Re: [DNG] ifconfig deprecated?

Hello Steve. Steve Litt - 21.11.17, 23:34: > On Mon, 20 Nov 2017 22:55:36 -0500 > > Hendrik Boom wrote: > > On Tue, Nov 21, 2017 at 05:53:49PM +0100, Jaromil wrote: > > > nono, as I wrote: that script doesn't works anymore, if ran on a > > > freshly debootstrapped version of Debian 9. It seemed

Re: [DNG] ifconfig deprecated?

Hello Hendrik. Hendrik Boom - 21.11.17, 07:05: > On Tue, Nov 21, 2017 at 05:34:15PM -0500, Steve Litt wrote: > > On Mon, 20 Nov 2017 22:55:36 -0500 > > > > Hendrik Boom wrote: > > > On Tue, Nov 21, 2017 at 05:53:49PM +0100, Jaromil wrote: > > > > nono, as I wrote: that script doesn't works anymo

Re: [DNG] ifconfig deprecated?

On Wed, Nov 22, 2017 at 10:45:12AM +0100, Martin Steigerwald wrote: > For that I do not know a ip command out of the box. But > > merkaba:~> netstat -i > Kernel-Schnittstellentabelle > Iface MTURX-OK RX-ERR RX-DRP RX-OVRTX-OK TX-ERR TX-DRP TX-OVR Flg > eth0 1500 6190114 0

Re: [DNG] rc.local removed from Debian 9, rly?

On 22/11/17 08:48, Didier Kryn wrote: Le 22/11/2017 à 07:19, John Hughes a écrit : Is there any way to read a file in format X without a program that reads format X?     The question is why use yet another "proprietary format"? Just to force people to be use systemd for every task they need

Re: [DNG] rc.local removed from Debian 9, rly?

On Wed, 22 Nov 2017, John Hughes wrote: > > On 22/11/17 06:50, KatolaZ wrote: > > On Wed, Nov 22, 2017 at 02:59:11AM +0100, Arnt Karlsen wrote: > > > > > ..is there a way to decode and read those binary systemd journal logs > > > on classic POSIX/Unix etc forensic systems _not_ running systemd?

Re: [DNG] rc.local removed from Debian 9, rly?

On 21-11-17 19:46, Jaromil wrote: On Tue, 21 Nov 2017, John Hughes wrote: Come to think about it, if the problem was that their rc.local was failing somewhere then they should be able to see that in the output of systemctl or journalctl. Assuming they're using systemd, of cours

Re: [DNG] rc.local removed from Debian 9, rly?

On 22/11/17 11:42, Jaromil wrote: On Wed, 22 Nov 2017, John Hughes wrote: No way to do that?  Seriously?  No way at all? jeez, is John a troll? My little joke about the usefulness of the systemd journal in diagnosing the /etc/rc.local problem could conceivably be considered trolling.  The

Re: [DNG] ifconfig deprecated?

Adam Borowski wrote: >> merkaba:~> netstat -i > You want "ip -s a", I'm too lazy to see if you can get just the counters. Or use the contents of /proc/net/dev ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listi

Re: [DNG] rc.local removed from Debian 9, rly?

On Wed, Nov 22, 2017 at 12:24:28PM +0100, John Hughes wrote: > On 22/11/17 11:42, Jaromil wrote: > >On Wed, 22 Nov 2017, John Hughes wrote: > > > >>No way to do that?  Seriously?  No way at all? > >jeez, is John a troll? > > My little joke about the usefulness of the systemd journal in diagnosing

Re: [DNG] rc.local removed from Debian 9, rly?

Hi all, I've read all the followup until 2017-11-22T10:21Z. I may follow up on selected posts, but I wanted to tackle this first. KatolaZ writes: > On Tue, Nov 21, 2017 at 04:05:47PM +0100, John Hughes wrote: >> On 21/11/17 15:53, KatolaZ wrote: >> >> >What matters is that we need to retain ini

Re: [DNG] rc.local removed from Debian 9, rly?

On 22/11/17 12:32, KatolaZ wrote: On Wed, Nov 22, 2017 at 12:24:28PM +0100, John Hughes wrote: I was amazed that KatolaZ couldn't imagine any way of reading text from a file without a special application, doesn't he have strings(1) on his "forensic system"? As for journalctl, you forget to me

Re: [DNG] rc.local removed from Debian 9, rly?

On Wed, 22 Nov 2017 02:28:45 -0500, Steve wrote in message <20171122022845.1327c...@mydesk.domain.cxm>: > On Wed, 22 Nov 2017 02:59:11 +0100 > Arnt Karlsen wrote: > > > On Tue, 21 Nov 2017 18:21:14 +0100, John wrote in message > > : > > > > > (Damn but the systemd journal is great :-))

[DNG] ..forensics on systemd or journald logs, was: rc.local removed from Debian 9, rly?

