00:08:43 ceri: specify an interface and it'll add an alias automatically. jail(8) explains it. 00:38:47 * meena really needs a some infiniband hardware to test this code… 09:51:54 Hi all, if your coming to freebsd as a new user and choosing a firewall, why would you NOT choose PF and instead choose ipfw? 10:12:41 P-NuT: main reason: your number one goto person for FreeBSD questions uses ipfw. other reason: you want JITed BPF 10:13:41 For the ignorant new user, which firewall would you say most freebsd users use? PF? 10:15:14 I use pf, because that's what I started with. other people use ipfw because that's what they started with 10:21:50 +1 for pf 10:21:52 P-NuT: you can just look at both things, and see which syntax you're more comfortable with 🤷🏻‍♀️ 10:22:01 I use ipfw because, at a glance, the syntax looked more fitting for my thought process 10:30:49 At home I have ipfw; at work have pf which I had set up after said ipfw, for ipfw shows horrible date-time format 10:34:29 Ha! Joke is on me as "pfctl" shows the same format💩 10:34:47 So a toss-up 10:35:37 ( also shows I had not used any pfctl option|command that would list the time until now (in manual page)) 10:42:37 It was all lies! I got the impression (from "zfsprops" manual page on 13.1 & https://klarasystems.com/articles/nfs-shares-with-zfs/) that "sharenfs" ZFS dataset property does not require "mountd" interaction (have some datasets in /etc/exports). But on the server I get the message that access to the client was denied. 10:42:38 Title: NFS Shares with ZFS | Klara Inc 10:44:45 ... wanting to avoid "reload" "mountd" as that would invalidate current NFS mounts; have to wait for longer to go back to /etc/exports *phhbbbtt* 10:46:59 don't use sharenfs property, use /etc/exports 10:50:03 sharenfs is very limited, you can't for example share a dataset rw to 1.2.3.4 and ro to 2.3.4.5 10:59:48 mage, Yeah, lesson learned. No quick-way for me 13:26:41 ravella: it sounds like a really rare race condition with the rc.d scripts for routing and netif - could you file a report for it on https://bugs.freebsd.org ? 13:26:42 Title: FreeBSD Bugzilla Main Page 13:27:59 ceri: https://www.youtube.com/watch?v=S3u8OtjfGFE has what I consider the best way of handling jails (I'd love it if the methods described in this talk were in the handbook, but I haven't found the energy for it) 13:28:00 Title: 20 Years of FreeBSD Jails (2019) - YouTube 13:28:29 meena: no used server parts market available to you online or offline? 13:28:57 debdrup: not enough funds 13:29:09 meena: aaah, yeah I know that struggle 13:32:31 parv: what's wrong with the date-time format? There's both -t and -T for ctime converted listings as well as epoch based. 13:33:45 At least for ipfw, I can't speak for pf. 13:35:12 I spoke about ipfw vs pf syntax yesterday and about how I think people prefer whichever one they used first; I forgot to mention that a necessary correlary of that is that it's also the one they've used most. 14:52:41 I started with ipfw because pf didn't exist yet. When I returned to FreeBSD, I used pf because it felt better supported and documented than ipfw. 14:53:42 debdrup, does that video have a usable transcript or an associated blog post? 14:53:53 (the jails one) 14:54:12 V_PauAmma_V: sorry, I don't know. 14:54:23 I'm sure you can find the slides. 14:55:58 V_PauAmma_V: it has a book 15:13:52 * V_PauAmma_V nods at debdrup and meena. 15:17:22 (I'm uncomfortable with borrowing from that book to add to the handbook. That feels like poor form.) 15:50:53 V_PauAmma_V: you can always ask Michael if he'd mind you using the parts of the presentation 16:10:15 * V_PauAmma_V nods at debdrup. 17:03:54 CTRL+ALT+Fn does nothing in Xorg. In CLI, only F4 and F7 respond, making it impossible to return to v0. Any clue? 17:36:10 kodcode: that doesn't make sense, but try pressing print screen as that cycles the TTYs. 17:36:37 Also, make sure you haven't scroll locked the TTYs. 17:52:08 *sigh* ok, so i'm trying to validate the release checksum file with pgp, and the keys are nowhere. i even found a bug report saying this is hard to find 18:06:22 Demosthenex: I'm not sure I understand what you mean; they're on https://docs.freebsd.org/en/articles/pgpkeys/ or https://docs.freebsd.org/pgpkeys/pgpkeys.txt for the complete keyring 18:06:24 Title: OpenPGP Keys | FreeBSD Documentation Portal 18:08:47 debdrup: PrtScr got my to v7, stuck there (I am not in xorg now). 18:09:03 kodcode: again, are you sure you aren't scroll locked? 18:10:10 debdrup: what do you mean with scroll locked? 