00:13:32 * meena points at Docker images which are like gold servers, but people get mad at that 00:15:18 aaaaand, to be fair, having worked in many companies that took the idea of gold servers to extents that made them silver at best, and radioactive waste in your data centre at… as standard, i can see why people frown at Docker images 00:15:52 it's that same concept, multiplied by a thousand 00:31:22 Since this is probably a 14-CURRENT issue: https://forum.netgate.com/topic/178114/23-01-upgrade-no-longer-sees-ada1 00:31:23 Title: 23.01 upgrade no longer sees ada1 | Netgate Forum 07:34:44 is there analog of this one https://lore.kernel.org/lkml/20171211165216.5604-1-hdegoede⊙rc/ 07:34:45 Title: [PATCH v2] ahci: Allow setting a default LPM policy for mobile chipsets - Hans de Goede 07:35:07 maybe in hints.ahcich ? 07:49:36 There are "power_profile" & "power_profile_cx_lowest" variables for "/etc/rc.conf"; besides that there are CPU specific MIBs. 07:49:57 reference: /etc/rc.d/power_profile 07:53:24 s/performance_cx_lowest/{economy,performance}_cx_lowest/ 07:53:44 i know this 07:54:32 🤷‍♂️ 08:22:16 angry_vincent: what happens when you try? 08:31:08 What does "host is passive" mean in state "1: device is allowed to initiate PM state change, host is passive;" (in "achi(4)" manual page)? 08:34:37 ... that was for "hint.ahcich.X.pm_level" 08:36:04 State 5 "driver initiates SLUMBER PM state transition 125ms after port becomes idle" of "hint.ahcich.X.pm_level" seems to be the most workable on low use ZFS system 08:47:04 While Firefox is open (& not suspended via SIGSTOP; 2-SSD ZFS mirror system), I see disk activity light turn on periodically; could also be due to other periodic jobs 08:54:47 parv: you could start Firefox via `truss firefox` and have a look, whether there is some correlation. 08:56:31 Kalten6897, I could but am not concerned really, mainly for I am not using "hint.ahcich.X.pm_level" to put SSDs in lower power state which in turn would affect ZFS 08:56:57 Kalten6897: dtruss. 08:57:53 meena: what is `dtruss`? 08:58:14 I am content to send SIGSTOP to firefox process before leaving the 'puter for extended period 08:58:59 It does tend to calm the mashine down quite a bit ;-) 08:59:25 Kalten: it's truss built with dtrace, so it won't trash the proces it's tracing 08:59:52 it's in dtrace-toolkit 09:00:21 Ah, from "sysutils/dtrace-toolkit" port 09:01:03 yes 09:02:38 meena: ah! Thank you. 09:03:10 meena, How does "truss" trash a process? 09:05:08 ptrace is userland tracing, so it's quite slow, as in, it slows the process down a lot. dtrace is kernel level tracing, and doesn't do that (not significantly, anyway) 09:05:57 some processes don't like to be slowed down this much, and exhibit pathological behaviour that you're not even looking for 09:07:04 meena, (hmm) Thanks 09:25:27 speaking of all above, what i investigating is what triggering GPU hangs and freezes. it might be SATA power settings and also GPU power settings 09:39:41 Hi, I am moving from linux to freebsd. I have a single laptop and no other machine and this is what i use for my daily stuffs and work as well. I am a freelancer. Is it safe to use freebsd 14.0-current? how often do i face crashes? your opinion and suggesiton would be very helpful 09:43:35 also, https://www.freebsd.org/security/#sup doesn't show the EOL for 14.0? 09:43:36 Title: FreeBSD Security Information | The FreeBSD Project 09:47:17 For -current any crash should not be a surprise; do read about the expectations https://docs.freebsd.org/en/books/handbook/cutting-edge/#current-stable . Else 13-stable or 13.x-release otherwise. See also https://klarasystems.com/articles/evaluating-freebsd-current-for-production-use/ 09:47:19 Title: Chapter 25. Updating and Upgrading FreeBSD | FreeBSD Documentation Portal 09:47:55 I am using 14-current on a desktop & a Framework laptop 09:48:26 ... and have not had any things unexpected happen yet 09:48:35 parv: how is experience? 