00:00:56 <jb1277976_> Thanks koobs
00:29:03 <\dev\null> Hi all
00:37:27 <koobs> \dev\null: o/~
00:39:32 <\dev\null> :)
04:36:05 <jmnbtslsQE> seeing a strange issue trying to configure nat in vnet jail on only certain hosts: ipfw: setsockopt(IP_FW_NAT44_XCONFIG): Invalid argument
04:36:44 <jmnbtslsQE> looking at the code..is there any guide on how to write data to the console or some other good way to report data from inside the kernel?
04:37:29 <jmnbtslsQE> want to examine what's happening inside ipfw_nat_cfg in sys/netpfil/ipfw/ip_fw_nat.c
04:49:44 <jmnbtslsQE> hmm, i guess i can just use printf
04:56:04 <V_PauAmma_V> man 9 log
04:56:29 <kevans> printf is my personal favorite
04:57:55 <jmnbtslsQE> thanks
05:12:54 <jb1277976_> Back on freebsd koobs w/Current i decided something. i've given almost 3 days trying to fix my internal mic issue. i've reinstalled freebsd 3x ghostbsd 2x and linux 2x lmfao!! i really want freebsd so im going to buy some dongle thing thats a mic that plugs into usb or my headphone  jack and call it a day. something small
05:13:11 <jb1277976_> i've leanred about my system i can tell you that. i can be up on freebsd in 30 mins from a clean install
09:01:47 <angry_vincent> whats the best practicefor ZFS NFS share to allow write on pool? i could do simple permission change to allow writing from nfs client, but is there a better approach
09:02:39 <angry_vincent> it is local network, so that i do not mind dumb ways
09:51:16 <PredatorONormies> Hello!
09:51:41 <PredatorONormies> Is FreeBSD vulnerable to the new serious OpenSSL Heartbeat 2.0 bug?
10:14:48 <debdrup> FreeBSD isn't using OpenSSL 3.x, so no.
10:15:13 <V_PauAmma_V> FreeBSD base has OpenSSL 1.1.1o (in 13.1), not sure offhand about ... what debdrup said.
10:15:22 <debdrup> Well, that's assuming that it doesn't apply to 1.x, which is the version FreeBSD uses.
10:16:34 <V_PauAmma_V> AFAIK, report was only for 3.x.
10:17:01 <debdrup> The pre-announcement only mentioned 3.x which means people assume it only applies to that.
10:23:44 <V_PauAmma_V> https://twitter.com/iamamoose/status/1584908434855628800 says versions < 3. It's from "the Apache Software Foundation (ASF)'s VP of Security", per https://www.zdnet.com/article/openssl-warns-of-critical-security-vulnerability-with-upcoming-patch/, linked in Bruce Schneier's blog post about it. Make of it what you will.
10:23:47 <VimDiesel> Title: Mark J Cox on Twitter: "OpenSSL 3.0.7 update to fix Critical CVE out next Tuesday 1300-1700UTC. Does not affect versions before 3.0. https://t.co/jIRQhx0nCr" / Twitter
10:24:30 <V_PauAmma_V> s/< 3§/< 3 not affected/
10:35:15 <Reinhilde> Man, the code of /src/*/usr.bin/indent is utter lossage.
10:37:03 <Reinhilde> bakcopy() performs a copy of the origin file, instead of moving it.
10:39:39 <debdrup> a move is just a copy and an rm.
10:41:55 <Reinhilde> debdrup: yes, when working across filesystems. In the same filesystem, it involves creating a hard link, then deleting the old file.
10:43:04 <Reinhilde> So, I'm probably going to take usr.bin/indent out of all context, and add this change, and release it. This product contains software developed at the University of California, Berkeley (?)
10:59:25 <debdrup> Remilia: you're right, it's just that I'm so used to creating zfs datasets instead of folders that it works out I basically never get the hardlink+delete old file behaviour. :D
10:59:58 <PredatorONormies> > <debdrup> FreeBSD isn't using OpenSSL 3.x, so no. < Ah, nice
11:00:26 <PredatorONormies> Thankyuwu
11:05:50 <vxwarlock> ifp
11:18:04 <Remilia> debdrup: wrong highlight there, you meant Reinhilde
11:18:54 <Reinhilde> meeyow?
