00:04:06 i wonder who is at fault here, i have another android phone so i put connectbot there so i can at least ssh from it as there is no native freebsd phone, but this time, public key from it, errors out in my authorized_keys 00:04:19 not at freebsd question even 01:16:22 ketas: did you check the logs? 01:16:31 permissions correct in .ssh ? 01:17:11 no permissions were changed during edit 01:17:33 well log tells me it's malformed key somehow 01:17:45 there you go 01:17:56 do you have stray linebreak or something there 01:18:02 no 01:18:17 did you generate it in connectbot? 01:18:39 yes, i assume it's broken there 01:18:43 somehow 01:18:48 but wtf 01:19:18 perhaps you mis'pasted it 01:21:33 well no, didn't do it either, did 3 times with more keys 01:21:37 error: buffer_get_ret: trying to get more bytes 5 01:21:40 13 than in buffer 507; error: buffer_get_string_ret: buffer_get failed; error: buffer_get_bignum2_ret: invalid bignum; error: key_from_blob: can't read rsa key; error: key_read: key_from_blob 01:21:44 like 01:21:48 what! 01:22:03 what the hell man. let's see this key 01:28:35 see eh? 01:33:17 rtprio: http://ketas.si.pri.ee/connectbot-broken-pubkey.txt 01:43:55 rtprio: and i might as well share priv too: http://ketas.si.pri.ee/connectbot-broken-privkey.txt 01:44:12 now that i deleted it 01:44:19 didn't work anyway 01:44:32 have fun 01:44:46 i think i'll sleep 01:49:09 i don't need private key 01:57:01 * ketas covers up his private parts 02:02:03 ketas: i'd try a 2k key, or better still, not a rsa key 02:03:03 i tried curved one too 02:03:09 funnily errors again 02:03:13 meh 04:44:05 what's the CI/CD everyone uses that runs great on fbsd? 04:48:36 i believe that FreeBSD for it's CI/CD uses Jenkins 04:50:37 ah k. that what everyone else runs too? 04:50:48 in the fbsd world i mean 04:52:28 no idea 04:54:44 can jenkins build jail containers to deploy? 04:55:06 you can do nearly anything with jenkins 04:55:21 nice 04:55:27 ty 04:55:40 the freebsd project itself generates all kinds of artifacts with its CI 04:55:46 e.g., https://artifact.ci.freebsd.org/snapshot/main/005cca8361a4932d03bd93fefa998fff69a1e136/amd64/amd64/ 04:55:47 Title: Index of /snapshot/main/005cca8361a4932d03bd93fefa998fff69a1e136/amd64/amd64/ 04:56:04 the various distribution sets that you'd normally get from using teh release(7) scripts 04:58:28 damn, jenkins is coded in java :/ 05:05:26 yeah, that is the downside 05:06:21 i wouldn't mind a good jenkins alternative written in golang 05:06:38 fuck yah 05:09:38 why is it being in Java relevant/bad? it's the best CI that works on most OSes and its plugin system has options for almost everything... 05:13:07 just used to java stuff being pretty bloated but maybe that's improved 05:15:07 Java has improved quite a bit (and some things, like its various garbage collectors, are top notch). don't get me wrong, it has its warts (what doesn't?) 05:16:40 but especially for CI you're not gonna find an alternative to Jenkins that is free, self-hosted, supports FreeBSD (although it isn't official build), works with almost anything 05:17:46 RhodiumToad: yuripv: The Handbook appears to be a bit out of date. acpi.ko is not more, replaced by what appear to be machine-specfic ones. I have run 'make DEBUG=1' and installed the modules, set the log levels from the Handboot, but I don't see additional information on boot. 05:18:08 is jenkins the only CI in ports? none of the others i know the name of show up 05:27:57 michaeldexter: I think you specifically need options ACPI_DEBUG 05:28:18 (in the kernel conf file, not for make) 05:55:26 RhodiumToad: Done and trying it now. The Handbook gives loader entries that are no longer valid. I set the level to ACPI_LV_ALL and... it's quite the firehose of output. Over a minute into boot and it has not stopped. 05:55:52 bliminse any idea how gitlab stacks up against jenkins? 06:05:45 RhodiumToad: nsxfeval-0386 EvaluateObject : Null handle with relative pathname [_PRW] nsxfeval-0386... 06:08:14 why isn't options ACPI_DEBUG in the CURRENT Conf? 06:10:05 meena: That could be reasonable if not too noisy by default. 