| Guest18 | general linux questions are ok? I have a network card eth9 that is inside a network namespace and has IP 10.0.9.1 . How can I make sure computers that connect to that card, on IP 10.0.9.1, can talk to my main sshd server that lives outside of network namespace (in global) and has IP 10.0.1.1 ? some TCP tunnel.. redirect... something? | 11:26 |
|---|---|---|
| cousin_luigi | Guest18: I'm not sure what a network namespace is, but one usually forwards traffic. | 11:30 |
| djph | Guest18: those hosts would talk to 10.0.1.1 | 11:33 |
| djph | Guest18: well, presumably, you've set it up right where the NIC has both addresses | 11:34 |
| Guest18 | djph these hosts can't reach 10.0.1.1 they can only reach 10.0.9.1 that is in namespace | 11:54 |
| Guest18 | ideally I would tell sshd to listen also on 10.0.9.1:22 but in namespace ns9. I don't thing there is such ssh option | 11:54 |
| Guest18 | so... some setup, maybe program like nc or socat, to forward data from 10.0.9.1 namespace ns1, into 10.0.1.1 global ns | 11:55 |
| djph | Guest18: so you need your box to be a router. | 12:28 |
| cousin_luigi | Guest18: You won't be able to use the same A record for ssh traffic coming from different interfaces. | 12:32 |
| cousin_luigi | That's messy, just forward | 12:33 |
| rrq | Guest18: don't you want an sshd within the namespace? | 12:34 |
| rrq | i.e. you run two of them | 12:35 |
| rrq | otherwise you'd need a veth link btw namespace and outside, and forwaring | 12:37 |
| rrq | d | 12:37 |
| rrq | (or DNATing within the namesapce would be fine too) | 12:39 |
| Guest18 | rrq I want to run just 1 sshd in this case | 13:18 |
| Guest18 | solved it using socat. just socat to listen in namespace on some port, and redirect to TCP main-IP main-port ; already had a way to reach global ns from inside ns using veth virtual card, so just used that | 13:19 |
| Guest18 | it's a hack as all connections are coming from same local IP, besides logging of socat itself. but works for now, thx anyway | 13:27 |
| Hurgotron | Trying to do a desktop install of Daedalus... the Refracta installer fails at chroot. Directory /lib/x86_64-linux-gnu inside /target neing empty seems to be the reason. Any Ideas? | 16:30 |
| Hurgotron | *bing | 16:30 |
| Hurgotron | *being gah | 16:30 |
| jonadab | Are we using the word "namespace" to mean a subnet now? | 16:36 |
| jonadab | Hurgotron: If the installer wants a directory to be empty and it isn't, this is usually a sign that you're trying to install overtop of an existing install. The installer doesn't like that. | 16:38 |
| jonadab | Available drive space permitting, try doing something like cd /target ; mkdir old ; mv * old/ | 16:39 |
| jonadab | And then start the install. | 16:39 |
| jonadab | Once the install is done you can go digging around in the old stuff for any data you want to recover. | 16:40 |
| Hurgotron | jonadab: That's not the error from the refractainstaller.log. Just that the chroot fails, and /lib/x86_64-linux-gnu being empty, so no libs, no programs can be executed inside chroot | 16:43 |
| jonadab | Oh, hmm. | 16:43 |
| jonadab | THAT sounds like some earlier step didn't take place that should have. | 16:44 |
| Hurgotron | ok got it. root_fs which is mounted to /target is just 90M big. No idea why though | 16:46 |
| jonadab | Oh, hah, that would do it. | 18:30 |
| jonadab | Maybe switch to manual partitioning. | 18:30 |
| jonadab | Though I have no idea what on earth would cause the guided/auto partitioning to goof up that badly. | 18:31 |
| jonadab | (I don't have much experience with the guided/auto partitioning though; I basically always do manual.) | 18:32 |
| cousin_luigi | jonadab: Wise choice. | 18:35 |
| cousin_luigi | What is the correct place for extending apparmor profiles? e.g. allowing access to more files/paths? | 18:55 |
| jonadab | I should learn how to use AppArmor one of these days. | 19:49 |
| jonadab | The basic concept behind it is a good one. | 19:49 |
| rustyaxe | anyone notice bluetoothd crashing after audio is closed, starting recently? :) | 20:46 |
| fluffywolf | I haven't had that happen. | 20:52 |
Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!