09:48:49 parv, thanks for the link and the advice will go through them. How long have you been on 14-current? what's your experience? 09:48:50 wonder, when they provide ryzen builds 09:49:04 angry_vincent, Fine, nothing different than from 13/stable 09:50:23 On Framework laptop -current has been c 202202; on desktop probably mid/late 2022 09:51:09 would you say you've faced crash/stability issue atleast once or twice during this entire time? 09:51:19 For Framework, make that c 202203 09:51:31 Nope 09:52:54 so you've not faced stability issues yet? 09:54:20 I am not the one to repeat my answer in a short period of time 09:56:26 sozuba: most people who run CURRENT, also subscribe to the mailing list, and some even follow commits to ensure they're not building something broken 09:57:00 parv, sorry. Nope could mean no not once or twice may be more, or no none. So i wanted clarification. But I understand and appricate your time and suggesitons. Thank you 09:57:32 sozuba: for example: right now i would not run an NFS server on current, unless you're a developer interested in contributing experience testing, but reports or patches 09:58:10 meena, ah that's a valid point for me to ponder into. Reading links shared by parv and what you've shared now, makes me look at using stable. 09:58:41 meena,got it :) 09:58:47 thank you 09:58:58 10 minutes ago, I wrote: ... and have not had any things unexpected happen yet 09:59:44 parv, ah okay. I see that now. I missed it, my mistake and I apologise. 10:00:30 unexpected can look very different if you're not following the freebsd-current@ mailing list / commits 10:01:07 Yeah, like to need to build drm-510-kmod from the ports at one point 10:04:00 meena, i think i will start with stable for now and may be move to current after I am cofortable enough. The thing is, i am used to used to being on bleeding edge and so was thinking may be i could survive that way here too. 10:05:10 i would worry about build erros that happen, that i can report and may be see what the error is about, but if for example wifi and other essential things malfunction, then that would be really bad, considdering i move around a lot. 10:05:11 sozuba: I would still recommend you subscribe to the FreeBSD-stable@ mailing list 10:05:30 meena, yup definitely doing that now 10:05:33 :) 10:05:33 Subscribe to the mailing list; do not install from the latest source commit if need to have a working machine in order to run -current 10:05:52 there's far less surprises on STABLE, but better to have a channel 10:06:22 parv: unless you just saw a fix for your current problem ;) 10:06:53 parv, got it. Will heed to that 10:07:01 meena, Now ... right 10:07:03 I stick to release for desktop, everything else in VirtualBox VMs 10:07:58 sozuba: I also have PkgBase builds for CURRENT and STABLE, and Michael Dexter has a freebsd-update server for those 10:09:27 Speaking of releases, a 12.x (before 12.4) NFSv3 server was timing out for CentOS [78] NFS client; issue was gon after swicting to 13.0 10:09:52 * parv cant rite no more ... bye ... 10:09:58 https://alpha.pkgbase.live/ and 10:09:59 Title: Unofficial FreeBSD pkgbase repository 10:10:01 meena, what are pkgbase builds? 10:10:12 https://up.bsd.lv/ respectively 10:10:13 Title: FreeBSD CURRENT and STABLE Binary Upgrades 10:10:49 sozuba: PkgBase is a way to install and upgrade base as packages 10:10:56 i guess i have to read a lot more to understannd the freebsd/bsd ecosystem 10:11:21 meena, ah, i was wondering, that's awesome. :) 10:11:39 FreeBSD is the only BSD that has that, but it's not yet officially supported by the release team 10:12:04 meena, okay. I saw that unoffical line in the title. 10:12:28 so i can install stable but still have the base packages updated to latest. That's cool :) 10:12:44 🤞might get a beta with the 14.0 release 🤞 10:13:30 the first ride will be messy, so i recommend using boot environments if you wanna go down that route 10:13:46 meena, will be able to roll back a package or multple packages if i face any issues? 