@gjacobse said in Linux History: Not clearing between -:

History is a great tool to have - But it has gotten a bit long on the Ubuntu system I have running.

Accessing from Windows - it's aver 180 lines now,.. and I've cleared it via history -c. Yet when I access the same system from Termius all 180(+) lines are there. Running history -c clears, but then on Windows - it's still there.

This is using the same sign-on, just a different device in which the system is accessed.

To not make assumptions - am I interrupting how the -c works incorrectly? Or should it indeed clear it regardless of access source?

which Ubuntu? There was a bug in older ones (maybe current too not sure) that it didn't clear the history.

You can try history -cw but if that doesn't work just echo "" > ~/.bash_history

So the new release (0.0.5) adds a cli tool to control things. Here's a video:

Youtube Video

So here's a playground example of using functional options and error handling: https://play.golang.org/p/cfw7axv6pjO

The advantage over method chaining is that we can return our errors correctly this way. Using the following as an example, I can return my error the whole way to the function call in main() and only need to handle it in a single place.

type MethodOption func(*http.Request) (*http.Request, error)

func NewRequest(opt ...MethodOption) (*http.Request, error) {
	r := &http.Request{}
	var err error

	for _, opt := range opt {
		r, err = opt(r)
		if err != nil {
		   return nil, err
		}
	}
	

	return r, nil
}

func SetURL(URL string) MethodOption {
	return func(r *http.Request) (*http.Request, error) {
		u, err := url.Parse(URL)
		if err != nil {
			return nil, err
		}
		r.URL = u
		return r, nil
	}
}

	req, err := NewRequest(
		SetURL("https://google.com"),
	)
	if err!= nil {
		fmt.Println(err)
		os.Exit(1)
	}

I just use CloudFlare for families. If I need to, I can change DNS on whatever to view something.

@Dashrender said in Local Encryption ... Why Not?:

@scottalanmiller said in Local Encryption ... Why Not?:

@jmoore said in Local Encryption ... Why Not?:

I've advocated we store nothing on our laptops but so far its had little effect. We are very backward here unfortunately. I think storing mostly online is very good and makes services like Nextcloud very valuable in this scenario.

It was turned on by the vendor when delivered. Nothing was stored on the device and they had no idea that there was encryption on it.

A new laptop showed up that way once - I was like - wth?

I think the bigger question was, it didn't get reimaged to whatever standard they're using?

@JaredBusch said in Tactical RMM:

Looks like he started it last year.
https://github.com/wh1te909?tab=overview&from=2019-12-01&to=2019-12-31

if you go back to 2018 he opened an issue on MeshCentral.

Yeah that's impressive for only 10 months of work.

@scottalanmiller said in When Does It Stop Even Being IT: Buyers vs Doers:

This is a huge part of why you see it as not working. You aren't trying to change your ecosystem, you are trying to use LibreOffice as MS Office, rather than using it apples to apples. Try using MS Office to read LibreOffice files, it's not good either.
Actually switch to LibreOffice, don't go halfway, and you'll be amazed at how totally great it is.

Until someone outside of the company sends you a file. You can't say that exclusively using ODF files or even writing xlsx/docx files with libreoffice fixes the issue. Sure maybe for the random spreadsheet or word document you'r eusing internally. But business rely on external information. A lot of that comes in the form of office documents.

@scottalanmiller said in When Does It Stop Even Being IT: Buyers vs Doers:

@IRJ said in When Does It Stop Even Being IT: Buyers vs Doers:

As you mentioned, LibreOffice and MS Office have compatibility issues and the rest of the world uses MS Office.

This is where things get weird. What do I care what the internal document format is of some other company? First of all, our partners don't primary use MS Office, but ignoring that, neither we, nor the majority of companies we work with, nor most any company that I've ever worked at (anecdotes, I know) should be, or are, exchanging data via office documents. It's an editing tool, not a final results tool. We don't send spreadsheets between companies. And Word style docs are turned into PDFs before going to or from another company.

Sharing office docs in editable form is a huge security risk, and just generally goofy. Are there exceptions? Of course. But it's almost always a broken workflow. It's not a format or tool meant for that kind of use. So if you can fix the bigger picture, it tends to trickle down and fix lots of other things either.

