00:17:36 it seems the "zpool" service is also required. so i enabled it in rc.conf. but it doesn't get executed for some reasons and the logs don't contain anything about it… doing "service zpool start" manually on a shell properly imports the pools and doing "service zfs start" after it properly mounts them, too… 00:20:59 man, even when trying to get rid of it, zfs keeps being a royal pain @_@ 00:22:22 there is no zpool service 00:22:46 does `zpool import` work once your geli devices are attached? 00:24:16 phryk: ^ 00:24:41 rtprio: /etc/rc.d/zpool, i.e. service zpool start 00:25:25 yes, manual import works, no issues. 00:27:00 and you're trying to mak this work automatically on boot? 00:29:06 rtprio: yes, but after the bootloaded. pretty sure it'd work if I add zpool_cache_* to my /boot/loader.conf again, but that's imo the wrong way to go about it. i want my early boot stuff independent from zfs and want the zfs service to just take care of importing/mounting the old pools whenever it gets run by init. 00:30:14 if it wasn't on top of geli it would mount on boot if it was imported 00:31:07 the geli part isn't a problem. damn thing just isn't getting imported. i.e. /etc/rc.d/zpool start isn't getting executed. 00:31:39 and you said zfs_enable=YES is present in rc.conf 00:31:53 yes, and zpool_enable, too. 00:32:01 that's not a thing 00:33:03 yeah, script says rcvar is zfs_enable for that, too, but as it obviously wasn't getting executed it was worth a try. 00:36:07 i bet you'd find that it was getting executed, just not doing what you'd like 00:36:42 yeah, that's why service zpool start does exactly what i am expecting… 00:37:01 also doesn't hard coding your geli so your it unlocks at boot without intervention somewhat defeat the point of having them encrypted ? 00:38:34 that's not what i'm doing and i never said it was. 00:40:28 then i'm not sure how you expect zfs to suddenly recognize there is a pool it should mount 00:42:24 exactly the way running 'service zpool start' does it? just that i want the script to *actually be executed* by init? 00:43:49 i don't see why the zpool cache would change if geli were attached or not 00:44:14 what are you even talking about? 00:44:35 first real line of /etc/rc.d/zpool: 00:44:36 for cachefile in /etc/zfs/zpool.cache /boot/zfs/zpool.cache; do 00:44:56 sounds like you should put some logger(1) lines in /etc/rc.d/zpool and see what's happening 00:45:14 yeah, both exist. both have the pool definition. i don't see the issue. 00:45:14 if it's not really being run, or it is being run and not finding the pool 00:46:35 do you load the module in loader.conf or no? 00:46:43 no. 00:46:52 you might try that 00:47:36 no. i'm migrating away from zfs. the basic boot should work without it. and it does. all i want is for the damn zfs service to actually import the damn cachefile. 00:47:58 ok, no need to take a tone. you can remove it when you're migrated off. 01:04:17 rtprio: it doesn't strike you as wrong, that automatic import/mount of zfs is just fails silently if you don't already activate zfs in loader? mounting it through init is just not valid anymore? o_O 01:32:20 phryk: it's weird but not wrong. 01:32:39 and again, you don't know if it's failing silently yet, you seem to avoid doing any of your own debugging 01:32:57 yes, i did. 01:33:01 it's not being executed. 01:33:28 i just fixed it by adding a prestart command to rc.d/zfs that checks for zpool_enabled and executes zpool start. 01:34:25 🤷 03:20:01 <_xor> Is there a port target to re-generate the packing list? (It would be nice to not always have to clean + rebuild after a successful build but a slight modification to the packing list) 03:32:44 there is a target to make the plist, but it's not reliable 03:41:56 <_xor> Oh, probably should have been clearer. I meant re-generate the temporary packing list that gets generated after stage but before package. (unless you meant that, then disregard, but after re-reading I realized it could be interpreted as the `make makeplist` target, which I do use sometimes). 03:55:36 oh. no. 03:56:04 you can run stage again without redoing build if you like, though 03:57:42 (make restage) 04:09:46 okay, it's 12 hours after i wanted to be finished, but i posted stuff: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=271384 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=271385 04:09:48 Title: 271384 – zpool not imported if zfs isn't enabled in loader.conf 04:12:39 phryk: did you look at the geli configure options? 04:13:26 RhodiumToad: the ones for loader.conf yes, or are you talking about some obscure compile-time options or somesuch thing? 