← Previous day | Today | Next day → | Search | Index
All times shown according to UTC.
| Time | Nick | Message |
|---|---|---|
| 00:02 | dcook | Good ol' Javascript caching... |
| 00:02 | Could not figure out why the patch wasn't working... | |
| 00:02 | Shift + F5 ftw | |
| 00:43 | NateC joined #koha | |
| 01:17 | rangi | https://soundcloud.com/dee-b/d[…]n-slice-of-heaven |
| 01:21 | wizzyrea | <commence internal dancing> |
| 01:28 | https://soundcloud.com/six60/s[…]e-love-rudimental < this is the next one that it gave me | |
| 01:28 | which I quite like. | |
| 01:33 | irma joined #koha | |
| 01:37 | kathryn joined #koha | |
| 01:56 | ngourlay joined #koha | |
| 02:02 | wajasu joined #koha | |
| 02:05 | wizzyrea | the related/recommendeds from that song are quite good. |
| 02:06 | https://soundcloud.com/fly-my-pretties/get-out | |
| 02:23 | dcook | Interwebs question for whoever... |
| 02:23 | So you register a domain name with a registrar | |
| 02:23 | Do you then set up cnames and anames with the register to point to your external IP address? | |
| 02:24 | The cname and aname records would be for a DNS server... | |
| 02:24 | * dcook | really needs to just register a domain one of these days |
| 02:24 | eythian | you point the registrar to a name server of your choosing |
| 02:26 | and that name server turns names into addresses, whether A or CNAME | |
| 02:26 | dcook | Mmm, that makes sense |
| 02:26 | And that's how people run their own name servers, yeah? | |
| 02:26 | eythian | yep |
| 02:26 | dcook | Ahhhhhh |
| 02:26 | eythian | though I probably wouldn't run my own server |
| 02:26 | dcook | I wouldn't by choice, but I think this person might be... will have to ask |
| 02:26 | And companies like GoDaddy run name servers as well? | |
| 02:26 | As sort of a one stop shop? | |
| 02:26 | eythian | yep |
| 02:27 | (although godaddy in general seems to be a terrible company, I wouldn't recommend them.) | |
| 02:27 | also, they have the UI of ... well, something with a horrifically bad UI | |
| 02:27 | dcook | Yeah, I hear truly awful things about them |
| 02:27 | eythian | last I used them, some years ago. |
| 02:27 | dcook | I think I heard something good about crazydomains recently, but I have no idea really :/ |
| 02:27 | Other than to avoid godaddy :p | |
| 02:27 | rangi | yeah it took literally days to get my domains off |
| 02:28 | dcook | :( |
| 02:29 | eythian | I've been meaning to move my stuff to iwantmyname.com, mostly because a) my current one has moved their DNS to freeparking.co.nz which is probably a step for the worse, and b) I know the people who work for/own iwmn. |
| 02:30 | dcook | Always handy knowing people |
| 02:32 | ibeardslee | my personal stuff (and things for a couple of others) is with iwmn |
| 02:36 | dcook | Hmm, so an A record points to an ip address... |
| 02:36 | But what about subdomains? | |
| 02:36 | eythian | ipv4. AAAA points to ipv6 |
| 02:36 | and AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA points to Lovecraft | |
| 02:36 | dcook | Couldn't you use subdomains to point a few different subdomains to different IP addresses? |
| 02:36 | eythian | yes |
| 02:37 | dcook | Hmm, I think I'm reading some crappy docs online |
| 02:38 | * dcook | really should read some Lovecraft one of these days.. |
| 02:39 | eythian | It'll help with most software stuff |
| 02:39 | http://thedoomthatcametopuppet.tumblr.com/ <-- look how much more accurate the puppet docs are, for example | |
| 02:41 | mtj | hey #koha, is anyone using https OPAC. out there? |
| 02:42 | ..i think i might have hit a bug with the opac shelf-browser, and https | |
| 02:42 | eythian | mtj: we have some I think |
| 02:42 | mtj | just curious to confirm with someone else... |
