daniels changed the topic of #freedesktop to: https://www.freedesktop.org infrastructure and online services || for questions about freedesktop.org projects, please see each project's contact || for discussions about specifications, please use https://gitlab.freedesktop.org/xdg or xdg@lists.freedesktop.org
AbleBacon_ has quit [Read error: Connection reset by peer]
jenatali has quit [Quit: Client limit exceeded: 20000]
vulpes2[m] has quit []
alatiera[m] has quit [Quit: Client limit exceeded: 20000]
Kayden has quit [Quit: -> BBH]
karenthedorf has quit [Remote host closed the connection]
karenthedorf has joined #freedesktop
twopubsolar[m] has quit [Quit: Client limit exceeded: 20000]
phire has joined #freedesktop
ylatuya[m] has quit [Quit: Client limit exceeded: 20000]
phire_ has joined #freedesktop
phire is now known as Guest247
phire_ is now known as phire
Guest247 has quit [Ping timeout: 480 seconds]
adziahel[m] has quit [Quit: Client limit exceeded: 20000]
aenderboy[m] has quit [Quit: Client limit exceeded: 20000]
ashelytina[m] has quit [Quit: Client limit exceeded: 20000]
bendlas[m] has quit [Quit: Client limit exceeded: 20000]
BLumia[m] has quit [Quit: Client limit exceeded: 20000]
chrysn[m]1 has quit [Quit: Client limit exceeded: 20000]
dabrain34[m]1 has quit [Quit: Client limit exceeded: 20000]
Hiperion[m] has quit []
ehfd[m] has quit [Quit: Client limit exceeded: 20000]
ewlsh[m] has quit [Quit: Client limit exceeded: 20000]
havdan[m] has quit [Quit: Client limit exceeded: 20000]
marcel203s[m] has quit [Quit: Client limit exceeded: 20000]
Mark[m]1 has quit [Quit: Client limit exceeded: 20000]
muhlinux[m] has quit [Quit: Client limit exceeded: 20000]
nee[m] has quit [Quit: Client limit exceeded: 20000]
pocek[m] has quit [Quit: Client limit exceeded: 20000]
reddishblue[m] has quit [Quit: Client limit exceeded: 20000]
rpurdie[m] has quit [Quit: Client limit exceeded: 20000]
seaweed[m] has quit [Quit: Client limit exceeded: 20000]
serbbenzo[m] has quit [Quit: Client limit exceeded: 20000]
therealsteamlord[m] has quit [Quit: Client limit exceeded: 20000]
zredshift[m] has quit [Quit: Client limit exceeded: 20000]
marcheu has joined #freedesktop
bmodem has joined #freedesktop
marcheu has left #freedesktop [#freedesktop]
lsd|2 has joined #freedesktop
lsd|2 has quit []
sima has joined #freedesktop
AbleBacon has joined #freedesktop
tzimmermann has joined #freedesktop
AbleBacon has quit [Remote host closed the connection]
<bentiss>
daniels: have you manually wiped out /run/github-mirror/.ssh/authorized_keys on kemper? this disappeared and all of the mirroring from gitlab to cgit is now broken
<daniels>
bentiss: nope, but being in /run/ it would've got wiped on reboot?
<bentiss>
oh, right
<bentiss>
can we add the keys to ldap?
<daniels>
hngh
<bentiss>
or is it still broken?
<daniels>
I can do that with ldapvi
<daniels>
just paste me the keys somewhere
<bentiss>
I'd need to retrieve them on the various repos, but in a meeting ATM
smpl has joined #freedesktop
<bentiss>
daniels: also the gitlab-mirror user seems to have lost his id, so maybe you'll need to also grant this user access to the drm and mesa repos
bmodem has joined #freedesktop
<daniels>
ok, done now
privacy has joined #freedesktop
<bentiss>
I'm still getting Permission denied (publickey) AFAICT
<bentiss>
and of course, retrying is not an option if the last attempt failed :(
<daniels>
yeah, userdir-ldap got absolutely mangled in the upgrade, and I wonder if sshd did as well
<daniels>
hmm nope, the only gitlab-mirror connections in the last 30min were all successful
<daniels>
gtg though - running late to pilates and really need to be at that one since my back is kinda broken atm :P
bmodem has quit [Ping timeout: 480 seconds]
<bentiss>
damn, well, have fun, it can definitely wait a few more hours
<bentiss>
daniels: FWIW, it could be that kemper is not answering to ipv6
<svuorela>
has git fallen off a cliff ?
<Mithrandir>
daniels: I thought I fixed the userdir-ldap problems, what's still missing?