04:13:40 no, the per-partition ones 04:14:10 is it loader that's prompting for passwords, or the rc script? 04:16:41 loader. or rather, geli itself. 04:17:46 geli-inside-loader and geli-inside-kernel aren't actually the same thing, quite 04:17:53 https://cgit.freebsd.org/src/tree/sys/geom/eli/g_eli.c?h=stable/13#n1254 04:17:54 Title: g_eli.c « eli « geom « sys - src - FreeBSD source tree 04:18:03 this is the place, far as i can tell. 04:18:24 RhodiumToad: oh, is it implemented twice? 04:18:46 stand/libsa/geli is where the loader-specific parts are 04:19:33 it may pull in some of the files from sys/, haven't checked 04:32:49 Mhh, that doesn't seem to be what's used tho… The passphrase prompt in libsa/geli is "GELI Passphrase for…", but what I get when booting is "Enter passphrase for…" as in g_eli.c. 04:37:41 do you have a screenshot or transcript? 04:38:19 I guess since I have a vm handy I could attach a couple of disk images to test 04:39:19 May 13 02:06:14 phlogiston kernel: Enter passphrase for ada0p3: GEOM_ELI: Wrong key for ada0p3. Tries left: 1. 04:39:51 guess that at least definitely settles whether this is kernel or loader geli 04:47:36 basically there are at least 4 stages at which geli can require a key, though one of them only applies to non-EFI boot 04:48:01 where was that message? 04:50:54 RhodiumToad: /var/log/messages 04:52:54 is / on a geli partition? 04:53:13 and if so is it the same partition as /boot/loader ? 04:53:32 and is EFI in use? 04:53:39 yes and no and yes. 04:54:16 is /boot also on geli? 04:54:18 / is geli, /boot is unencrypted other partition (far as i know encrypted /boot isn't possible), efi boot. 04:54:37 encrypted /boot has been possible for a long time even without EFI, with EFI it's trivial 04:54:52 please tell me more. :D 04:55:31 ok, the standard configuration now for EFI is for loader.efi to be on the ESP as bootx64.efi or somewhere else managed by an efi boot manager 04:56:01 with ESP you mean the fat partition? 04:56:07 loader.efi has the geli implementation from stand/ compiled into it, so it can decrypt a partition to find the rest of /boot to get loader.conf, modules, etc. 04:56:11 yes 04:57:00 with that configuration, there's also no need to separate /boot from / 04:57:28 I believe the installer even has an option for it 04:57:31 so the keyfiles go onto the ESP, too? how are they referenced in loader.conf? 04:58:04 do you want it to use a passphrase, or not? 04:58:07 wait. there is no loader.conf there… how do i tell it where to look? 04:58:09 yes. 04:58:15 keyfile + passphrase. 04:58:24 sec. 04:59:27 let me fire up the installer to check something. 04:59:49 sure, i'm in zombie mode anyhow^^ 05:00:05 dammit, I have too many partitions 05:02:14 are you using zfs or ufs? 05:02:35 just migrated from zfs to ufs^^ 05:04:25 ok, installed, rebooting 05:08:45 /* XXX TODO: Support loading key files. */ 05:08:56 well, um, that answers that question 05:10:44 ok, so loader can only do passphrases 05:12:08 what it'll do is prompt for passphrases only for geli devices it finds with the boot flag set 05:12:19 and not any others 05:13:50 yeah, that's what the kernel version does, too. that's not where the issue lies, tho.^^ 05:20:00 so what is the issue? 05:20:45 that i can't limit it to ask for passphrases for the gpt labels to which the keyfiles are associated. 05:30:04 do you have a requirement for all of these devices to be open in order for / to be accessible? 05:30:46 not strictly, but they are needed for services and jails. 05:30:47 Naruto meets Samuel Garcia Sepulveda, governor of Nuevo Leon in Mexico! They hit it off and start an intimate and sexual relationship! Naruto does a sexual jutsu on his rectum and later donates his cum so that Mariana, Samuel's wife, gives birth to either green or blue eyed babies! Read about this hot love story here! https://justpaste.it/Naruto_Makes_Love_Samuel_Garcia 05:30:49 Title: Naruto Has Ninja Sex with Nuevo Leon Governor Samuel Garcia - JustPaste.it 05:32:21 phryk: then surely you should set the boot flag only for the minimum you need to get / working, then use rc.conf to handle the rest 05:32:22 why would someone advertise their horny weeb fanfic here of all places? 05:33:19 Maybe they wanted FreeBSDM instead ;-) 05:36:51 RhodiumToad: that lessens the problem, but doesn't solve it. also, not really finding docs on rc.d/geli[2]. it seems to execute `geli_make_list`, which doesn't exist… 05:37:38 geli_make_list is in rc.subr 05:40:54 basically it tries to get only those devices which are either mentioned in fstab or explicitly in rc.conf geli_devices="..." 