01:09:01 <bsdguydr> What about zsh?
01:21:41 <bsdguydr>  I always use the default shell for root, plain sh or Bash for scripting, zsh for my user on the main laptop, tcsh on others computers/servers. Don´t know why, but always I have confidence when using tcsh.
01:23:09 <Freaky> it's pretty respectable for interactive use
01:23:27 <Freaky> no shells are respectable for scripting so that just about covers it all
01:54:43 <mns> how do I monitor the logs in my jails ?  Right now I've got a single jail, serving up several websites using lighttpd.  I want to monitor the websites, so will need to monitor the log files.  They are only accessible from within the jail.
01:57:45 <llua> your normal log aggregation tools
02:13:24 <mns> I want the host system to have access to the logs inside the jail.  Or I guess have the jails send out the logs to the host for aggregation, though what tools are available for log aggregation ?  Last time I did anything of the sort, I think it was something like webalizer or such that was available.
02:22:21 <llua> the most primitive is syslog forwarding
02:23:51 <llua> what people refer to as an `ELK' stack is common too
02:28:23 <Freaky> mns: there's no fundamental difference between jail and host, except the jail only has access to the jail, obviously
02:29:28 <Freaky> you can have the host syslog dump a socket in the guest, you can nullfs mount a directory into it if it's convenient
02:30:05 <mns> Yeah I guess first point is going to be to use syslog to get things out of the jail and into the host's syslog.
02:31:18 <Freaky> for web server logs it's just a case of them being buried deeper in the filesystem
02:31:31 <Freaky> what you analyse them with is another matter
02:33:17 <Freaky> last one I played with is goaccess, which at least seems slightly better maintained than webalizer
02:33:51 <mns> one thing at a time.  get the logs to the host first.  right now its just the web server, later on there will be other services, mail, squid, database, etc.  so want to make sure I've got the bits working properly.
02:37:18 <mns> goaccess seems nice. I'll have to check it out.
07:11:06 <meena> re dumping a socket from the host into jails: https://reviews.freebsd.org/D27411#882100
07:11:08 <VimDiesel> Title: ⚙ D27411 add altlog_jaillist to syslogd's rc script
08:12:29 * meena reloads https://docs.freebsd.org/en/articles/contributors/#contrib-additional until her name shows up
08:12:30 <VimDiesel> Title: Contributors to FreeBSD | FreeBSD Documentation Portal
08:25:57 <yuripv> it seems to be there yet
08:29:51 <meena> so a website build & deploy takes about 20 minutes?
08:59:10 <dch> mns, run a separate syslog-ng instance *outside* the jail that logs jail data
08:59:24 <dch> this is as always a security tradeoff
08:59:43 <dch> + is that logs from the jail are immediately off-sited and unable to be tampered with
09:00:03 <dch> - is that if there's a bug or vuln in syslog-ng, it can be exploited from outside the jail
09:00:40 <dch> syslog-ng is very flexible and I can ensure tagging and filtering as required of jail traffic
09:01:02 <dch> this all predates meena's patch above which allows doing the same thing with the base system
09:04:20 <dch> johnjaye: I don't think anybody mentioned it but this is awesome https://beej.us/guide/bgnet/
09:04:21 <VimDiesel> Title: Beej's Guide to Network Programming
09:22:44 <salvadore> jrm, do you know if a FreeBSD Foundation status report is coming?
09:31:31 <salvadore> dvl, is there anything noteworthy about FreshPorts this quarter for status reports?
09:31:47 <jrm> salvadore: Yes.  It's coming.