Haaninjo has joined #freedesktop
bmodem has joined #freedesktop
mripard has joined #freedesktop
Haaninjo has quit [Quit: Ex-Chat]
lsd|2 has joined #freedesktop
Venemo has joined #freedesktop
glehmann_ has joined #freedesktop
glehmann_ has quit []
glehmann has joined #freedesktop
glehmann has quit []
Venemo has quit []
<daniels>
Mithrandir: turns out I was looking in the wrong place for gitlab-mirror and SSH, since it's using the per-user key files rather than merged ssh-rsa-shadow now, but the main one is that the LDAP schemas are somehow incoherent
mvlad has joined #freedesktop
<daniels>
/etc/ldap/schemas/userdir-ldap.conf has the correct schema, but the actual LDIF schema slapd has in /etc/ldap/slapd.d/ is missing a bunch of stuff, notably including allowedGroups for the host entries
<Mithrandir>
ah, ok. That seems like a bug™, it might well be I should have imported that.
<Mithrandir>
are you fixing, or should I?
<daniels>
I did just enough fooling with configs to fix LDAP authentication (since it appeared to be RO), but I started losing the will to live trying to figure out how to patch the schema
<daniels>
it looks like you need slapcat/slapadd to do that; trying to do it online was complaining that it was immutable, which tbh is fair enough
<daniels>
if you have the time then please feel free as I'm stuck in other stuff for the rest of today
<Mithrandir>
"ldapvi -h ldapi:/// -Y EXTERNAL -b cn=config" as root to edit stuff with ldapvi, btw.
<Mithrandir>
I'll take a look.
<daniels>
right, I tried doing that to patch the schema, but then got an error when applying suggesting that it was immutable
<Mithrandir>
ok
<daniels>
oh yeah, the other one was that I needed to set olcSizeLimit, else ud-generate was failing to get any results back at all
<Mithrandir>
I thought I fixed that one earlier.
<daniels>
the default olcSizeLimit was set to unlimited, but the udl db was on 500
<daniels>
thanks btw :) sorry if I sound grumpy, just in quite a bit of pain
<daniels>
but I do appreciate it
<Mithrandir>
No worries! Hope the pain goes away soon.
<daniels>
thanks!
<Mithrandir>
daniels: worked fine for me to update those attributes, so not sure what was wrong.
bmodem has quit [Ping timeout: 480 seconds]
privacy has quit [Quit: Leaving]
guludo has joined #freedesktop
Venemo has joined #freedesktop
glehmann has joined #freedesktop
samuelig has quit []
bmodem has joined #freedesktop
samuelig has joined #freedesktop
tzimmermann_ has joined #freedesktop
tzimmermann has quit [Read error: Connection reset by peer]
guludo has quit [Ping timeout: 480 seconds]
guludo has joined #freedesktop
scrumplex_ has joined #freedesktop
scrumplex has quit [Ping timeout: 480 seconds]
pookie has quit []
vkareh has joined #freedesktop
balrog has quit [Quit: Bye]
balrog has joined #freedesktop
bmodem has quit [Ping timeout: 480 seconds]
gert31 has joined #freedesktop
privacy has joined #freedesktop
lsd|2|2 has joined #freedesktop
lsd|2 has quit [Read error: No route to host]
lsd|2|2 has quit []
samuelig has quit [Quit: Bye!]
samuelig has joined #freedesktop
<eric_engestrom>
gitlab has been really slow for me for a couple of hours, both web and git (ssh)
<eric_engestrom>
(and it's not my internet, other websites are responsive)
tzimmermann_ has quit []
<__tim>
having problems pushing branches to gitlab with ssh, I'm guessing it's getting hammered after the CVE?
<__tim>
hrm, works again now :)
<eric_engestrom>
yeah it's a bit better for me now
<eric_engestrom>
and yeah it's possible every script kiddie out there is trying to get into every public ssh server, I hadn't thought about that as a possible cause :/
alanc has quit [Remote host closed the connection]
alanc has joined #freedesktop
cptaffe` has joined #freedesktop
cptaffe has quit [Ping timeout: 480 seconds]
<Lyude>
it's still being slow for me, but only on git pulls from anongit
<Lyude>
emersion, daniels, bentiss ^ jfyi git pull from anongit seems to hang forever. decided to try to ssh into freedesktop.org just to see if it would respond and it seems like that's down as well. figured I should mention it considering the ssh vuln that dropped yesterady
<emersion>
someone on mastodon mentioned IPv6 connectivity issues
<Lyude>
oh that might be it, let's see
<Lyude>
yep!
<Lyude>
looks like that's exactly it, thanks
<Lyude>
...emersion: for ssh, at least. i'm not seeing anything on git pull still
<daniels>
they’re upgraded for that
Haaninjo has joined #freedesktop
gert31 has quit [Quit: Leaving]
vx has quit [Quit: G-Line: User has been permanently banned from this network.]
vx has joined #freedesktop
AbleBacon has joined #freedesktop
mvlad has quit [Remote host closed the connection]