Intentionally blank.

home | blog | Teh Internet | guest blog |rants | placeholder | political | projects | Gwen and Liam | Citadel patched | Tools | Scouts

- Careful Chrome users, this search box might be "Not secure"

5 September 2019, 19:40 UTCpip have you down?

Getting this:

Traceback (most recent call last):
  File "/usr/bin/pip", line 9, in <module>
    from pip import main
ImportError: cannot import name main

Try this instead:
python -m pip (whatever pip command you wanted)


8 August 2019, 3:58 UTCI can do anything you want...

You just need the patience to explain what it is.


29 July 2019, 19:02 UTCSo long and thanks for all the fish! Gmail:

So, it is now time for you walled garden email folks to say goodbye!
Much of your current access to your account is going away:
Breakage to follow - might want to migrate items like copiers and what not to another service for email connectivity.
Get ready for phone / webmail only access. Have fun with that.
..."on October 30, 2019, we’ll begin removing the setting to “Enforce access to less secure apps for all users” from the Google Admin console. "
I feel more secure already.


24 July 2019, 16:20 UTCencryption is the (new/old) boogeyman again:

Attorney General William Barr showing his domain knowledge:
- Rebuttal from Bruce Schneier :
No re-copy for posterity before as I trust Bruce to keep up a blog long term :-)


24 July 2019, 15:13 UTCversioning considered useful (to some)

Ever see the following:
git commit comment like: upgrade checkin
- followed by 3995 files changed.
Should be easy to figure out the single file changed versus the other updates lumped in to the commit.


22 July 2019, 16:51 UTCVirtualmin and disappearing Apache

Are you getting failures to graceful start of Apache at logrotation?
Something like this in your logs?

[core:warn] [pid 1234:tid 123456789012345] AH00098: pid file /var/run/apache2/ overwritten -- Unclean shutdown of previous Apache run?
[mpm_event:notice] [pid 1234:tid 123456789012345] AH00489: Apache/2.x.xx (Ubuntu) mod_fcgid/x.x.x OpenSSL/ configured -- resuming normal operations
...[mpm_event:notice] [pid 1234:tid 123456789012345] AH00493: SIGUSR1 received.  Doing graceful restart
[core:notice] [pid 1234] AH00060: seg fault or similar nasty error detected in the parent process
[fcgid:error] [pid 1235:tid 123456789012346] FastCGI process 1235 still did not exit, terminating forcefully

Looks like some changes were made that don't get re-applied to older Virtualmin installs (2018 era and before):
I think I might have been here before and fixed it with this:
See the "Q: Why are the apache logs not rotating?" bit....
Looks like the combined logrotate with many log lines in it is the "fix" for now.
If you already had that and are still having issues, try to bump up the sleep time out.

Ok, update time. Got sick of babysitting this thing and added a cron job with this:
Bit of a hack, but seems to be "working" for now, and allow for minimal downtime in the wee hours of the night!


21 June 2019, 20:31 UTCrdesktop not working for you using certs?

Give xfreerdp a shot:

xfreerdp /u:"someuser" /v:server:3389


21 June 2019, 19:22 UTCsystemctl output

Strange days indeed:

systemctl status -l | iconv -f UTF-8 -t ASCII//TRANSLIT | sed 's/|//g' | sed 's/+-//g' | awk '{$1=$1;print}'

To do a quick comparison of what systemd thinks is the list of PPID's for Apache that are running, versus
the list ps gives.
Would have thought it would have been a quick thing, but argh.

In case that goes away:

please remove unicode from systemd outputs ... it's insane .. and fire please that teenager who did it.
please, consult that with some older and more experienced colleague (or any other responsible adult you
have avail around there) if you're in doubts .. I'm tired to explain, that logs should be ascii plaintext
and that they are very often parsed in industry by stupid old tools that choke on your sexy (and cunning) unicode ..



