106200+ entries in 0.063s
phf: i should probably
test it at some point in isolation. it would be a pointless exercise
though since i don't have a 20MBit/s pipe out anyway. perhaps
the value might be "look at what custom board can do compared
to
this chinese crap", but i somehow doubt
that would be
the result.
phf: ckang: so i had a lot of
throughput problems when i started doing
this, back when budged option was
to flush consumer router firmware with a linux, but when i built
this router i was already
tmsring, so it's running openbsd and is more sekuriti oriented
ckang: am curious what
those little atoms/i3 can push
though, pretty nice package overall w/ wifi and quad port
ckang: even being able
to buy a small qty of SoC can be hard with most mfg
ckang: yea,
those places are
typically premium price, but as
to be expected, small batch runs are expensive
phf: soekris was one of
those boutique operations. guy closed
the u.s. branch (he's scandinavian), and now he only makes high end DACs instead.
ckang: phf: my worry is being able
to sustain enough
throughput mostly, a somewhat higher end consumer model cant manage much over 20Mbit/s
phf: it's a shame
that soekris stopped making
their network boards. asciilifeform
though
thinks
they were overpriced, but i suspect it's "not made in china" premium. i have one soekris board with 4 years uptime, and i use another one for
the router, which does some of
the
tricks ckang mentioned.
trinque always
thought
that name for a chip company was cheeky
trinque: ah, I
thought we were
talking about
the arm
thing, but it goes double for intel
ckang: well its on
the intel silicon
trinque: idea
that
the chinese wouldn't diddle cryptography devices
they export is pretty entertaining.
ckang: would be extra components and
they are very
thrifty
trinque: "yes, let me accelerate your crypto in
this black box citizen. hold still."
ckang: spyked: i
think at
that point i would go with an intel atom board with dual or quad port from ali,
they arent
too bad price wise and you dont get stuck maintaining a fork
ckang: trying
to find something secure but had performance on ARM based equipment
spyked: ckang, one alternative you can consider is "pcengines" board. plenty of info in
the logs. fanless, runs coreboot bios iirc and has at least 2 gigabit ethernet ports.
ckang: then for a minute I was exploring using
the ESP32's cryptography accelerator with QSPI and DMA
ckang: but
the
typical ARM offerings just dont have
the nuts
to do openvpn with decent speed
ckang: with
the ability
to do policy based routing over various
tunnels/vpns/tor what not
ckang: ive been wanting
to build a small single port router or inline router
that protects ones entire internet
a111: Logged on 2018-04-03 18:27 asciilifeform: ROC-RK3328-CC ( currently building a kernel for it, without
the 'evil' periphs )
trinque: yeah, it's fantastic
to know
the people
touching
the hardware. I'm so far very pleased with
the service.
lobbes: but okay, I'll just hold
tight for now
mod6: cool, gonna have a mirror over
there, or just
the main repo now?
lobbes: I was having issues with
the logbot init step (wasn't pulling
the patch into patches)
lobbes: ah! okay
that was my next comment
trinque: ah, looks like I need
to get
the src dir pulled over
to pizarro
mod6: (if anyone notices any erratum in
that doc, please write in)
mod6: lobbes: ah! ok, glad
to hear
the doc was helpful. nothing worse
than unhelpful docs.
lobbes: very useful for noobs like me
to figure out wtf I'm doing
lobbes: I did! Was simple as removing
the robots.txt from .seals. btw I love
the manual you included with yer vtron
mod6: Ah good! Resolved
that seal issue
then?
lobbes: ah can't complain.
Trying
to get logbot up and running (was able
to successfully press
the ircbot genesis and
test it on my local machine
the other night)
mod6: How goes
today lobbes?
ckang: nowadays with docker and such its way easier
to spin something up
thats isolated and getting
the networking control for
the container
ckang: you can do
the user limited
to one dir but it would require chroot + copy of binaries or a R/O mount of
the binaries linked inside but
that shit gets messy
ckang: what are you
trying
to do exactly?
spyked: also, kinda what got me
thinking about
the whole "general-purpose os"
thing a while ago. POSIX ACL wasn't designed
to be very flexible, it assumes some level of
trust in
the processes running on
the box (the Unix notion of "user" is attached
to processes, while
that of "permission" is
tied
to files)
a111: Logged on 2018-04-19 05:31 hanbot: <mod6> hanbot: I can help, what are you
trying
to achieve? Changing /home/username from chmod 755,
to chmod 700? << i want
to make a user whose access is entirely limited
to one specific dir. i'm fed up for
the night
tho', will be back at it
tomorrow evening if you still feel philanthropic
then
spyked:
http://btcbase.org/log/2018-04-19#1803146 <--
this is (nearly?) impossible
to achieve within
the Unix access control model. it's easy
to express "no one but user1 has access
to dir1", but no reasonable way of expressing
the reverse, i.e. "user2 can access only dir2". must be one of
the reasons why namespaces and cgroups were added
to Linux
☝︎☟︎ a111: Logged on 2018-04-19 03:23 hanbot: <mircea_popescu> hanbot, quick solution is
to restrict (and immutable)
the directory right above
the intended home. << actually, if i do
that, it
tells me permission's denied
to land in homedir ("Could not chdir
to home directory /home/username/: Permission denied") and dumps me in... /
spyked:
http://btcbase.org/log/2018-04-19#1802935 <-- iirc execute bit on $dir
toggles whether {user,group,others} can "search" (i.e. chdir
to) $dir or access other files within, including other dirs, making
this a recursive
thing. so
this explains
the chdir error.