Now sure, if someone with more clout than IT simply demands that a large company spend millions on MS Office so that one or two people don't need to change a really bad workflow, sometimes there is nothing that you can do. I get it. IT doesn't always get to run IT decisions. But stepping back and putting on my owner hat, you want the business to do what is healthy, and spending loads of money on an expensive to support product, to placate a vendor who is so inconsiderate of our profitability that they use proprietary formats to communicate with us, I generally find a vendor who is actually good rather than acting like I'm powerless to demand they act sensibly.

I have a hard time believing this seeing some of the customers you've mentioned. One specifically recently who just bought a desktop and it wasn't imaged and had an encryption password set that the customer didn't know about. I do not believe in any amount of time, that company is not sending and receiving office files directly.

@jmoore said in Applications; Portable vs. Installed:

@scottalanmiller said in Applications; Portable vs. Installed:

@jmoore said in Applications; Portable vs. Installed:

@scottalanmiller said in Applications; Portable vs. Installed:

A big question would be... why do you want to restrict binaries from users?

Thats the sysadmin decision. He considers it a security measure and I can understand it somewhat.

Does he? Because he's not restricting them in any way, and totally okay with all the portable apps delivered in the web browser, right? So he's totally okay with them. Just confused, I'd guess.

Well, I can't presume to know his mind but hes just trying to limit the damage that can be done i suppose. I am guessing that is what he is thinking.

Is this from a government requirement? The only way to do this is checksum all of your executables. Unless you are required to do this, you're insane.

As has been mentioned I'm sure above (I didn't read everything). The users can create scripts which would count as portable apps and run them. This really is not a road you want to go down unless you are forced to.

@jmoore said in Applications; Portable vs. Installed:

@stacksofplates said in Applications; Portable vs. Installed:

@jmoore said in Applications; Portable vs. Installed:

@scottalanmiller said in Applications; Portable vs. Installed:

@jmoore said in Applications; Portable vs. Installed:

@scottalanmiller said in Applications; Portable vs. Installed:

A big question would be... why do you want to restrict binaries from users?

Thats the sysadmin decision. He considers it a security measure and I can understand it somewhat.

Does he? Because he's not restricting them in any way, and totally okay with all the portable apps delivered in the web browser, right? So he's totally okay with them. Just confused, I'd guess.

Well, I can't presume to know his mind but hes just trying to limit the damage that can be done i suppose. I am guessing that is what he is thinking.

Is this from a government requirement? The only way to do this is checksum all of your executables. Unless you are required to do this, you're insane.

Yes we are a 2 year college and this is what I am told.

Wait you're told it's a government requirement? If so ask for the reference. Because if you aren't 100% required to do this, you are in for pain for no reason.

I worked for a DoD contractor and we fought tooth and nail to get an exception for that.

On Windows I can't help you at all. I mean there's tools like CyberArk but I don't know cost or manageability. On Linux fapolicyd can do whitelisting.

I wish they would make it easier to run your own planet and moons. I think they would be adopted a lot more if they did.

@warren-stanley said in ZeroTier New Website:

looks like it updated - i created a freebie account a little while back (just in case)

That kind of bugs me. I understand that it's 50 devices, whatever. And I've been using it for like 4-5 years now. But why is there no grandfathered plan for already existing members. It used to be like 10, and then they made it 100. Now they're taking some away? I get money and what not, but usually you get grandfathered in instead of just blanked removal.

To be fair, I don't have anywhere near even 50, so I won't be affected. It still just seems like a bleh thing to do.

You can abstract this away even a little further with space based architecture where you have a central db but the services don't talk directly to it. They use in memory database like Ignite, Hazelcast, Aerospike, etc and then the data is replicated back to the central db at some point.

@thejb said in Anyone Know a Good GUI for HAProxy?:

@scottalanmiller

$1200 does seem crazy, but it is an ADC not just a GUI for HAProxy.

Some features include an Accelerator built upon nginx, WAF for security, GSLB and high availability.

For more information on the features - https://www.snapt.net/platforms/aria-adc/features

Is there a reason that you don't natively support deployments to things like k8s? It seems crazy this day and age to not have first class support for that seeing as almost everything will be there. Esp in the enterprise space where this has to be marketed for.