18:10:47 kodcode: pressing the scroll lock key makes it possible to scroll up and down a text console like sc(4) and vt(4) 18:11:12 The behaviour predates the original PC/AT spec by some considerable amount, but I'm not exactly sure where it was introduced. 18:13:48 debdrup: on my laptop keyboard, there isn't a scroll lock key 18:14:01 Welp, then I'm not sure what it could be. 18:14:29 debdrup: maybe I can paste here /etc/tty ? 18:14:59 kodcode: don't paste into the chat, use a pastebin. 18:15:09 https://termbin.com/03g5 18:17:01 That looks right to me. 18:19:17 debdrup: OK. So I just plugged in a USB keyboard and everything works fine with that. So it must have to do something with my laptop's keyboard. 18:19:46 The keys work, maybe not mapped right? 18:25:06 OK. Solved. Thanks.. 18:26:46 Every reboot the F keys work as multi media keys again, had to disable this in BIOS 18:37:33 hello there. I had to change a dead cpu on freshly installed freebsd 14. The system boot as expected but when I try to fetch a random page on internet with firefox. This one hangs forever and I don't get the content. I have tried with curl it works, try to upgrade ca_root_nss without success too. Any idea ? 18:38:13 Should I try to reinstall FF ? 18:39:06 weird... everything work as expected . excepted firefox 18:42:35 Midjak: yeah, strange. what if you try to load a local URL? say "file:///" 18:42:50 I am trying 18:43:49 well it works now... in the meantime the page is displayed 18:43:57 and I can fetch another page 18:44:40 I had an issue with the system time at the first time. Maybe is related ? 18:44:51 oh well 18:44:58 heh who knows 18:45:36 may be due to the fact that I ran a portmaster -a in parallel 18:45:45 thanks anyway 18:47:23 Demosthenex: your mention of PGP, in part, helped remind me that I needed to extend mine. 18:47:52 wow, ports management have never been so good. 18:48:04 (has*) 18:48:10 Midjak: clearly you've never tried poudriere. :P 18:49:25 no but I think I will build all my freebsd package from this one. So I think I am going to give a look to poudriere. 19:02:57 debdrup: i'm going a gpgv -v CHECKSUM... and fails, even though i imported the keyring 19:03:00 wild 19:06:00 one day, i am going to learn what's wrong with pkg install 19:06:19 https://dpaste.org/Bo9sc/raw 19:06:38 i pulled the whole pgpkeys.txt and did a gpg --import pgpkeys.txt, and it imported 512 keys 19:09:55 ok, nvm. using gpg directly instead of gpgv it passed. 19:10:59 Oh, I thought you were using gpg2 --verify. 19:12:30 gpgv2, in part, gives me this: keyblock resource '/home/debdrup/.gnupg/trustedkeys.kbx': General error - which I'm not sure how to parse, because GPGs documentation isn't... great. 19:12:58 yeah, i was just used to gpgv. my bad 20:43:14 I'm trying to add encrypted device (actually geli encrypted gpt partition on a device) back to zpool as spare, but when zpool detects the spare it triest to rebuild mirror from it, but it immidiately detaches the geli device 20:43:57 And then the rebuild fails ofcourse and spare vdev is gone too 20:49:01 Hello! Please tell me what size swap partition I will need to create if my computer has 16 gigabytes of RAM and I am going to put my system into sleep mode? Do I need to make the swap partition equal to 32 gigabytes? 20:53:36 Kit_Leopold: You'll be fine with the default of 2GB for swap space. 20:54:08 If you want to make it larger, you can. However, I highly doubt it would be needed. 20:56:40 ek: I have a home computer. I'm going to install the KDE Plsma 5 graphical environment and sometimes leave the computer on for a long time, then it will go to sleep on its own. Will a small swap partition prevent the operating system from going to sleep? 20:59:04 Kit_Leopold: I have a laptop using root on ZFS with 12GB RAM and the default 2GB swap partition. I'm able to put it to sleep and wake it up without any issues. 21:02:45 could a bigger nvme (not mounted) cause freebsd zfs slower to shutdown ? 21:04:29 ek: Thank you for your reply. 21:06:50 hernan: If it's unmounted, I don't see how it possibly could. 21:12:11 Kit_Leopold: Note that sleep and hibernate are two distinct things. To support hibernation you need swap at least as large as your RAM. 21:13:41 mason: Hello! Yes, I made a mistake confusing sleep and hibernation. 21:25:17 meena: nothing is wrong with pkg install (in fact in the recommended setup of building your own pkg repo with poudriere to use ports you need pkg install), but sometimes you want to have packages with other options than the default ones (that's why options exist) so you have to build them yourself instead of using the official pkg repos 21:30:35 nimaje: i always just badger porters to make *my* options the default. 