| 02:43 | eythian | https://ashs.mykoha.co.nz/ <-- here's a public one |
| 02:43 | * eythian | wishes they'd get some design work, black and grey is so dour |
| 02:43 | mtj | thanx again eythian :0) |
| 02:44 | hmm, no bug on https://ashs | |
| 02:45 | ok, thats good :) | |
| 02:46 | wizzyrea | what's the bug? |
| 02:46 | wahanui | rumour has it the bug is it stores biblionumber not itemnumber |
| 02:47 | wizzyrea | also, mtj, are you in prog or bootstrap? |
| 02:47 | eythian: you remember when ashs was pea green eh | |
| 02:48 | eythian | yeah |
| 02:48 | wizzyrea | I daresay it's a bit of an improvement >.> |
| 02:48 | eythian | http://www.ashs.school.nz/ <-- that's not bad though |
| 02:48 | wizzyrea | nope, that's pretty. |
| 02:48 | our designers could make a gorgeous koha with that. | |
| 02:49 | now I am extra sad. | |
| 02:50 | mtj | ah yes, good point wizzyrea - the bug is on a prog opac |
| 02:51 | i'll test on a BS opac too | |
| 02:51 | wizzyrea | you just did :) |
| 02:52 | mtj | ha s/bs/prog/ |
| 02:52 | wizzyrea | https://library.plantandfood.co.nz/ might work, dunno if they have the shelf browser on |
| 02:53 | eythian | http://imgur.com/gallery/C0hQbLL <-- AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
| 02:53 | wizzyrea | omg. |
| 03:05 | dcook | Who wha? |
| 03:05 | Got distracted | |
| 03:07 | * dcook | likes black and gray :p |
| 03:07 | dcook | O_O |
| 03:11 | Dang, AWS sure has a lot of services... | |
| 03:15 | eythian | stock dev install from master doesn't work with apache 2.4 |
| 03:15 | (it gets a 403 error due to permission changes) | |
| 03:16 | http://keyshop.pimpmykeyboard.[…]s/beer-break-keys | |
| 03:27 | dcook | I was wondering if you were having any more luck with the dev install, eythian |
| 03:27 | Haven't had a look lately myself | |
| 03:27 | Mmm beer | |
| 03:27 | eythian | Oh, I know how to figure out how to fix it, I just haven't yet |
| 03:46 | I still haven't got stupid zebra to work again though | |
| 03:46 | NateC joined #koha | |
| 03:47 | eythian | oh, the stock dev install also asks if you want to download a .pl file because it doesn't know how to handle it |
| 03:48 | wizzyrea | @later tell tcohen the wee babe is fantastically beautiful, congratulations |
| 03:48 | huginn | wizzyrea: The operation succeeded. |
| 03:51 | dcook | eythian: download a .pl? :S |
| 03:52 | eythian | yeah, instead of executing it |
| 03:52 | I was sure I'd fixed this in the packages, but you think I can find the line that does it now... | |
| 03:53 | AddHandler cgi-script .pl | |
| 03:53 | that's what I need | |
| 03:58 | hmm well that failed to work | |
| 03:59 | ah, a2enmod cgid may also be necessary | |
| 03:59 | it is | |
| 04:00 | I'm going to have to do some proper testing on jessie to make sure that all works | |
| 04:00 | this may accelerate my deprecation of squeeze | |
| 04:02 | damnit, why is my pocket full of crumbs | |
| 04:05 | dcook | O_o |
| 04:06 | eythian | some time in the recent past I'd put a cupcake wrapper in there, and then forgot to move it to a rubbish bin like the plan was. |
| 04:06 | it finally reached critical crumminess | |
| 04:06 | kathryn | phew, we can all sleep tonight with that mystery solved |
| 04:06 | oh hi dcook and all :) | |
| 04:11 | irma_ joined #koha | |
| 04:14 | dcook | hey kathryn :) |
| 04:15 | hehe critical crumminess | |
| 04:49 | NateC joined #koha | |
| 06:02 | cait joined #koha | |
| 06:50 | * cait | waves to #koha |
| 06:50 | NateC joined #koha | |
| 06:51 | eythian | hi cait |
| 06:51 | cait | hi eythian |
| 06:51 | quite late for you? | |
| 06:51 | eythian | yeah, got stuck into a thing that I'm doing, didn't want to stop while it's moving along. |
| 06:52 | cait | :) |
| 06:52 | something interseting? | |