10:13:51 https://up.bsd.lv/ might be easier to get started with 10:13:52 Title: FreeBSD CURRENT and STABLE Binary Upgrades 10:13:57 especially from caches, if i lose network 10:14:12 with boot environments, yes 10:14:24 meena, reading it :) 10:14:32 but i also have a few months off builds 10:15:23 you can enable the automatic creation of boot environments in freebsd-update, something PkgBase doesn't do yet 10:16:22 I should put thatoon the todo list 10:16:44 doon't understand what boot-environemnts are and how its related, but i will read abou them, now that you've given me an idea 10:16:47 * Ellenor smacks the gibson 10:17:05 meena, that would need pkg to support automatic be creation. 10:17:55 Ellenor: maybe. maybe it could just be done with pre/post scripts 10:18:57 sozuba: https://man.freebsd.org/bectl(8) 10:18:58 Title: bectl(8) 10:19:17 maybe. 10:19:32 but then wouldn't BE critical packages all create their own BE? 10:19:43 or are pre and post scripts done after all packages, am I misunderstanding something 10:19:53 meena, thanks :) 10:20:58 Ellenor: yeah, true. needs to be worked out 10:21:42 likely, we'd need a wrapper, like how Debian has do-dist-upgrade 10:21:52 I think BE-criticality needs to be made a feature of the package manager itself, which packages can set and are expected to not use maliciously. 10:23:17 but then again, what know I? I'm just a dog on the internet that didn't finish high school. 10:24:47 I didn't finish high-school either, and I'm currently walking a dog, in real life 10:26:45 Ellenor, meena i hold a master's by research, but has been useless due to the fact i work in a completely different field just to make some money. I beieleve experiences matter, and i don't even have that. 10:28:13 sozuba: Hillel Wayne has very good essays on how "crossovers" succeed 10:29:17 thanks meena ill search. But i am not even sure what i am crossing over to. I've been in and about everything and constantly changing environment just to work things out 10:29:25 but will defintely read. 10:46:13 why does resilvering take so much CPU? i've been resilvering for the last 5 days after replacing a drive, so far 3.4 TB resilvered, and the CPU usage the whole time has been like 90% on all cores (4 core 1ghz). 10:46:54 i thought the process was being bottlenecked by my drive case / USB connection, but the high CPU usage indicates its probably a CPU bottleneck 10:48:19 SymbioticFemale, it likely has to perform a ton of XORs, and there's probably a few iowaits too. 10:48:54 and checksums 11:02:04 or it could be indeed bottlenecked by usb connection, and high cpu usage being result of freebsd not implementing that new way of accessing the usb mass storage (don't remember what it's called) 11:41:52 right, somebody should sit down and implement that… 12:26:43 There's BOT and UASP, with the latter being the one that isn't supported yet. 12:29:36 Bulk-only transfer doesn't really take up that much CPU, but it all adds up. 12:30:52 SymbioticFemale: have you launched top with -S to see the system processes (ie. kernel threads) that's responsible for taking up the CPUtime? 12:31:04 i'll do that 12:32:30 ah, its geli 12:32:45 my drive is encrypted 12:32:52 If you don't have AES-NI, that'll definitely do it. 12:43:48 SymbioticFemale: you sure the drive isnt one of those snuck in smr drives? 12:44:06 afaik resilvering on smr takes like 20x the normal time 12:44:44 100% sure. also i'm narrowing down the problem here because i have AES-NI support but for some reason its geli is defaulting to software instead of hardware 12:45:06 oh.. well thats not good heh 12:45:43 if fbsd that should just.... work 12:46:14 * Macer ponders if aesni is something that can be disabled in a bios 12:46:40 Macer: are you sure about that? 12:46:54 err, wrong hilight. 