06:16:54 michaeldexter: i thought it doesn't do anything by default 06:19:13 michaeldexter: is it stuck there, or looping, or...? 06:37:32 under FreeBSD 13.2 fresh installationUncommenting "#PrintLastLog yes" results error; /etc/ssh/sshd_config line 99: Unsupported option PrintLastLog 06:37:47 under FreeBSD 13.2 fresh installation, uncommenting "#PrintLastLog yes" results error; /etc/ssh/sshd_config line 99: Unsupported option PrintLastLog. Any clue? 06:39:03 Apparently option name has changed/been removed? 06:43:01 Hmm.. Still exists in the default conf file, though? 06:45:24 https://github.com/freebsd/freebsd-src/commit/43c6b7a60aff069da7e0ba6c87d3d7a532e812f6 06:45:25 Title: openssh: restore PrintLastLog option · freebsd/freebsd-src@43c6b7a · GitHub 06:45:49 I don't think that made it into 13 06:47:05 Well, it does. FreeBSD 13.2-RELEASE amd64 default installation; it's there. 06:47:26 But anywaays, not a big deal. 06:48:55 The sshd_config reports version: # $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $ 06:49:01 tercaL, Does 13.2 "crypto/openssh/config.h" source file have "/* #undef DISABLE_LASTLOG */" on line 116? 06:49:50 parv: Sorry, don't have that file - no base-src installed. 06:50:49 what meena meant to say was: i don't think that *fix* made it into 13 06:50:59 Ohh, I'm very sorry.. 06:51:06 Got it! 06:51:32 i reckon it'll be dealt with, as soon as we get an answer here https://lists.mindrot.org/pipermail/openssh-unix-dev/2022-May/040242.html 06:51:35 Title: PrintLastLog fails on systems without lastlog but with utmpx 06:51:54 *non-native english speaker - blushes 06:59:14 at your jobs, what's the name of the department programmers are in? there's hr, accounting, marketing, but what's the name of the 1 for coders? 07:03:04 Software Engineer (I, II); Electronics Engingeer; Computer Support Specialist 07:04:31 ... there is no department, only a "tech group" of people involving in various aspects of Operations 07:04:45 ... it's a mall shop 07:04:56 ha ha ha 07:05:02 s/mall/s&/ 07:11:06 Anyone know of an ansible role for FreeBSD that can set and manipulate a network interface's name? 07:12:28 For example, I've been doing things like: ifconfig_ixl0_name="ext0" and ifconfig_ixl1_name="int0" just to make things clearer and to have consistent naming in pf.conf. 07:12:33 polyex: Englinnering, Platform, Infrastructure, 07:12:36 Various takes on that. 07:12:44 Engineering* 07:13:29 you ever see a company name it "software"? i've been seeing that a bit 07:16:31 My first job was with a company where the whole unit was software development in one form or another 07:17:35 (besides HR) 07:43:43 spork_css: https://docs.ansible.com/ansible/latest/collections/community/general/sysrc_module.html 07:43:45 Title: community.general.sysrc module – Manage FreeBSD using sysrc — Ansible Documentation 12:58:33 how come make(1) uses c99 instead of cc (clang)? 12:58:53 and is that just for me or everyone? 13:01:13 make uses cc for me on FreeBSD 13.1 13:01:47 i'm on CURRENT...what could i have done to make this happen? lol 13:02:16 even when i include ".POSIX:" in the makefile it uses cc rather than c99 (this is a bug, I should consider reporting this) 13:02:33 maybe you set CC=c99 trev? 13:03:09 make doesn't know/care about cc 13:03:13 i am setting .POSIX too, but without it it still uses c99 13:03:24 yuripv: it does, there are built-in rules for make 13:03:53 you can have a makefile containing only "hello:" and nothing else and it'll turn hello.c to a binary hello, it uses built-in rules to do this 13:04:04 xtile: nevermind, removing .POSIX does work 13:04:09 ah OK 13:04:19 whew 13:04:22 weird that .POSIX: doesn't get it to use c99 for me 13:04:57 i wonder if .POSIX makes -std=c99 pointless when using gmake/bmake 13:05:08 cause c99 hates all -W and -std flags 13:05:10 I just use FreeBSD's make. 13:06:33 i'm trying to make a portable makefile though :\ 13:06:43 xtile: "builtin"? 13:10:53 yes, make, at least since 7th edition Unix, and to today in FreeBSD, has built-in rules. try 'make -dg1' to see them. 13:11:35 for example, i cut out its default rule for .c files https://dpaste.com/6JMQ9Y3ND.txt 13:12:07 how is that "builtin" when it's clearly coming from system mk files? 