I will refrain from looking up who decided that #FreeBSD needed to lose a magic comment line from every init script and config file but didn’t need etcupdate (or whatever we're calling mergemaster now) to understand that change as a no-op, because if I were to identify that person I would feel compelled to find them and extract my wasted time from the front end of their remaining lifespan.
So, this thing installs a cron job. Fine. It calls a shell script every 7 minutes. That is a really short script because all it does is grep the output of ps for the agent and uses 'service' to start it if not. Which would be fine on an old Linux system. This is not so old that 'service' doesn’t just redirect to systemctl and chide the user. So we were getting mail to root every 7 minutes.
I assume there’s some reason they don’t just actually make it a service. #Sysadminnery#GrumpyTesting
And why is secure.log growing? Oh, look, that ‘sensor’ is doing a bunch of stuff using ‘sudo’ which is funny when you consider that it is running as root and has no documentation of how to run it in any other way. I think that means it is actually firing off a shell to run the sudo command…
It has become too cheap to launch processes. (not my real issue here…)
#IPv6 is anti-capitalist.
IPv4 address space is an exploitable scarcity that ISPs do not want to give up. We can’t each have our own IPv4 address, so money determines who gets one (or more.) By design, IPv6 gives every network 2^64 addresses and there are 2^64 of those networks. It is difficult to conceive of a way to use enough of it to ever be constraining. #InfoSec#Sysadminnery… (1/2)
#PSA: If you do not understand how your whiz-bang #NextCloud instance is doing encryption, don’t fiddle around with it to make it "more secure." I.e. DO NOT close that admin backdoor "master key."
I hate the fact that 5 years after coming back to this gig I am still cleaning up from shit done in my 2-year hiatus.