From bfacd52f6fda0d44faa6b5babae8326dbc0dc883 Mon Sep 17 00:00:00 2001 From: dzwdz Date: Sun, 23 Jul 2023 19:56:25 +0200 Subject: add the our article --- src/our.md | 180 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 180 insertions(+) create mode 100644 src/our.md (limited to 'src/our.md') diff --git a/src/our.md b/src/our.md new file mode 100644 index 0000000..de507ac --- /dev/null +++ b/src/our.md @@ -0,0 +1,180 @@ +--- +title: /town/our, a tildebrained irc bot +date: 2023-07-23 +--- + + + +tl;dr: `` is an IRC bot on tilde.town. Commands are just executables in a +world-writeable directory. If you're on town, you can create new commands just +by putting a script in `/town/our`. + +Lowering the barrier to entry by so much gave us a pretty nice bot ecosystem, +and has just proven to overall be a bunch of fun. + +## genesis +``` +2022-04-19: +18:56 i like the idea of having every command be a separate binary +18:59 it does make for rather composable programs (in some cases) +18:59 netcat is neat +18:59 i meant in a [irc] bot +18:59 you could create new commands very quickly +[...] +19:01 wait do we have bwrap on here +19:01 idea: a bot which works like this +19:01 where the command directory is public +19:01 so anyone could drop a script there to create a new command +19:01 sounds pretty cool +19:01 very pubnixy +19:03 every command gets run with arguments specifying the user that called the command and (if necessary), additional arguments to the command +``` +Basically, at the time I've been thinking about making an `sh(1)` bot framework +which would store each command in a separate script. But, I've realized: + +1. if the commands are in separate scripts, they could as well just be arbitrary executables +2. the command directory could be world-writeable + +I grabbed a basic Ruby bot framework I've made the other day, and quickly +prototyped [jsbot](https://drewdevault.com/2021/03/29/The-worlds-dumbest-IRC-bot.html)'s +weird cousin. + +``` +19:49 --> our (beep boop) (dzwdz@localhost) has joined #tildetown +19:49 our/greet +19:49 hi dzwdz!dzwdz@localhost from #tildetown +19:49 \o/ +19:49 /home/dzwdz/code/town/our/cmds +19:49 world writeable +19:49 have fun +19:50 <@vilmibm> whee +``` + +Others soon started playing with it. [~vilmibm](https://tilde.town/~vilmibm) +immediately made some commands in Go, for example. + +``` +19:56 our/../../../../../../../bin/ls +19:56 hm! definitely thought that would work :P +[...] +19:56 first off +19:56 how dare you assume i'm such a bad programmer +19:56 second off +19:56 our/../../../bin/echo lol +19:56 dzwdz!dzwdz@localhost lol #tildetown + +20:13 <@vilmibm> dzwdz: i linked /home/dzwdz/code/town/our/cmds to /town/our +``` + +## another (kind) bot + +After making the proof of concept bot, I just left it running with no other changes. +If it ain't broke, don't fix it. + +Except it was broke and I wasn't fixing it. Thus, [~kindrobot](https://tilde.town/~kindrobot) +took over. + +``` +2022-08-24: +04:01 our/timefor dzwdz +04:01 Wed, 24 Aug 2022 06:01:15 +0200 +04:14 dzwdz: (when you wake up) for your consideration: I added forking, a persistence data dir, and limited configuration to our. You can check it out in #bots +04:15 You can use "your/..." followed by "your/town" (or any other command) to test forking +04:15 You can use "your/count" to test persistence. +``` + +
+ +...then `our` got her a job at Wikimedia. + +``` +2022-10-13: +19:59 When I was interviewed at Wikimedia, I talked about the "our" project that I've contributed a bit to. It seemed like the most relevant to what they were doing which is user defined functions for Wikipedia. +19:59 i can't believe i got the job at wikipedia +19:59 Yeah good job dzwdz :) +``` + +## sample commands +Look, our is just like any other IRC bot, and the commands people have made are +about what you'd expect. +Some are just typical utility commands: +``` + our/timefor dzwdz + Sun, 23 Jul 2023 18:47:44 +0200 + our/w Kraków + Cracow, , Poland | Sunny 28°C (82°F) (feels 29°C (84°F)) | 33% humidity | 1012 hPa +``` + +Some are fortune-style commands. +``` + our/qotd + 00:50:58 "i like to practise my bakery baking bakery in the bakery" + our/plan9/fortune + Did you know ... that no-one ever reads these things? +``` + +Some play well-known sports. +``` + your/ping + our/pong + your/ping + our/pong + your/ping + our/pong + your/ping + our/pong +``` + +The one I personally use the most, though, is `our/sh`. It's handy both to +explain \*nix stuff live, and to just do all sorts of ad-hoc stuff. + +``` +2023-07-23: +[...] [someone was learning about /dev/shm and tmpfs] + /dev/shm IS tmpfs + our/sh grep /dev/shm /proc/mounts + tmpfs /dev/shm tmpfs ro,nosuid,nodev,inode64 0 0 + +2023-07-24: + i'm going to try to write a small article about our + how bad of a title is "/town/our, a tildebrained irc bot" + also does anyone have #tildetown logs from around 1650394568 + our/sh date -d @1650394568 + Tue Apr 19 18:56:08 UTC 2022 + login, maybe? +[~login did turn out to have the logs. thanks for sending them over <3] +``` + +## "sandboxes are for little children with tonka trucks" + +``` +2022-04-20: +14:37 our/sh rm * +14:37 nico what the fuck +``` + +First off---don't get the wrong idea here. This wasn't malicious. +[~nihilazo](https://itwont.work) was just messing around, knowing that I +implemented sandboxing. +(also, note that this happened not even 24 hours after the bot went live) + +But yeah, it's safely sandboxed using [bubblewrap](https://github.com/containers/bubblewrap). +The entire filesystem is remounted ro, except a single directory for persistent +data, a fresh `/tmp/`, and a fresh devtmpfs (for `/dev/null`). +The uid is also spoofed to 0, but that's just for shits and giggles. + +That being said, the IRC is only accessible internally, so if you can send `our` +commands, you can also just run the commands yourself. Everything's logged, too. + +## where's the source +If you must, the source's at [git.tilde.town](https://git.tilde.town/kindrobot/our). +Note that: + +* I believe that version is outdated +* the `cmds/` directory in the repo only includes a small subset of **old** commands +* it's still, at its core, a hastily thrown together proof-of-concept -- cgit 1.4.1-2-gfad0