Time Nick Message 01:14 wizzyrea @wunder nzwn 01:14 huginn wizzyrea: The current temperature in Wellington, New Zealand is 16.0°C (1:00 PM NZST on September 25, 2014). Conditions: Clear. Humidity: 59%. Dew Point: 8.0°C. Pressure: 29.92 in 1013 hPa (Steady). 01:14 wizzyrea felt a bit warmer than that. 03:41 dcook Hmm, interesting. Anyone else heard this one? http://www.smh.com.au/it-pro/security-it/shell-shock-bash-bug-labelled-largest-ever-to-hit-the-internet-20140925-10ltx1.html 03:41 dcook Or this one? http://blogs.mcafee.com/executive-perspectives/need-know-berserk-mozilla 03:43 eythian dcook: did you even read my email to the list? ;) 03:43 jcamins Yes, it's real. 03:43 dcook Hmm, I hadn't seen one from you. 03:43 eythian I hadn't seen the second one though 03:44 dcook eythian: which list? 03:44 eythian koha list 03:44 wahanui koha list is not hosted by biblibre 03:44 dcook Ahh. Still on digests for that one. I only get the devel ones individually. 03:44 dcook So nope :) 03:45 eythian ah right :) 03:45 eythian our sysadmins have been busily patching for much of the day 03:46 dcook Sounds nasty 03:46 dcook Although not as nasty as some articles make it sound 03:46 dcook (depending on how you've set up your system) 03:47 eythian well 03:47 eythian there'll be many subtle, unexpected places it can be exploited through 03:47 dcook Totes 03:47 eythian e.g. if I set up a dummy AP that your laptop connects to, it's mine now. 03:48 dcook AP? 03:48 eythian wireless access point 03:48 dcook Mmm, I thought that might be it, but only because it reminded me of APN 03:49 dcook Mind you, if you do that in general, you're sort of screwed, no? 03:51 eythian not necessarily 03:51 eythian otherwise you could never use wifi at all 03:52 dcook Well, screwed is relative 03:52 dcook I've been pondering that one for a while though 03:52 dcook If you connect to a dummy AP, then everything you do is proxied through that dummy, yeah? 03:52 dcook I've been wondering if you'd still be safe if you were using SSL.. 03:53 * dcook needs to do more study 03:53 dcook I suppose the dummy could pretend to be the end site though, yeah? 03:53 dcook But that's another thing 03:53 dcook Why would you say that the laptop is "mine now"? 03:54 eythian SSL would protect you, mostly 03:54 eythian a VPN would do even better 03:55 dcook I've heard that about the VPN 03:55 eythian and it'd be mine because once I can run arbitrary code on it as root, which I could do through dhclient, then you can't tell what I've done to it. 03:55 dcook Why can you run arbitrary code as root? 03:55 dcook Ah 03:55 dcook Sorry 03:55 dcook lol 03:55 dcook Pays to read the full sentence 03:55 eythian that's thw whole bug :) 03:56 dcook Hmm 03:56 dcook But how does the attacker inject anything from the start? 03:57 dcook All the tests I see are based on already having shell access 03:57 dcook Or accessing a weird URL 03:58 rangi yeah thats just barely scraping the skin of what is vulnerable 03:58 eythian a DHCP server sends things to the DHCP client. That client does things, and then puts some of those values into envvars and calls a shell script so you can do special things on connect. Then it runs the shell script, which causes the variables to be executed. 03:59 rangi https://access.redhat.com/articles/1200223 03:59 rangi The Dynamic Host Configuration Protocol Client (dhclient) is used to automatically obtain network configuration information via DHCP. This client uses various environment variables and runs Bash to configure the network interface. Connecting to a malicious DHCP server could allow an attacker to run arbitrary code on the client machine. 03:59 rangi basically unless your machine is not connected to the internet ever .. you should update bash ;) 03:59 dcook hehe 04:00 eythian can also do stuff with SSH, though it's authenticated SSH so not so terrible. 