November 2015 - Roundtable

System accounting misbehaviour in MacOS X 10.10 (Yosemite)
by Gilbert E. Detillieux 03 Nov '15

03 Nov '15

After Adam's mini-presentation on classic UNIX system accounting (sa, lastcomm) at the October meeting, I decided to set it up on various Linux and MacOS X systems I maintain. I came across a curious issue under MacOS X, where timestamps were correct for root processes, but wrong for everyone else. Turns out, I'm not alone in noticing this... http://unix.stackexchange.com/questions/206815/system-accounting-misbehavio… I haven't found any solution to this, nor anything from Apple documenting this. I imagine this is not likely to be a priority issue for anyone, though. -- Manitoba UNIX User Group E-mail: <gedetil(a)muug.mb.ca> c/o Gilbert E. Detillieux Web: http://www.muug.mb.ca/ University of Manitoba Phone: (204)474-8161 Winnipeg MB CANADA R3T 2N2 Fax: (204)474-7609

1 0

MUUG Meeting, Nov 10, 7:30pm -- Elasticsearch, Logstash, and Kibana
by Gilbert E. Detillieux 03 Nov '15

03 Nov '15

The Manitoba UNIX User Group (MUUG) will be holding its next monthly meeting on Tuesday, November 10. The meeting topic for this month is as follows: Elasticsearch, Logstash, and Kibana Robert Keizer will be doing a presentation on Elasticsearch, Logstash, and Kibana. The presentation will focus on running these systems in a production environment. Elasticsearch is a highly available NoSQL distributed database which is primarily used for real-time and deep searching. When used in conjunction, these systems provide a very robust and feature-complete solution for enterprise log management. Rob will go through setting up and installing all three systems, as well as provide an overview and example of these systems. RTFM For this month's RTFM, Gilbert Detillieux will talk about the getcap(8) and setcap(8) commands, used to control Linux capabilities(7) as an alternative to using setuid-root binaries. This provides a safer way of allowing unprivileged users to execute operations normally requiring root permission. AGM Plus, this month's meeting is the MUUG annual general meeting, which included the election of the MUUG board of directors for the 2015-2016 year (which will be by acclamation). There is also a notice of motion to ammend the MUUG by-laws. The group holds its general meetings at 7:30pm on the second Tuesday of every month from September to June. (There are no meetings in July and August.) Meetings are open to the general public; you don't have to be a MUUG member to attend. ****************************************************************** Please note our *NEW* meeting location for this month: *Room 1M28* Manitoba Hall, University of Winnipeg, entrance on Ellice Ave. between Spence St. and Balmoral St. Parking is available on the surrounding streets and in the lots on nearby streets. Look for signage once you're at the building, or ask a security guard. ****************************************************************** For more information about MUUG, and its monthly meetings, check out their web server: http://www.muug.mb.ca/ Help us promote this month's meeting, by putting this poster up on your workplace bulletin board or other suitable public message board: http://www.muug.mb.ca/meetings/MUUGmeeting.pdf -- Manitoba UNIX User Group E-mail: <gedetil(a)muug.mb.ca> c/o Gilbert E. Detillieux Web: http://www.muug.mb.ca/ University of Manitoba Phone: (204)474-8161 Winnipeg MB CANADA R3T 2N2 Fax: (204)474-7609

1 0

CentOS 6.6 -> 6.7 update?
by Adam Thompson 03 Nov '15

03 Nov '15

Has anyone had their CentOS 6.x systems automatically update to 6.7 yet? All of mine appear stuck at 6.6 for reasons as-yet-unknown. ("yum upgrade" usually takes it up to the latest point release, IIRC) -Adam

1 1

Music Science ebook
by Trevor Cordes 03 Nov '15

03 Nov '15

Slightly o/t: Free ebook from O'Reilly. Some MUUGers might find this interesting. Links between big data and music (i.e. pop songs). http://www.oreilly.com/data/free/data-and-music.csp (have to give your name/email, but they aren't spammers)

1 0

forcing dns over vpn
by Trevor Cordes 02 Nov '15

02 Nov '15

I've setup a linux server with a strongswan VPN server. I have a Win7 (also, separately, Android) client (builtin IKEv2) connecting ok to the linux server. Things seemed to be VPN'ing nicely. I can get to internal hosts on other subnets I wouldn't be able to see without the VPN. I can watch the ESP traffic to/from the client with tcpdump. (For these tests the clients are on a separate locked-down subnet for my wifi.) But I noticed some traffic isn't using the VPN. It's just coming in on the normal wifi connection/subnet. In particular, I'm looking at DNS udp port 53. If I ping from Windows to wherever, the dns occurs over non-VPN (I run my own caching name server, so the same linux server is the DNS server in this case.) I want dns to hit my server over the VPN. The strongswan is configured on server to provide a DNS server entry to the client. I can confirm Windows is seeing the proper DNS server on the VPN with ipconfig /all. I can even try to set those servers manually in the Win7 VPN properties menus. But the dns query never goes out over the VPN. For kicks I iptables'd out port 53 from the non-VPN'd IP and then the client can't resolve anything (ie it doesn't fallback to using the VPN). So if I ping from the VPN to anywhere on the net, the DNS is not VPN'd but the ICMP *is*. Same with web browsing: it seems to do non-VPN DNS and then VPN the http traffic. How can I force the Windows client to force *all* traffic over the VPN? Especially DNS. After that's fixed, how can I force *all* traffic over the VPN on Android? I've heard rumours Android screws with VPN and makes some things impossible. Thanks!

2 1