05:41:32 ah. that helps. 05:41:37 so it's all going by provider name, _not_ by metadata flags 05:58:26 anyhow sleps now 13:16:09 if there is any freebsd-audio expert here i'd love to get some help with my mic. cant get it to work still 13:30:10 gzar: you can try the multimedia mailing list or forums. i've had contact with the guy who wrote virtual-oss on there 13:31:44 alright, i think i'll try the forums first, since gmail doesnt play well with mailing lists 13:35:53 works ok for me on gmail 13:48:33 anyone aware of a tool that could transform files on-demand/in-memory before rsyncing them over? maybe something FUSE? 13:52:39 I've got ~10TB of .wav files I want to ship over to a last-resort backup storage box semi-regularly -- they come down to about ~800G as 320kbps .mp3, but I don't want to make space for or keep the .mp3 files :-) 14:05:59 domlaut: what is your plan to handle interrupted transfers? and how will rsync know what has been transfered or not 14:06:09 +f 14:06:37 im drunk.. +r 14:09:16 well, same way it usually handles it and knows. checksumming/ctime/filesize 15:01:59 I'm trying to build a pkg repo, that instead of relying on ${ABI} (which has the major version, but not the minor), relies on the ${OSVERSION} (which ends up looking like this 1203000 15:08:43 Never mind, looks like there's VERSION_MAJOR and VERSION_MINOR that I can use. 16:02:10 For a user whose preferred shell is csh, I can add to ~/.cshrc to work around a bug that can bite desktop environments such as Budgie: 16:02:13 setenv LIBGL_DRI3_DISABLE 1 16:03:06 Which one file should I edit for all users to benefit from the variable, regardless of their preferred shells? 16:06:10 /etc/login.conf 16:06:26 then cap_mkdb /etc/login.conf 16:06:41 Ah I forgot cap_mkdb 16:06:43 thanks 16:06:52 yw 17:07:40 otis: not yet effective, have I written to the wrong part of the file? 17:07:42 Title: 9e6z 17:10:34 grahamperrin: see "setenv" record 17:11:43 so it will read :setenv=BLOCKSIZE=K,LIBGL_DRI3_DISABLE=1 \ 17:11:54 Ah, so: 17:11:57 :setenv=LIBGL_DRI3_DISABLE=1: 17:12:00 Yes? 17:12:19 :setenv=BLOCKSIZE=K,LIBGL_DRI3_DISABLE=1 17:12:35 eh, :setenv=BLOCKSIZE=K,LIBGL_DRI3_DISABLE=1: \ 17:13:00 thanks again 17:14:09 then also cap_mkdb ... 17:14:39 yup 18:27:48 hi people ! 18:44:54 interesting the default ix module on FreeBSD 13.2 lets me download at 120MB/sec but the intel-ix-kmod package increases the nics speed to 600/700MB/sec 18:45:00 is that a known issue ? 18:45:45 Are both configured the same? 18:46:15 No, nevermind; I misread that "ix" being faster 18:54:55 i usually do a clean reinstall even for new minor versions but i'm wondering how safe is 13.1 -> 13.2 upgrade? 19:01:40 hi! which vnc viewer should i use to connect to a bhyve vm ? 19:01:50 vnc pkg* 19:03:20 <_xor> I use Remmina, but be aware that there's a bug that can cause it to crash on connect. There's also TigerVNC, TightVNC, and RealVNC. 19:05:52 <_xor> Wait, scratch RealVNC. That was on Windows. 19:05:54 _xor: how do i list the vm ip to connect to it ? 19:06:10 vm info says its running 19:06:23 <_xor> That depends on how you have your vm networking setup. 19:06:27 right 20:12:34 so FreeBSD has its own version of netcat installed by default, named nc ? 20:14:26 last1: yes 20:15:24 weird, most docs say to use nc -l -p but FreeBSD version is just nc -l 20:15:31 took me a few minutes to figure it out 20:16:45 https://github.com/freebsd/freebsd-src/tree/main/contrib/netcat 20:16:46 Title: freebsd-src/contrib/netcat at main · freebsd/freebsd-src · GitHub 20:44:49 netcat is a program with a troubled history. 20:44:53 The original version had some significant deficiencies, some of which bugged the snot out of me! 20:44:59 And other people too, apparently. Because it has been forked and modified significantly at least twice. 20:45:23 I actually think the "socat" program is the better program. It does the same thing as netcat does. 20:45:38 With a different more powerful syntax. 20:49:01 It looks to me like the -p option was added to one of the newer forks and does not appear in the original version by hobbit. 20:49:24 So those docs that reference -p are the ones that are using the non-portable syntax. FreeBSD is using the traditional form there. 20:50:53 nc(1) on FreeBSD says "-p" is for the source port. Destination port is an argument, not an option value. 20:51:56 But under the -l option part it says "It is an error to use this option in conjunction with the -p, -s, or -z options." 