04:00 rangi (not even an exageration) 04:00 dcook Yeah, the Errata blog is interesting. Probably heaps of devices that will never be updated. 04:00 eythian but if you're running a git server on it, say... 04:00 dcook (makes sense) 04:00 dcook rangi: Nice one with the Redhat link. 04:01 eythian oh, also gitweb 04:02 rangi yep 04:04 rangi our git server is patched 04:06 dcook rangi: By patched, do you mean down? 04:06 dcook That sounded rude. Sorry. git.koha-community.org appears to be down. 04:06 rangi git fetch just worked for me 04:07 dcook Hmm, me too 04:07 dcook The website won't load though :/ 04:07 dcook In a browser 04:07 dcook Or... 04:07 dcook now it is 04:07 dcook That's interesting 04:09 rangi you might have caught it when it was hupping apache 04:10 dcook Might've been something on my end as well I suppose 04:10 dcook Seems a bit slow over here at the moment 04:46 dcook [off] Oh... I would like the last 5 minutes of my life back please: http://io9.com/scorpion-brings-the-stupidest-most-batshit-insane-hack-1638333877 04:47 eythian ah yeah, that was terribawesome 04:48 dcook I want to cry but I can't. 04:49 dcook Maybe a shower? 04:49 * dcook shudders 04:49 * dcook goes back to his Norwegian post-rock and refuses to click anymore links or watch any videos. 04:52 eythian I'll stick with my Norwegian gothic metal for now. 04:52 dcook Pretty much everything Norwegian is just great 04:52 dcook Well, except Norwegian owned fisheries on the North American west coast 04:52 dcook They're not so good 04:52 dcook They're bad. 04:53 eythian I have no experience with them 04:53 dcook Overfishing the local salmon :( 04:54 eythian ah right 04:56 dcook eythian: Are you a Java fan? 04:56 eythian I know it, that's as far as I'll commit to 04:57 dcook Cool. I seem to recall a Koha person being a Java fan, and I didn't want to grump around them too much :p. 04:57 eythian heh 04:59 dcook Actually, it's mostly just Tomcat. Bleargh, Tomcat. 04:59 dcook Btw, what was the Norwegian gothic metal, eythian? 05:00 eythian Sirenia 05:00 eythian http://youtu.be/ouZQ7rgAq-I <-- e.g 05:00 * magnuse never heard of it 05:01 dcook The name sounds really familiar 05:01 eythian magnuse: but metal is your country's main export 05:01 dcook hehe 05:01 magnuse i know, my bad probably 05:01 eythian actually, that youtube track is from their newer, wussier stuff. 05:02 dcook I keep thinking that I listened to them a bit in... 2007? 05:02 dcook Hmm, I have heard this song before though 05:02 eythian this came out after then, iirc 05:02 dcook Looks like they changed singers in 2008, me thinks 05:02 eythian that'd be about right 05:03 * magnuse wanders off 05:03 eythian http://youtu.be/dwoeKyqdNyg <-- that's from 2004 05:03 dcook I keep thinking there is another Scandinavian metal band I used to listen to around then that had a similar sound.. 05:03 eythian magnuse: later for now :) 05:03 dcook magnuse: We can talk about other things too :D 05:04 eythian dcook: there's quite a few in that category 05:04 dcook hehe true 05:04 dcook That's what makes it more difficult to recall who they were 05:04 eythian Nightwish is the most well known, probably 05:04 dcook Aren't they Finnish? 05:04 eythian in that general genre 05:04 gmcharlt http://koha-community.org/about/policy/code-of-conduct/ 05:04 * dcook wonders if there is something in the code of conduct about not talking about metal 05:04 eythian dcook: they are 05:05 eythian I was thinking the same :) 05:05 * dcook is pretty sure he has a note somewhere with their name.. 05:05 dcook hehe 05:05 eythian however, I'd have to patch it out I think. 05:06 eythian dcook: there's also a lot of stuff like that coming out of the Netherlands. 05:06 dcook Hmm, I think they were actually Polish 05:06 dcook Unsun, I think 05:08 * eythian listens 05:09 eythian ooh, neat 05:09 eythian heh, every "related artist" is something I have. 05:09 eythian I'm surprised I haven't encountered this before. 