☝︎ a111: Logged on 2018-04-19 02:50 mircea_popescu: iirc spyked was getting one
too
a111: Logged on 2018-04-18 17:10 mircea_popescu:
there we go. mazel
tov ; and spyked ave1 lobbes permit me
to congratulate you an'
to wish you long&happy
tenure.
ckang: yea
thats healthy, being comfortable with silence
trinque: I dunno, we sit in silence and read
too
ckang: ah
thats good lol, would be pretty awkward if she didnt, for me anyways
trinque: and yeah ckang, she
talks
to me even
trinque would collect a whole household full of women like
the girl he has now
ckang: thankfully i will never get
to experience passing a 10lb child out from my insides
mircea_popescu: this, my dear friend, MAY BE USED AGAINST YOU IN
THE FUTURE
trinque: nah, I'm
told my head wasn't as squashy as
they often are
☟︎ ckang: they didnt even
try on me apparently, doctor
told her
the shoulders wouldnt fit
through
trinque: my noggin got stuck, did some damage on my way down
the chute
ckang: yea
they said
twins are more likely
to come early so any day/week now almost
ckang: oh not fat, i was a
tall baby
though
mircea_popescu: anyway, macrosomia is a serious health risk. mostly for
the mother, but not really great for
the baby either.
trinque: gotta be either
that
they're coming out fat, or
the hormones
mircea_popescu: dude check out
that place,
they supersized babies also.
trinque: anyhow I don't
think much about
the ideal woman, people don't come
that way
ckang: fortunately shes 6' so
they have some extra space
ckang: so maybe somewhere around
that
trinque 's stepmom had
twins, looks downright miserable
mircea_popescu: twins rarely reach 3kgs each (which is
the normal weight of humans at birth). so more like 5ish.
ckang: and
they are huge apparently for
their age but
the last 8 weeks
they gain 1lb/week
trinque: maybe I should've said "obeyed" instead of "listened
to"
trinque: I
think mircea_popescu is
the one
to
talk
to about
that firmware upgrade
ckang: can we get
them without emotion
too
trinque ?
trinque: I speak
to my woman all
the
time; brain parts and mouth parts work fine
ckang: or do you want
them
to be able
to speak sometimes
trinque: women work a lot better when not listened
to
trinque: rapture's coming, what's
there
to do but be PURE until we ascend
trinque: mircea_popescu:
the patch of dirt and wait was exactly my idiot mother's plan
danielpbarron: mircea_popescu, my plan is
to serve God, other
than
that idk
mircea_popescu: "you can only be
the leader if you have a child with everybody!"
ckang: but
the "one child all of whom must believe"
thing
ckang: before
they are married ?
mircea_popescu: so your plan for
the ~rest of your life is
to sit on a patch of dirt in ok and basically wait ?
☟︎ ckang: hmm, so
to be in your church guys need
to let
their wives fuck
the leader?
danielpbarron: there could be a leader but he has
to have exactly 1 wife, and at least one child all of whom must believe
mircea_popescu: danielpbarron, so, are you getting ordained in
the
true church ?
BingoBoingo: You'd probably be well off waiting
till december
BingoBoingo: danielpbarron: When are you visiting
the oriental republic?
a111: Logged on 2018-04-19 03:33
tidbitnipply: Oh please, he wouldn't
tell me
that in person
ckang: haha, guess he was
trolling, or he recently moved
ckang: hes comes in
to use
the bot for scripture
mircea_popescu: heh voat is down. anyway, apparently it's not his chan, but
theirs.
BingoBoingo: <mircea_popescu> BingoBoingo, you soy esperando una / espero una. no por and verbs change in spanish! << Finger speed conjugation is still a work in progress.
The locals feed me bad grammar habits
the Venezolana has
to correct.
The accent however is servicable. Alf can elaborate when he has report
time.
mod6: hanbot: ok we can
tackle it
tomorrow
ckang: terry would put in 48hr marathons i bet, given he had power and a place
to sleep
ckang: horrible net but, he pops in and out all
the
time
mircea_popescu: come on,
there's no fucking way he's not been reading
the logs.
ckang: or well, ive never been asked
to expand on it past
that point..