04:13:09 * skered goes to sleep dreaming of curl and xorg updates. 06:43:30 is there any way to suspend to disk a bhyve guest so the host can be restarted? 06:46:32 bhyvectl --suspend 06:46:49 rtprio: thank you! 06:47:12 i think you need a kernel rebuild for it to work. also i haven't used it 07:24:40 assuming a bhyve exploit jailbreaking PS5, is it possible then to run KDE atop Sony's gfx stack? 07:27:27 still, is there a pre-built kernel for PS4 running vanilla FreeBSD? 07:51:26 <_xor> Well that was fun. 09:51:11 i thought PS5 runs Linux 10:48:58 How is Mac Sillicon support ? 11:18:33 meena: it runs freebsd 11 16:06:53 is there a mirror somewhere with older freebsd 11 packages ? 16:07:00 I need the latest available pkg for 11.4 16:07:07 (for cmake) 16:12:36 I've tried here http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/amd64/11.4-RELEASE/ but there's nothing, although other versions like 9.1 do have the complete packages list 16:12:37 Title: Index of /pub/FreeBSD-Archive/old-releases/amd64/11.4-RELEASE/ 16:42:53 for those with similar needs, they're all here: https://pkg.opnsense.org/FreeBSD:11:amd64/20.1/latest/All/ 16:42:55 Title: Index of /FreeBSD:11:amd64/20.1/latest/All 17:24:03 dare i ask why you want old packages? 17:36:41 there's never a good reason 17:36:52 but when there is, you better have those packages :) 17:37:40 last1: Worst case, can you just make packages from ports? 18:22:10 if you look at https://pkg.freebsd.org/FreeBSD:13:amd64/ you can find different branches of the ports tree that got made into different package releases 18:22:11 Title: Index of /FreeBSD:13:amd64/ 18:23:01 the release_N ones are a copy of the set of complete packages available for each minor version of a major version, and don't ever change from the point they're taken 18:23:38 this freebsd-update.conf i've got with has servername set to aws.update.freebsd.org 18:23:42 that doesn't seem to exist 18:23:46 there's no realistic way of keeping all old versions of old packages, because the current package mirrors already take up more than 18TB (if memory serves) 18:23:54 there a good option (for doing this from aws)? 18:25:35 doug: that must be specific to the ec2 generation, unless you set it 18:26:24 it came with the 13.1 AMI builder box (ami-0c2fe35b987a7882c) 18:26:50 so it's modifying this line? https://cgit.freebsd.org/src/tree/usr.sbin/freebsd-update/freebsd-update.conf#n12 18:26:51 Title: freebsd-update.conf « freebsd-update « usr.sbin - src - FreeBSD source tree 18:27:30 i'd suggest reaching out to colin percival on twitter, he's responsible for the amazon stuff 18:28:58 might wait for the 13.2 builder 18:32:05 it does appear to have a cname 18:32:13 err 18:32:34 why did i think cname and type it in as the query type to drill? 18:32:49 of course it has a cname 18:37:57 debdrup: I agree, this was an oddball request, however, 18Tb is also quite small these days 18:38:05 They make single drives bigger than that 18:40:34 last1: it's not a question of buying a single drive for a single machine 18:40:55 I know 18:41:18 although, one could make an exercise in doing just that. Some dood made a calculation in running all of Twitter on a single server 18:41:37 https://thume.ca/2023/01/02/one-machine-twitter/ 18:41:38 Title: Production Twitter on One Machine? 100Gbps NICs and NVMe are fast - Tristan Hume 18:42:04 tldr; it's not possible 18:43:51 the article treats cputime as both free and infinite, which last i checked it isn't. 18:45:04 also, it's using a man who has absolutely no idea what he's doing, as a source. 18:46:03 you mean Tristan ? 18:46:12 no, i mean elon. 18:46:48 ah, that's a given, Elon's an idiot lol 18:55:41 A lucky idiot, I guess. Richest man in the world. 18:57:56 ability to make money isn't unfortunately related to proper intelligence 19:02:28 :') 19:12:15 Then we're screwed because money is what enables stuff getting done xD 20:29:36 the guy is promoted without end.. everyday another portrait of him in the media, the guy spends a lot of time on his own marketing.. 20:30:03 so someone is supporting him, e.g. with tax benefits for his car company and other stuff 20:31:53 Why I cannot find this package in `pkg search/install`? https://man.freebsd.org/cgi/man.cgi?query=wacom&apropos=0 20:31:54 Title: wacom 20:37:16 Letiute: https://bpa.st/EHSDY 20:37:17 Title: View paste EHSDY 20:37:20 one of those maybe? 