sudo-sys October 2018

sudo-sys@sudoroom.org

3 participants
3 discussions

by Yardena Cohen

Hi, I'm writing from Sudo Room in the Omni Commons (4799 Shattuck, account #10261). We've been using a static ipv4 address (142.254.26.9) to serve our large building for many years, and we'd like to start supporting ipv6 as well, but we're not sure what prefix we've been assigned, if any. Our router is only advertising link-local, as you can see here: $ ip address show dev enp3s0 2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:25:90:03:1f:66 brd ff:ff:ff:ff:ff:ff inet 142.254.26.9/24 brd 142.254.26.255 scope global enp3s0 valid_lft forever preferred_lft forever inet6 fe80::225:90ff:fe03:1f66/64 scope link valid_lft forever preferred_lft forever $ ip -6 neigh show fe80::223:6aff:febe:5932 dev enp3s0 lladdr 00:23:6a:be:59:32 router STALE $ rdisc6 -m enp3s0 Soliciting ff02::2 (ff02::2) on enp3s0... Hop limit : 64 ( 0x40) Stateful address conf. : No Stateful other conf. : Yes Mobile home agent : No Router preference : low Neighbor discovery proxy : No Router lifetime : 0 (0x00000000) seconds Reachable time : unspecified (0x00000000) Retransmit time : unspecified (0x00000000) Source link-layer address: 00:23:6A:BE:59:32 from fe80::223:6aff:febe:5932 -- Can you help us get set up? Thanks, Yar Omni Commons

6 years, 1 month

apt-listchanges: news for sudoroom.org

by root＠sudoroom.org

gnutls28 (3.3.30-0+deb8u1) jessie-security; urgency=high To ease maintenance and ensure complete coverage of complex security issues fixed upstream, we have upgraded to the latest upstream version of the 3.3.x branch. This includes some interoperability changes: * ARCFOUR (RC4) and SSL 3.0 are no longer included in the default priorities list. Those have to be explicitly enabled, e.g., with a string like "NORMAL:+ARCFOUR-128" or "NORMAL:+VERS-SSL3.0", respectively. * The ciphers utilizing HMAC-SHA384 and SHA256 have been removed from the default priority strings. They are not necessary for compatibility or other purpose and provide no advantage over their SHA1 counter-parts, as they all depend on the legacy TLS CBC block mode. * Follow closely RFC5280 recommendations and use UTCTime for dates prior to 2050. * Require strict DER encoding for certificates, OCSP requests, private keys, CRLs and certificate requests, in order to reduce issues due to the complexity of BER rules. * Refuse to import v1 or v2 certificates that contain extensions. -- Antoine Beaupré <anarcat(a)debian.org> Tue, 30 Oct 2018 10:26:33 -0400

6 years, 1 month

Cron <root@sudoroom> test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )

by root＠sudoroom.org

/etc/cron.daily/logrotate: logrotate_script: 2: logrotate_script: /usr/lib/php/php7.0-fpm-reopenlogs: not found error: error running non-shared postrotate script for /var/log/php7.0-fpm.log of '/var/log/php7.0-fpm.log ' run-parts: /etc/cron.daily/logrotate exited with return code 1

6 years, 2 months

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

sudo-sys October 2018