11:18:58 * Reinhilde wags tail
11:27:10 <Reinhilde> I should set up the qmail on my workstation to forward emails to the qmail on my main server.
11:28:47 <Remilia> one must not set up qmail
11:29:05 * Remilia hides
11:35:03 <yuripv> one must patch qmail
11:43:10 <otis> netqmail even?
11:44:12 <otis> or schmonz's notqmail?
11:47:28 <Remilia> also accidentally stumbled upon this https://www.theregister.com/2022/05/20/freebsd_131/
11:47:29 <VimDiesel> Title: FreeBSD 13.1 released • The Register
11:47:40 <Remilia> and El Reg writers prove they cannot read good documentation
11:48:08 <Remilia> > Even the newest FreeBSD is still a bit more basic than that. You had better be happy at a shell prompt and using vi to create a few config files because even after the installation program has finished, most things are done from the command line. We Googled how to install Xfce,
11:48:16 <Remilia> why not follow the handbook
11:48:29 * Remilia facepalms
11:50:54 <debdrup> Remilia: yes, yes I did.
11:58:30 <V_PauAmma_V> Remilia, snarkiness is their shtick. Praising documentation just wouldn't do.
12:07:22 <Reinhilde> otis: A fork of Amitai's notqmail, yeah.
12:07:52 <Reinhilde> yuripv: yes.
12:08:00 <Reinhilde> Remilia: Too late. ;)
13:31:40 <last1> is a compressionratio of 1.25x in ZFS equivalent to a 25% reduction in storage usage ?
13:32:40 <debdrup> I believe so.
13:36:20 <grahamperrin> Remilia: if you want _really_ bad, <https://archive.ph/dwxxV#89%> FreeBSD 14.0 introduces a new feature called “Bash”.
13:36:20 <grahamperrin> Gosh.
13:36:22 <VimDiesel> Title: archive.ph
13:38:50 <NerdyMcNerdface> last1: It does not mean that.
13:39:14 <debdrup> Got a source on that?
13:39:37 <NerdyMcNerdface> Yes, one of my filesystems has 3.95x compressratio. That means it would compress to less than 0 bytes.
13:40:18 <debdrup> Nonsense.
13:41:08 <NerdyMcNerdface> Got a source on that? :P
13:41:49 <debdrup> Text that takes up 4kB on disk and compresses by 8x compression won't suddenly take up anything other than 512B.
13:43:27 <NerdyMcNerdface> My point is that if 1.25x = 25% reduction then 3.95x would imply a 295% reduction.
13:44:12 <debdrup> That's not exactly a big reduction.
13:44:54 <NerdyMcNerdface> I'd argue that a 295% reduction is quite substantial.
13:44:54 <debdrup> The entire base system, in binary format, compresses at almost 3x with lz4, and 4x with zstd, if memory serves.
13:45:53 <debdrup> Yes, so? Processors are very powerful nowadays, compared to what they were when Lempel and Ziv started working in the field. ;)
13:45:56 <grahamperrin> V_PauAmma_V: <https://old.reddit.com/r/freebsd/comments/uxuf92/-/> "Ignoring the article's flaws, it's not a _bad_ advertisement for FreeBSD. …"
13:45:57 <VimDiesel> Title: FreeBSD 13.1 released • The Register : freebsd
13:47:51 <shiroyasha> It's probably less confusing to say "the uncompressed version takes 3.95x as much as the compressed version".
13:49:08 <debdrup> Sure, but with inline compression and compressed ARC, the uncompressed data doesn't really exist anywhere.
13:52:02 <grahamperrin> <https://www.startpage.com/do/dsearch?query=Xfce+FreeBSD&cat=web&language=english> top hit is an undated page from 2015, no mention of Handbook until page 5 of search results, that's in the context of a 2013 blog post.
13:54:42 <Reinhilde> maths is good. you should study it.
13:57:57 <V_PauAmma_V> I think 1.25x means a reduction of .25/1.25, or 20%.
13:59:53 <NerdyMcNerdface> V_PauAmma_V: I agree. 1.25x = 20% reduction. 3.95x ~= 75% reduction.