05:10 eythian google music only has one album :/ 05:10 dcook :/ 05:10 dcook Yeah, I can't remember how I heard about them 05:10 dcook It was definitely around 2007 though 05:10 dcook 2006-2010 were big metal years pour moi 05:11 eythian '08 apparently 05:14 dcook Hmm, I suppose that's possible 05:16 mtj hey #koha, is having a default submit button set for the catalogue tool a feature, or a bug? 05:16 dcook default submit button? 05:16 eythian if you mean what I think you mean, most likely a bug. 05:17 eythian but I'm not sure I know what I think you mean. 05:17 mtj eythian: i bet you do knwo what i mean :p 05:17 eythian hi cait 05:17 dcook hey cait 05:19 mtj hiya cait 05:19 cait :) hi all :) 05:19 mtj we've got a workflow problem where someone is using a barcode scanner to enter ISBNs , when cataloging 05:20 mtj ..scanner magically sends a return, after the isbn... and form gets accidentally submitted - oops! 05:20 dcook Mmm, I think Nicole already opened a bug for that 05:20 dcook I just applied that patch a few weeks ago I think 05:21 mtj nice one, dcook 05:21 rangi gmcharlt++ 05:21 dcook Of course, I could be crazy.. 05:22 mtj i was thinking ... just use JS to fix it - but it feels like its a bug to me 05:23 dcook Looks like I applied a different patch 05:23 dcook Which prevented submit from a carriage return when using a barcode scanner to enter a patron's barcode in the patron record 05:23 gmcharlt http://koha-community.org/koha-community-adopts-code-of-conduct/ 05:23 mtj if there is one screen/form in koha that shouldnt have a default submit, its prolly the cat tool 05:23 cait gmcharlt++ 05:24 cait mtj: could you change the scanner configuration? some can be programmed by barcode type 05:24 dcook mtj: Depending on your version, a fix might be as easy as adding "class="noEnterSubmit"" to the input 05:24 dcook cait: You'd probably want to use the carriage return for circulation though 05:24 dcook So I guess it depends on the size of the library and where they do their work.. 05:24 mtj agreed dcook 05:24 dcook But yeah. What cait said :) 05:24 cait and if they use the same barcode type for their items thatis isbn :) 05:25 dcook [off] Man... Tomcat why are you no fun... 05:25 mtj yes, scanner could (perhaps) be reprogrammed too 05:26 eythian well no, it'd make the most sense for it to go to the next field 05:26 eythian and submit if it's the last field 05:26 eythian (at least, imo) 05:26 dcook I was just programming a scanner the other day, and it did have an option of adding a tab instead of a carriage return 05:26 dcook I guess that might be why 05:27 dcook mtj: Can't find the Nicole bug, but I swear she reported that... 05:29 mtj any behaviour other than a default submit, is a good fix 05:30 mtj np dcook, i'll try to catch her on irc 05:49 cait @wunder Konstanz 05:49 huginn cait: The current temperature in Taegerwilen, Taegerwilen, Germany is 10.6°C (7:35 AM CEST on September 25, 2014). Conditions: Light Rain. Humidity: 93%. Dew Point: 9.0°C. Pressure: 30.09 in 1019 hPa (Rising). 05:50 eythian @wunder nzwn 05:50 huginn eythian: The current temperature in Wellington, New Zealand is 13.0°C (5:30 PM NZST on September 25, 2014). Conditions: Mostly Cloudy. Humidity: 77%. Dew Point: 9.0°C. Pressure: 29.86 in 1011 hPa (Steady). 05:50 eythian hmm, it's after 5:30. Time for some patching to happen. 05:50 dcook ? 05:51 eythian I prefer to wait until after hours to do patching of things 05:51 dcook Fair 'nuff 05:52 eythian especially as some of them have slow internet 05:53 dcook Speaking of slow... 05:53 * dcook glares at Tomcat 06:05 eythian dcook: when do you leave for holiday? 