00:04:43 <Erhard> spork_css: If on desktop use NoScript and ddg will not scroll.
00:05:58 <Erhard> I hate that too, would much rather click through pages I could go back through easily.
00:36:40 <mason> It's rare for the thing I need to not be within the first dozen hits so I'm not sure if I see infinite scrolling or not.
00:40:37 <laidback_01> anyone running ceph on freebsd?  I see it's available and working, but I'd like to know are there performance considerations to be aware of vs a linux based system?
00:41:10 <laidback_01> vs a linux based ceph cluster that is.  I may have to just build both out on the same hardware and do some performance testing to see.
00:41:22 <laidback_01> nevermind, I'll just do that.
03:20:01 <kenrap> Sadly, much of the web relies on only javascript to function. And as a result of it, much of it is infested with (google) analytics backends too.
03:47:03 <rtprio> so add it to your ublock
04:15:46 <kenrap> I think ublock already does that very well. But unfortunately, that doesn't solve the "fingerprinting" issue though. The best way to do that is to turn off javascript completely. But if you do that, much of the web becomes broken. Also, adding browser extensions (such as ublock) only makes your fingerprint more unique. The more you add, the more you will stand out. Thus you will still be tracked across the web to some high degree of accuracy. Granted, there
04:15:48 <kenrap> are special ways to block fingerprinting but doing so makes the browsing UX more painful imo. Anyway sorry about my offtopic, I'll let it go now.
06:27:02 <rtprio> kenrap: yep. it's not actually paranoia if they actually are after you
06:30:08 <kenrap> Sigh...
07:18:53 <kenrap> Hmm, in regards to using CURRENT, would this commit be a good reason to do an upgrade? https://cgit.freebsd.org/src/commit/?id=b370ef156ab9d88450e9bc0440df522aec88cc44
07:18:54 <VimDiesel> Title: src - FreeBSD source tree
07:39:55 <rtprio> are you now or have you ran current before?
07:44:04 <spork_css> "are you now, or have you ever been a member of the -CURRENT party?"
07:44:17 <spork_css> <rimshot> (sorry)
08:07:28 <JaskieMe> Hey guys, so  https://bsd.to is still down?
08:07:29 <VimDiesel> Title: dpaste
08:08:35 <JaskieMe> I am wondering is it affiliated with FreeBSD.org or is it just a another random public website hosted by someone ?
08:17:33 <rtprio> dosn't seem down. not affiliated to my knowledge
08:17:45 <debdrup> JaskieMe: it's just a site set up by someone in the FreeBSD community.
08:18:26 <debdrup> Anything that isn't freebsd.org or on a subdomain is set up by a community member.
08:18:46 <debdrup> Anything on freebsd.org or a subdomain is run by the cluster admins.
08:20:47 <debdrup> CCFL_Man: labelclear is useful if you want to use the disk for a different pool in the future, without having to zero all of it (because the labels are stored in multiple places on-disk.
08:20:52 <JaskieMe> But I always get 500 error when I paste something
08:21:25 <debdrup> JaskieMe: https://bsd.to/Os6X/raw was created just now
08:21:26 <JaskieMe> The website itself is running and up, but pasting and get back a paste seems down
08:21:26 <VimDiesel> Title: Os6X
08:21:41 <rtprio> same. i just pasted something too
08:23:01 <JaskieMe> if you drop /raw at the end it won't open, which is supposed to present after you paste something.
08:23:26 <rtprio> maybe you found the 'XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X' of dpaste
08:23:27 <debdrup> CCFL_Man: as for IT mode, it's short for "initiator target" mode, and is traditionally used to pass disks through to an iSCSI initiator - however its function, in terms of the HBA, is to bypass any form of RAID functionality, which is desirable because ZFS has its own RAID functionality and also needs control over the disk cache behaviour (to ensure a flush whenever a transaction group is written to
08:23:33 <debdrup> disk).
08:24:15 <debdrup> JaskieMe: what are you trying to paste? Do you have javascript blocked?