| 06:53 | eythian | adding a user provisioning API, so that another system can automatically add/update users in Koha. |
| 06:53 | laurence joined #koha | |
| 07:10 | akafred joined #koha | |
| 07:15 | cait | eythian: ah |
| 07:15 | eythian: i have heard several people talking about somehting like that lately | |
| 07:15 | akafred | Greetings, kohalians :-) I see there is a thread on the mailing list mentioning MariaDB and mysql. Does the koha-community explicitly plan for Koha to support both in the event that they introduce (significant) incompatibilities? (see https://mariadb.com/kb/en/mari[…]ql-compatibility/ ) |
| 07:16 | cait | we are working towards using dbix - so i think the goal is to support more than just those 2 |
| 07:17 | and one of the things jenkins does is running the tests on a server with mariadb | |
| 07:18 | papa joined #koha | |
| 07:19 | drojf joined #koha | |
| 07:21 | cait | which doesn't answre your question I guess :) |
| 07:21 | i think there is no official plan but if some of us are already using it, I think the chances would be that problems would get fixed | |
| 07:21 | morning drojf | |
| 07:22 | will be gone again most of today... project management course | |
| 07:22 | bye | |
| 07:22 | cait left #koha | |
| 07:23 | drojf | hi cait. bye cait |
| 07:24 | magnuse | akafred: we can't force anyone to do anything, so i think database support depends on people wanting it enough to work on it |
| 07:24 | * magnuse | waves at #koha in general |
| 07:25 | drojf | hei magnuse |
| 07:31 | rangi | most likely we'd stick with the non oracle one, if it had to be a choice |
| 07:34 | magnuse | moin drojf |
| 07:35 | yeah, that was at the back of my mind too, rangi | |
| 07:35 | maybe i'll find the time to switch to maria in 2015 | |
| 07:35 | Oak joined #koha | |
| 07:35 | magnuse | hm, maybe ot could be an option in kohadevbox... |
| 07:36 | Oak | |
| 07:36 | Oak | magnuse |
| 07:36 | * Oak | waves |
| 07:36 | magnuse | \o/ |
| 07:36 | Oak | \o// |
| 07:36 | oh | |
| 07:37 | magnuse | bug 13359 looks like a step in the right direction |
| 07:37 | huginn | 04Bug http://bugs.koha-community.org[…]_bug.cgi?id=13359 enhancement, P5 - low, ---, koha-bugs, Pushed to Stable , provide virtual-mysql-server Depends On to facilitate alternate mysql implementations |
| 07:38 | magnuse | bug 5366 might need some attention |
| 07:38 | huginn | 04Bug http://bugs.koha-community.org[…]w_bug.cgi?id=5366 major, P5 - low, ---, gmcharlt, Failed QA , Koha does not work right with MariaDB |
| 07:39 | reiveune joined #koha | |
| 07:39 | reiveune | hello |
| 07:40 | rangi | im not sure anything more is needed, we are running about 11 production sites on mariadb |
| 07:40 | a couple for more than a year now | |
| 07:41 | magnuse | ah, cool |
| 07:41 | i thought i knew you were running *something* on mariadb, but i didn't know it was that much | |
| 07:42 | rangi: is 5366 still relevant? | |
| 07:44 | marcelr joined #koha | |
| 07:45 | marcelr | hi #koha |
| 07:45 | Oak | hi marcelr |
| 07:45 | marcelr | :) |
| 07:45 | drojf | i made a small patch for the dom/grs-thingy in about.pl (bug 13404) and i think we should have another one changing the piece that says to use dom you have to (only) set <zebra_*_index_mode> to dom. it would make sense to have that in 3.18 to prevent misconfiguration. what do you think? |
| 07:45 | Oak | :] |
| 07:45 | huginn | 04Bug http://bugs.koha-community.org[…]_bug.cgi?id=13404 enhancement, P5 - low, ---, mirko, Needs Signoff , More »System information« about GRS1 vs DOM settings |
| 07:46 | drojf | hi marcelr, Oak and rangi |
| 07:46 | marcelr | hi drojf |
| 07:46 | Oak | hi drojf |
| 07:51 | akafred | I ran gource on the koha git repo yesterday - pretty cool - what would be even awesomer(!) is a narrated screencast of the gource-video on the history of Koha: https://code.google.com/p/gource/ |