12:47:07 debdrup: no.. not sure if it can or cant 12:47:14 oh heh 12:47:53 no io tomfoolery in the kernel logs? 12:48:32 i was also wondering about whether i may have disabled it in BIOS, but i note that one of my drives is indeed listed as "Crypto: accelerated software" and the other two are "Crypto: software", despite all three being AES-XTS 12:49:08 i didnt think the thpe of drive mattered 12:49:21 SymbioticFemale: please do `grep -i aes /var/run/dmesg.boot | nc termbin.com 9999` 12:50:44 Where are youu seeing that two of the drives are using software? 12:51:05 i think the message is simply misleading, it says software, but hardware is being used 12:51:38 angry_vincent: thats my understanding of the meaning "accelerated software" but "software" means software, i think 12:51:52 It depends on the version. 12:52:18 aes-ni will appear as software encryption on 12 and as accelerated software on 13 (or 14?) 12:53:26 I'm still curious where you're seeing that one drive is using accelerated software while the others are using hardware 12:54:47 plaintext paste of "geli list" and the requested grep of dmesg.boot https://paste.debian.net/plainh/3fc4bfab 12:55:42 perhaps the "AuthenticationAlgorithm: HMAC/SHA256" ? 12:55:43 hello, I'am lurking but I have a question. How did you see the drive use software of hardware encryption acceleration? 12:56:18 SymbioticFemale: have they been initialized the same way? 12:56:56 Lovis_IX: https://rubenerd.com/checking-if-freebsd-geli-is-using-aes-ni/ 12:56:58 Title: Rubenerd: Checking if FreeBSD geli is using AES-NI 12:57:04 Lovis_IX: `geli list` will show it 12:57:41 debdrup: unknown. has been a number of years since the drive with 'accelerated software' was initialized 12:57:49 debdrup: thanks 13:00:23 SymbioticFemale: Ah, I think I see what's going on; you're right that it's linked with the HMAC, because I think that's what's causing it to fall back to software as AES-NI can't handle SHA256 13:01:04 alright. mystery solved. 13:01:06 The newest Xeon scalable CPUs are purported to have SHA256 accelerated, and AMD has had it for a while - but nothing else to my knowledge can do it. 13:02:01 It's a bit ironic that AES-NI can't handle SHA256, because part of AES-GCM involves a HMAC in the form of a SHA2 checksum - so they had to implement most of it already. 13:03:09 Also, there's one other way to get SHA2 checksums accelerated - via qat(4). 13:04:28 Although I'll also note that adding a HMAC to AES-XTS when what you're encrypting is a ZFS pool isn't really going to do anything for you. 13:10:50 i'll just rebuild it without it 13:13:38 much thanks for your help debdrup :) 13:14:23 The reason a HMAC for integrity doesn't do anything for a ZFS pool is that while the checksum used in ZFS might not be cryptographically secure (fletcher4 isn't), that doesn't mean anything because it's impossible to modify that AES-XTS data that makes up the ZFS record and still have the record match the checksum. 13:14:45 yeah 13:15:07 It might be possible to make GELI use AES-GCM which would get you the HMAC, but I can't see that adding anything. 15:11:16 I just read the handbook and wiki to try and understand the different releases and their support cycle. Please correct me if i've understood it wrong and forgive me if i've failed to find information that i could have easily found. 15:12:26 Talking only about stable and their derivative releases, if Stable 13.0 is the long term support release, with a minimum 5 year cycle. Then, when a 13.1 release happens, does it superseed the 13.0 stable release? and so on, with 13.2 which has a eol of 13.1+3 months. If so what happens to 13.0 after 13.2 comes out and considering 13.2 is the last release in that number, will it be supoorted 15:12:27 through the original five years of the original stable release for that number? 15:13:25 sozuba: STABLE isn't a release 15:14:14 the STABLE branches are the ones from which releases are cut 15:14:33 well, after branching off… 15:15:17 yeah sorry about the terminalogy. so 13.0 is stable, 13.1, 13.2 and so on are the cut release ? 