What about zsh?

I always use the default shell for root, plain sh or Bash for scripting, zsh for my user on the main laptop, tcsh on others computers/servers. Don´t know why, but always I have confidence when using tcsh.

it's pretty respectable for interactive use

no shells are respectable for scripting so that just about covers it all

how do I monitor the logs in my jails ? Right now I've got a single jail, serving up several websites using lighttpd. I want to monitor the websites, so will need to monitor the log files. They are only accessible from within the jail.

your normal log aggregation tools

I want the host system to have access to the logs inside the jail. Or I guess have the jails send out the logs to the host for aggregation, though what tools are available for log aggregation ? Last time I did anything of the sort, I think it was something like webalizer or such that was available.

the most primitive is syslog forwarding

what people refer to as an `ELK' stack is common too

mns: there's no fundamental difference between jail and host, except the jail only has access to the jail, obviously

you can have the host syslog dump a socket in the guest, you can nullfs mount a directory into it if it's convenient

Yeah I guess first point is going to be to use syslog to get things out of the jail and into the host's syslog.

for web server logs it's just a case of them being buried deeper in the filesystem

what you analyse them with is another matter

last one I played with is goaccess, which at least seems slightly better maintained than webalizer

one thing at a time. get the logs to the host first. right now its just the web server, later on there will be other services, mail, squid, database, etc. so want to make sure I've got the bits working properly.

goaccess seems nice. I'll have to check it out.

re dumping a socket from the host into jails: reviews.freebsd.org/D27411#882100

Title: ⚙ D27411 add altlog_jaillist to syslogd's rc script

Title: Contributors to FreeBSD | FreeBSD Documentation Portal

it seems to be there yet

so a website build & deploy takes about 20 minutes?

mns, run a separate syslog-ng instance *outside* the jail that logs jail data

this is as always a security tradeoff

+ is that logs from the jail are immediately off-sited and unable to be tampered with

- is that if there's a bug or vuln in syslog-ng, it can be exploited from outside the jail

syslog-ng is very flexible and I can ensure tagging and filtering as required of jail traffic

this all predates meena's patch above which allows doing the same thing with the base system

johnjaye: I don't think anybody mentioned it but this is awesome beej.us/guide/bgnet

Title: Beej's Guide to Network Programming

jrm, do you know if a FreeBSD Foundation status report is coming?

dvl, is there anything noteworthy about FreshPorts this quarter for status reports?

salvadore: Yes. It's coming.

great, thanks jrm

dch: beej's guide is a real goldie. It has been on the net for as long I can remember

meena: 20 minutes sounds right, yeah

I have to use Debian for 3rd-party supported app, it reminds me how much I hate Linux

I can't believe people develop and love that crap

there are like 4 network managers, apps all over the place, packages as well

nic bonding requires a special package that's not included in their install dvd, and which requires internet access - which you don't have because your nics require lacp

ugh

interesting, bugs.freebsd.org/bugzilla/show_bug.cgi?id=270628

Title: 270628 – ifconfig destroy epair parent not destroying child vlan sub-interfaces

I wonder if this is current only

last1: thankfully lagg does not have that problem

huh i never heard of epair

dch: thank you! that is really good

rtprio: epair is Useful

mason: what are times that you'd use it? a netflow or monitoring host?

rtprio: VNET jails

rtprio: wiki.freebsd.org/MasonLoringBliss/JailsEpair

Title: MasonLoringBliss/JailsEpair - FreeBSD Wiki

oh

Hello, short question: Does passthrough with a UEFI bhyve guest work?

What kind of passthrough?

PCI passthrough

Yes, it does.

Hmm, because whenever I try it, I only get: Unable to setup memory (17)

And I did set the -S flag

Oh, I might need to set 'hw.vmm.amdvi.enable'

souji: Did it work?

They left.

That was the problem; I didn't read to the end. Sorry for the bother...

Oh, they returned.

cgit.freebsd.org/src/commit/?id=2a58b312b62f block cloning is in ZFS in HEAD.

Title: src - FreeBSD source tree

Schrödinger's souji

souji: No worries. Glad it's working.

mason: Thank you anyways :)

While I'm Googling this, anyone got a status on pledge/unveil on FreeBSD? Last I remember reading about it, there was talk of implementing it on top of capsicum.

meena: That is interesting. I'd not have expected that to work, from that epair bug.

I don't see the notion of sub-interfaces in epair(4) which makes me wonder if this is supposed to exist, as a concept.

mason: maybe it's un(der)documented

Yeah. Just a new idea to me, so the notion of "create an epair, now create another epair with a lexically related name" doesn't make me think tearing down the one would tear down the other, which is what the reporter is observing.

I might follow the ticket because I'm curious.

added

i guess when would you just use a bridge instead of an epair?

rtprio: They work together.

Netgraph is pretty awesome, but I wish it were documented a bit more from an admin/ops point-of-view.

does FreeBSD have an equivalent to Linux' /proc/cmdline? that is, passing parameters from the bootloader to the kernel — context is this pull request: canonical/cloud-init #2112/files

Title: Standardize kernel commandline disable by holmanb · Pull Request #2112 · canonical/cloud-init · GitHub

IIRC it's kenv kernel.boot? or something like that, but i can't find any documentation

looks like it's kernel_options

do many of you use desktop freebsd?

I do.

Define "many"? (I do as well. My laptop almost never leaves my desktop.)