petn-randall 2017-01-24 04:49:13
godless_: It probably just takes a while to compile the zfs modules.
godless_ 2017-01-24 04:54:30
petn_randall: seems that the pkg order for the depends is wrong for zfs-dkms, aborting zfs-dkms compile stage so that the headers and gcc compiler installed resolved the issue
petn-randall 2017-01-24 04:55:20
godless_: petn
godless_ 2017-01-24 04:55:30
petn_randall: zfs is currently up and running, systems with headers and gcc already installed should prolly not have issues
petn-randall 2017-01-24 04:55:59
godless_: You might want to report that bug on the zfs-dkms package, so it can be fixed in time for stretch. Provide any steps needed to reproduce, if possible.
TvL2386 2017-01-24 05:00:03
petn-randall, unattended updates are ran daily?
CodeMachine 2017-01-24 05:00:30
Hi. I'm running debian jessie and I got gnome boxes as VM with debian inside there too. Is it safe to run any javascript from a website inside the vm machine, without any infection on my real system?
TvL2386 2017-01-24 05:01:38
petn-randall, I've configured a bunch of our servers with unattended upgrades... Of course I made snapshots, since I'm paranoid.... Curious if everything is fine tomorrow
petn-randall 2017-01-24 05:05:16
CodeMachine: There's always a small chance that there an exploit to break out of the browser sandbox, gain remote code execution, escalate user privileges through another exploit, exploit the hypervisor, and infect your host machine. But my guess is that it's probably the safest way to do it if you have to do it.
p1p10l0 2017-01-24 05:06:04
CodeMachine: what networking mode did you give to your vm? if it's "bridged" and gets infected... it's in your lan... if it's NATed and cannot see the host lan... maybe more safe
p1p10l0 2017-01-24 05:06:34
well hypervisor exploits apart
p1p10l0 2017-01-24 05:09:00
not need for js... just loading a font by css, maybe enough... https://www.cvedetails.com/vulnerability-list/vendor_id-4535/product_id-7835/Freetype-Freetype.html
CodeMachine 2017-01-24 05:16:56
petn-randall: uh, ok. so to add some security I should log in with non administrator account on my debian main system?
CodeMachine 2017-01-24 05:16:56
p1p10l0: yes it's NAT. Is there anything more I can add on the network security? This is the only connection between my pc and vm
ikus060 2017-01-24 05:18:12
Hello, whats is the proper way to run `update-rc.d myservicename defaults` with systemd ?
p1p10l0 2017-01-24 05:20:02
systemctl enable myservicename # (?)
p1p10l0 2017-01-24 05:21:06
CodeMachine: networking level: firewall (you just want to make dns and http requests, and the related traffic), and system level... things like apparmor, selinux, etc to restrict what the browser can and can't do
ikus060 2017-01-24 05:21:47
p1p10l0: thanks !
p1p10l0 2017-01-24 05:23:10
ikus060: test that it's what you want and if it's a best practice, not a systemd user myself
p1p10l0 2017-01-24 05:23:52
maybe check /usr/share/doc/*systemd*/* or man -k systemd... sometimes you find debian specific notes about best practices
CodeMachine 2017-01-24 05:25:09
p1p10l0: Long story short: Use ToR and just accept javascript. Is this what we agree upon?
petn-randall 2017-01-24 05:25:46
CodeMachine: I can't see how TOR helps anywhere in this equation.
petn-randall 2017-01-24 05:26:25
CodeMachine: You shouldn't be logging in as root for every day tasks, anyway.
CodeMachine 2017-01-24 05:27:04
So "regular" account shouldn't be administrator account you say?
somiaj 2017-01-24 05:27:06
ikus060: what is it you are trying to do? enable/disable a service? Is a service not working as expected?
petn-randall 2017-01-24 05:29:04
CodeMachine: What user accounts to you have you set up upon installation?
CodeMachine 2017-01-24 05:30:06
I only got 1 account that is "administrator". When I launch terminal I stil need to login as root when I do something.
CodeMachine 2017-01-24 05:30:14
Like, I need to use "su" before sudo
CodeMachine 2017-01-24 05:30:22
Sry, I'm kinda new to debian.
somiaj 2017-01-24 05:30:33
what do you mean by administrator, is that what you called the account? That doens't give it any special rights.
petn-randall 2017-01-24 05:30:44
CodeMachine: Is it Debian, or Kali?
CodeMachine 2017-01-24 05:31:30
you can choose in settings if an account is supposed to be administrator or standard. administrator is more "unlocked" i guess?
CodeMachine 2017-01-24 05:31:32
it's debian jesie
somiaj 2017-01-24 05:31:52
where are you seeing these settings?
CodeMachine 2017-01-24 05:35:02
if you go in settings --> users --> here you can see
CodeMachine 2017-01-24 05:35:05
you got 2 options
jelly 2017-01-24 05:40:43
CodeMachine: heh, did you create a normal user with username of "administrator" for some reason?
jelly 2017-01-24 05:41:42
debian-installer asks for your name, then defaults to your lowercased first name as username by default
CodeMachine 2017-01-24 05:42:49
jelly: What do you mean? Administrator has nothing to do with my username
CodeMachine 2017-01-24 05:43:03
it's just 2 different options, idk what the difference really is?
tomcres 2017-01-24 05:43:34
CodeMachine: do you mean in GNOME, the option to designate your user as an administrator?
jelly 2017-01-24 05:43:37
CodeMachine: where do you see this then? I only got 1 account that is "administrator". [...]
CodeMachine 2017-01-24 05:43:37
Either the account can be set to "administrator" or "standard" and my logical sense tells me adminstrator is some form of "superuser"? :D
CodeMachine 2017-01-24 05:44:16
settings --> users --> under username there is "account type"
jelly 2017-01-24 05:44:27
oh, that's some gnome thing then
jelly 2017-01-24 05:44:43
perhaps it adds you to sudo group?