| 07:52 | magnuse | akafred: have you seen https://www.youtube.com/watch?v=Tl1a2VN_pec ? not quite what you are asking for, though |
| 07:54 | akafred | Haha, I would consider that pretty close! |
| 07:55 | magnuse | yay |
| 07:55 | 4 years old now, though, an update would have been awesome | |
| 07:56 | rangi | its pretty easy to do |
| 07:56 | NateC joined #koha | |
| 07:57 | rangi | i work with the author of gource |
| 07:57 | akafred | Kewl :-) |
| 07:57 | magnuse | small world ;-) |
| 07:59 | akafred | I was sort of thinking a narration and dialogue between 2-3 of the people who have followed the project the closest. I am sure there are both architectural lessons and other historical tidbits that would be useful for many of us. |
| 08:00 | rangi | https://www.youtube.com/watch?v=JMhiFoEjXc4 |
| 08:00 | drojf | director's commentary :) |
| 08:01 | alex_a joined #koha | |
| 08:01 | alex_a | bonjour |
| 08:02 | Oak | Bonjour Monsieur alex_a |
| 08:03 | saa joined #koha | |
| 08:03 | magnuse | cool, rangi, i don't think i had seen that one before |
| 08:03 | saa | i am struggling to get answer of one query |
| 08:03 | magnuse | we could have an option to "export circ stats to gource" :-) |
| 08:04 | saa | one of the record when searched it throws error "Can't call method "as_string" on an undefined value at /usr/share/koha/lib/C4/Koha.pm line 1685." |
| 08:04 | i tried to delete all items attached to this record and then edited and added items to it | |
| 08:04 | magnuse | there must be 2 or 3 videos where rangi and paul_p present the history of koha at conferences |
| 08:04 | gaetan_B joined #koha | |
| 08:04 | gaetan_B | hello |
| 08:04 | saa | but the eror is still there |
| 08:04 | can someone help | |
| 08:06 | drojf | saa: if that is the same record you were talking about a few days ago, i would probably delete it and manually add it |
| 08:06 | saa | i did that |
| 08:06 | several times | |
| 08:06 | right | |
| 08:06 | drojf | oh. ok |
| 08:07 | rangi | and you have rebuilt the index? |
| 08:07 | saa | i dont knw what is the reason |
| 08:07 | yes | |
| 08:08 | rangi | no idea then |
| 08:08 | saa | but this error is refering to what as_string |
| 08:09 | akafred | rangi: Would be cool if one at any time could run a gource-command on koha and get a result like https://www.youtube.com/watch?v=Tl1a2VN_pec - it is basically the git repo + a file with historical events, right? |
| 08:09 | rangi | the file is in git |
| 08:09 | docs/history.txt | |
| 08:20 | sophie_m joined #koha | |
| 08:26 | akafred | Cool, although the later events are a bit less interesting. |
| 08:27 | Is this something gource supports out of the box? | |
| 08:27 | I mean - to put the history text into the gource video? | |
| 08:31 | nicolas joined #koha | |
| 08:31 | nicolas | hiya #koha |
| 08:41 | ashimema_ | anyone happen to know if there's a current branch of bug 6427 lurking anywhere? |
| 08:41 | huginn | 04Bug http://bugs.koha-community.org[…]w_bug.cgi?id=6427 enhancement, P5 - low, ---, kyle.m.hall, Needs Signoff , Rewrite of the accounts system |
| 08:46 | ashimema joined #koha | |
| 08:50 | Joubu | hello #koha |
| 08:51 | marcelr | hi Joubu |
| 09:03 | magnuse | http://librecatproject.wordpre[…]on-into-catmandu/ |
| 09:06 | ashimema | Morning \koha |
| 09:08 | magnuse | kia ora ashimema |
| 09:08 | saa | hw can i delete biblio number |
| 09:09 | when i try to delete it using batch record deletion it says "Bibliographic record 1119 was not deleted. An error occurred. (The error was: DBD::mysql::st execute failed: Duplicate entry '1119' for key 'PRIMARY' at /usr/share/koha/lib/C4/Biblio.pm line 3325. , see the Koha log file for more information). " | |