08:26:04 <debdrup> https://freshbsd.org/freebsd/src/commit/b370ef156ab9 huh
08:26:05 <VimDiesel> Title: FreeBSD / src / b370ef1 / libthr: Patch to reduce latency to acquire+release a pthread mutex. - FreshBSD
08:27:02 <JaskieMe> I am just trying to paste a raw markdown text file. I paste all text in the box and click paste, it went to something like https://bsd.to/Os6X, which weill say Server Error (500). But if you apend /raw to the end of the address it opens
08:27:57 <JaskieMe> So I was wrong, the website is not down. It's just not working as expected I suppose
08:31:34 <debdrup> JaskieMe: not sure what to say; it's working fine for me in all the cases you've mentioned
08:32:45 <JaskieMe> well I am confused. but since I now know it works it's OK for me. Thanks
08:35:49 <parv> http://bsd.to/e3vn - random text just added
08:35:51 <VimDiesel> Title: dpaste/e3vn (Plain Text)
08:36:28 <debdrup> JaskieMe: if you're using a browser that supports different profiles, can you try creating a new one?
08:36:44 <debdrup> supports multiple profiles, I should say
08:41:35 <JaskieMe> seems like it's related to the markdown format. I pasted your text (xndsfk;lfkds;) as text it works, but Server Error (500) when I choose Markdown format
08:42:12 <JaskieMe> Tested in Firefox and Chrome browser, seem results
08:42:21 <JaskieMe> same results
08:45:52 <parv> JaskieMe, Yup, same 500 error with "Markdown" -- perhaps the backend is not enabled or broken
08:47:07 <JaskieMe> I remembered it used to work with markdown, that's why I thought it's down.
08:47:15 <parv> Ah
08:51:20 <sthalik> hey
08:51:33 <sthalik> so mac_bsdextended(4) is actually cool for rootless chroots and jails
08:51:44 <sthalik> but are there plans for something more advanced like firejail for linux?
08:52:07 <sthalik> for example, with ugidfw you can't set rules for individual files, only mount points
09:03:40 <sthalik> example use-case: unbound startup script creates device nodes inside the devfs mount. a firejail-like chroot would allow to ban all da* and ada* from unbound (even with high securelevel, it can access them in read-only mode)
09:03:52 <sthalik> and jails have the problem of not being rootless
09:04:11 <sthalik> I could make a rootless jail but there's no infrastructure for it
09:14:38 <sthalik> and if I actually wanted to extend mac_bsdextended(4), would somebody be willing to answer simple kernel programming questions?
09:14:50 <sthalik> I have no kernel-level programming experience
09:16:20 <sthalik> 1. can a MAC module not worry about sleeping, having to hold locks in order to do something as simple as the kernel equivalent of realpath(3)
09:17:25 <sthalik> 2. I know how to set up linux/windows cross toolchains, can I set one up for FreeBSD from Windows msys2/cygwin?
09:17:58 <debdrup> sthalik: by default, a jail doesn't have access to disk access devices
09:18:22 <sthalik> debdrup, in my opinion, rootles chroot + sysctl hardening is more secure than a rootful jail
09:18:41 <debdrup> chroot doesn't provide the kind of isolation that jails do
09:19:08 <sthalik> debdrup, yeah, but a script kitten can't execve /bin/sh or write a binary to be executed, or launch a script interpreter...
09:19:32 <debdrup> chroot was never designed for isolation, it was purely a way to build in a clean environment
09:19:44 <sthalik> is there infrastructure for making rootless jails easy?
09:19:55 <debdrup> jails, on the other hand, were explicitly designed for isolation
09:19:55 <sthalik> for example, replacing unbound chroot with a jail
09:20:12 <debdrup> rootless jail doesn't make sense, because jail was made to confine the root user
09:20:14 <sthalik> and you can't simply filter out uncommon syscalls with jails
09:20:16 <sthalik> which would be great
09:20:46 <debdrup> "confining the omnipotent root" is, both demonstrably and literally, the subtitle of the jail paper ;)
09:21:08 <debdrup> https://papers.freebsd.org/2000/phk-jails.files/sane2000-jail.pdf
09:21:13 <sthalik> yeah right, but then you have stuff like docker or linoox namespaces and they have a ton of exploits on them
09:21:26 <debdrup> because they were never built for isolation to begin with
09:21:27 <sthalik> it's not like freebsd jails had zero cve's (they had a few)
09:21:56 <debdrup> sure, they had a few, but the design still informs the feature
09:22:16 <debdrup> i think there's been two jail escapes since 1999 when it was invented
09:22:17 <sthalik> so jail + rootless chroot inside the jail is better than a simple rootless chroot, then
09:22:54 <debdrup> what makes rootless chroot secure is the privilege separation though
09:22:59 <debdrup> you can get that without using chroot
09:23:08 <debdrup> daemon(8) to be specific
09:23:38 <sthalik> the daemon has to implement chrooting in itself, so that the chroot is rootless
09:24:00 <sthalik> otherwise it requires things like libraries, maybe even a dynamic linker
09:24:10 <debdrup> that's an entirely separate thing
09:24:29 <sthalik> can I show you some pastebin'd ugidfw rules?
