23 Jun 2021 |
hexa | rough. can we move it to #networking:nixos.org still? | 14:24:00 |
hexa | * rough. can we move it to #networking:nixos.org still? if both of you have issues like this it should probably be investigated further. | 14:24:21 |
hexa | pennae: on the topic of privsep, dhcpcd should get a privsep user when we can ensure it is used through the module, which in turn ensures the user exists | 14:26:14 |
hexa | at one point there as a dhcpcd user allocated, see e9cd877921cc4164aa0ba57ae1fd7526ec6440c3 | 14:28:37 |
hexa | * at one point there even was a dhcpcd user allocated, see e9cd877921cc4164aa0ba57ae1fd7526ec6440c3 | 14:28:40 |
pennae | that's been a while | 14:29:06 |
hexa | would you want to look into that further? | 14:29:12 |
pennae | not sure we're qualified | 14:29:49 |
hexa | can only encourage you to try 😀 | 14:34:18 |
pennae | might try at some point. the last module we tried to modify kind of fizzled in review 😶 | 14:35:38 |
hexa | there are even nixos tests that you can use to verify you didn't break anything :) | 14:35:42 |
pennae | grubbing around in system daemons is a bit scary tbh at least mosquitto isn't that important (and also had tests (that were half broken)) | 14:39:27 |
hexa | mosquitto was also haphazardly bumped a major version number just before the release | 14:51:25 |
hexa | ignoring the resulitng breakage, not nice. | 14:51:43 |
pennae | and our PR to fix the module being extremely limited has seen basically no review since ... when was it, beginning of may? | 14:53:53 |
pennae | at leas the bump didn't break anything here :/ | 14:54:31 |
pennae | oh hey, you're on that one as a reviewer hexa 😛 | 15:26:13 |
hexa | uh, yeah. I know 😓 | 15:26:51 |
hexa | I did the systemd hardening on that module and something else | 15:27:14 |
pennae | ah well. | 15:30:18 |
Linux Hackerman | hexa: no plans currently, he said he might remove his maintainership (I'm guessing across the board) | 15:34:35 |
hexa | yeah, I didn't expect him to suddenly turn up again | 15:35:08 |
ris_ | think i'm there with 2/3 of the dovecot backports, but think I'm going to skip CVE-2020-28200 as it's "only" an excessive resource consumption bug and common opinion is that it's too significant to backport, looking at it i'm inclined to agree | 18:06:29 |
hexa | sgtm | 18:14:35 |
| julm joined the room. | 21:18:13 |
| julm left the room. | 23:52:28 |
24 Jun 2021 |
| julm joined the room. | 00:12:04 |
| julm left the room. | 03:41:34 |
| julm joined the room. | 03:41:36 |
| julm left the room. | 10:36:46 |