| 09:16 | Joubu | saa: I would say that you have a biblionumber=1119 in your deletedbiblio table |
| 09:17 | saa | something is wrong with my database |
| 09:18 | if i search in catalogue it shows this record | |
| 09:18 | when i go to batch record deletion and search for this record it throws abv error | |
| 09:19 | i dont knw what has gone wrong with the database but "an't call method "as_string" on an undefined value at /usr/share/koha/lib/C4/Koha.pm line 1685." | |
| 09:19 | this error comes even if i add delete same record | |
| 09:19 | reindex zebra | |
| 09:20 | is there any way i can remove completely all occurances of this record | |
| 09:21 | Joubu | saa: select count(*) from deletedbiblio where biblionumber=1119 |
| 09:21 | this returns 0 or 1? | |
| 09:22 | saa | it says 1 |
| 09:23 | Joubu | saa: and select max(biblionumber) from deletedbiblio; ? |
| 09:23 | saa | 1122 |
| 09:25 | it was 1119 i added new record with same details and it threw as_string error for same title, author and i added one more new record but it didnot threw any error | |
| 09:25 | which means that 1119 is there somewhere | |
| 09:26 | Joubu | saa: the batch record deletion tools cannot remove 1119 because it tries to backup the record into the deletedbiblio table. But the primary key (biblionumber) already exists |
| 09:26 | you can try to remove the row in deletedbiblio where biblionumber=1119, but check before if you need it or not | |
| 09:26 | saa: is it a production server? | |
| 09:26 | saa | i did this also |
| 09:26 | but still no luck | |
| 09:26 | yes | |
| 09:27 | Joubu | sorry then, I am not wake up enough to provide support for a production server :) |
| 09:27 | but remove the records should permit you to remove it cleanly | |
| 09:28 | remove the records in deletedbiblio | |
| 09:31 | saa | and how do i clean zebra data for that record |
| 09:34 | Joubu | the batch tools should do it for you |
| 09:58 | NateC joined #koha | |
| 10:39 | paul_p joined #koha | |
| 11:02 | paxed | arrrgh. link_bibs_to_authorities.pl resulted in "Out of memory!" after a while. |
| 11:06 | ahwell, at least i can continue it with --bib-limit | |
| 11:07 | ashimema joined #koha | |
| 11:52 | NateC joined #koha | |
| 12:13 | clrh joined #koha | |
| 12:13 | gmcharlt joined #koha | |
| 12:13 | jcamins joined #koha | |
| 12:13 | chris_n joined #koha | |
| 12:13 | matts_away joined #koha | |
| 12:13 | liw joined #koha | |
| 12:13 | slef joined #koha | |
| 12:13 | paxed joined #koha | |
| 12:13 | wahanui joined #koha | |
| 12:13 | jajm joined #koha | |
| 12:13 | kivilahtio joined #koha | |
| 12:13 | wizzyrea joined #koha | |
| 12:13 | Joubu joined #koha | |
| 12:13 | ibeardslee joined #koha | |
| 12:13 | khall joined #koha | |
| 12:13 | BobB joined #koha | |
| 12:13 | fredericd joined #koha | |
| 12:13 | jenkins_koha joined #koha | |
| 12:13 | mtj joined #koha | |
| 12:13 | magnuse joined #koha | |
| 12:13 | bshum joined #koha | |
| 12:13 | jeff joined #koha | |
| 12:13 | phasefx joined #koha | |
| 12:13 | aleisha joined #koha | |
| 12:13 | dcook joined #koha | |
| 12:13 | eythian joined #koha | |
| 12:13 | irma joined #koha | |
| 12:13 | ngourlay joined #koha | |
| 12:13 | irma_ joined #koha | |
| 12:13 | papa joined #koha | |
| 12:13 | marcelr joined #koha | |
| 12:13 | sophie_m joined #koha | |
| 12:13 | nlegrand joined #koha | |
| 12:13 | ashimema joined #koha | |
| 12:14 | wajasu joined #koha | |
| 12:14 | gaetan_B joined #koha | |
| 12:21 | dbs joined #koha | |
| 12:54 | NateC joined #koha | |
| 12:55 | meliss joined #koha | |
| 13:10 | NateC joined #koha | |
| 13:26 | edveal joined #koha | |
| 13:35 | collum joined #koha | |
| 13:36 | Dyrcona joined #koha | |
| 13:52 | drojf joined #koha | |
| 14:02 | carmenh joined #koha | |
| 14:14 | meliss joined #koha | |
