[nSLUG] Downtime Digest

Joel Maxuel j.maxuel at gmail.com
Mon Feb 5 22:21:49 AST 2018


Hello,

For those who don't care about the geeky process, pop down a few paragraphs
(TL;DR - "stuck" messages are rescued, and are below).

With the substantial queue of SPAM waiting to be processed (60,000+
messages), I pulled out the "possibly relevant" ones with `grep` ("
nslug at nslug.ns.ca") in a `for` loop on the `ls` command (had to be split
into four chunks in order to operate).

That brought me down to 362.  With a few more scripts, I copied the
identified messages to a staging directory, and created a choice system on
the remaining files - move/`mv` to another directory to trash, or copy/`cp`
to keep around (did not need finesse, just quick-and-dirty).  This allowed
me to "moderate" the 362 in about an hour - the longest time took for the
ones that required a lot of scrollback due to base64 encoding - for many
the header disappeared from view so I came back to them later on equipped
with a less pipe.

That boiled things further down to seven, with one more awaiting moderation
in mailman (which can be safely dropped).  Below is a "digest" of those
seven.  Cheers.

---

From: Frank Geitzler <frank.geitzler at ns.sympatico.ca>
Date: Sat, 6 Jan 2018 22:27:44 -0400
Subject: Meeting Monday evening, January 8th?

Weather permitting, I plan to be there.  Richard, Joel, do you think you
will make it?

Frank

---

From: mspencer at tallships.ca (Mike Spencer)
Date: Fri, 12 Jan 2018 03:53:39 -0400
Subject: [nSLUG] Browser reading files across filesystems on localhost?


If I fire up a browser in Linux, I can ask it to show me a directory
listing of any readable directory under /, then click on files from
that directory list.

If I mount another computer's fs on a mount point, say host pan on
/mnt/pan, I can access it with all the usual linux utilities -- cd,
ls, emacs M-x dired, cp to and from etc.  Been doing this forever with
the right entries in /etc/fstab.

But if I ask a browser to show me, say, /mnt/pan, it shows an empty
directory, as if no file system were mounted.  Same for /mnt/pan/var
and so on.

Is there a known reason why this doesn't work?  Some detail I don't
know about permissions or NFS mounts?

Example fstab entry:

   pan:/   /mnt/pan       nfs   noauto,user,rw,hard,intr 0 0

Mount point:

   bogus% ls -l /mnt |grep pan

   drwxr-xr-x 21 root root  4096 Oct 19 03:10 pan/

   bogus% ls -l /mnt/pan

   total 180
   drwxr-xr-x   2 root root  4096 Apr  4  2015 bin/
   drwxr-xr-x   3 root root  4096 Oct 19 04:06 boot/
   drwxr-xr-x  17 root root 69632 Jul  8  2014 dev/
   drwxr-xr-x 102 root root 12288 Jan 12 03:30 etc/
   drwxr-xr-x   6 root root  4096 Jan  9 22:53 home/
   [snip etc. etc.]

   bogus% mount |grep pan

   pan:/ on /mnt/pan type nfs (rw,noexec,nosuid,nodev,hard,intr,
                               addr=192.168.0.20,user=mds)



Had one little Linux success recently: How to suppress huge, ugly
client-supplied icon pixmaps in twm.  Now I'd like to beat up this
browser problem, too.


- Mike

-- 
Michael Spencer                  Nova Scotia, Canada       .~.
                                                           /V\
mspencer at tallships.ca                                     /( )\
http://home.tallships.ca/mspencer/                        ^^-^^

---

From: Frank Geitzler <frank.geitzler at ns.sympatico.ca>
Date: Mon, 22 Jan 2018 11:08:09 -0400
Subject: HCC January 2018 meeting

The first meeting for the new year of the Halifax Computer Club (HCC)
will take place Wednesday, January 31, 2018 (weather permitting).  We
have no topics on the agenda, but feel free to reply to me to suggest
anything you would like to bring up. Guests are welcome, and several of
us attend both NSLUG and HCC meetings.  We meet in the Community Room of
Sobeys grocery store on the corner of North and Windsor Streets in
Halifax from 7:00 P.M. - 9:00 P.M. The website address for our meetings
page is: http://hcc.chebucto.org/meetings.html

We hope to see you, or hear from you.

Frank

---

From: Frank Geitzler <frank.geitzler at ns.sympatico.ca>
Date: Tue, 30 Jan 2018 17:18:40 -0400
Subject: Tomorrow evening - HCC January 2018 meeting

Just a reminder:

The first meeting for the new year of the Halifax Computer Club (HCC)
will take place Wednesday, January 31, 2018 (weather permitting).  We
have no topics on the agenda, but feel free to reply to me to suggest
anything you would like to bring up. Guests are welcome, and several of
us attend both NSLUG and HCC meetings.  We meet in the Community Room of
Sobeys grocery store on the corner of North and Windsor Streets in
Halifax from 7:00 P.M. - 9:00 P.M. The website address for our meetings
page is: http://hcc.chebucto.org/meetings.html

We hope to see you, or hear from you.

