very very free

I like to very thing if I'm able to do the work.

I'm already in party mode.

I almost forgot why I came here.

apt install moo && yum pacmen.then.do? pacman install freebsd.to : moo.

if we only allow public key ssh in, any good reason user accounts should still have a pw?

polyex: sudo

what if it's an account that i never sudo to? i ssh in to it with pubkey then i sudo to other accounts

passwordless sudo to other accounts sounds like more of a problem than the account itself having a password it doesn't use for anything else

no, no. i publickey ssh into an account, then sudo (WITH PASSWORD) to other accounts. so any reason to keep a pw on the account i ssh into?

polyex: sudo uses that account's password, not the target account's password

If you're talking su, then that's a different story.

Does FreeBSD use PAM with sshd and crond to ensure that an account has a password set?

lol my bad

I'm more used Linux, so I really don't know yet.

psychonate: There's the same UsePAM in sshd_config that everyone has.

if an account can sudo as root without a pw should the account still have a pw?

polyex: Then that account *is* root, effectively, and it should have a password. I don't see a downside to having a password, vs "hey, you got to my console, now you win"

what if the sudo spec is user ALL=(ALL) NOPASSWD: ALL?

Sounds like locking the doors but leaving the key in the ignition.

ya i dont like it. i dont know any other way to let ansible configure my system

ill ask in their chan again maybe there's something new

unable to install a flash disk drive

not bootable,

I sad, I shall quit this room.

No more free wine, for me.

ya there's no better way psychonate

feels weird to me too but that's how ansible works

I was a 7.141592 FreeBSD fan, either now I'm not on this channel anymore, or I should be very quiet.

we want to improve freebsd torrents with btv2 among other things, anyone wanna help?

Don't most ISPs and hosting sites rate limit or block torrents these days?

not webtorrents, no

but freebsd torrent packaging is uh. well it completely sucks for webtorrents.

kinda hard to support freebsd when it's packaged in such a deeply incompatible way.

(it's a simple fix, tho potentially non-trivial)

is there a compelling reason to use UEFI with FreeBSD?

Because it's the only option in some cases?

hmmm. even on a single-boot machine?

There's probably systems which don't offer legacy boot? I haven't seen any myself but I would assume by now they exist?

fortunately, the system in question supports both

how do we remove the pw for a user? so the only way to access it is through pubkey ssh

what command do I need to run to identify the bluetooth devices available on my laptop.

we're gonna sleep, trans rights o/

re lo

who will be attending EU BSD con in Vienna

chargen

you left before i could tell u the channel on efnet dude

hey

oh sorry. I joined efnet and #freebsd but only 30 were there (all asleep)

pm

ok

Howdy

howdy yourself Bsims

I'm still learning BSD. I've ran Debian for over 20 years. I actively dislike systemd

ya go hello yourself

Heh polyex I heard that makes hair grow on your palms

Bsims, I'm one part of you, we make all-one in the universe.

I think Joe Biden wear nikes.

Lol raising my kid right. Das 6yo prefers unix to windows for the KDE Mr potato head clone

Beside the fact he likes sport

And I do.

It's too Herlea, for me.

hmz

I do archery and pistol shooting as my sports

nice

Bang!

They.

she

is there any better way to disable user login than setting its shell to /usr/sbin/nologin?

you mean to stop probing at certain usernames/accountnames that may be processes?

ya stuff like that

i found 'pw lock' i'll read on that

oki

i wonder if an account that's been locked can still have services run as that uid

im gonna try it

good one

what command do I need to run to identify the bluetooth devices available on my laptop.

i have lenovo t430 i5-3380 quad core

identify the hardware

maybe ls /dev/<bt driver> ?

i disable bt so i dunno about using it sorry

no go but thanks polyex: :-)

:(

lsbth would be nice ey

no go but wireless lan 03:00.0 Network controller: Intel Corporation Centrino Advanced-N 6205 [Taylor Peak] (rev 34)

thanks Chargen: :-((

the card has no wifi.

I'll check out what other wifi cards that I might have

it's dirty but if you grep dmesg for bluetooth that might say stuff

I cant connect to lan its showing re0 state link up/down in loop it was working when i installed first time

PAUL007: sounds very much like a faulty NIC, but you can try net/realtek-re-kmod as a replacement driver to see if that works better.

net/realtek-re-kmod is the completely unmodified version of the driver from Realtek, whereas the one in FreeBSD has been modified to make use of iflib and had various other changes toit.

s/it./\ it./

Soni: wiki.freebsd.org/Torrents

Title: Torrents - FreeBSD Wiki

debdrup how do i install it

it dosent shows my wifi interface now which was on installtion menu

debdrup: yeah that sucks for this

Hello, I observed on my NAS (13.1-RELEASE-p2) that a find (termbin.com/xdeu) command runs and causes many IO operations on my pools which are separated to zroot. During installing this machine I checked the periodic scripts with "grep -R find /etc/periodic/ /usr/local/etc/periodic/", figuring out which of them are using a find command. I disabled additionally to the defaults

daily_clean_disks_enable, weekly_noid_enable, security_status_chksetuid_enable and security_status_neggrpperm_enable. I grepped through the whole system but couldn't really figure out where this is coming from. Probably there are shell variables in use and this find is puzzled together in the yet unknown shell script. Also, I didn't manage to catch the whole find command line because I wasn't fast

enough at that time. Does anybody have some hint here? Thanks in advance!

My nearest guess would be maybe /usr/libexec/locate.updatedb

vidcontrol doesnot show any modes

But I checked it is also disabled in periodic.conf.

debdrup: would like to ship freebsd with distrorrent.github.io but freebsd packaging sucks for it

Title: Distrorrent

notactionable statement.