| 14:17 | edveal joined #koha | |
| 14:21 | JoshB joined #koha | |
| 14:23 | maryj joined #koha | |
| 14:23 | maryj joined #koha | |
| 14:24 | drojf1 joined #koha | |
| 14:26 | cma joined #koha | |
| 15:08 | rocio joined #koha | |
| 15:58 | * chris_n | bangs a pan |
| 16:02 | tgoat joined #koha | |
| 16:02 | Oak joined #koha | |
| 16:03 | * Oak | waves |
| 16:03 | Oak | @seen cait |
| 16:03 | huginn | Oak: cait was last seen in #koha 8 hours, 41 minutes, and 29 seconds ago: <cait> bye |
| 16:40 | gaetan_B | bye |
| 17:21 | phasefx joined #koha | |
| 17:25 | cait joined #koha | |
| 17:43 | drojf joined #koha | |
| 18:48 | kmlussier joined #koha | |
| 18:57 | reiveune | bye |
| 18:57 | reiveune left #koha | |
| 19:05 | hankbank joined #koha | |
| 19:39 | * cait | waves |
| 19:41 | chris_n | some sort of holiday? |
| 19:41 | mighty quiet in here today | |
| 19:46 | rangi | yeah it is quiet |
| 19:47 | * cait | nods |
| 19:47 | cait | i had training today, didn't read back |
| 19:50 | jeff_ joined #koha | |
| 19:54 | trea joined #koha | |
| 20:11 | eythian | hi |
| 20:11 | wahanui | hi, eythian |
| 20:19 | drojf1 joined #koha | |
| 20:28 | cait | hi eythian |
| 20:29 | drojf | hi cait and eythian |
| 20:29 | cait | hi drojf |
| 20:50 | rangi | @later tell dcook in your hunt for encrypted backups done right, you should look at obnam |
| 20:50 | huginn | rangi: The operation succeeded. |
| 21:26 | kathryn joined #koha | |
| 21:52 | dcook | rangi: I've been pondering obnam a bit. Haven't gotten there yet though. |
| 21:52 | Actually, I did install it to this VM I have right here... | |
| 21:52 | I don't imagine it's solved the whole storing your passphrase in the clear though :/ | |
| 21:52 | The only way around that I can see is using full disk encryption, which isn't necessarily that feasible on a system used by multiple people :/ | |
| 21:56 | akafred joined #koha | |
| 21:57 | rangi | gpg-agent and a passphrase, dont store anything in the clear |
| 22:10 | dcook | rangi: I was thinking a bit about gpg-agent |
| 22:10 | But then it's not totally automated either | |
| 22:11 | You'd still need to provide the agent with the key, enter the passphrase to unlock it, and then let things go on their merry way | |
| 22:11 | rangi | id probably trade fully automated for not being owned |
| 22:11 | dcook | hehe |
| 22:11 | I admit that this is my conclusion as well :) | |
| 22:11 | How do you use gpg-agent? | |
| 22:12 | I've thought about using a Yubikey or maybe a card (although then I'd need a reader, so the Yubikey is just a better bet) | |
| 22:12 | eythian | there's nothing particularly wrong with storing a passphrase on the device doing the backups. If they can get to the passphrase, they don't need the backups anyway. |
| 22:12 | dcook | eythian: not necessarily |
| 22:12 | On my system, my home directories are encrypted, so they could restart the device but my directories would still be encrypted even if they had root | |
| 22:13 | rangi | i have it in my .bash_profile |
| 22:13 | dcook | (of course they could set something up to steal data from me later, but it would stop an immediate attack) |
| 22:13 | NateC joined #koha | |
| 22:13 | rangi | http://paste.koha-community.org/307 |
| 22:14 | NateC joined #koha | |
| 22:14 | dcook | rangi: So that's for a non-graphical environment? |
| 22:15 | rangi | is there any other kind? |
| 22:15 | dcook | :p |
| 22:15 | cait | heh |
| 22:15 | dcook | hey cait :) |
| 22:16 | rangi: So once the agent is running, does it ask for your passphrase once or for each request? | |
| 22:16 | And if the former, is it when you connect? | |
| 22:17 | rangi | it asks you the first time the key is used |
| 22:18 | then not again unless you reboot the machine, or kill the agent | |