14:05:26 <V_PauAmma_V> Ways in which math and English don't mesh #48926489267: in math, "4 times more than 100" is 500. In English, it's increasingly 400.
14:05:54 <V_PauAmma_V> (see also "inflamable".)
14:23:17 <xmj> statistics is offtopic
14:23:33 <xmj> ;)
14:33:31 <V_PauAmma_V> Not when they relate to discussions of FreeBSD features.</literal-minded>
14:49:18 <Reinhilde> Coldcold
15:06:45 <bmr> just saw this https://cgit.freebsd.org/src/commit/?id=744bfb213144c63cbaf38d91a1c4f7aebb9b9fbc
15:06:46 <VimDiesel> Title: src - FreeBSD source tree
15:06:48 <bmr> that is so cool :)
15:06:54 <bmr> grattis FreeBSD!
15:21:33 <Remilia> grahamperrin: archive dot ph shows me a captcha page which does not display a captcha ahaha
15:23:52 <grahamperrin> Remilia: alternatively, <https://web.archive.org/web/20211024134653/https://idintact.com/2021/10/12/which-linux-os-are-you-most-looking-forward-to-in-2018/> near the foot of the page. It gets better …
15:23:54 <VimDiesel> Title: Which Linux OS are you most looking forward to in 2018? - Linux Operating System
15:25:08 <Remilia> grahamperrin: oh, ‘It allows users with limited command-line experience to run arbitrary programs with elevated privileges on Linux’
15:25:09 <Remilia> I see
15:25:25 <Remilia> this is where I post that pop team epic panel, right?
15:26:31 <Remilia> https://i.koumakan.jp/2022-10-29/1667057184.png this
15:26:48 <grahamperrin> So, I use Bash (a feature of FreeBSD 14.0-CURRENT, not a feature of Linux) in FreeBSD on Linux. Arbitrarily.
15:27:13 <Remilia> I use Git Bash which is a feature? of git? on Windows?
15:27:31 <grahamperrin> It's the Freebisdulator.
15:27:32 <grahamperrin> The poor cousin of Linuxulator.
15:31:06 <mvanbaak> hurray for wg in tree. congrats
16:19:27 <Remilia> I have a really stupid re_format question
16:19:58 <Remilia> I am calling sed with 's/route:[[:space:]]+//' and my goal is to replace 'route:<some whitespace>' with an empty string
16:20:02 <Remilia> what am I doing wrong here
16:20:26 <Remilia> if I remove the + it works (for the first whitespace after 'route:')
16:23:58 <Remilia> oh, * helps, I forgot all about REs
16:24:02 <Remilia> sorry for the noise
16:53:36 <last1> I have an issue with a php code that fails with: sem_get(): failed for key 0xe0638b9e: No space left on device
16:53:45 <last1> is there a tunable config for number of semaphores ?
17:19:41 <michelem> Hi folks! I noticed that the "bind" non-root user with uID=53 can open TCP port 53 without being root. Sysctl "security.mac.portacl" is not defined in the system. Where can I trace what allows that user to open the port, and what other rules are allowed?
17:20:46 <michelem> net.inet.ip.portrange.reservedhigh and -low are also set to the defaults 1023 and 0.
17:21:23 <rtprio> are you sure that it's not starting at root and dropping privs?
17:23:12 <michelem> duh. You are right. The script uses "envuidgid $USER" which I assumed to drop privileges. But that only sets env vars for the desired user. Thank you rtprio
17:25:46 <rtprio> ya, np
19:51:08 <mns> I accidently, because I wasn't paying attention to what I was doing, ended up doing 'sudo zfs destroy -r zroot/bastille' in the wrong tmux window.  I quickly did contrl-c several times to cancel the command, but it seems that some parts of zroot/bastille may have gotten deleted anyway.  Is there a way to recover from that without having to redo everything that I had ?
19:52:28 <Reinhilde> Probably not.
19:52:45 <otis> mns: from backup, yes. otherwise, most probably no.
19:53:15 <mns> snapshots maybe ?  not sure how to use them though or if they're enabled.
19:53:32 <Reinhilde> probably not, a destroy would've yeeted them too.
19:53:34 <otis> destroy -r also destroy any snapshots
19:54:04 <otis> anyy descendants of zroot/bastille (filesystems, volumes, snapshots, clones...)