20:39:19 mason libwacom-1.5 != wacom 20:40:52 https://www.freshports.org/x11-drivers/xf86-input-wacom/ 20:40:53 Title: FreshPorts -- x11-drivers/xf86-input-wacom: X.Org legacy Wacom tablet driver 20:41:47 the hints are in the see-also subsection, and it being in section 4x of the manual pages. 20:43:31 Hi. Is it a bad idea to use "latest" with -RELEASE ? 20:43:47 I don't care much about stability, I just want the latest packages 20:44:03 No. I do that. 20:44:08 It's not really a question of stability. 20:45:15 14-CURRENT uses latest as the default packages, it's more that for -RELEASE it was judged that people would benefit more from being on the quarterly branch because there's a smaller chance of something being broken since buildfixes and securityfixes are the two exceptions to not MFHing on quarterly. 20:48:48 debdrup, I would be using 14-CURRENT actually. but from what i heard, there is no easy binary way to update -CURRENT like freebsd-update 20:48:57 Otherwise I would even use the bleeding edge freebsd system 20:49:20 There are snapshots, FWIW 20:49:36 parv: that's not really the same as binary upgrades through freebsd-update, though. 20:49:41 ... but then are not the same 20:49:51 debdrup, Yes 20:50:50 I want an easy to update and working base system with freebsd-update. so I rather use the latest -RELEASE and bleeding edge ports / pkg, so -RELEASE + "latest" makes the most sense 20:50:56 It seems pretty nice 20:51:09 Most of the developers who run -CURRENT do so by taking full advantage of meta-mode, which makes it quicker to do successive builds, because it only builds what's changed since the last build (and it's more effective than ccache). 20:51:11 debdrup it was useful but some how the pen was detected/working already but my point was to make sure the a) smoothness b) features / detection of pen buttons in xournalpp app was not like the one I used to have in linux. I mean the settings were not effective for both pen buttons, writing was nor smooth. something wrong. ref wacom one. 20:51:18 Still, it does take a fair bit of time to build things. 20:51:39 Can I do GELI encryption wihtout a key? just by passphrase? 20:51:43 src/tools/build/beinstall.sh can also help, because it makes it so you can always go back to a working boot environment, if the one you're installing into doesn't boot properly. 20:51:53 Letiute: yes 20:52:03 It's a bad idea. 20:52:21 debdrup: If it's a sufficiently complex passphrase, why not? 20:52:25 If I loose the key, I loose the disk. I can't remember the key but I can remeber passphrase 20:52:37 * mason hearts keyslots. 20:52:49 mason: a passphrase by its very nature can't be sufficiently complex to compete with the entropy of a key derivation file. 20:53:03 GELI, on a modern CPU, goes through a few tens of thousands of iterations. 20:53:52 (It's impossible to give the precise value, because the key derivation function will iterate depending on how fast teh CPU can derive keys) 20:54:16 mason so I ` geli attach -k /root/da2.key /dev/da2` shoudl become ` geli attach /dev/da2`? 20:54:19 It's the same reason why ssh keyfiles with passphrases are better than ssh passphrases. 20:54:39 debdrup agreed but I can't afford to loose the key file 20:54:45 Back up the key then. 20:55:03 then I have to encrypt that backup too 20:55:12 making it a neverending chain of bakcups 20:55:46 There's such a thing as physical security, too. 20:56:00 yes.. 20:56:22 so if I do want without key, so I ` geli attach -k /root/da2.key /dev/da2` shoudl become `geli attach /dev/da2`? 20:56:51 Letiute: yes 20:57:14 ok 20:57:35 debdrup: Isn't the actual encryption key what matters, which is distinct from the user key, anyway? 20:57:43 s/encryption/Master/ 20:57:52 can I make a drive look like haivng 2 partitions making GELI assume those are two different disks? 20:58:03 Effectively giving us what you get with an SSH keyfile and passphrase to unlock it? 20:58:20 I've not had enough coffee to trust myself just yet, today. 20:58:33 Letiute: Yeah, you can encrypt partitions. 20:58:38 Want to even. 20:58:46 ok. 20:59:29 mason: the master keys are part of the metadata, and need the keyfile which needs the passphrase in a normal setup. 20:59:41 The keyfile is there to ensure sufficient entropy. 