upgrade to current == build from source, no/

is there another way?

ngortheone: you could install one of the snapshots

but ... from an existing system. uh, that would be rough

rtprio: you are right, downloading snaphot iso and installing from scratch or tarball and using it as boot env...

i should really read a little more scrollback before replying

my name is technical, last name debt

Reinhilde: you must be a welcome friend in tech startups and huge IT enterprises

surprisingly, no

but I find my way in >:3

lol

ah yes, discord linux bros calling BSDers hipsters who only complain

happens every day, it's not news

solve the problem by not using discord

disregard GNU/Linux users the same way you disregard Windows and Mac users

Reinhilde: i had "technical debt broker" on my internal title at one of my previous jobs

Hello folks, Happy upgrade day :-)

Reinhilde: discard users are hipsters who don't knoe how Internet or conputer xorks. For them it's magical. I did know anything about discord, even I have a old account).

somewhat

sorry, I mean discord

Lovis_IX: they're not hipsters, they're mainstream, however.

as unfortunate as that is

excited to upgrade my freebsd desktop and openbsd server this week

xtile: I am so excited to upgrade my work laptop, but it's yet available in european mirror :-( (and I have noting else importent to do0

i'm patient, i can wait a couple days. you can be patient too, I hope. :3

it only became april 11 a few minutes ago where i am

which is the listed release date

xtile: I MUST be patient and it's april 11 for 9 hours now in France.

Must be tiring being ahead of the time (with respect to some other places) ...

I got my hands on an Azure HPC instance, but the infiniband devices aren't showing up.

there should be one or two mellanox (mlx5en(4)) nics, but there's just one hn(4) device

pciconv -lv doesn't show them either

what's funny is that dmesg doesn't show anything any more about mlx since i upgraded to 13.2

that is the opposite of what i expected

No mellons for you, meena!

meena, To ask the obvious is "mkx5en" module already loaded?

s/k/l/

not according to kldstat

Load that sucker!

The manual page list the syntax to stuff in "loader.conf"

sudo kldload -v mlx5en

kldload: can't load mlx5en: module already loaded or in kernel

phhbttt :-|

"kldstat -v" might have noted that

kldstat -hv | grep -i mlx 174 pci/mlx

173 mlx/mlxd

411 pci/lkpi_mlx5_core_pci_table

Title: dpaste/yy3c (Plain Text)

I connect the same ssid use Linux iwctl very fast,but in my pc freebsd wpa_supplicant alway error

do they have the same configuration?

same ssid and password

sorry, i should've clarified

does wpa_supplicant.conf have the same configuration on both systems

In linux,I use iwd,not wpa_supplicant.I think the two is diff.

Well, there you go.

they're different software, so you can't assume they should behave the same

yeah,but wpa_supplicant so slow?

is there any way to use iwd on freebsd?

wpa_supplicant is part of the freebsd base system, but it's contributed from launchpad.net/wpasupplicant so the person to ask is reinhard tartler

Title: wpa_supplicant in Launchpad

i don't know what iwd is, so i assume it's something linux-specific

I use maybe 1 min to connect to net in bsd,I can't stand it.

it's a virus

I guess in your pc,maybe not too long,right?

it isn't slow at all for me

I can't unstand why sometimes it works not so long,just 10s maybe,but sometimes,too too long.It make me crazy.

and i see that iwd is licensed as gplv2, so it can't be imported into the base system - and even if it could be in ports, it seems to have a heck of a lot of dependencies like dbus and netlink (both of which could in theory be used, since both are available in some form, depending on what version of freebsd you're using), but also something called "main event loop", "Timers" (capitalized, so i assume

it's something special) plus a bunch of primitives which i'd be surprised if freebsd implements

what you _can_ try is enabling fast_reauth in wpa_supplicant.conf(5), though i don't know if it's going to fix your exact issue

i didn't know iwd depends on dbus

well, it depends on a library which needs dbus

at least according to the documentation i can find

i give it a try.

i can't tell you what could be the source of the delay, i can only speculate

it could be anything from differening txpower values, improperly configured base station, or even a bug in wpa_supplicant (though i wouldn't necessarily assume that as the first option, since wpa_supplicant has had pretty wide usage over the years, including on linux)

wouldn't the logs have something to speculate about?

that's entirely possible, but i've seen no longs

s/longs$/logs/

my log is here bsd.to/yy3c

Title: dpaste/yy3c (Plain Text)

CTRL-EVENT-SCAN-FAILED many times

what cause it?

the scan is failing because the access point temporarily disables authentication when the 4-way handshake is failing

you're not providing it the right key, according to the CTRL-EVENT-SSID-TEMP-DISABLED

so you probably mistyped your password or the syntax for the configuration file

and I give another success try bsd.to/rjpk

Title: dpaste/rjpk (Plain Text)

do you live close to other people?