13:12:59 it's hard to use portable make for any large project 13:13:02 to the user (me) it is builtin 13:13:26 eh, i don't think it's that hard to make a portable makefile, i've done it before for larger C projects 13:13:45 define large 13:14:16 dunno how to :B 13:15:49 but yeah trev if you use the built-in/default rules it's not so hard to make a portable makefile https://pubs.opengroup.org/onlinepubs/9699919799/utilities/make.html they're mandated by standards, if it helps at all 13:15:51 Title: make 13:19:25 xtile: thanks, i know this page..just got stuck on CFLAGS. didn't know c99 (wasn't present on my linux machine) doesn't accept a lot of flags 13:19:38 * xtile nods 13:27:18 I would just stick to gcc or clang (cc if everything reall is portable) 13:29:34 is it truly portable if i can't just do `make` on freebsd? c99 gets autochosen when i have .POSIX 13:30:00 it's not really dire for me, i'm just messing around with a silly project 13:48:41 In 2023, you can safely use c17 as your densely C Standard 13:49:19 * meena can't wait for C23 13:50:25 interesting meena, why would you want to use the new c standard? 13:50:28 I don't think any standard of C is "safe" other than C89. :^) I still use standards as tools anyway 13:50:35 i always thought c89 or c99 is the way to go 13:50:42 Neither GCC nor Clang support C99, they just support most of it 13:50:48 still use them for c99 tho 13:50:53 I do enjoy c99... 13:51:23 why they dont support it? 13:51:31 i'm new to c 13:51:57 neither GCC nor Clang support some certain floating-point features required by the C99 standard 13:53:17 p4x639: C11 Was the first standard which finally formalised the memory model. so C programmers no longer have an excuse like, my software runs on the bare metal. nah, mate it runs in an abstract machine, like everything else since, like 1993 13:54:09 until then, the memory model, and it's effects (and undefined defects) were hidden by compilers. but since then it's out in the open 13:55:36 interesting 13:59:45 I just realised that "since, like 1993" is bullshit: 14:01:00 as soon as C as ported from the PDP-11 to the first other Hardware, it already had an abstract machine. In the minds of C's developers that abstract machine just never ceased to look like a PDP-11 14:07:34 (c17, BTW, is just a bug fix of C11. So we've kept a mostly ten year pace: C89, C99, C11, C23) 14:15:37 (and if you want to learn more about the terrible, terrible process of standardisation, and its human toll, i highly recommend reading https://thephd.dev/ ) 14:15:38 Title: The Pasture | The musings, ideas, discussions, and sometimes silly words from a digital sheep magician 14:21:28 I'm always suspicious of anything they write 14:21:32 rtprio: got the answer? 14:25:03 pstef: why? 14:28:07 (i don't know of any other committee members writing about the actual process, so this is the only thing i know to link to) 15:20:48 c23 has some nice stuff that I'm looking forward to 15:24:14 strdup finally made it to ISO C 15:24:31 realloc of size zero is now UB 15:24:52 New free_sized and free_aligned_sized 15:25:50 #elifdef and #elifndef 15:35:09 #embed, 15:35:15 ! 15:40:28 Yeah JeanHeyd wanted to put that into C++ but there was way too much of a political barrier 15:41:14 so he switched to C and got it through the back door 15:50:20 oh, nice 16:41:50 Amateur question for the group. I just upgraded from 13.1 to 13.2 and I have the following conflicts: 16:42:20 freebsd-version -u 16:42:20 read as: 13.1-RELEASE-p7 16:42:32 freebsd-version -k 16:42:32 13.2-RELEASE 16:42:48 I forced an upgrade of packages with pkg upgrade -f 16:42:58 but it doesn't seem to have done the trick 16:43:11 Have you tried running freebsd-update install again and rebooting again? 16:44:13 I ran freebsd-update install after the upgrading to 13.2, but not after upgrading the packages 16:44:30 I will try it now, but I thought that pkg upgrade automatically installs everything 16:44:48 As far as I know, pkg never affects the version of FreeBSD. 16:45:29 Im running the freebsd-update install again now - one moment please 16:49:19 How can I mount a ntfs partion? read-only would suffice. 16:50:02 Oh guess I found it. pkg install fusefs-ntfs 16:58:07 xtile, that did the trick 16:58:08 thanks 16:58:28 Glad it helped :D 17:14:38 question : I see https://www.freebsd.org/security/#sup where it claims stable/13 has expected EOL in 2026 however there never was a release. Why is that there at all if it does not exist? 