15:15:36 right now, you can see this on action on releng/13.2. 13.2 is in beta, branched off from stable/13 about a week ago 15:15:49 yeah noticed that 15:16:11 13, without the dot. 13.0 was the first release in the 13 series 15:16:22 13.2 is supossed to be out by march end? 15:16:34 ah okay, now i undertsand 15:17:21 so let's say 13.2 is the last release in this series, will its end of life suport be till 2026 as well? 15:18:00 12.4 is still supported 15:19:04 you can go from there: when was 12.0 released? etc 15:19:25 ah okay got it :) 15:19:30 * meena isn't on a real computer right and is trying to do house work 15:19:42 now i have a good picture. Thank you very much for your help 15:19:47 meena, ^^ 15:22:50 in general, we have about three years of support for each series, but some vendors might support their cut a little longer 15:23:15 PS3 is based on FreeBSD 9, and I still get updates ;) 15:23:39 (tho i have no idea what kind of updates) 15:24:08 Perhaps Sony backports bug and security fixes and adds their own features? 15:28:08 yeah that's what i think too. I've never owned a concole, so i've no idea. 15:28:18 console* 15:28:36 vdamewood: I have done release management on server software written in C++ for a while, and I can tell you, it was no fun backporting fixes to older branches, while making sure you're not breaking ABI, i can't imagine how much fun that would be for kernel and drivers 15:30:23 but then, they have people who do this as their job, not their terrifying hobby. 15:30:43 Yeah, it's also probably better than the alternative. 15:32:12 like, most consoles since… who knows when, are internet connected, so, yeah, keeping them up-to-date would be good. 16:09:17 hi there, is there a way to tell "freebsd-update" to not end up in a pager i need to quit with pressing "q", but simply dropping stuff on STDOUT and then actually exiting? 16:54:18 not that i know of 17:03:46 freebsd-update(8) even says how to do it (see PAGER) 17:51:03 What's a reasonable screen locker for FreeBSD that can lock X and all the VTs, either from within X or from a VT? 17:51:41 I've tried vlock, but it didn't accept my password for whatever reason. 18:17:51 msiism, I had the same issue with xscreensaver, decided to switch it off for now and look for the solutions later on. 18:21:16 There's nothing that can affect both ttys and a graphical UI. 18:22:34 lock(1) (which can also be invoked from tmux, which is rather handy if you've got it on a console window) works on ttys, but the only one I know of that works (correctly) for Xorg is Xscreensaver. 18:30:10 Well, vlock can actually do what I'm looking for, it seems. 18:30:48 Maybe it just doesn't respect locale settings. 18:31:13 lock(1) can lock ttys too, and is in the base system. 18:31:36 It is one of the few things that survive to this day, from all the way back in 3.0BSD 18:32:59 Its so old, it still has the 1980 RUC Copyright :3 18:34:34 I also wonder why `startx` puts my X session on some other TTY instaed of the very TTY I'm working on. 18:34:39 That would be what I want. 18:35:44 You're not supposed to use starts, you're supposed to use a display manager which starts on ttyv8 as defined in /etc/ttys, and which is then responsible for handling logging in and executing your graphical UI. 18:36:01 Using startx means that anyone who can cause your session to crash will have local access privileges to whatever user you're logged in as. 18:37:14 I only use startx, since I want to be at regular tty when I boot my system. 18:37:27 debdrup: Terrific. 18:37:45 (it also used to be possible to simply zap the Xserver by doing ctrl+alt+backspace, but fortunately that default-on was instead turned default-off) 18:38:52 xtile: what stops you from simply switching to a tty from your display manager? 18:39:29 I unfortunately have an Nvidia video card, so I need to not have graphics automatically start when the system boots, especially after upgrades. 