21:02:10 mason I want the freebsd OS to mount/ or decrypt the .eli (GELI encrypted) partitions at boot time. What is the best way to do that? I think I have to hardcode the password somewhere in the OS? 21:02:14 https://events.ccc.de/congress/2005/fahrplan/attachments/586-paper_Complete_Hard_Disk_Encryption.pdf ah, here's the presentation i was looking for the last time 21:03:11 https://media.ccc.de/v/22C3-1139-en-complete_harddisk_encryption_with_freebsd this is the presentation, and https://events.ccc.de/congress/2005/fahrplan/attachments/687-slides_Complete_Hard_Disk_Encryption.pdf are the slides 21:03:13 Title: media.ccc.de - COMPLETE Hard Disk Encryption with FreeBSD 21:03:23 Letiute: Automatically? It's a bit tricky in FreeBSD. If you're physically present, the bootloader can unlock everything once you feed it a passphrase. 21:04:10 mason I can do that. I can type passphrase but do I have to type for all the drives? or just once (if I keep it same for all drives ) ? 21:04:32 Letiute: If they share a user key, it'll try that key for all available providers. 21:04:38 So you just type it in once. 21:05:45 I haven't seen Clevis/Tang implemented for FreeBSD, FWIW, but there are some interesting options: https://github.com/clinta/geliUnlocker https://forums.freebsd.org/threads/outerbase-install-script-for-remote-unlockable-geli-encrypted-root-on-zfs.80078/ 21:05:46 Title: GitHub - clinta/geliUnlocker: A simple rc.d script to unlock GELI disks in freebsd based on keys and passphrases accessed from other systems via ssh. 21:06:04 I haven't tried either yet, just started reading about them. But it's not relevant if you're there to unlock in person, or via IPMI or similar. 21:06:28 clemens3: I guess there's a feel-good feeling from all the attention. I can't see another reason for it. Other billionaires fade into obscurity, and what seems much more preferable. If I was a billionaire that's what I'd do. 21:10:06 mason so there is no easy way to auto unlock all drives at boot? I wonder what people do? everytiem manuallyd o it? 21:10:42 mason found something, see the "doing it by hand..." heading https://jonatanhal.github.io/2014/10/22/Encrypted-ZFS-on-FreeBSD-using-GELI.html 21:10:43 Title: Setting up encrypted ZFS on FreeBSD using GELI 21:11:12 Letiute: I did a brief guide that shows the steps as well: https://wiki.freebsd.org/MasonLoringBliss/ZFSandGELIbyHAND 21:11:13 Title: MasonLoringBliss/ZFSandGELIbyHAND - FreeBSD Wiki 21:11:39 Letiute: That'll unlock everything at boot. man geli and look at the -b option 21:12:07 Same passphrase for both in that example, and you'll unlock them both only entering the passphrase once. 21:17:41 mason ok. this is also ok? https://jonatanhal.github.io/2014/10/22/Encrypted-ZFS-on-FreeBSD-using-GELI.html 21:17:43 Title: Setting up encrypted ZFS on FreeBSD using GELI 21:19:56 is there a way to do a make installworld to a directory without being root? perhaps where the file owners and permissions are instead written to an mtree file? 21:20:31 Letiute: They're doing a couple interesting things there. They're doing their stuff in terms of ZSH, also. I'd want to read it in depth before commenting on it. 21:21:37 ok 21:22:18 its crappy shell code, per usual 21:24:30 llua which one? 21:36:10 your link, it mangles the password when reading and dumping it to a file. 21:41:30 I see. 21:41:50 llua any better idea? 21:42:17 How to send all snapshot data to an external server over ssh? ref https://docs.freebsd.org/en/books/handbook/zfs/ 21:42:19 Title: Chapter 21. The Z File System (ZFS) | FreeBSD Documentation Portal 21:49:28 I mean the other machien is not 'zfs recevign'. Just want to send file. So zfs send pool/fs@snap | gzip > backupfile.gz    but how to send it without storing it on local machine? 21:49:29 i should write my own powerd with a crude bang-bang control logic 21:49:48 Letiute, that is a contradiction in terms 21:50:07 do you mean to send the send without it being logged in the zfs, but just stored as if it was like a tape 21:53:20 AmyMalik well, I have another linxu box. I was asumign something like this `zfs send pool@ |  gzip the files and send to ssh via ` 21:55:09 not quite like that 21:56:22 AmyMalik so how do I send snaps to a remove machien without saving that data on local machine? 21:56:39 and where will the snap data will be saved on remote machine? 