19:54:19 <mns> otis: ok was not aware of that.  dang
19:54:59 <mns> I may be able to recover quickly enough.  Lets see what happens.
19:55:30 <otis> take it positive: you can exercise your disaster recovery scenario(s).
19:55:39 <Reinhilde> that's, uh
19:55:42 <Reinhilde> most of us don't have that.
19:55:47 <otis> in worst case, you'll only get 50% success rate. disaster: yes, recovery: no.
19:56:40 <mns> I think it will be the 50% success rate this time
19:56:42 <mns> :-)
20:13:27 <jb1277976_> What up everyone
20:33:05 <michelem> Hi folks. Need help in finding a solution to this: https://dpaste.org/Dn58q#
20:35:13 <michelem> See "exec.start" on line 6. That passes some arguments taken from some files. That fails because likely the outer shell expands the command in the host, before actually executing the (expanded) command line inside the jail
20:35:39 <michelem> any idea how to achieve that same effect while taking the configuration only from within the jail?
21:09:13 <michelem> ok, I was wrong on that. The shell command is actually run within the jail.
21:23:00 <koobs> morn
22:06:12 <jb1277976_> Instead of rebooting all the time is there a restart for each pkg I install that rc.conf and loader.conf get updated?
22:06:35 <jb1277976_> rc.d ?
22:10:13 <koobs> jb1277976_: yep rc.d (from ports theyre in LOCALBASE/etc/rc.d)
22:10:19 <koobs> service <servicename> start
22:10:43 <koobs> if you havnt yet put 'foo_enable=yes' in /etc/rc.conf, then you can use service <servicename> onestart
22:11:01 <rwp> There is only rarely a need to reboot.  Such as when doing a major upgrade which includes the kernel.
22:11:14 <koobs> only time you need a reboot is for loader.conf stuff
22:11:42 <koobs> there might be ways to kernel module unload/load (reload) to re-read initialization configurables, but im not sure
22:20:34 <jb1277976_> Hey koobs
22:20:50 <koobs> jb1277976_: how are you
22:20:58 <jb1277976_> fine
22:21:01 <jb1277976_> koobs: how do i know what service to reboot. do i just get the name of whatever i need and thats what i restart?
22:21:08 <jb1277976_> s/reboot/restart/
22:22:24 <jb1277976_> compliing my first every port on freebsd. there is no binary for it https://www.freshports.org/print/epson-inkjet-printer-escpr2/ im excited
22:22:25 <VimDiesel> Title: FreshPorts -- print/epson-inkjet-printer-escpr2: Epson Inkjet Printer Driver 2 (ESC/P-R) for Linux
22:23:41 <koobs> jb1277976_: each rc.d script has a name variable, which shows up in `service list`
22:24:40 <jb1277976_> yea i was tired of rebooting every time i updated rc.conf lol
22:24:49 <jb1277976_> but thats for any operating system
22:25:57 <koobs> kinda sorta, some support some levels of runtime upgrading/reloading kernels
22:26:00 <koobs> or kernel modules
22:27:45 <jb1277976_> koobs: did i tell you i gave up on trying to get my internal mic working. i bought a dongle from amazon. will keep an eye on bug 262579
22:27:46 <VimDiesel> 262579 – Framework Laptop: headset/mic input issues https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262579
22:28:29 <koobs> jb1277976_: i found some root causes / same problem in other OS's
22:28:40 <jb1277976_> ok
22:28:47 <koobs> the internal array mics via webcams are 'digital mics', which are problematic/special from a config point of view
22:29:08 <koobs> i have a set of links i identified, that ill doc somewhere at some point
22:29:46 <koobs> but the feeling i got was, in the absence of an automated system (device id matching/etc) to setup pins properly, its going to need device specific setup
22:30:02 <jb1277976_> got it
22:30:04 <koobs> but in this case, too, the setup is very special internally
22:30:20 <koobs> linux has this: https://www.sofproject.org/
22:30:22 <VimDiesel> Title: Home - Sound Open Firmware
22:30:27 <koobs> and i found issues for your device even as late as 2022
22:30:53 <koobs> whats interesting about sof is: "BSD/MIT licensed firmware and BSD/GPL licensed drivers"
22:32:41 <jb1277976_> yea
22:33:06 <jb1277976_> wondery why it hasn't been ported?