21:35:42 I'm still thinking about installing the FreeBSD operating system. I currently have Gentoo Linux operating system installed. FreeBSD attracted me because there are ready-made packages and at the same time there is a collection of ports that you can configure yourself before installation. I have already seen the disadvantages of the FreeBSD system for myself - these are problems with the Steam game client and less hardware support. Please 21:35:42 tell me, what other disadvantages of the FreeBSD operating system can I encounter when moving from one operating system to another? 21:38:13 * meena points at PlayStation for a FreeBSD gaming machine… 21:39:12 Kit_Leopold: it really depends on what you use your computer for… 21:40:43 i don't use my computers for gaming for example, and I gave up on Steam when their client was super buggy on Unix… 21:41:13 I use computers mostly for … programming. Which is very meta, i guess. 21:41:21 my options are not always reasonable default options, like not wanting any mdns support or wanting rssguard without webengine 21:41:23 meena: Home computer. I visit pages on the Internet (using the FireFox browser), listen to music, watch movies, display an image from a computer on a large TV screen, study the Emacs text editor to keep my notes. 21:44:43 Kit_Leopold, I think you will be fine with most of your needs. However remember that, if you ever need something that works on Linux or Windows, but does not work on FreeBSD through linuxulator or wine, you can always install a virtual machine 21:44:56 All the programs that I use, I have already found in the packages of the FreeBSD operating system. 21:46:23 for example I often play hacking challenges that require to run compiled linux software or software that has not been ported on FreeBSD yet: I use virtual box in those cases 21:46:30 sphex, debdrup: thanks. the interface spec worked, just isn't mentioned in any documentation other than jail(8) as far as I can see. all good now, ta 21:47:10 meena, salvadore: Thank you for your answers, they give me confidence! 21:48:04 you're welcome Kit_Leopold, and remember, if you ever find something on FreeBSD that does not work, we accept bug reports and patches :) 21:48:10 salvadore: What virtual machine are you using? 21:49:39 I have run Kali Linux, OpenSuse, Windows (I think 11) and also other versions of FreeBSD. All of them on Virtual Box. 21:50:00 salvadore: I'm not going to install the FreeBSD operating system right now, I want to finish reading the FreeBSD HandBook in its entirety and write out the important points in this book for me. 21:50:01 and a few virtual machines from vulnhub 21:51:04 Kit_Leopold, I guess you can also install Virtual Box on Gentoo Linux and play with FreeBSD on it, if you want 21:51:44 it would allow you to practice with it while you read the handbook 21:52:22 salvadore: It's a good idea. Thank you for your help and replies. 22:25:56 Does any of you use acme.sh to get ssl certificates? 22:26:14 * meena uses Apache httpd's mod_md 22:26:56 i use acme.sh 22:27:12 souji: ^^^ 22:28:02 thorongil: do you generate your certificates using the root user or the acme user? 22:28:27 I am not sure whats the best way. 22:28:58 i have a dedicated user. i require as little as possible to run as root. 22:29:10 I used in the past for stuff like that the root user, but now I saw the acme user is created when I install acme.sh 22:29:53 the only thing i do as root is poke the deamons to pick up the new certs 22:29:55 The acme user would be only for this purpose, then. Thx^^ 22:29:58 yep 22:36:41 I use certbot, which in turn uses py-acme. 22:38:12 i like the simplicity of a pure sh implementation, but i am kind of a luddite 22:38:34 mariuss: I used certbot that in the past, but did not want to use it on that machine because of the python dependencies. 22:39:17 + I wanted to try something new 22:40:04 souji: understood. However, I've got both apache24 and nginx servers. It takes care of both. 22:51:26 i'm looking to write a simple user-space networking stack for funsies. it seems like vde2 would satisfy my needs but i'm wondering if there is a superior alternative on freebsd. any ideas? is this something that would be appropriate to ask on the -net mailing list? 23:59:46 arg, looks like this is an issue: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=258987 23:59:48 Title: 258987 – 13.0-RELEASE installer broken redundancy with UEFI and ZFS 23:59:56 i just confirmed my second disk efi partition is not formatted