09:24:29 <debdrup> you can statically compile something (or even use something interpreted) with daemon(8) to drop its privileges
09:24:52 <debdrup> it's been over a decade since i used ugidfw, so i'm probably fairly rusty, but sure
09:24:52 <sthalik> yeah, and then have to integrate compiling it into the static binary with ports, pkgng won't work with it
09:25:07 <debdrup> what?
09:25:34 <sthalik> https://gist.github.com/sthalik/827ffd0744b8da27af05951a2911030c
09:25:36 <VimDiesel> Title: gist:827ffd0744b8da27af05951a2911030c · GitHub
09:26:13 <sthalik> with a setup that's not as involved as patching and building static binaries, it nicely integrates with upgrading via pkg(1)
09:26:23 <sthalik> as well as existing startup scripts for unbound, etc
09:26:38 <sthalik> note: nitter is launched through daemon(8)
09:27:20 <sthalik> so note that /var/tmp, /tmp et al. are all mounted noexec, nodev, etc.
09:27:38 <debdrup> doesn't WITH_STATIC exist anymore?
09:27:38 <sthalik> and there's some nullfs usage to enforce noexec et al. for temporary directories inside the chroots
09:28:41 <sthalik> pkg(1) is better to use for ssd-based systems and SoC's
09:28:52 <sthalik> but yeah, ports are more flexible
09:29:21 <sthalik> also a company with large infra can set up a pourdiere (sp?) instance, a smaller user technically can but it's overkill
09:29:52 <debdrup> i'm a company? :P
09:30:21 <debdrup> quite a few people run poudriere for their own package repos
09:31:00 <sthalik> I can't for the next few years, due to EU electricity soft-'rationing' and subsidies for low usage
09:31:09 <debdrup> it sounds like you have the best use-case for it, which is that you need a custom environment
09:31:21 <sthalik> debdrup, that's why mac_bsdextended should be more flexible
09:31:22 <debdrup> I'm Danish, we have the highest electricity cost in the world.
09:31:33 <debdrup> well, go extend mac_bsdextended then :3
09:31:37 <sthalik> but you have also more disposable income than CEE
09:32:27 <debdrup> us Danes, or me personally? because i'm on the absolutely minimum benefit because I got cancer in 2016 and haven't been able to work since due to chronic extreme exhaustion
09:33:33 <debdrup> anyway, this is getting off-topic
09:34:07 <debdrup> i don't think mac_bsdextended can do what you want, but if someone wanted to add that feature i don't see a problem with it
09:35:43 <debdrup> like i intimated before, i'm also not sure i see the usefulness of it if you combine mac_bsdextended with jails and daemon(8) for dropping privilege, but that's something i suspect we're going to have to agree to disagree on
09:40:22 <sthalik> debdrup, it's meant to provide defense in depth, imagine falling into a coma for 3 to 5 years or something, with the machines still running
09:40:51 <sthalik> I'm gonna look into mac_bsdextended soon
09:40:59 <sthalik> extneding it, that is'
09:41:12 <debdrup> sthalik: a machine can't be expected to run for 3-5 years in a modern threat landscape
09:41:24 <sthalik> debdrup, my Alix did
09:41:42 <debdrup> then your alix was probably vulnerable to a fair number of security exploits. ;)
09:41:50 <sthalik> went through errata, port errata, decided things don't apply for possible threat vectors
09:42:09 <sthalik> like, it wasn't running nfsd at all, so all nfs issues were ignored
09:42:35 <sthalik> mitigations were ignored when openssl and sshd implemented their own hardening, etc
09:43:06 <sthalik> but it really depends on the amount of services that are being provided
09:43:47 <debdrup> sure, but 3-5 years seems too long for nothing to have affected you
09:44:10 <debdrup> unless you happened to run into a coincidence of a period of time where that was just barely possible
09:44:29 <debdrup> my point is more that it's not something you can _rely_ on happening, only observe that it may have happened in the past.