21:56:55 the way I'd be likely to do that is by executing `zfs send -Rw pool@lastsnapshot| zstd -T0 -3 -cf | ssh user@remote:location::1 cat \> /media/zfstapes/hostname.pool.lastsnapshot.zfsend.zst` - but bear in mind that you would not have resume functionality and you'd do better to be using zfs recv on the other end instead 21:58:04 to zfs send, -R means send a replication tape, -w means do so without decompressing the data off the disk (this is probably a bad idea, so don't actually pass that); to zstd, -T0 means choose the maximal thread count, -3 means compression level 3, -c means compress, -f meansforce it to stdout even though that is not okay 21:58:18 the backslash is to do the redirection on the remote machine 21:59:02 if the data on disk is already compressed mostly you can use the -w flag, and skip the zstd, step and finaggle the filename on the remote end to not include .zst 21:59:27 I see. 21:59:46 some of these applications parse single-letter options differently - -T0 might mean use max threads to zstd, but another program with a -T option might think -0 is another (illegal) option 22:00:00 " would not have resume functionality and you'd do better to be using zfs recv on the other end instead" was intersting. Can you tell more on that 22:00:02 and may not expect the argument to be directly concatenated on there 22:00:44 `zfs recv` is capable of generating a resume token when a transfer stops unintentionally 22:02:00 why not do a | gzip and rysync to remot host? 22:02:33 because rsync is for files, and you are trying to store a stream 22:02:43 also piping through gzip or zstd is redundant if your data is already compressed 22:02:45  ok but gzip would be a file in this case 22:02:49 ???? 22:02:59 yeah, you will ot achieve what you want with that 22:03:02 s/ot/not/ 22:03:14 you will only achieve misery ,frustration and heartache 22:03:23 with gzip? 22:03:31 gzip is also slower than zstd 22:03:39 for a given level of compression 22:04:00 ok, but why misery/frustration in it? 22:05:04 rsync is *not* the tool for the job 22:05:31 you are trying to store a stream into a file, and only do said storage remotely 22:05:48 ok 22:06:06 you don't want to create a local file 22:06:10 SO DON'T CREATE A LOCAL FILE 22:06:12 rsync is not the toolf or the job but piping data to a file is not good? 22:06:16 rsync WORKS ON LOCAL FILES 22:06:25 you're fired. 22:06:36 I understand your point :) 22:06:44 just wanted to dig more 22:07:02 ok so to 'recive', the other system should be running freebsd or linux? 22:07:12 any operating system runing a sufficiently new version of the ZFS bits 22:07:27 freebsd, linux, any of it will do 22:07:34 ok, and where would that 'recived' snap be stored in that system? 22:07:45 in a dataset on that system's zfs pool 22:07:58 possibly with the canmount options all overridden to "noauto" 22:08:24 actually, probably thus, because otherwise you'd overrun the remote system's storage 22:08:38 that remote system is a) linux b) a pooled drive on local system.. for a) it does not have zfs. so I make one? 22:08:41 if you want to be edgy you could mount the remote server's filesystem over NFS and create a local file that's actually on the remote NFS share with your pipeline 22:09:09 if you want to store the result of `zfs send` as a file, not datasets, you would need to give up the capability to have any kind of resumption functionality. 22:09:30 this should be fine if the two machines are both on reliable power and on a fast local network 22:09:42 they are 22:09:48 its LAN;yes 22:10:01 then the lack of resumption will only be a problem if your cat chews the ethernet cord or fibre line 22:10:17 or your 10 year old steals the line for their computer 22:10:18 cats are tamed here 22:10:23 * Letiute has no ats 22:10:26 cats* 22:10:41 AmyMalik ok :) 22:10:42 I'm way too escalated for this convo 22:10:56 ok so how to send data in a)? 22:11:58 also, I wondered, if I have 5 snaps, (I know snap 5 is build on difference and on top of 4,   4 on top of 3, 3on 2, 2 on 1), so if I send 5th snap, I can't restore it without having 1,2,3,4 snaps as well? 22:12:20 or theres a command to send all snaps? 