22:33:22 <koobs> its quite linux specific
22:33:31 <koobs> im just saying (at least its not only gpl)
22:35:04 <koobs> whats youre device again ?
22:35:15 <jb1277976_> let me get it one sec
22:35:20 <koobs> 15-.....
22:35:30 <jb1277976_> yea something like that
22:36:33 <koobs> whats the full value?
22:36:55 <jb1277976_> koobs: https://support.hp.com/us-en/document/c07914557
22:36:56 <VimDiesel> Title: HP ENVY x360 Convert 15m-es1013dx Product Specifications | HP® Customer Support
22:37:04 <koobs> es, right
22:37:11 <koobs> so
22:37:13 <koobs> https://bugzilla.kernel.org/show_bug.cgi?id=213953
22:37:19 <VimDiesel> Title: 213953 – HP x360 Spectre speakers not working (Tigerlake, 15-eb1xxx/8811)
22:37:20 <koobs> thats what linux (realtek driver fixup for your device) did
22:38:00 <koobs> https://github.com/thesofproject/linux/issues/3300
22:38:03 <VimDiesel> Title: HP x360 spectre 13-aw2619nz No sound in internal speaker · Issue #3300 · thesofproject/linux · GitHub
22:38:03 <VimDiesel> 3300 – Adaptec 2940U Problems https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3300
22:38:04 <koobs> still issue sin late 2021
22:38:14 <koobs> and another https://github.com/thesofproject/linux/pull/3195
22:38:15 <VimDiesel> Title: ASoC: Intel: sof_sdw: fix jack detection on HP Spectre x360 convertible by plbossart · Pull Request #3195 · thesofproject/linux · GitHub
22:38:26 <koobs> and another: https://github.com/thesofproject/linux/issues/3152
22:38:28 <VimDiesel> Title: HP Spectre 13-aw2020ca believes headphones are connected · Issue #3152 · thesofproject/linux · GitHub
22:38:28 <VimDiesel> 3152 – FreeBSD 2.2-STABLE: getty does not initialize %m, %s, %r and %v https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3152
22:39:06 <koobs> https://github.com/thesofproject/sof/issues/3519
22:39:08 <VimDiesel> Title: [BUG] Microphone on HP Spectre x360 13-aw0xxx doesn't work · Issue #3519 · thesofproject/sof · GitHub
22:39:08 <VimDiesel> 3519 – new port: comms/snooper https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3519
22:39:17 <koobs> so, theyre aware of issues, and still have remaining open issues
22:39:58 <jb1277976_> wow, thanks for doing research
22:40:37 <koobs> see also: https://wiki.archlinux.org/title/HP_Spectre_x360_(2020)
22:40:38 <VimDiesel> Title: HP Spectre x360 (2020) - ArchWiki
22:40:43 <koobs> many code repos reference that page
22:41:23 <koobs> now, the 'convertible' (intel) is seprate but also similar
22:41:39 <koobs> but that page refs "This wiki covers the HP Spectre x360 released in 2020 containing TigerLake CPUs"
22:41:49 <koobs> but doesnt include your 15-es*
22:42:10 <koobs> but, same sound/hardware setup
22:42:14 <koobs> and same problems
22:42:25 <koobs> "   Part of profile(s): HiFi
22:42:26 <koobs>   [In] Mic1: Digital Microphone (type: Mic, priority: 100, latency offset: 0 usec, availability unknown)"
22:42:28 <koobs> see
22:43:38 <jb1277976_> yep
22:52:39 <fragcula> I'm using freebsd on raspberry pi and get new updated images weekly. Trying to streamline keeping as much between new images. Homedir is on a USB, and so will /etc/* with a pkg cache. I guess /usr/local/etc/* also worth backing up? Anything else spring to mind?
22:54:26 <fragcula> Is backing up sshd's keys a good idea? possibly better to just remove it from my known_hosts so private key never leaves root filesystem?