17:14:40 Title: FreeBSD Security Information | The FreeBSD Project 17:16:27 I think you misunderstand what stable/* is 17:16:43 right .. but .. is there a way to be running that ? 17:16:53 of course, I am doing so right now 17:17:00 or do I need to checkout the whole source tree and then build it ? 17:17:35 there are weekly snapshots, but building the source is probably more common 17:18:10 I have a somewhat important machine running freebsd-version -ku --> 13.1-RELEASE-p6 and 13.1-RELEASE-p7 17:18:27 my worry is that moving to whatever the mystery 13/stable is would wreck my ZFS Zpools 17:18:52 if freebsd-update matters to you then you should not be thinking about switching to stable anyway 17:19:03 freebsd-update is only for released versions 17:19:13 that sort of sounds like a slap to the face. fine. okay. thank you 17:19:37 no, it's just pointing out the most important aspect of running stable 17:19:40 bah, too late 17:19:49 Hi, I need to install the openssl-devel library, but pkg search returns only this one: linux-c7-openssl-devel-1.0.2k_1 OpenSSL headers (Linux CentOS 7.9.2009) 17:20:13 I'm on 13.1-RELEASE 17:21:09 hm, I don't see any port for an openssl-devel 17:21:46 what exactly are you looking for? 17:21:54 Isn't the OpenSSL library on FreeBSD by default? (I may be wrong) 17:22:02 yes, openssl is in base 17:22:05 headers and all 17:22:08 Which header file are you looking for? try 'locate filename.h' 17:22:13 * xtile nods. 17:23:20 openssl-devel port is (was?) FIPS certified 17:24:28 security/openssl-devel|security/openssl30|2023-03-14|3.0 is not devel, prevent confusion with 3.1 17:24:44 Mm, I'm porting a Linux program that needs it, the program builds and run without any warning, but aparently it is exiting silently 17:25:08 https://www.freshports.org/security/openssl-devel/ 17:25:09 Title: FreshPorts -- security/openssl-devel: TLSv1.3 capable SSL and crypto library 17:25:28 that port got renamed to openssl30 17:25:36 ah 17:26:02 (just a couple of weeks ago, so...) 17:26:46 mm, I see that the source has an ifdef LINUX...Let's try replacing that 17:27:17 * meena doesn't keep up with ports as much as she keeps up with base 17:28:00 * RhodiumToad doesn't really keep up with ports, just knows where to look 17:28:46 martinrame: if it's exiting silently then start with dtruss to get an idea how far it gets 17:28:55 meena: thanks 17:29:32 dtruss is in dtrace-toolkit, and is like truss, but built on top of dtrace 17:30:18 meena: open("/usr/lib/libssl.so",O_RDONLY|O_CLOEXEC|O_VERIFY,014313473000) = 3 (0x3) 17:30:31 that's the base system's openssl 17:30:34 What does that 0x3 mean? was it loaded? 17:30:48 the 3 is the file descriptor, so it was successfully opened 17:31:24 at system call level, loading a .so looks like an open call, some mmaps, and a close 17:31:31 great, so, my issue is not related to openssl...long afternoon ahead 17:36:04 there's always a debugger 17:40:40 do older amd gpus work well with freebsd ? 17:44:21 I used to use a really old radeon 17:45:01 (and it worked fine for what I needed) 17:51:10 im asking cause the nvidia gpu driver is misbehaving and i dont expect it to be fixed anytime soon, so wanted to get something less old from amd so that i dont have to deal with nvidia nonsense 17:51:42 misbehaving in what way? 17:55:32 * RhodiumToad has no experience with post-Radeon AMD gpus, so can't really help, but is interested in knowing about nvidia issues 18:19:38 please can anybody help me with understanding this output: https://paste.debian.net/1279094/ ? does this indicate this disk has onn EBR, but without any partitions inside? 18:19:42 Title: debian Pastezone 18:19:56 (this is what I get for "gpart show da1" 18:19:59 ) 18:21:54 oo_miguel: try gpart show da1s3 18:23:15 gpart: No such geom: /dev/da1s3. 18:23:26 hm 18:23:44 not sure how gpart handles EBRs. let me take a quick gleg at the code 18:24:35 This partiions have been created via fstab from an linux distro I believe. 18:24:53 what does ls /dev/da1* show? 18:25:25 show /dev/da1 /dev/da1s1 /dev/da1s2 /dev/da1s3 /dev/da1s4 18:26:24 hm 18:26:46 And I meant created with fdisk (not fstab) of course :) 18:27:32 In the worst case I will put the disk in another machine running linux and check what fdisk reports.. 