20:52:20 And also in the -p option section too. 20:52:33 yep, saw that in the manual 20:52:50 however, it's still a difference in syntax for specifying the port when sending/receiving 20:53:02 not sure which would be considered 'best' but I guess it doesn't matter 20:53:36 I was wrong. I looked at the original netcat and it does list the -p option there. 20:54:55 And in the original README it does show examples with "nc -l -p 1234" so I was wrong about it being the new fork. It was in the original. 20:57:33 I don't know about "best" but gratuitous incompatibilities are always bad. 21:00:23 IIRC the main thing that bugged me about the traditional netcat is that it intentionally ignored EOF. In order to let the transfer finish. 21:00:26 The FreeBSD version I know has the -N option to force handling of EOF. 21:00:28 And then one would need to interrupt it manually when done. 21:01:27 IIRC the OpenBSD version has a -q option to quit after that many seconds in order to accomplish basically the same thing. 21:02:05 In any case, check out "socat" which has a powerful simple syntax and is I think the better utility than netcat. 21:02:22 alright, thanks 21:51:06 so could i run a jail manager and/or bhyve manager in a jail on the physical host? Im currently running Truenas on my host and have been looking to switch to Xigmanas, which I like, but they strip out so much of the freebsd base system that even many third party no longer work on the newer releases. 21:55:13 so id like to attempt running xigmanas in a jail on vanilla fbsd. any tips? Im guessing theres not any tools that can take an iso or img file as input and let you run through the standard install but in a jail? 21:55:45 <_xor> Is a PCI device required to be reserved for use with bhyve passthru, or can certain devices get away without host reservation? From what I've gathered so far, pptdevs mainly prevents the kernel from probing the device at boot. Not sure if that means that once it's probed+initialized that it won't be "re-probe'able" by the guest VM. I get why the 21:55:45 <_xor> reservation would be required though. 21:57:29 derzahl: if there's a jail manager that listens on a socket for remote access, definatly 21:57:36 but i don't know any that do 21:58:44 it's kind of a shame that some of these, like Xigmanas, pfsense, etc don't package up their webmin portion and let you install it on any freebsd system 22:00:03 <_xor> Seems like a strange thing to do, a jail to boot an ISO installer. I mean you could make the ISO available via dev device in the jail, but booting it doesn't seem to make sense. 22:00:14 <_xor> You can run a VM inside of a jail and boot it with that, which I've done before. 22:01:11 <_xor> (I'm assuming derzahl means booting an ISO installer, so if not, then disregard) 22:01:17 rtprio: what about just have the jail manage the HBA card/zpool? Id probably be more interested in having that part of the webui working than the jail/VM management stuff 22:01:38 <_xor> Jails are not VMs. They're more akin to containers. 22:04:12 _xor: I mean 'pseudo-booting' I guess. basically a wrapper that will run the bsdinstall stuff and fake an physical install 22:05:44 good to know running a VM in a jail is possible 22:06:46 derzahl: other than ssh'ing to your vm host and doing the stuff i have no idea 22:07:08 im just looking for the best way take the webmin from something like xigmanas or truenas but run it in a container 22:07:35 im open to suggestions on what the best way would be 22:09:24 <_xor> Make the zpool available to your jail and then tell it to use that pool. 22:09:38 "good to know running a VM in a jail is possible", i think the answer was exactly the opposite 22:15:01 yuripv: "<_xor> You can run a VM inside of a jail and boot it with that, which I've done before." 22:18:07 _xor: RE:"Make the zpool available to your jail"... so give the jail access to my HBA card? is that possible? 22:36:18 <_xor> yuripv: I meant that you can make VM devices available to jails and then create/start/stop VMs from within jails. It was years ago that I did it, but I did run Gitlab in a jailed VM, though I think I did it with VirtualBox. This was before the gitlab ports were available. 22:36:39 <_xor> I think you essentially just have to make /dev/vmm available to the jail and make sure it has proper mounts. 22:37:55 <_xor> derzahl: Assuming you have your HBA card in /dev/, then sure. Though I think you're misunderstanding. You would make /dev/zfs visible to the jail. 23:44:21 i usually do a clean reinstall even for new minor versions but i'm wondering how safe is 13.1 -> 13.2 upgrade? anyone have or hear about ppl having probs? 23:44:42 derzahl: i think you might be better off trying to steal the webmin code to run on frebsd propr