On Wed, 22 Nov 2017 07:19:20 +0100, John wrote in message : > On 22/11/17 02:59, Arnt Karlsen wrote: > > On Tue, 21 Nov 2017 18:21:14 +0100, John wrote in message > > : > > > >> (Damn but the systemd journal is great :-)) > > ..is there a way to decode and read those binary systemd journal >

Re: [DNG] rc.local removed from Debian 9, rly?

On Wed, Nov 22, 2017 at 07:50:44PM +0900, Olaf Meeuwissen wrote: > > Whether /etc/rc.local will be run (and on what run levels) is, IMHO, a > matter for *your* init system to decide. If your init system wants to > cater to a decades long tradition of running /etc/rc.local at system > startup, it

Re: [DNG] ..forensics on systemd or journald logs, was: rc.local removed from Debian 9, rly?

Arnt Karlsen writes: you appear to suggest that law enforcement wanting to read systemd journal logs, _should_ depend on the mercy of systemd developers not "filtering" away inconvenient evidence of e.g. systemd developer wrongdoing from said law enforcement. That's routine. Few readers read

Re: [DNG] ..forensics on systemd or journald logs, was: rc.local removed from Debian 9, rly?

> That's routine. Few readers read everything that can be read. For example, > look at postgres. Its binary file format reveals quite a bit more than you > can get using psql, and by design: The writer and binary format are > intended for storing things quickly and reliably, and the reader for > re

Re: [DNG] ..forensics on systemd or journald logs, was: rc.local removed from Debian 9, rly?

On 22/11/17 14:18, Aldemir Akpinar wrote: That's routine. Few readers read everything that can be read. For example, look at postgres. Its binary file format reveals quite a bit more than you can get using psql, and by design: The writer and binary format are intended for storing

Re: [DNG] ..forensics on systemd or journald logs, was: rc.local removed from Debian 9, rly?

On 22 November 2017 at 17:03, John Hughes wrote: > On 22/11/17 14:18, Aldemir Akpinar wrote: > > > That's routine. Few readers read everything that can be read. For example, >> look at postgres. Its binary file format reveals quite a bit more than you >> can get using psql, and by design: The wri

Re: [DNG] ..forensics on systemd or journald logs, was: rc.local removed from Debian 9, rly?

Aldemir Akpinar writes: Could you elaborate why are you comparing a relational database system where its files must be binary with a logging system where its files doesn't need to binary? You make it sound is if binary files were some sort of horror that requires special justification. Please

Re: [DNG] ..forensics on systemd or journald logs, was: rc.local removed from Debian 9, rly?

On 22 November 2017 at 17:22, Arnt Gulbrandsen wrote: > Aldemir Akpinar writes: > >> Could you elaborate why are you comparing a relational database system >> where its files must be binary with a logging system where its files >> doesn't need to binary? >> > > You make it sound is if binary file

Re: [DNG] ..forensics on systemd or journald logs, was: rc.local removed from Debian 9, rly?

On 22/11/17 14:22, Arnt Gulbrandsen wrote: Aldemir Akpinar writes: Could you elaborate why are you comparing a relational database system where its files must be binary with a logging system where its files doesn't need to binary? You make it sound is if binary files were some sort of horror

[DNG] OT (..but relevant): reboot command on debian 8 no longer works

Just a heads up. Maybe this is old news to everyone but I run some Proxmox hosts which are based off Debian 8 (I believe) and we've had random problems with the reboot command hanging the system for a good 6 months now. Seems the simple 'reboot' command has been rendered useless. https://www.techre

Re: [DNG] ifconfig deprecated?

Adam Borowski - 22.11.17, 11:06: > On Wed, Nov 22, 2017 at 10:45:12AM +0100, Martin Steigerwald wrote: > > For that I do not know a ip command out of the box. But > > > > merkaba:~> netstat -i > > Kernel-Schnittstellentabelle > > Iface MTURX-OK RX-ERR RX-DRP RX-OVRTX-OK TX-ERR TX-DRP

Re: [DNG] ..forensics on systemd or journald logs, was: rc.local removed from Debian 9, rly?

On 22/11/17 15:08, Aldemir Akpinar wrote: On 22 November 2017 at 17:03, John Hughes > wrote: On 22/11/17 14:18, Aldemir Akpinar wrote: Could you elaborate why are you comparing a relational database system where its files must be binary with a logging s

Re: [DNG] ..forensics on systemd or journald logs, was: rc.local removed from Debian 9, rly?

Aldemir Akpinar writes: No, I've actually asked an honest question. In that case you'll get my honest answer. I've implemented several file/network formats vaguely like that journal format, one of them has likely been used by millions of people. In each case, the team decided to use a heade

Re: [DNG] ..forensics on systemd or journald logs, was: rc.local removed from Debian 9, rly?

On 2017-11-22 09:46 AM, Arnt Gulbrandsen wrote: Aldemir Akpinar writes: No, I've actually asked an honest question. In that case you'll get my honest answer. I've implemented several file/network formats vaguely like that journal format, one of them has likely been used by millions of people

Re: [DNG] ..forensics on systemd or journald logs, was: rc.local removed from Debian 9, rly?