09:44:30 <sthalik> I upgraded it once every 2 or so years but if I was in a coma for 3 years it's still unlikely that anything would've compromised it
09:44:42 <sthalik> agreed
09:44:44 <debdrup> i'm not sure i'd make that assumption.
09:44:57 <sthalik> but you can't rely on anything at all with modern, complex hardware
09:45:18 <sthalik> but then it gets too paranoid when you start considering things like hard disk firmware viruses
09:45:22 <debdrup> when i spent a few months dealing with cancer and for the first year or so after, i didn't assume my system was safe when i came back
09:45:48 <debdrup> that was like 18 months in total
09:45:50 <sthalik> I'm sorry, it must be hard to deal with
09:45:58 <debdrup> it wasn't great, but i'm in remission now
09:46:01 <sthalik> that's good
09:57:13 <plasmoduck> hey I need help with my sound. I only ever use headphones. https://clbin.com/7v8RY
09:57:48 <plasmoduck> https://clbin.com/dOIZN
09:58:31 <plasmoduck> I tried this in /boot/device.hints with no luck
09:58:51 <plasmoduck> hint.hdaa.0.cad1.nid33.config="as=0"
09:58:53 <plasmoduck> hint.hdaa.0.cad1.nid33.config="as=0 seq=15"
09:59:03 <plasmoduck> what should it be?
10:07:02 <Plasmoduck> back
10:16:01 <plasma> o/
10:47:09 <Lovis_IX> Plasmoduck: did you try sysctl hw.snd.device_default = <device number from /dev/sndstat?
11:00:18 <Plasmoduck>  sysctl hw.snd.device_default = pcm1
11:00:20 <Plasmoduck> sysctl: unknown oid 'hw.snd.device_default'
11:00:22 <Plasmoduck> etc
11:11:08 <Plasmoduck> Lovis_IX:
11:16:20 <Lovis_IX> Plasmoduck: excuse me, it's sysctl hw.snd.default_unit
11:20:47 <Plasmoduck> Lovis_IX: I don't think this is right
11:20:53 <Plasmoduck> its saying the same thing
11:21:14 <Plasmoduck> cat /dev/sndstat shows
11:21:16 <Plasmoduck> pcm0: <Realtek ALC294 (Analog)> (play/rec) default
11:21:18 <Plasmoduck> pcm1: <Realtek ALC294 (Front Analog)> (play/rec)
11:21:41 <Plasmoduck> so I've tried sysctl hw.snd.default_unit = pcm0 and sysctl hw.snd.default_unit = pcm1
11:21:54 <Plasmoduck> hw.snd.default_unit: 0
11:21:56 <Plasmoduck> sysctl: unknown oid ''
11:21:58 <Plasmoduck> sysctl: unknown oid 'pcm1'
11:22:11 <Plasmoduck> I hate dealing with sound on FreeBSD it's terrible
11:22:26 <Plasmoduck> why doesn't it just work properly like in Linux
11:22:35 <Plasmoduck> it's crazy
11:23:26 <Plasmoduck> I feel like audio and wifi are FreeBSD's biggest weakness
11:25:02 <RhodiumToad> sysctl hw.snd.default_unit=0
11:25:13 <RhodiumToad> no spaces around the =
11:25:21 <la_mettrie> which computer models have audio issues? (my thinkpad does not)
11:29:05 <Plasmoduck> sysctl hw.snd.default_unit
11:29:23 <Plasmoduck>  sysctl hw.snd.default_unit=pcm1
11:29:25 <Plasmoduck> sysctl: invalid integer 'pcm1'
11:30:01 <RhodiumToad> =1  not pcm1
11:41:36 <Plasmoduck> Okay nice that works
11:41:44 <Plasmoduck> Now how to make it perminant>
11:42:43 <Plasmoduck> should I just put that command in my .xinitrc?
11:44:35 <RhodiumToad> hw.snd.default_unit=1   in sysctl.conf if you want to have it set system-wide on boot
11:45:45 <Plasmoduck> thanks
11:45:47 <Plasmoduck> brb
11:45:50 <Plasmoduck> rebooting
12:21:59 <puddinghead> hey, im planning to start building my own ports and submitting to the ports tree
12:23:03 <puddinghead> would you recommend me to upgrade my system from 13.2 release to 14.0 current if i want to start porting programs to freebsd?