18:27:47 looks like GEOM_PART_EBR is a kernel option 18:28:32 but it's on by default in amd64 GENERIC build 18:28:42 I am on arm 18:28:43 are you running GENERIC or your own kernel? 18:28:56 ah. arm or aarch64 ? 18:29:05 FreeBSD rpi4 13.2-RELEASE FreeBSD 13.2-RELEASE releng/13.2-n254617-525ecfdad597 GENERIC arm64 18:30:09 arm64, ok 18:30:31 looking at the kernel conf, GEOM_PART_EBR is not enabled on arm64 by default, though MBR is 18:30:48 (same for arm (32bit), as it happens) 18:31:13 how/where do you see that inforamtion? 18:32:34 so I guess my options are 1) recompiling the kernel, which given I run it on the raspberry-pi will take ages. 2) cross compile the kernel from my regular machine (not sure If I need to do it from FreeBSD). 3) plug the disk in another machine and check there via fdisk for example 18:32:50 kernel compile is actually really fast. 18:33:15 hm, then maybe worth a try. will surely learn a lot from doing this 18:33:23 though maybe only if you already built the world, which is slow 18:33:46 iirc, there's a target to build just the kernel build tools without building the whole world, I'd have to look 18:33:53 Never built it yet 18:34:26 ah yes, make kernel-toolchain 18:35:01 not sure if that needs to build llvm, though. that's like 75% of the time of a world build 18:35:15 If a storage device (aka disk) does not have a partition table then "gpart show" will not show it, since it shows partition information. 18:35:21 Instead use "camcontrol devlist" to list the devices. 18:35:30 rwp: not relevant to this case. 18:35:48 I am behind on reading the scrollback but just had to volunteer that tidbit anyway. 18:35:49 rwp: here, it does have a partition table, just not one the kernel is prepared to deal with. 18:36:37 i.e. there's a top-level MBR which is recognized, but one of the partitions is an EBR, and EBR support is not compiled into this kernel 18:37:03 Doesn't the kernel handle EBR partitions as just a part of the MBR structure? I thought it did. But have not tested this in my recent memory. GPT FTW! 18:38:29 rwp: I don't know exactly what it would do if EBR were compiled in. 18:38:47 * RhodiumToad has also not tested EBRs, since I don't use any OS that needs them 18:39:06 Hi, i have maybe stupid question, with compat/linux layer, can you use linux jail as build bot for compile linux userland ? 18:39:08 I'll push that onto my long queue of "try this sometime" to see. 18:39:12 there might be a way to get at the data without EBR if you need a one-off solution 18:39:38 oo_miguel: ^^ 18:40:47 shann, Seems reasonable. Have not tried it. Might have problems if it can identify that it is running on a FreeBSD kernel in compat mode. 18:41:01 Better might be to use bhyve to create a full VM with the Linux kernel so that it is fully virtualized. 18:41:03 I need one-time solution 18:41:22 want to repartition the disk from scratch afterwards 18:41:28 oo_miguel: read-only be good enough, or do you need read-write? 18:41:50 I tried Linux jail before. It worked but systemd was not work. 18:42:31 read-only suffices 18:42:53 I was actually here for my own second-brain question. Have a ZFS array that think the motherboard is failing. 18:43:01 Was able to move the disks to another machine and import it there. 18:43:05 It now reports a small number of chsum errors. But no known data errors. 18:43:05 Question: Should I "zpool clear" first to reset the counters before running a scrub? 18:44:27 rwp infact, just curious if can be possible :). In case i don't have systemd on my chroot. 18:45:06 oo_miguel: what I'm thinking is: use gnop to create a manual slice covering the ebr region, which should then cause the first partition in it to show up as if they were an mbr inside the gnop 18:45:28 oo_miguel: I can do a quick test to see if this is feasible, if you like 18:45:45 Oh I can try myself. Do not want to bother you to much 18:46:24 for safety, I'd use the -w100 option to gnop (100% write failure probability) to make it effectively read-only 18:46:36 that way you don't risk breaking anything 18:46:45 sounds good 18:46:59 there any way to get the bit rot detection & fixing benefits of zfs on shit like usb flash drives? 