| 22:19 | dcook | Right. Cool beans. |
| 22:19 | Although now that I think about it... that would just be for your user | |
| 22:19 | Would would you do if you wanted to do automated encrypted backups as root? | |
| 22:19 | So that you can spin off your /etc and maybe /var from time to time? | |
| 22:20 | I'm actually fairly content with some of the user-level options I've been pondering | |
| 22:20 | eythian | hmm, usually(?) the agent forgets the passphrase after 5 or 10 minutes for me |
| 22:20 | I'm not sure if this is something I configured or not though | |
| 22:21 | dcook | Hmm, sounds configurable. Don't see anything on the manpage. |
| 22:21 | eythian: Oh, I noticed that Debian automounted a ext4 volume using the label as well last night | |
| 22:21 | eythian | ah cool |
| 22:21 | dcook | I'll probably suggest using the label to the Deja Dup maintainer then |
| 22:22 | cait | hi and good night :) |
| 22:22 | dcook | night cait :) |
| 22:22 | eythian: Any thoughts on auto encrypted backups as root? :/ | |
| 22:22 | cait left #koha | |
| 22:22 | eythian | bye cait |
| 22:22 | dcook: there's a few options depending on what your use cases are. | |
| 22:23 | dcook | eythian: I'd love to hear them :) |
| 22:23 | eythian | You could store a passphraseless gpg key on the machine that's only used for this, and is safely stored elsewhere. |
| 22:23 | You could have the passphrase in a file. | |
| 22:23 | Things like that. | |
| 22:24 | if your threat model is that someone is going to break into your machine and use what they find there to access your physically separate backups, I think you're already screwed and need to reevaluate your security overall. | |
| 22:25 | dcook | Well, only the offsite backup is physically separate really |
| 22:25 | The onsite one is attached as it's still being backed up. | |
| 22:25 | So a person could just sit there, get the passphrase and/or key, then take the backup or just access the backup on the spot | |
| 22:26 | Mind you... I suppose that's not that different to having a locked box in your house | |
| 22:26 | As someone could just break into it with a drill or a hammer | |
| 22:26 | There will almost always be a tool that someone could use if they have that tool and the will to use it | |
| 22:27 | eythian/rangi: So with obnam... does it store the public key for encrypting, and request the private key when doing diffs? | |
| 22:28 | (the request being handled by gpg and gpg-agent of course) | |
| 22:28 | eythian | well |
| 22:28 | it's not really that simple | |
| 22:28 | (aiui) | |
| 22:28 | you'd be best off asking liw | |
| 22:28 | dcook | @seen liw |
| 22:28 | huginn | dcook: liw was last seen in #koha 5 days, 2 hours, 55 minutes, and 50 seconds ago: <liw> I don't know if this is a feeling librarians ever have: I've just moved back to Finland, and have today gotten my bookcase and books back. Sorting through my books is a weird mix of "oh no more books" and "oh look, I'd forgotten this gem, I really liked reading it" |
| 22:28 | dcook | I suppose I should just email him, as I doubt I'll catch him on here |
| 22:29 | eythian | but you need to look into a) what purpose your backups are to serve, and b) what bad things could happen to them that you want to guard against |
| 22:29 | and what level of security you're willing to trade for automated backups. | |
| 22:31 | dcook | Yeah, those are the questions I've been asking myself the past few days |
| 22:32 | Actually, a friend of mine raised an interesting point about how we have this fear of losing our archives, but what would happen if we actually did? | |
| 22:32 | In a lot of cases, it probably wouldn't matter at all | |
| 22:33 | I knew a women once who lost every single possession she had when her house burnt down in her teens. | |