22:12:35 * Letiute doing it for the first time 22:12:47 See "-I" or "-i" option of "zfs-send(8)" 22:12:56 ok 22:16:26 ok read. 22:16:38 I can send all snaps with -i 22:16:57 but if I have 5 snaps, (I know snap 5 is build on difference and on top of 4, 4 on top of 3, 3on 2, 2 on 1), so if I send 5th snap, I can't restore it without having 1,2,3,4 snaps as well? 22:18:19 parv AmyMalik ^ 22:18:52 I'm not going to be your eyes and ears into this thing 22:19:22 You have ta learn to read long, sometimes dry tomes, like those your computer will produce when commanded: `man 8 zfs-send` 22:19:38 Letiute, Right. In that case use "-R" option to send the whole thing, not just a snapshot 22:20:13 ... sorry, I meant not send a *incremental* snapshot 22:24:41 parv so if I do not use -R, and send snapshot #5 only, then I can never restore anything because #5 on recievier's side won't have the prebuilding blocks (1,2,3,4) to make any use of #5? correct?  https://docs.freebsd.org/en/books/handbook/zfs/#zfs-send-incrementalfor this. 22:24:42 Title: Chapter 21. The Z File System (ZFS) | FreeBSD Documentation Portal 22:25:01 Letiute, Yes 22:26:16 parv what if I delete #2 from my system. Then I send with -R.  this time ALL will be send, but #3 will break/ be of no use if #2 is missing? If so, this means I cannot ever delete snaps? OR #3 will auto adjust? 22:26:27 Letiute, If you send only the snapshot without -[RiI] option, then that would be a self contained dataset. 22:26:57 "self contained dataset."  --> means the #5 part only.  --> means of no use independandly 22:27:53 Letiute, Self contained as in you can restore the snapshot as the the dataset (without any other snapshots) 22:28:46 well what data will a #5 snap only restore if it don't know what was in #1,2,3,4? 22:29:04 #5 was made "on top of !,2,3,4" 22:30:09 parv so if I do not use -R, and send snapshot #5 only, then I can never restore anything because #5 on recievier's side won't have the prebuilding blocks (1,2,3,4) to make any use of #5? correct? https://docs.freebsd.org/en/books/handbook/zfs/#zfs-send-incrementalfor this. 22:30:11 Title: Chapter 21. The Z File System (ZFS) | FreeBSD Documentation Portal 22:30:25 parv what if I delete #2 from my system. Then I send with -R. this time ALL will be send, but #3 will break/ be of no use if #2 is missing? If so, this means I cannot ever delete snaps? OR #3 will auto adjust? 22:30:25 Letiute, If you have a snapshots of "data/set@[1-5]", then send "data/set@5" to a file. Then that dataset can restore "data/set" when "@5" snapshot was created 22:30:43 ok 22:30:54 so it will have the complete usable data at tiem of #5? 22:31:14 Yes, without @[1-4] snapshots 22:32:19 so this means,  if I create snap of #4, it will have 10GB (lets say),  if I create snap at #5 (now 2 GB added. and snapshot will be of 12GB) totalling 22 GB ? 22:32:31 Letiute, If a @2 snapshot is deleted, then yes @3 snapshot will adjust. Doing that on the receiving side (a ZFS dataste) that may cause issues; test 22:33:04 ok you last comment was understood 22:33:10 about adjusting 22:34:13 parv what about this: if I create snap of #4, it will have 10GB (lets say), if I create snap at #5 (now 2 GB added. and snapshot will be of 12GB) totalling 22 GB ? 22:34:41 Letiute, Please stop repeating in so short time periods 22:34:55 ok :) 22:36:33 Re: dataset size, 22 GB, etc, I do not undertand what you are asking. Could you rephrase? 22:38:13 parv e.g I create 5 snapshots. I send #freebsd first. then send #5 another day.  at point of 4, disk was 10g, at point of 5, disk was 12 g. did the reciever got 22g or 12g? 22:38:18 parv e.g I create 5 snapshots. I send #4 first. then send #5 another day.  at point of 4, disk was 10g, at point of 5, disk was 12 g. did the reciever got 22g or 12g? 22:40:13 Letiute, Receiver would have 12 "g" additionally, the difference since @4 snapshot. 22:40:54 so total reciver got is 22g?  (10g at #4 adn 12g at @5)? 22:41:20 Letiute, Sorry, receiver would have 2 "g" additionally 22:41:36 total 12g? 22:41:39 Yes 22:42:52 if I delete $4 at recieve's end, #5 is unusable? 22:47:25 I think in one liner (unless -i / -R) is used, a snaps data is send of its data + all old snaps/whatever is needed to to make it usable). So if I send #4, it WILL send 10g.  and on some other day if I just send #5, it will send 12G again. totalling 22g.  while the size on origin disk is 12G 22:47:33 I have not much experience in that case; sometimes does cause me to recreate the dataset on the receiving side 22:47:44 ok thank! appreciated