yeah,if you mean some people around me.

even if there isn't anyone actively trying to do a wifi deauthentication attack, if you've got regular people around you who've got a bunch of hardware, it's not out of the question that one of them have misconfigured it (or it's been misconfigured from the manufacturer) so that what essentially ends up happening is the same as a wifi deauthentication attack

that'd produce the behaviour you're seeing, where sometimes you can auth quickly and other times you can't

none of this precludes what is aid before either, by the way

s/aid/said/

you mean someone use something like airmon-ng to attack me, it cause I can't connect quickly,Maybe I guess.

no, it doesn't have to be someone trying to attack you

if you live near a hotel, wifi deauthentication attacks are a well-known thing they do to prevent their guests from using the guests own access points (because they want the guest to pay)

and similarly, it can also be someone near you who has a badly configured piece of hardware (i believe this is how wifi deauthentication attacks were discovered, initially?)

ok,then,if i use my phone hotspot,I should connect quickly

a misconfigured device or hotel chain trying to gouge money out of people would also affect your phone hotspot

I understand,maybe the school surely do this.

you'd have to travel somewhere without ANY people within range of any of your devices (ie. +300 meters from anyone)

school ask us to pay money for month network.gouge money,as you say,so it's the conclusion,thx debdrup

there's a proposal for 802.11w, which is supposed to fix part of the issue with wifi deauthentication, but it doesn't fix the wifi deauthentication attack on the 4-way handshake (which is what it looks like you're struggling with)

it's unfortunately just a result of 802.11 being a shared medium

(and greed)

DOCSIS has a similar deauthentication attack, but at least there the ISP can spot who's doing it on the CMTS - and there's much less benefit to doing it on DOCSIS

the curse of having worked as a network administrator is that you also have to work with wireless

it occur to me,why Linux stable,anyway?

haven't got a clue

how can i update if im running FreeBSD donut 13.2-RELEASE FreeBSD 13.2-RELEASE releng/13.2-n254617-525ecfdad597 GENERIC amd64

or is that the latest?

i never said all of the above was t he reason why, just that it can happen

yep

 

kezdryx: freebsd-update fetch will tell you

ok

err, sorry

freebsd-update updatesready

or maybe i'm misremembering what they're for, it's been too long since i used -RELASE

s/LASE$/LEASE/

no updates to install

on either

should i rollback?

why would you do that?

then reinstall?

what are you trying to accomplish?

13.2 has been out for less than 24 hours, expecting updates that soon is a bit much

because IDS says some of the sha255 numbers are off

i updated on april 7th

then say that to begin with

if you updated on april 7th, you updated before -RELEASE was out

oops

=(

whoever told you to go update seems to be the one to ask how to fix this, because they got you into this mess

that was me

how did you know to update?

the announcement hadn't gone out

figured id just do it

welp.

what files are the checksums failing on?

hold on gotta rerun ids

you might wanna set the PAGER environment variable to cat or something else, so you can pipe it to a file

check the freebsd-update(8) manual page

but for reference, whenever you're updating FreeBSD to major or minor releases, -RELEASE isn't out until a mail from the release engineering team has been sent to the announce@ mailing list

even if someone else tells you it's fine to update, they probably don't know what they're talking about

group master.passwd passwd pwd.db shells spwd.db and sysctl.conf

will do next time

kezdryx: are these the files that are different between your box & what IDS shows?

yers

yes

ok those are all fine

yeah, those should be files

s/files/fine/

group contains user<->group membership mappings

those are all files that're changed by a bunch of things like installing/updating packages or modifying the system intentionally

the passwd/pwd/spwd ones are all related to adding users

shell is a list of what shells can be used by users (e.g. if you add bash/zsh from ports)

and sysctl is always a local thing

I need a tip on how to have Makefile that does A on amd64 and B on aarch64

so, do different things based on architecture

mmm could I put $(sysctl -n hw.machine_arch) in as a Makefile target perhaps

dch: is it make or BSD make?

BSD make has a LOT more conditionals

its our make debdrup

that's BSD make then

check the Conditionals part of the manual page

so im stuck?

debdrup: ok, there's a built in var `MACHINE_ARCH`

so `build: ${MACHINE_ARCH}` DWIM

dch: I don't think that works for what you want, it only checks the present machine's arch

via uname -p

..unless that's what you want

debdrup: in this case its exactly what I want, this build script will be run on the native h/w each time

ah, fair

yeah then MACHINE_ARCH will do it

I would like to figure out how to make it truly cross-platform but for the moment a simple dirty hack is sufficient

kezdryx: it's not clear what you're stuck on, AFAICT you're on a perfectly normal FreeBSD release there

for example, here's an arm64 13.2-RELEASE I upgraded this morning:

FreeBSD fmrl71 13.2-RELEASE FreeBSD 13.2-RELEASE releng/13.2-n254617-525ecfdad597 GENERIC arm64

did you updage today or earlier?

this is from today

update

oh

but over the last week I have done repeated migrations on other boxes

debdrup: now theres two

and if you updated before the official announcement, `freebsd-update IDS` will tell you whats wrong

and several of his boxen

i don't care.

which as we discussed above, looks like nothing is out of date

heh

it's a dumb idea to update before -RELEASE is out.

dch see, you updated to soon too

even when I ran -RELEASE, I waited at least until the security officer took over the releng branch, but usually longer

kezdryx: the one from this morning, is definitely post official announcement

unless i'm updating because of a security announcement, i'm _NEVER_ ever going to update as soon as i can

so i made a mistake, geeze crucify me

ok

kezdryx: debdrup is just sharing his experience, no worries. I tend to upgrade late in general, but I have some infra where I try to apply the BETA & RC for test purposes

I recompile all the time from source on systems with the capacity.

that's usually 1-2 systems per fleet

for personal deployments, you don't have to do that

also no need to be that conservative unless jumping releases

how conservative, depends how well you track the changelog

That's puzzling actually. Why is there the 1-2 week gap in handing new releases over to the sec team?

morning

Does anyone know how often packages with known vulnerabilities get updated?

Finally getting everything up to 13.1-p7 and pkg audit is showing curl as having multiple vulnerabilities.

hmm 13.2 has the wg driver? I don't see it in the conf

is there a proper way to remove the lib32 system components?

release notes mention nproc(1) but theres no manpage when you click

13.2 here I come

tobias: !

hi! :)

i'm trying the new 13.2 release in a QEMU VM

first of all, is there a way to boot the amd64 version with just serial console enabled? ("-nographic -vga none" in QEMU)

it appears to get stuck on "Starting the BTX loader"

i can boot with "-display curses -vga std" though. also, i can select "Cons: Serial" in the bootloader then. would be nicer completely without the need for a virtual GPU of course.

download.freebsd.org/releases/amd64…FreeBSD-13.2-RELEASE-amd64-dvd1.iso <- that is the iso i'm trying right now

Under: cgit.freebsd.org You have 3 branches, where is the packages branch? (pkg)

Title: FreeBSD Git repositories

I want to figure out whats the current Quarterly release yet I cant find "pkg.FreeBSD.org/${ABI}/quarterly" in GIT form

I assume it to be 2023Q2 (but that would mean that a 2023Q3 branch would already be created, which it isnt, not in the ports tree atleast)

ElectricJozin, I don't know (I am not a contributor) but AFAIK it's here cgit.freebsd.org/ports

Title: ports - FreeBSD ports tree

rwp, and so some of those packages are compiled into binaries and shipped right?

If thats the case what determines what packages are shipped

I have this article queued up in my reading list for when I get some time: freebsdfoundation.org/wp-content/uploads/2022/03/mingrone.pdf

Also let's not leave out: docs.freebsd.org/en/books/porters-handbook

Title: FreeBSD Porter's Handbook | FreeBSD Documentation Portal

AFAIK *all* of those packages are compiled into binary packages available from the binary package repository.

Except obsolete packages do get removed when appropriate.

and license reasons (hm, well, I think they even get build, but then not put in the pkg repo when the license doesn't allow official packages) (hm, and obsolete stuff still gets build as long as the port exists and isn't marked broken or ignored)

three cheers for 13.2 ! \o/

:P

I finally figured out sway!

Title: Imgur: The magic of the Internet

wayland? that's not very oldfashioned :P

prg: :D

Is there a reason why pkg-config is not available inside jails?

my base system has it but not my jails

adonis: pkg-config is a package that you can install with pkg

oh

pkg which (which pkg-config)

/usr/local/bin/pkg-config was installed by package pkgconf-1.8.1,1

it is not part of pkg the package manager, it is a different tool with overlapping name

ngortheone: Yea I see that, for some reason I thought it was part of base FreeBSD..

Thankfully the solution was simple :)

can I set KERNCONF in src.conf or src-env.conf?

Well, it's in make.conf(5)..

src-env.conf is for the source environment, not for the source itself - if that makes sense

So for example, it controls object directory creation, meta-mode, and dir-deps - all things that have to do with control of how the environment the source is built in.

aye

why is KERNCONF in make.conf and not in src.conf?

Because things outside of the source tree can make use of it.

I can't remember if there's anything that does anymore, but I think at one point the ports framework did.

Maybe something third-party does/did too?

Before the masses see it: bsdcan.org/events/bsdcan_2023/schedule

Title: Conference Schedule - BSDCan 2023

yiss