18:48:25 shann, The compile will be dealing with files on disk. If this were my own code I feel confident it would work perfectly for me. 18:48:26 oo_miguel: you may or may not need to turn on the kern.geom.part.allow_nesting option in sysctl 18:48:29 That might need to be manually configured in order to produce something which makes a reproducible build with a native Linux compile. 18:48:34 But the problem is for things like autoconf automatic configuration which might make different choices based upon what it detects. 18:49:07 Remember that a chroot is still running the same kernel as the host system. 18:50:00 And also systemd files might exist in a chroot but system is never running in a chroot even in a native Linux system, or native Linux system in a chroot. 18:51:11 bbiab. On my question I think I will "zpool clear" to reset counters and then start a scrub pass. 18:53:17 RhodiumToad: It stopped there, with that being the last text. 18:54:15 michaeldexter: hm. I'm wondering if this is a case where you need the debug.acpi.avoid option, but I do not comprehend ACPI well enough to know what to put there. 18:54:47 Is that a ="1" or with parameters? I am happy to try anything. 18:55:00 it has parameters 18:55:01 I hope to have it working by BSDCan :) 18:55:25 Looking at the manual page... 18:55:34 the option tells it to avoid trying to parse a subtree (or subtrees) of the ACPI data, but I don't know the syntax 18:56:18 possibly someone with more experience of ACPI or this particular machine could help better than I. 19:02:00 rwp, yes i know for chroot and system inhib in case of chroot env :). Infact bhyve is safe choice :P. 19:07:07 meena: I'm aware of the sysrc module, but I'm looking for something that abstracts interfaces, aliases and routes a bit more. 19:07:55 Basically this, but also allowing me to set interface names: https://github.com/vbotka/ansible-freebsd-network 19:07:56 Title: GitHub - vbotka/ansible-freebsd-network: Ansible role. FreeBSD. Configure network. 19:15:38 spork_css: time for a pull request 19:35:43 hrm. i can't figure out why after upgrading dbus isn't working. only dunst and firefox use it. i tried wrapping my wm launch in .xinitrc with dbus-launch first, no dice 19:37:31 i see a dbus daemon. i see a session in ~/.dbus/sessionids, and i see the socket in /tmp from the current session. but my shell env and other programs that should have started don't have the dbus env var 19:38:50 Demosthenex: did any libraries change? 19:39:42 meena: i just updated from 13.1-p5 to 13.1-p7, many things changed 19:39:50 most things work, only this dbus thing remains 19:40:23 i narrowed it down, firefox and dunst can't get dbus. i added dbus-launch before stumpwm in my xinitrc, last command in the file. xdm is calling that, everything starts. 19:40:46 but my shells don't show the DBUS_SESSION_BUS_ADDRESS 19:41:00 how are you calling dbus-launch exactly? 19:41:18 dbus-launch --exit-with-x11 sbcl --dynamic-space-size 512 --script ~/scripts/startstump.lisp 19:41:27 previously i called sbcl directly 19:41:40 dbus "just worked", i assume xdm was starting 19:41:45 or it autolaunched when used 19:42:04 that command only sets the environment for the sbcl program 19:42:38 hrm 19:42:39 what is sbcl exactly? 19:43:31 crap, you're right. so if my WM spawns a process, it had dbus env. it's xbindkey that's launching things 19:43:41 so maybe i need to source a dbus thing in xinitrc above 19:43:51 sbcl is the common lisp interpreter 19:43:57 that starts stumpwm 19:43:57 ah 19:44:01 nice catch 19:44:07 so, my xinitrc never had it before 19:44:13 maybe xdm was starting dbus? 19:44:19 shouldn't do 19:44:24 (mine doesn't) 19:44:28 is in sysrc 19:44:54 if it's enabled in sysrc then the dbus daemon is started on boot by the rc scripts 19:45:05 yes, and i see that one 19:45:11 but i thought each user got one too 19:45:15 the "session" 19:45:16 specifically by /usr/local/etc/rc.d/dbus 19:45:38 yes, there's a system service, run by the "messagebus" user, 19:45:43 dbus-daemon --system 19:45:53 I don't really know much about dbus 19:45:56 nor i 19:46:00 stupid linux desktop crap 19:46:08 I only have it because something is forcing a dependency on it 19:46:11 i only run it because firefox is helpless if you don't 19:46:31 ie: firefox --open url:... just pops up and says already running, and doesnt' open