#sysadminnery — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #sysadminnery, aggregated by home.social.
-
Cloudflare Turnstile is garbage. If you use it, you will turn away Safari 26 users.
The troubleshooting process can get Safari users to a page where CF admits that they are requiring browsers to be fingerprintable.
FUCK THAT.
There is NOTHING online that is so critical that I will knowingly give a consistent fingerprint of my browser to Cloudflare. They are not an ethical actor. They absolutely cannot be trusted.
-
Just ran out of brainpower for the day trying to fix WTF a dev w/root on a production box did to deploy a #uwsgi application. Dev in question: no longer available. Apparently he didn't know there was a EL package available or how the “Emperor" rig works, so the app needs to be started by hand on every reboot. This was not a documented fact.
I failed to hack up a fix. The Emperor kept cursing the application instance. I like the absurd terminology, hate the documentation... -
Oh. Huh. Imagine that….
The .org root DNSSEC is gerbusterficated or in transition or something.
-
dnsviz is being cranky for me. Everyone else stop using it for the day, OK?
-
#FreeBSD #HotTake: Even though everyone with deeper #firewall juju than myself says #pf is better than #ipfw, so I guess it must be, I still like knowing my rules by numbers that don’t change. Plus I have tools written over many years around ipfw and would need to totally redesign them conceptually for pf. I don't have enough working years to do that.
-
It seems to me based on mailing list traffic like a lot of people are seeing the free side of MS email (outlook.com, hotmail.com, etc. not paying customers on ms365) doing what it so often does today: mystery rejections and dropping mail on the floor.
I assure you: if you're getting bounces because of this, your mail admin knows that it is happening and has NO WAY to address it. -
I never ceases to amaze me that mail systems do this shit. I know it was a thing with Sendmail but most of us have moved on or at least fixed the stupid mailer flags.
-
It’s a rhetorical Q.
It’s almost a miracle that it was found.It’s also why I do a paranoid level of consistency checks on every #SpamAssassin release. Our definitive repo is in Apache SVN, so we don’t have precisely the same vulnerability as libxz had, but I still verify that no matter how one gets the source, it is identical to what we've checked in.
#FOSS #Sysadminnery #InfoSec @mjg59 https://nondeterministic.computer/@mjg59/115961116648470244
-
I’m almost at the point of just installing the relevant software on the bare metal host (already doing email…) like it’s 1999 and I only have one box.
-
My best "rubber duck" is whatever public support fora exist for whatever I'm bloodying my forehead on. I rarely actually get useful responses, but just asking does something, sometimes.
e.g. https://forum.opennebula.io/t/debugging-domain-creation/14158/1
I'd been fighting this problem for many weeks, making little progress, largely because I didn't have decent time focusing on it. This morning I hit on the right places to look and found a huge mess underneath, but at least I fixed it.
-
The people committed to DDoSing the #Apache #SpamAssassin RuleQA server seem to have substantial resources. I’ve blocked a lot of them, but they keep coming, asking about things like the May 7 2017 performance of a single rule in one contributor's stats. Not stuff real people want.
Of course, there's a resource they do not have. Our sysadmins, both those employed by #TheASF to watch all of our infra and the volunteer cadre focused on SA. We'll keep whacking the moles...
-
Well then, I guess I’ll have to replace that disk…
Except it’s a virtual disk, and should NOT be doing that. None of the other umpty-zillion VMs in that zone are showing trouble. Only this one. And the 3 other instances I launched before based on the the same original image, provided as a pre-built one for #OpenNebula from the #Alma site. On different physical hosts.
I am pondering how the content+config of system image could lead to this. sysctls?
-
Is it really possible for svn.apache.org to be down and only the #SpamAssassin utility host and me to notice?
-
This sounds so much worse than it can actually be, given that I have no alerts on anything being down…
I mean, “entire IBX" means the whole damn building and “out of service" seems like it would need to be a smoking crater.
-
Currently have a few dozen machines needing various upgrades/migrations:
CentOS7->Alma9
CentOS8->Alma9
FreeBSD13.2->13.3
FreeBSD13.3->14.1
FreeBSD14.0->14.1As these all have extended ‘paint drying’ sub-tasks, it is no problem at all to be doing 2-4 of these simultaneously. There is no way I could lose track of which is which and how each one’s sequencing is going.
-
I'm happy to announce the release of ASF SpamAssassin v4.0.1. This is a bugfix/anti-bitrot release, adapting to the latest Perl & dependency updates & sanding down some corner cases, e.g. it can once again be built from source & fully tested w/o wizardly effort on Windows with recent Perl.
Sidney Markowitz (our PMC chair) acted as release manager for this release.
https://spamassassin.apache.org
#Spam #email #Sysadminnery #SpamAssassin #ASF #ApacheSoftwareFoundation #FOSS #Perl https://toad.social/@grumpybozo/112112275474287209 -
LB: As someone who was an unwitting witness (grunt L2 support sysadmin) at the purported birth (or conception? courtship? lusty leering?) of "#Agile" at #DaimlerChrysler, I have never been able to take it seriously.
That legendary payroll project was a total clusterfuck that never fully deployed. Pilot users were back-migrated to the old mainframe tool. When I heard years later that it was supposedly one origin of "Agile" development I thought I was being #pranked.