18:39:32 that's my reasoning 18:40:24 I can sort of see your point, but aren't you better off using kld_list to load nvidia-modeset then? 18:40:34 rebuild the module before booting the new kernel? also load the module in rc.conf, so you can always fix by booting single user 18:40:37 I wouldn't be against manually starting a display manager from a tty 18:41:21 xtile: I don't think that's really doable 18:41:25 aha 18:41:46 right now i use the nvidia-driver-470 pkg but I used to be manually compiling the driver 18:41:59 i switched over to the package once linux packages were no longer dependencies 18:42:16 but it's still fussy in terms of needing to do nvidia-xconfig at certain times 18:42:18 as for upgrades 18:42:40 why do you need the nvidia-xconfig at all? 18:42:47 graphics don't work without it 18:43:42 Maybe it's changed more than I thought since used a machine with a nvidia card in it, but it didn't used to be this complicated. 18:43:51 I'm running some Nvidia legacy driver that I think I just installed as a package. 18:44:09 Had to switch off some binary compatibility check, though. 18:44:52 I was warned graphics might behave strangely when doing that. But I had no choice. 18:45:10 It's working pretty well so far. 19:43:41 is there a flag for pkg install that'll install only the *dependencies* of a specified package, but not that package itself? 19:46:35 freebsd is nice 19:47:16 indeed. 19:47:26 concrete houses are nice too. 19:47:32 * phryk likes brutalism 19:55:16 * msiism likes architecture that is not inherently depressing. 21:15:26 I don't think brutalism is inherently depressing. 21:15:44 Futuristic and spartan, maybe. 21:16:20 'Course. . . if you grew-up in a Soviet or North Korean apartment block, you might think it's pretty depressing. 21:25:41 from what I've heard all these concrete block buildings have chronic leaky roofs 21:28:25 Anything with a flat roof would, yes. 22:14:26 trying to install proper FreeBSD for the first time 22:19:10 is there any way to watch progress in dd? 22:20:46 luna: use argument status=progress 22:21:06 la_mettrie: ah if its already started i have to redo it right? 22:21:17 yes 22:22:08 la_mettrie: you can also whack control-t and it'll give you status 22:22:21 luna: ^ without restarting 22:22:26 mason: ah that what i was looking for thanks :) 22:23:03 That said, I like setting up status=progress at the start most of the time. 22:23:24 forgot about it this time and already written 600mb of a gig 22:23:28 sure 22:23:34 Nice that there are options. :) 22:23:44 yeah thanks 22:28:16 gonna figure out if proper FreeBSD works better then GhostBSD on my Core2Duo laptop 22:28:59 Shouldn't probably be a ton of difference. 22:33:42 sha-1 is git's default file hashing algo? 22:39:14 yes 22:54:51 good evening 22:59:43 bsdbandit: o/ 23:04:15 hm. speaking of the earlier discussion about aesni and geli. doesn't newer openzfs support dataset encryption? 23:05:25 Macer: Yes, but it's problematic beyond not encrypting metadata. 23:05:50 oh. ouch? heh 23:06:34 ah seems like klara has an article about that 23:06:34 baby steps,… 23:06:36 https://klarasystems.com/articles/openzfs-native-encryption/ 23:06:38 Title: OpenZFS Native Encryption | Klara Inc 23:06:55 let me give that a read 23:10:57 It is possible to replicate snapshots of unencrypted datasets to encrypted datasets by including the -x encryption option in the zfs recv command. <- wow that seems pretty handy 23:13:37 the metadata doesn't seem to be a big issue. that is just the name of the dataset it is talking about correct? 23:21:10 Macer: The bugs in implementation and the limitation of having just one key are probably bigger issues. 23:21:41 Presumably the former will be fixed with time. 23:39:11 FreeBSD 13.1 uses OpenZFS 2.1, right? 23:51:34 V_PauAmma_V: https://www.freebsd.org/releases/13.1R/announce/ 23:51:35 Title: FreeBSD 13.1-RELEASE Announcement | The FreeBSD Project 23:51:40 V_PauAmma_V: ZFS has been upgraded to OpenZFS release 2.1.4. 23:52:51 Thanks for confirming my recollection.