09:31:59 <salvadore> great, thanks jrm
10:06:43 <drobban> dch: beej's guide is a real goldie. It has been on the net for as long I can remember
10:35:04 <debdrup> meena: 20 minutes sounds right, yeah
15:17:56 <last1> I have to use Debian for 3rd-party supported app, it reminds me how much I hate Linux
15:18:08 <last1> I can't believe people develop and love that crap
15:18:41 <last1> there are like 4 network managers, apps all over the place, packages as well
15:19:16 <last1> nic bonding requires a special package that's not included in their install dvd, and which requires internet access - which you don't have because your nics require lacp
15:21:33 <angry_vincent> ugh
17:20:48 <meena> interesting, https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=270628
17:20:51 <VimDiesel> Title: 270628 – ifconfig destroy epair parent not destroying child vlan sub-interfaces
17:23:48 <meena> I wonder if this is current only
17:26:16 <rtprio> last1: thankfully lagg does not have that problem
17:29:51 <rtprio> huh i never heard of epair
17:37:45 <johnjaye> dch: thank you! that is really good
17:39:43 <mason> rtprio: epair is Useful
17:48:47 <rtprio> mason: what are times that you'd use it? a netflow or monitoring host?
17:50:17 <mason> rtprio: VNET jails
17:50:27 <mason> rtprio: https://wiki.freebsd.org/MasonLoringBliss/JailsEpair
17:50:28 <VimDiesel> Title: MasonLoringBliss/JailsEpair - FreeBSD Wiki
17:52:53 <rtprio> oh
17:55:50 <souji> Hello, short question: Does passthrough with a UEFI bhyve guest work?
17:56:16 <debdrup> What kind of passthrough?
17:56:49 <souji> PCI passthrough
17:56:57 <debdrup> Yes, it does.
17:57:49 <souji> Hmm, because whenever I try it, I only get: Unable to setup memory (17)
17:58:12 <souji> And I did set the -S flag
18:01:31 <souji> Oh, I might need to set 'hw.vmm.amdvi.enable'
18:06:35 <mason> souji: Did it work?
18:06:46 <debdrup> They left.
18:06:57 <souji> That was the problem; I didn't read to the end. Sorry for the bother...
18:07:02 <debdrup> Oh, they returned.
18:07:13 <debdrup> https://cgit.freebsd.org/src/commit/?id=2a58b312b62f block cloning is in ZFS in HEAD.
18:07:15 <VimDiesel> Title: src - FreeBSD source tree
18:07:24 <mason> Schrödinger's souji
18:07:45 <mason> souji: No worries. Glad it's working.
18:08:48 <souji> mason: Thank you anyways :)
18:32:45 <_xor> While I'm Googling this, anyone got a status on pledge/unveil on FreeBSD? Last I remember reading about it, there was talk of implementing it on top of capsicum.
18:33:36 <mason> meena: That is interesting. I'd not have expected that to work, from that epair bug.
18:34:55 <mason> I don't see the notion of sub-interfaces in epair(4) which makes me wonder if this is supposed to exist, as a concept.
18:44:01 <meena> mason: maybe it's un(der)documented
18:45:42 <mason> Yeah. Just a new idea to me, so the notion of "create an epair, now create another epair with a lexically related name" doesn't make me think tearing down the one would tear down the other, which is what the reporter is observing.
18:45:51 <mason> I might follow the ticket because I'm curious.
18:46:38 <mason> added
18:47:50 <rtprio> i guess when would you just use a bridge instead of an epair?
18:50:19 <mason> rtprio: They work together.
19:06:18 <_xor> Netgraph is pretty awesome, but I wish it were documented a bit more from an admin/ops point-of-view.
22:40:09 <meena> does FreeBSD have an equivalent to Linux' /proc/cmdline? that is, passing parameters from the bootloader to the kernel — context is this pull request: https://github.com/canonical/cloud-init/pull/2112/files
22:40:10 <VimDiesel> Title: Standardize kernel commandline disable by holmanb · Pull Request #2112 · canonical/cloud-init · GitHub
22:48:05 <meena> IIRC it's kenv kernel.boot? or something like that, but i can't find any documentation
22:53:58 <meena> looks like it's kernel_options
23:23:35 <ixmpp> do many of you use desktop freebsd?
23:32:45 <craigger> I do.
23:53:24 <V_PauAmma_V> Define "many"? (I do as well. My laptop almost never leaves my desktop.)