@scottalanmiller said in Topics of Systems Administration:

@stacksofplates said in Topics of Systems Administration:

I have never seen a SA making $400k that never touches anything outside the OS.

Well, you've also said that you've never seen one at all, so this doesn't tell us anything additional. When I've seen roles in IT making over $400K, it's been either because they wear multiple hats and it's generally manager roles that cause the pay increase, or it's from being pure SA. From what I've seen, pure SA is the highest paid IT technical role with any volume to it.

My guess is, once you see pure SA you tend to see it a bit. And when you do see it, and rule out the things called that but clearly aren't, I bet you find (and I truly bet, because there's definitely no data on this) that the average salaries are crazy, like averages well over $150K in the US. Whereas the job by title, rather than responsibility, is like half that or less.

I was a "pure SA" for a fortune 50. I was a "pure SA" for a fortune 1000. No other SA in either (or any other SAs that I have talked to) make anywhere near that. You're the only person that keeps saying this. Job postings for Citi show they aren't "pure SAs" as you claim. One posting I found called the position an SA but wanted Unix, Linux, Windows, Oracle, networking experience. They set the job at medium to senior experience.

The only people I have seen making those numbers are devs for fortune 20s and roles like SRE (that aren't management).

Edit: added the management clarification.

@scottalanmiller said in Topics of Systems Administration:

My first IT job (not software) was as a junior UNIX admin, pure admin, in 1994. Working for the "senior" (who was pretty junior himself I'm guessing looking back) who was also a pure admin. That was my first introduction to it.

By 1999 was doing pure admin on Windows. In 2000, mixed Windows and Linux with just the tiniest addition of application stack (roughly LAMP stack), but the role was nearly all OS.

IBM in 2000 was my first major place where they operated as little SMB silos and while SA was a major part of the day, it was very far from all of it and I had to cover absolutely everything including both CIO and CTO hats. So IBM was about the polar opposite of pure SA.

Worked for Microsoft and Dell in a pure SA role in 2004 and 2005. Then Wall St., pure SA there. Then hedge fund row, same thing. Then non-profit in San Fran, definitely pure SA as well.

IBM certainly felt like the outlier with loads of disorganization and low efficiency. And it showed, they had to close the entire facility for exactly those reasons. From little ten person companies to fortune 10, from grocery to wildly different finance to medical to non-profits.

I'm not saying it's the norm, it's obviously not. But "norm" is weird to define when the alternative is "not-SA". LOL But if we use "companies" as the base number, maybe 1% of companies, at most, will reasonable try to have a real SA role. But then again, only 1% of companies is big enough to have value to it. But those that do, hire a lot and pay a lot.

Just being honest, I have quite a few doubts of your employment history. It seems to change quite a bit to fit the scenario, and there are times where you are working 3 full time jobs for 3 different companies. You say you couldn't get a job after Citi because of a non compete, but they allowed you to work one to two other jobs while you were employed there? That doesn't make any sense.

@scottalanmiller said in Topics of Systems Administration:

@stacksofplates said in Topics of Systems Administration:

@scottalanmiller said in Topics of Systems Administration:

For reference, a hedge fund LOSING a non-compete is so uncommon, that it makes the news. Nothing that makes the news like this, involving two employees, is ever a "guaranteed win". This is an "unlikely win that astounded people."

https://www.pionline.com/courts/bridgewater-loses-case-against-former-employees

This is not an apples to apples comparison. Those two guys left and started their own competing hedge fund. And they took one of Bridgewater's clients.

This is completely different.

Not really, it's slightly different, but it was still two people who weren't competing and didn't do anything wrong and they were sued anyway, and information was falsified. The part that matters (that they had a non-applicable non-compete that was enforced anyway) was the same.

I had no way to take their clients, because I wasn't going into sovereign trading, and therefore was a different industry, prop rather than sovereign, but their claims were the same - nearly identical. So the case I was having to deal with was essentially this one exactly. And I wasn't starting my own firm exactly, but there were startup similarities.

I'm sorry, what? So you're saying that two employees who leave and start a competing hedge fund, possibly take a client, bridgewater having 9 months of discussions with them privately before even opening the arbitration process is only slightly different than a Sr Unix system administrator leaving the company?