18 June 2019, 19:26 UTCBravo Microsoft - KB4503267
UPDATE - KB4503294
Apparently this one fixes the logging issue!
But of course, it comes with some possible side effects...

When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error,
"MMC has detected an error in a snap-in and will unload it." and the app may stop responding
or close. You may also receive the same error when using Filter Current Log in the Action menu
with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

"you may receive the error",
"the app may stop responding or close."

... weasel words. If it happens 100% of the time, it is not
a may or might...
Ok, walk it back a bit. It was some of them. Still don't feel good about some items using the same software base
breaking in different ways from the same patch. - still reserving disgust.
Love the - use powershell after a bit of programming workaround bit as well (every time you wan't to view the logs!) - ugh...
Can't wait until Systemd logging makes this move :-)


To work around this issue, copy and paste the following function into a PowerShell window and run it.
You can now use the command get-EventViewer at the PowerShell prompt to view your Custom Views.
You will need to re-enter the function each time you open a new PowerShell window.
Note The get-EventViewer function will only allow you to view previously defined Custom Views.
To create new Custom Views, see Creating Get-WinEvent queries with FilterHashtable.

function get-EventViewer {
                Write-Output "List of custom views on the machine"
                Write-Output ""
                Get-ChildItem "C:\ProgramData\Microsoft\Event Viewer\Views" -Filter *.xml | % { select-xml -Path $_.FullName -xpath "//Name" } | Select-Object -ExpandProperty Node | Select-Object -ExpandProperty InnerXml
                Write-Output ""
                $view_name = Read-Host "Enter the name of custom view to execute"
                # Get the file name of the view
                $ViewFile = Get-ChildItem "C:\ProgramData\Microsoft\Event Viewer\Views" -Filter *.xml | where-object { (Select-Xml -Path $_.FullName -xpath "//Name").Node.InnerXml -eq $view_name }
                Get-WinEvent -FilterXml ([xml]((Select-Xml -Path $ViewFile.FullName -XPath "//QueryList").node.OuterXml))


18 June 2019, 1:52 UTCSACKED - CVE-2019-11477, CVE-2019-11478, and CVE-2019-11479

/proc/sys/net/ipv4/tcp_sack - TCP Selective Acknowledgements. They can    
reduce retransmissions, however make servers more prone to DDoS Attacks   
and increase CPU utilization.

Uh, so what did Netflix to, read the kernel documentation?
Good advice from Suse:
Give this a shot if you find you need relief (with a trade-off):
echo 0 > /proc/sys/net/ipv4/tcp_sack


29 May 2019, 4:01 UTCDrop Android phones from your network?:
24 May 2019, 17:20 UTCPython 2.7 still? Unicode and conversions...
21 May 2019, 20:53 UTCShoot the messenger:
20 May 2019, 18:04 UTCNice 'n blinkey...
20 May 2019, 18:02 UTCSupport portal broken, loop, use Support portal...
14 May 2019, 21:21 UTCThe next worm for older Microsoft OS's?
9 May 2019, 3:56 UTCMySQL vs MariaDB
9 May 2019, 3:42 UTCBreak down barriers
30 April 2019, 3:58 UTCBlah... is now open source...
29 April 2019, 19:30 UTCvi / vim stuff:
27 April 2019, 5:43 UTCFun Google search:
26 April 2019, 4:05 UTCLight reading:
23 April 2019, 20:09 UTCGopher links:
23 April 2019, 14:50 UTCMagento bits
3 April 2019, 20:31 UTCnetplan with a plan (dhcp and alt dns servers):
13 March 2019, 13:21 UTCMore systemd in the way. - deluser.
17 January 2019, 21:46 UTCInstalling .Net 3.5 on Windows 10 and failing?
31 December 2018, 23:04 UTCcompgen -c (you complete me)
16 December 2018, 6:03 UTCRIP Timothy C. May - December 2018
11 December 2018, 12:43 UTCFirewalld - what is it?

All older entries

[atom feed]