06:10 dcook eythian: Tomorrow after work :) 06:10 eythian nice :) 06:11 dcook Rather excited :D 06:18 cait dcook: have a nice time :) 06:27 eythian there we go, swervers all patched 06:36 reiveune hello 06:41 dcook eythian: Finally saw the email to the list ;) 06:41 eythian heh 06:41 dcook I can't believe I've been working on this server all day... 06:41 dcook This should've taken maybe an hour.. 06:43 alex_a bonjour 06:43 dcook salut alex_a, reiveune 06:44 reiveune salut dcook 06:55 fridolin hie all 07:19 Joubu hello 07:19 wahanui salut, Joubu 08:09 cait good morning #koha 08:16 fridolin hie cait good morning 08:18 cait hi fridolin :) 09:38 paxed koha-tmpl/intranet-tmpl/prog/en/includes/strings.inc: var REASON_UNKNOWN = _("reason unkown"); typo: "unkown" 09:45 cait paxed: can you please file a bug? I think just posting here it will get lost 09:45 cait and it would make a good bug for a beginner 09:45 cait maybe at hackfest 09:47 paxed from a translation viewpoint, that strings.inc needs to be reworked anyway. 11:25 Andy Hi there 11:25 wahanui hi, Andy 11:25 Andy I need help 11:25 Andy I am making patrons 11:25 Andy (students) 11:25 Andy but when I try to login using the ID and password 11:25 Andy I get this Error: You do not have permission to access this page. 11:26 Andy I get it. It's the permission issue but I have given the circulation permission to this user, but still I am getting this error 11:27 Andy Anybody there? 11:48 chris_n mtj: ping 11:52 oleonard Hi #koha 11:53 chris_n Andy: try giving your user borrowers permissions 11:53 chris_n heya oleonard 11:53 wahanui oleonard is still here, if you just wish hard enough. or Koha's master UI designer 11:57 Andy @chris: It only worked after adding: catalogue Required for staff login. Staff access, allows viewing of catalogue in staff client. 11:57 huginn Andy: downloading the Perl source 11:58 Andy Is this okay? 11:58 Andy My question is for a question what are the basic permissions we should give? Koha sucks if there is no permission list for students. 12:03 chris_n Andy: expressing opinions such as "Koha sucks" will probably not encourage the folks here to be of much help. But maybe you should have a look around the FAQ on the website: specifically this one: http://tinyurl.com/lvfna3j 12:04 jcamins Andy: if you are giving your students access to the staff client, then yes, you will need to follow the instructions that say to give your staff catalogue and staff_access permissions. 12:05 Andy for students, I just want them to check out/check in books and nothing else 12:05 Andy but when I give them only check out and check in permission the system won't let me sign in 12:06 cait Joubu: shoudl 11876 be pqa or do you want someone to take a look at the follwo up? 12:07 chris_n Andy: http://tinyurl.com/mjo2tec 12:07 Joubu cait: I wait for an answer from Maxime 12:08 Andy chris_n this is self checkout 12:08 Joubu cait: I let a note ;) 12:09 cait Andy for self checkout you need staff user to login with, the students need no permissions 12:09 oleonard Oh jeeze you guys I just realized Koha sucks. I'm outta here. 12:10 cait Joubu: saw your comment just now sorry 13:42 Shane-S Has anyone added Kindle's into their systems? I am thinking of doing that so I can check-out and check-in borrowed kindles. 13:44 oleonard Shane-S: We have added other equipment, like laptops and bicycles. 13:48 oleonard http://search.myacpl.org/cgi-bin/koha/opac-detail.pl?biblionumber=324410 13:48 oleonard http://search.myacpl.org/cgi-bin/koha/opac-detail.pl?biblionumber=289796 13:58 Shane-S hmm...i guess now the question is...since I don't mess with Koha much (I just got it running), can I set-up special checkout rules separate from normal library media rules? 13:59 oleonard Shane-S: Yes. Assign those items a different item type and create a separate circulation rule for that item type. 14:00 Shane-S oleonard: ty, I will go play! 14:04 Shane-S seperate question i used packages...can I get from 3.12 to 3.16 easily (I wanted to do it this summer, but it got shelved for about 30 other projects) 14:04 Shane-S Likely a Winter Break project now 14:19 Shane-S oleonard: will having this rule allow 3 checkout total (2 anything, 1 tablet) or will it only allow 2 max (1 anything, 1 tablet).... 