the link 19:46:39 it only accepts new windows through dbus. 19:46:43 I never bothered to use dbus-launch anywhere, and firefox runs for me 19:46:57 ah, but I never tried that 19:47:04 opening links in emacs and mutt via urxvt all fails with firefox errors 19:47:13 and dunst (notify thing), doesnt' connect 19:47:16 i never had this before 19:51:17 just checked, and firefox is working for me with no per-session dbus configuration 19:51:54 including doing firefox ... to open a new url while an instance is already running 19:52:18 hm, a dbus-launch was done from somewhere 19:52:57 exactly. dbus can autolaunch 19:53:03 so the environment var doesn't seem to be necessary? 19:53:47 again, i upgraded from 13.1-p5 to 13.1-p7 and suddenly no dbus. i see a system level dbus. my xinitrc had no changes, i manually added dbus stuff to try and fix 19:54:06 i hate "magic" things. makes sense to source it in the script or launch it 19:54:08 I'm testing this on a 13.2-stabke 19:54:12 *stable 19:55:48 hrm, well eval'ing the output of dbus-launchin xinit looks right 19:57:41 emacs to firefox works, alright. 19:58:39 i love having a tiling WM x11 workstation, if only apps weren't so linux centric :P 20:00:25 i was talking about this a few days ago - annoyingly cannot open links on a running instance of firefox 20:03:09 (without dbus) 21:15:33 hey, im having a bit of trouble getting things to run with steam. Get errors when libraries are tried to be preloaded, some applications requiring GLIBC_2_27 etc. Is there a good guide on how to set this up properly? 21:21:35 gzar, linux binary? 21:21:45 its aseprite, so i think so 21:22:15 check this https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268540 21:22:19 Title: 268540 – emulators/linux-c7 have too old GLIBC for some software: /lib64/libc.so.6: version `GLIBC_2.26' not found (required by lwjgl/3.3.1-build-7/liblwjgl.so) 21:34:04 Is there a favourite pre-existing tool for automatically reporting abuse from particular IPs? Like, a thing that finds the CIDR block and contact addresses for ssh/etc attempts, emails them sets firewall rules or routes that it removes after some period, etc? 21:36:07 blacklistd will handle the firewalling part, and iirc it invokes scripts to do the work, so you could use those to maintain additional logs/databases to process later for reporting purposes 21:37:50 well, it'll handle interfacing between the daemon and the firewall. 21:38:32 it doesn't rely on logs though, it requires the daemon to inform it of connection attempts, and then it keeps track of the rate vs the limit 21:39:43 right, but sshd already has a UseBlacklist option to report its failures to blacklistd 21:41:22 Hmm, I'll have a look at that. A few years ago I wrote an awk script to tail my log and run ipfw rules for IPs that matched a list of conditions. But it didn't handle notifications. 21:42:22 notification is a much harder problem than just blocking 21:44:10 Whoa, blacklistd is included now. I had no idea! 21:44:26 yeah, it's in the base system 21:47:28 eh, that sounds great, but not something i feel comfortable without a remote console 21:49:08 you can whitelist addresses or ranges in the blacklistd config 21:52:55 VVD: oh man i didn't know this was such a big deal 21:53:47 should i try making some sort of alternative /compat/ folder with say, devuan? or something like that? 21:53:50 gzar, there is howto - link in comments for install ubuntu 22.04 21:54:06 ah ok, i overlooked it 21:54:07 try it 21:54:47 thos instructions are in russian ._. 21:55:10 online translators 21:55:37 main part is the commands 21:56:04 yeah it makes sense, thanks for your help 22:01:01 RhodiumToad: depending on the firewall you're working with, you can also use rules in the firewall configuration to whitelist IP addresses. 22:02:25 yes, true 22:02:38 ideally one would do both 22:03:07 Doing it in the firewall config feels more correct to me, but I'm not sure I can explain why. 22:03:37 doing it in the firewall config allows you to be very specific about what actually gets whitelisted 22:04:07 Maybe it's that adding an exception to the access control list is something that gets done as the very first step when configuring a firewall, so that you can't accidentally lock yourself out. 22:09:50