| 22:33 | She said she didn't miss a thing, except maybe the occasional photograph | |
| 22:33 | I think that's one of the first lessons for archivists too. Not everything is worth keeping. | |
| 22:34 | I suppose the backups as root would just be preserving configuration which isn't sensitive at all... so it wouldn't be a big deal to store the passphrase in a file. | |
| 22:34 | Whereas backing up personal data would be more sensitive... but there are already pretty good tools for doing that more safely | |
| 22:35 | s/safely/securely/ | |
| 22:35 | eythian++ | |
| 22:35 | rangi++ | |
| 22:35 | Always glad to have you two to talk to about these things :) | |
| 22:35 | eythian | a) stuff in /etc can be sensitive, b) if you want automated encrypted backups, you _must_ have some encryption key of some type stored somewhere. |
| 22:35 | There's no other option | |
| 22:35 | ibeardslee | dcook: although someone may not miss something, that doesn't necessarily mean that it has no value to others |
| 22:36 | eythian | (unless you could do some kind of streaming with PKI, but that's not very efficient.) |
| 22:36 | dcook | ibeardslee: True, I was thinking more so in the case of not backing something up rather than losing it to someone else. |
| 22:36 | ibeardslee | plenty of old pots have been discarded over the years, but they tell us a lot about that culture |
| 22:36 | * dcook | so wants to discard some of his old pots and pans... |
| 22:36 | eythian | I mean, you could tar.gz everything with a public key every time, that's quite safe, but more hassle. |
| 22:37 | but you also need to be sure that you have the stuff to do recovery when you need to. | |
| 22:37 | otherwise you don't have bakups... | |
| 22:37 | dcook | I was thinking about tar.gz everything with a public key, and keeping the key on a usb or something like that |
| 22:37 | eythian: yep | |
| 22:37 | Actually, that's something someone suggested as well (while warning against obnam and duplicity) | |
| 22:37 | If you use tar.gz and GPG, it's pretty darned cross platform | |
| 22:38 | eythian | but, if you have a lot of data, that fast becomes impractical, as you can only do a full backup each time. |
| 22:38 | dcook | Agreed |
| 22:38 | That was my criticism as well. | |
| 22:38 | Although in my case, I don't have much data, so it could work... for now. | |
| 22:41 | ngourlay joined #koha | |
| 22:48 | eythian | chris_n: new .deb published for PDF::Reuse |
| 22:49 | wahanui: kids these days is <reply>They're so adolescent! | |
| 22:49 | wahanui | OK, eythian. |
| 22:52 | dcook | Oh right... the boss just reminded me of another idea... |
| 22:52 | Where you embed a password in a compiled program | |
| 22:53 | I was then thinking about how to reverse engineer a compiled C program.. | |
| 22:53 | Well, not reverse engineer... but uncompile.. | |
| 22:54 | decompile I suppose | |
| 22:54 | rangi | yeah, it doenst win you much, for a crap ton of effort |
| 22:54 | there are pretty good decompilers out there | |
| 22:55 | im sure we'll see one or 2 in action at kiwicon | |
| 22:55 | dcook | How long until kiwicon now? |
| 22:56 | rangi | couple of days |
| 23:03 | dcook | Looks like it should be a good time :) |
| 23:09 | kmlussier left #koha | |
| 23:11 | dani joined #koha | |
| 23:12 | dani | hello |
| 23:13 | jcamins do you have a second for a question about authorities? | |
| 23:29 | dcook | liw is hilarious |
| 23:29 | "For example, if the clown gang kidnaps you, your spouse might need access to your backups to be able to contact your MI6 handler to ask them to rescue you." | |
| 23:29 | Of course, my spouse doesn't know I'm a Canadian spy, so not quite relevant... | |
| 23:31 | papa joined #koha |
← Previous day | Today | Next day → | Search | Index