22:55:05 <koobs> /var/db/* certain things (if you care about package db, etc)
22:55:17 <koobs> /etc if you modify
22:55:33 <koobs> " so will /etc/* with a pkg cache." ah
22:55:44 <koobs> localbase/* can contain customised things and configs
22:55:49 <koobs> so not just /etc
22:56:00 <koobs> some ports/packages have entire heirarchies in /usr/local/<thing>/*
22:56:04 <koobs> including data
22:56:36 <koobs> fragcula: since youre using usb for home, doesnt this cover keys?
22:56:52 <fragcula> Hmmm, installing packages taking an age so far (python taking ~2 hours). So perhaps will just have to be very judicious with what I install
22:57:41 <fragcula> koobs: I mean the server fingerprint, I think the private key is in /etc/ssh
22:58:12 <fragcula> I suppose no real risk as if someone got to the USB it's game over anyways!
22:58:48 <koobs> fragcula: your user keys are in /etc/ssh ?
22:58:55 <koobs> not ~/.ssh/id_* ?
22:59:13 <fragcula> my user keys definitely in ~/.ssh
22:59:26 <koobs> what stage are packages 'slow' in ?
22:59:29 <fragcula> but if I try and connect to the server the fingerprint will have changed
22:59:36 <koobs> right youre talking about the host fingerpint first gen thing
22:59:39 <fragcula> extracting
22:59:54 <koobs> some people are pretty clear cut about separate of base/local (for configs too)
22:59:58 <koobs> and modify as little in /etc as possible
23:00:06 <fragcula> so cache wont save much tbh
23:00:11 <koobs> for ssh you can use the port/package, which uses LOCALBASE/etc/ssh/*
23:00:17 <koobs> then youd capture all of that 'custom config'
23:00:19 <koobs> if you want to keep it
23:00:35 <koobs> i suppose the question is, having 'backedup' whatever you do, whats the use case for 'restoring' ?
23:00:54 <koobs> and does that use case have a threat vector/model where not having the old host fingerprint is relevent
23:02:50 <fragcula> mhmmm, yeah, I guess the threat overwhelmingly is me not updating and being at risk through missing a sshd update
23:03:08 <fragcula> in which case I can just do whatevers most convenient with the server keys
23:11:32 <rtprio> fragcula: are you reinstalling with each image or what?
23:13:27 <fragcula> rtprio: yeah, just flash the image to the SD, boot and it does some first boot magic (resizes partitions etc). SSH over and have a script to copy over those files and reboot
23:14:06 <rtprio> there are probably easier ways to update your system. but also, why weekly
23:14:16 <rtprio> i don't expect you're going to be missing much every week
23:14:56 <fragcula> rtprio: it's cause it's running on a raspberry pi 1 so not a top tier supported platform
23:14:58 <koobs> fragcula: what branch of freebsd are you ?
23:15:03 <fragcula> freebsd-update doesn't work
23:15:04 <koobs> on*
23:15:06 <fragcula> koobs: 13.1
23:15:20 <koobs> mmm.
23:15:32 <fragcula> rtprio: no I imagine not, but I don't keep an eye on updates so alternative would be to watch out for security updates I guess
23:15:45 <rtprio> i found pi1 to be unusable on freebsd
23:15:55 <koobs> rtprio: whats the main issues/gaps ?
23:16:09 <rtprio> because it's _old_ and _slow_ and limited in memory
23:16:17 <koobs> im not familiar with the arch, but care about developer board usability
23:16:40 <fragcula> armv6 so really old stuff
23:17:07 <rtprio> koobs: one issue was it took 10-20 seconds to negotiate ssh key login
23:17:17 <koobs> right
23:17:27 <rtprio> i was going to use it as a bastion host, but i determined it was too slow even for that
23:17:27 <koobs> anything not just a function of constrained resources?
23:17:33 <fragcula> I don't have that problem, I'm using ed25519 dunno if that makes a difference
23:17:49 <rtprio> koobs: i suppose not
23:18:34 <fragcula> koobs: I think it's soft floating point
23:18:37 <koobs> ah
23:19:40 <fragcula> right now biggest issues for me is filesystem stuff is unbearbaly slow
23:20:07 <rtprio> yep. also that
23:20:29 <fragcula> usb host is managed on same chip as ethernet (dunno if also same as the SD card used as the root file system)
23:20:49 <fragcula> SD card means you pretty much have to turn off logging (or redirect)