Le 22/11/2017 à 13:58, Arnt Gulbrandsen a écrit : If you really want to look at the details in postgres, you can take a good guess at whether two rows were inserted at the same time or one later than the other.     Well, postgress is a database manager. You have a choice of several others; th

Re: [DNG] ..forensics on systemd or journald logs, was: rc.local removed from Debian 9, rly?

Didier Kryn writes: Well, postgress is a database manager. You have a choice of several others; they must be able to deal with high fluxes of data. None of them is a critical system component. WTF? Postgres is a critical system component of every single server where I've ever installed th

Re: [DNG] rc.local removed from Debian 9, rly?

Quoting Arnt Karlsen (a...@iaksess.no): > On Wed, 22 Nov 2017 02:28:45 -0500, Steve wrote in message > <20171122022845.1327c...@mydesk.domain.cxm>: > > A T > > ..er, I _totally_ lost you here. A vådeskudd? ("An > unintended discharge?", may happen if the wrong xterm > has keyboard focus when

Re: [DNG] rc.local removed from Debian 9, rly?

On Wed, 22 Nov 2017 13:03:45 +0100 Arnt Karlsen wrote: > On Wed, 22 Nov 2017 02:28:45 -0500, Steve wrote in message > <20171122022845.1327c...@mydesk.domain.cxm>: > > > On Wed, 22 Nov 2017 02:59:11 +0100 > > Arnt Karlsen wrote: > > > > > On Tue, 21 Nov 2017 18:21:14 +0100, John wrote in mes

Re: [DNG] ..forensics on systemd or journald logs, was: rc.local removed from Debian 9, rly?

Le 22/11/2017 à 16:46, Arnt Gulbrandsen a écrit : Didier Kryn writes:     Well, postgress is a database manager. You have a choice of several others; they must be able to deal with high fluxes of data. None of them is a critical system component. WTF? Postgres is a critical system component o

[DNG] BookStack on Devuan 1.0.0 (Jessie)

For any that may be interested, I just submitted a pull request for an install script for BookStack on Devuan 1.0.0. Whether or not they accept it is another story, but you can clone my repo here: https://github.com/obeardly/devops.git or just grab the file here: https://github.com/obeardly/dev

Re: [DNG] rc.local removed from Debian 9, rly?

On Wed, 22 Nov 2017 13:02:37 +0100, John wrote in message <0788acc2-15f4-491f-61bf-d28664664...@atlantech.com>: > On 22/11/17 12:32, KatolaZ wrote: > > On Wed, Nov 22, 2017 at 12:24:28PM +0100, John Hughes wrote: > >> > >> I was amazed that KatolaZ couldn't imagine any way of reading text > >>

Re: [DNG] rc.local removed from Debian 9, rly?

On Wed, 22 Nov 2017 14:44:57 -0500, Steve wrote in message <20171122144457.02549...@mydesk.domain.cxm>: > On Wed, 22 Nov 2017 13:03:45 +0100 > Arnt Karlsen wrote: > > > On Wed, 22 Nov 2017 02:28:45 -0500, Steve wrote in message > > <20171122022845.1327c...@mydesk.domain.cxm>: > > > > > On W

Re: [DNG] ..forensics on systemd or journald logs

On Wed, 22 Nov 2017 12:58:10 +, Arnt wrote in message <6ff3d9c1-e23c-4b0e-af51-5f8db1425...@gulbrandsen.priv.no>: > Arnt Karlsen writes: > > you appear to suggest that law enforcement wanting to read systemd > > journal logs, _should_ depend on the mercy of systemd developers > > not "filteri

Re: [DNG] rc.local removed from Debian 9, rly?

Quoting Steve Litt (sl...@troubleshooters.com): > Acronym for Apologist Troll. HANDY! (Acronym for 'Have A Nice Day, Y'all.') ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] ifconfig deprecated?

What is so much better about the ifconfig replacement ip? Why should I learn how to use yet another tool that has no tangible benefit but is being foisted on me? Would I be correct in guessing it is made by red-hat? ___ Dng mailing list Dng@lists.dyne

Re: [DNG] ifconfig deprecated?

Quoting taii...@gmx.com (taii...@gmx.com): > What is so much better about the ifconfig replacement ip? One, iproute2 is maintained. net-tools isn't. Unmaintained key system tools are a security and reliability risk that can IMO not be justified by merely not wanting to move on. IIRC, net-tools

Re: [DNG] ifconfig deprecated?

On Wed, Nov 22, 2017 at 09:25:18PM -0500, taii...@gmx.com wrote: > What is so much better about the ifconfig replacement ip? Why should I learn > how to use yet another tool that has no tangible benefit but is being > foisted on me? Because ifconfig is broken. It works only in simplest cases, and

Re: [DNG] ..forensics on systemd or journald logs

On 22/11/17 17:35, Arnt Karlsen wrote: ..to reiterate: Is there a way to decode and read those binary systemd journal logs on classic POSIX/Unix etc forensic systems _not_ running systemd? Of course. Either install a tool that does it for you, i.e. journalctl, or write a tool to do it using t