14:20 Shane-S oleonard: tablet (item type) current checkouts: 1 load period: 7 ; all (item type) current checkout: 2 load period: 7 14:21 oleonard I don't know Shane-S 14:21 oleonard Give it a try 14:36 druthb wahanui: botsnack cookie 14:36 wahanui thanks druthb :) 14:54 Shane-S oleonard: what MARC framework did you use for the laptops? 14:55 oleonard Probably the default. You can look at the links above and download the MARC record if you're curious how our catalogers did it. 14:56 Shane-S okay, I was just curious if they made a new one....but this looks way over my head (understanding all the codes). 14:57 oleonard Actually Shane-S now that I think about it they probably composed the records outside of Koha and imported it 15:01 Shane-S I just made a new type based on the default and I am removing some obvious stuff that is useless..like bibliographic fields 15:04 oleonard Shane-S: Why are you creating a new framework? 15:05 Shane-S I though I would need to, since it is an electronic device and many fields are not needed, like bibliographic and library of congress type of things 15:07 jcamins Shane-S: how many electronic devices do you plan on cataloging? 15:07 oleonard Shane-S: I would only create a new framework if it helps with the workflow of frequently adding items of that type 15:08 Shane-S oh...right now at most 20 15:08 oleonard Shane-S: The other reason might be if the default framework had *required* fields you didn't want to populate. 15:08 jcamins (and if you are cataloging enough to justify a new framework, please feel free to send me some of the devices you're deaccessioning:) 15:08 Shane-S however, when we go 1 to 1, I am thinking Koha would be great to "sign out" student chromebooks for the year 15:09 jcamins Shane-S: you're likely to spend more time making a framework than you would cataloging items, I'd think. 15:09 jcamins If you have, e.g., 20 iPads, you'd still only want one record so that people could figure out what to place a hold on. 15:09 Shane-S yeah, I am seeing this as I go through the fields...I notice many say [Obsolete] 15:10 Shane-S oh GTG, 3 pallets just came in...be back 15:10 * oleonard thinks 3 pallets? That's a lot of Kindles 15:32 reiveune bye 16:52 indradg @seen Joubu 16:52 huginn indradg: Joubu was last seen in #koha 4 hours, 44 minutes, and 28 seconds ago: <Joubu> cait: I let a note ;) 16:53 indradg Joubu: around? 16:54 * Oak waves 16:54 rambutan hey Oak 16:55 Oak hello rambutan ! 16:55 Oak magnuse 16:55 * indradg waves 17:12 magnuse Oak 17:14 Oak \o/ 18:36 oleonard Ugh. Bug 6279. 18:36 huginn 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=6279 major, P5 - low, ---, m.de.rooy, Needs Signoff , Can't delete lists from the second page of lists in the OPAC 18:37 oleonard The latest patch is an improvement, but not a complete fix. 18:37 oleonard ...and everyone that looks at the code says "Wow this code really should be re-written!" 18:38 oleonard Who wants to re-write the lists feature from scratch? Anyone? 18:38 oleonard It's all just a big database! ;) 18:39 cait heh 18:39 cait with insane rules... 18:40 magnuse how hard can it be? 18:42 cait :) 21:03 wizzyrea oh you guys. 21:12 cait hm? 21:12 * wnickc waves so as not to disturb the silence 21:13 wizzyrea naw, make a big noise! 21:13 wizzyrea Hello #koha! 21:14 wizzyrea it's a beautiful day, the world still turns, and making library software is awesome! 21:14 bgkriegel_ Hi wizzyrea :) 21:14 wizzyrea ...and I don't even owe the awesome jar 21:14 wizzyrea see, a happy day. 21:15 wnickc :-) 21:16 wnickc It is at that 21:19 bgkriegel_ cait? 21:19 wahanui i think cait is just silly on a train again 21:19 wizzyrea hehe 21:19 wizzyrea wizzyrea? 