Frank Geitzler

---

From: "George N. White III" <gnwiii at gmail.com>
Date: Sun, 4 Feb 2018 09:31:57 -0400
Subject: Re: [nSLUG] Examine unknown static binary

On 14 December 2017 at 18:25, francis picabia <fpicabia at gmail.com> wrote:

>
> A web app has uploaded a static ELF binary.
>
> Someone else is in charge of updating the app so it won't happen again.
>
> I've looked at it with:
>
>  strings binaryfile | grep '.\{18}'
>
> for any hints about what it does, nothing solid.
>
> Windows anti-virus would identify it as ChinaZ.J
> This covers many things, so doesn't really help.
>
> I'd like to have a sandbox where I could try running the binary
> with no network.  It doesn't seem jail software is 100% safe.
>
> How to do this while assuming the worst could happen?
> The other choice is to install a fresh Linux on an isolatable box.
>
> I see a list of analyzers here:
>
> https://zeltser.com/automated-malware-analysis/
>
> Has anyone tried and found a good one?
>


This just arrived, so maybe no longer an issue, but if you haven't
seen it, the SANS.org diary has a number of examples of malware
analysis, usually highlighting a sample that uses novel tricks to
obscure the code.

After 6+weeks the file may have been analyzed by others, so may be
worth looking for your sample in one of the databases mentioned in
the link you posted above.

-- 
George N. White III

---

From:   Richard Bonner <ak621 at chebucto.ns.ca>
Date:   Sun, 4 Feb 2018 11:54:24 -0400 (AST)
Subject: Re: [nSLUG] local parts supplier?

On Mon, 18 Dec 2017, Bill Morrow wrote:

> I'm having issues with my Linux Mint 17.3 "Rosa" computer.
(Snip)

> Everything is working again, but I'm still thinking I might need parts in
a
> hurry. What's a good local shop?

***   I use A1 Laptop in the DSC: 469-0162

  Richard

---

From: Baha Baydar <bbaydar at gmail.com>
Date: Sun, 4 Feb 2018 16:13:55 -0400
Subject: Re: [nSLUG] local parts supplier?

My go to shops are MysteryByte, Brilliance, and TBC (Two Bad Cats). I've
heard good things about Octopi Computers but never bought anything from
them.

On Mon, Dec 18, 2017 at 11:46 AM, Bill Morrow <morrowwm at gmail.com> wrote:

> I'm having issues with my Linux Mint 17.3 "Rosa" computer. For a week or
> so, the 3.19.0-32-generic x86_64 kernel was giving the errors below, and
> last night it refused to boot. My motherboard has always been flaky, not
> reliably sending the signal to the PSU to apply power. I finally got it
> going again by overriding the PSU sense line (the green wire). I booted
off
> an old image on one of the hard drives, and fsck cleaned the normal boot
> drive. It found a few errors, possibly from aborted boot attempts while
> dealing with the power issue.
> The root partition is on a ~2 year old Sandisk 120GB solid state drive.
> The motherboard and PSU are not that old, around 4 years.
>
> Everything is working again, but I'm still thinking I might need parts in
> a hurry. What's a good local shop?
>
> Here's the error. The internet says it could be:
> - a kernel bug
> - a bad SATA cable
> - a failing hard drive
> - a bad motherboard
> - a bad power supply
> which doesn't exactly narrow it down much.
>
>
> Dec 17 14:34:39 seal kernel: [355753.439912] ata6: exception Emask 0x10
> SAct 0x0 SErr 0x90000 action 0xe frozen
> Dec 17 14:34:39 seal kernel: [355753.439921] ata6: irq_stat 0x00400000,
> PHY RDY changed
> Dec 17 14:34:39 seal kernel: [355753.439927] ata6: SError: { PHYRdyChg
> 10B8B }
> Dec 17 14:34:39 seal kernel: [355753.439937] ata6: hard resetting link
> Dec 17 14:34:40 seal kernel: [355754.335896] ata6: SATA link up 1.5 Gbps
> (SStatus 113 SControl 300)
> Dec 17 14:34:45 seal kernel: [355759.336565] ata6.00: qc timeout (cmd
0xa1)
> Dec 17 14:34:45 seal kernel: [355759.336584] ata6.00: failed to IDENTIFY
> (I/O error, err_mask=0x4)
> Dec 17 14:34:45 seal kernel: [355759.336591] ata6: hard resetting link
> Dec 17 14:34:45 seal kernel: [355759.828631] ata6: SATA link up 1.5 Gbps
> (SStatus 113 SControl 300)
> Dec 17 14:34:55 seal kernel: [355769.829968] ata6.00: qc timeout (cmd
0xa1)
> Dec 17 14:34:55 seal kernel: [355769.829985] ata6.00: failed to IDENTIFY
> (I/O error, err_mask=0x4)
> Dec 17 14:34:55 seal kernel: [355769.829991] ata6: limiting SATA link
> speed to 1.5 Gbps
> Dec 17 14:34:55 seal kernel: [355769.829997] ata6: hard resetting link
> Dec 17 14:34:56 seal kernel: [355770.322038] ata6: SATA link up 1.5 Gbps
> (SStatus 113 SControl 310)
>
> _______________________________________________
> nSLUG mailing list
> nSLUG at nslug.ns.ca
> http://nslug.ns.ca/mailman/listinfo/nslug
>
>


-- 
Baha Baydar
bbaydar at gmail.com

---

End of nSLUG Downtime Digest

--
Cheers,
Joel Maxuel

"One should strive to achieve, not sit in bitter regret."
 - Ronan Harris / Mark Jackson
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nslug.ns.ca/pipermail/nslug/attachments/20180205/f2efbf43/attachment.html>


More information about the nSLUG mailing list