Hi! I have small FreeBSD virtual machine at Hetzner, installed long time ago. Recently I upgraded it to 12.3-STABLE/amd64 via source upgrade. I have IPSec tunnel to the VM and the VM acts as router with NAT for traffice coming from the tunnel, serving it as some kind of LAN. It works using vtnet0 interface as external one. I use ipfw nat and vtnet0 has TSO disabled. However, I found that routing speed is very low unless I do: ifconfig vtnet0 -rxcsum, in that

case speed increases 10x upto 100MByte/s for some large https transfer and it decreases back to about 130KByte/s if I do: ifconfig vtnet0 rxcsum

s/100Mbyte/10Mbyte/

still, the difference is quite big

How do I debug this?

sometimes lan dosent work , shows waiting for route info dhcp 30s ...

something to change in router ?

check wires

if it is wired net

wire is fine shows connected

now its working i restart netif service

vesa module shows fail to register and cant change resolution

AFAIR vesa driver does not support changing resolutions in X.org

you need vendor driver for resulution control in X

i need to change tty resolution

which version do you use?

13.1

000000000000000000000000

Ooops.

hindsight: being able to spot horse hooves

clopping on the street and 0identify10 1t0he sound from

100-150m away. I'm not sure I'd have heard or noticed it

Grr.

Soni: the project used to host torrents, but the web seeds had at least one rce which combined with a zero-day privesc led to what's described in detail here: freebsd.org/news/2012-compromise

Title: FreeBSD.org intrusion announced November 17th 2012 | The FreeBSD Project

debdrup: huh, neat

debdrup: we have a hard time believing you tho - webseeds are just hotlinks, really

Soni: maybe it was just a regular torrent client that had an RCE then.

sure, that happens all the time

I suggest you discuss it with so@

it's (much) less of an issue when it's running in the browser, ofc

I doubt there's going to be much in the way of change.

the biggest issue with torrents is SHAttered but there's BTv2 which solves that (ofc it's still hard to find BTv2 support and e.g. webtorrent doesn't currently support it)

It's a moot point, because getting something largely untested stood up on project infrastructure, when a former variant of it was likely the culprit in one of the very few compromises the project has happened, probably means it isn't gonna happen until after the heatdeath of the universe.

s/happened/had/

There's plenty of ways to download FreeBSD, and if webseeds as you say are just direct links, then I don't see how you're prevented from creating torrent files with direct links as the URI structure isn't likely to change and can be found in manifest files last I checked (the checksum files, specifically).

There's always wiki.freebsd.org/Torrents

Title: Torrents - FreeBSD Wiki

debdrup: they're just direct links but for webseeds to work with webtorrents (which is tbh mostly optional and we're happy to work around it if we need to) they need Access-Control-Allow-Origin: *, aka CORS

but that's mostly for mirrors to figure out

(does freebsd have mirrors?)

yeah

it'd be nice if freebsd provided official .torrent files but eh :shrug:

is this considered the "official best way" to jail GUI applications? wiki.freebsd.org/JailingGUIApplications

Title: JailingGUIApplications - FreeBSD Wiki

Soni: how often do you download isos to rquire official torrent links

How can I list all packages installed from ports?

sshow: pkg info

mason: I can't seem to filter out packages built from ports/source

Ah, I don't know that there's a real distinction.

I want to know what packages I've built from source :)

s/real/recorded/

rtprio: as often as fucking up the install XD

sshow: packages installed from remote repository seems to have the following line in info: repo_type : binary

I think I get the results I want from `pkg query '%n %R' | grep -v FreeBSD`, where %R is the source repository ('unknown-repository' for non-matches)

why does `service -e` dump warning into /var/log/messages "/usr/sbin/service: WARNING: $ is not set properly" how tf do i debug that?

polyex: for $ or other services?

what?

i get a bunch of /usr/sbin/service: WARNING: $nsd_enable is not set properly - see rc.conf(5). but not for '$'

what are you setting wrong?

i think it's just a message when they're unset

if everyone has those warnings what are we doing wrong?

look at checkyesno in /etc/rc.subr

WARNING: $sndiod_enable is not set properly i get that 1 too

hmm

i don't think it's harmful

shouldn't these have settings in /etc/defaults/rc.conf set properly?

well ya but still

if they were in base they would, but most of mine seem to be in /usr/local/etc/rc.d

like i have git installed but wtf would i git_daemon_enable. and obvs there's no default in /etc/defaults/rc.conf

oh wow most (all?) of my warns come from /usr/local/etc/rc.d too

so maybe it's flakey packages

so to silence them set all them _enable=NO

can packages with a default rc.d script include defaults?

yes, they do, but _enable isn't one of them, unset it's assumed to be false

like should git_daemon_enable=NO be in /usr/local/etc/rc.d/git_daemon

it does: : ${git_daemon_enable:=NO}

so why the warn?

i'm not sure

dont make sense man

F/win

?

How does one create a znode in C? I have `znode_t i;` to initialise the variable, and I am running `cc` with `-I /usr/lib/libzpool.so`, but I am getting `error: use of undeclared identifier 'znode_t`. What do I need to import to aloow me to crreate `znode`s?

there will be a declaration for that typedef and the (likely) struct it uses, in some .h file. You'll need to find that and #include it

grep -r of /usr/include didn't turn it up, looking here on 13.1, FWIW

But it might be there in /usr/src somewhere. I seem not to have a box with that populated.

Files located via "locate" in stable/13 tree : termbin.com/pxt0

jgh, mason, thanks, I’ll take a look in /usr/include or /usr/src. I was looking in /usr/lib

Oh, right, and that was a declaration issue, not a definition. Missed that.