heard is to just nm fileserver | grep namei
[20:16:21] <kaduk@mit.edu/barnowl> There are several functions in the output of that ... so I'm running
namei, then?
[20:23:11] <deason_> yep
[20:24:07] <kaduk@mit.edu/barnowl> Cool.  Thanks.
[20:25:10] <kaduk@mit.edu/barnowl> (Though if the single disk.timex.r volume on the server was lost, I
really wouldn't care.)
[21:19:39] --- deason_ has left
[22:59:07] --- reuteras has become available
[23:08:34] --- jaltman has left: Disconnected
[23:19:57] --- Russ has left: Disconnected