21:19 wahanui you are a Cylon, and they all have plans. 21:19 * wizzyrea nods 21:26 jmsasse wnickc: what's happening, bro? 21:28 cait here :) 21:29 wnickc Hi jmsasse 21:31 wnickc not too much going on ehre, looking forward to a long weekend 21:31 wnickc how are you? 21:32 jmsasse Ready for a looonnggg weekend but don't have one coming. 21:36 jmsasse I'm off to a Plum Creek 40th anniversary thing tonight. 21:37 jmsasse Later. 21:42 wnickc bye #koha, have a good weekend! 21:42 wizzyrea oh that latest email to the list... buuuurn. 22:06 rangi and upgraded bash again 22:07 wizzyrea oh is it out now? 22:07 rangi seems to be 22:07 rangi and the search email? 22:08 wizzyrea yeah 22:08 wizzyrea ah yep so it is 22:08 wizzyrea koha-community.org update 22:08 wizzyrea d* 22:08 rangi i just did git, doing bugs now 22:09 wizzyrea funny because I checked about 40 minutes ago and it wasn't there 22:10 tcohen hi rangi wizzyrea 22:10 wizzyrea hi tcohen :) 22:10 cait hi tcohen 22:10 wizzyrea hi cait :) 22:10 tcohen hicait 22:10 cait hi wizzyrea 22:11 rangi hi tcohen 22:16 wizzyrea debian anyway, ubuntu is "not yet" 22:16 wizzyrea HOPEFULLY SOON JEEZ 22:17 tcohen ubuntu upgraded bash today 22:17 tcohen is there a new patch? 22:17 wizzyrea yeah another 22:17 wizzyrea for more similar problems 22:18 wizzyrea more, similar, problems. 22:21 wizzyrea I wonder if the librarians at that library are using a different default search, or changing the search to one that doesn't work. It does seem unusual that it wouldn't come up with a barcode 22:21 wizzyrea for example: if you put a barcode into a title search, it wouldn't come up with the item. 22:24 rangi true 22:28 eythian hi 22:28 wahanui hi, eythian 22:40 tcohen hi eythian 23:21 bgkriegel_ cait, still around? 23:29 bgkriegel_ @later tell cait master DE staff, Administration > Systemparameter > Kataloganreicherung, Alle section, there is an untranslated "NOTE: you can...". Do we have a bug number for this? 23:29 huginn bgkriegel_: The operation succeeded. 23:30 cait hi bgkriegel :) 23:30 cait i am not aware of a bug for it 23:32 tcohen bgkriegel_: are the new guided reports strings appearing? (master) 23:35 eythian cait: go to bed 23:35 cait :) 23:35 eythian also, hi :) 23:35 cait hi there 23:35 cait oh 23:35 tcohen ? 23:36 cait wizzyrea: do you remember that thing we had on the website for bit? it gave you 2 bugs and you picked the more important one 23:36 cait i am not sure it was officially there, but i am trying to find out what that was :) 23:36 tcohen cait is trying to adjust to Argentina's tz, to avoid jetlag 23:36 cait yep 23:36 tcohen :-P 23:37 wizzyrea yes, I do and I do not remember what it was... 23:37 cait ah :( 23:38 wizzyrea buuuuuuut I might have IRC logs from when we talked about it :P 23:39 cait :) 23:39 wizzyrea I do remember this 23:39 wizzyrea rangi might remember too I thought he set it up 23:40 wizzyrea some weird web service. 23:40 rangi nope 23:40 cait rangi? :) 23:40 rangi no idea 23:40 cait lol 23:40 cait it was cool! 23:40 cait how can you forget that :) 23:41 rangi there is ideaforge now 23:42 rangi hmm no, thats not what i was thinking of 23:43 cait it got data out of bugzilla 23:43 rangi ideatorrent 23:43 rangi hmm bountysource gets ideas out of bugzilla 23:43 cait it was kind of a ranking thing 23:43 wizzyrea yeah that was a different thing 23:43 cait you picked one out of 2 23:43 cait and it ranked 23:43 rangi https://www.bountysource.com/trackers/367557-koha 23:44 rangi nope cant rememeber 23:44 cait lol 23:44 cait i think it was blue :P 23:44 wizzyrea http://ideaforge.io/about/ 23:45 wizzyrea ... but i'm sorry I really don't know 23:45 wizzyrea ooh but I just thought of somewhere to look. 23:45 rangi yeah thats from aimee who is cool and eythian's friend 23:58 bgkriegel__ my nick is getting longer 23:58 bgkriegel__ tcohen: which strings?