12:24:15 <RhodiumToad> you might want a 14.0 VM, but you probably don't want to run on -current
12:25:08 <puddinghead> i see... so itd be like 14-stable on bhyve then right
12:25:38 <RhodiumToad> 14 is still -current last I looked
12:25:43 <puddinghead> i see
12:26:10 <RhodiumToad> (it was supposed to be branched by now, but the switch to openssl 3.x and llvm16 has delayed things
12:27:06 <puddinghead> i see
12:27:22 <puddinghead> so i should then set up bhyve for a 14.0 vm then?
12:27:35 <puddinghead> i've been building my 13.2 packages in poudriere through bare metal for a while already
12:28:42 <RhodiumToad> how much RAM do you have?
12:30:19 <puddinghead> 16gb
12:30:36 <puddinghead> planning to upgrade to 64gb but i wont do that before adressing my storage isuses first
12:30:53 <RhodiumToad> then yes, set up a 14-current vm
12:31:15 <puddinghead> cool! how much ram and space would i need
12:31:28 <puddinghead> 8gb of ram and enough space for whatever ports i want to build right (rn just one)
12:31:34 <RhodiumToad> depends how impatient you are
12:32:22 <RhodiumToad> does your port depend on anything substantial?
12:33:01 <puddinghead> not really, its just a gemini browser
12:33:34 <puddinghead> might pick up a few other ports but only if the gamini browser goes well
14:09:54 <natewrench> i cant help think that major companies might move back to freebsd because they want to sell both the product and service. Sony originally shipped the old Ps2 with GNU Linux software called other os. But Sony moved to FreeBSD for ps3/ps4/ps5. We've been conditioned that free is free instead now its free as a subscription
15:27:26 <kenrap> Though companies don't have to fully fork from FreeBSD to create their custom firmware OS. They could also cherry pick pieces from the kernel to integrate into their system, much like how Nintendo took from FreeBSD's network stack and integrated it into their own OS for the Switch.
15:43:55 <meena> companies will use whatever they *can* use. most of all, they like to already have engineers knowledgeable in the technology. you don't see many job listings for junior kernel engineer
16:02:35 <kenrap> I was only remarking on how companies can take pieces of FreeBSD rather than being a full derivative in order to give FreeBSD that "street cred". However companies want to allocate their business resources is their prerogative and not what I was talking about.
19:14:10 <eoli3n> hi
19:14:36 <eoli3n> is there any tool like debian unattended_upgrades to automate upgrade process and reboot when kernel upgrade ?
19:17:47 <easyme> Hello
19:18:15 <easyme> What is the difference between linux and bsd? I think, both use open source softwares.
19:19:06 <mason> easyme: Licensing, pacing, the place of tradition in planning.
19:19:21 <kenrap> easyme: camp Linux focuses on copyleft, camp BSD focuses on permissive licensing
19:21:04 <kenrap> In regards to pacing, Linux development is more chaotic and wild-west, BSD development is more structured and thoughtout.
19:21:20 <V_PauAmma_V> Or are you asking about user-visible differences?
19:22:20 <la_mettrie> there are rather many differences between linux & BSDs. reading an article about it might be a good idea to get a complete picture
19:22:27 <jgh> or historical roots?
19:23:51 <la_mettrie> the licensing issue is often given too much weight. it's just one aspect
19:24:41 <meena> eoli3n: i don't think so
19:25:17 <V_PauAmma_V> eoli3n, if you're using binary updates, there's "freebsd-update cron" and "freebsd-update updatesready", but you still need to install manually.
19:31:32 <parv> eoli3n, Some do install phase themselves to avoid a reboot; look up on that to script that
19:32:34 <eoli3n> ok thanks, then i'll script
19:36:07 <parv> Realize that "do install phase themselves" is not putting "freebsd-update install" in a script but create a new environment to extract the updates. As I have not been interested in that, have not closely looked at all the moving parts
20:32:59 <spork_css> That was neat - Vultr's default FreeBSD install uses UFS - using the "custom ISO" feature and feeding it 13.2-RELEASE and running the installer in VNC took me maybe all of 15 minutes.
20:34:15 <spork_css> For sh*ts and giggles, I also enabled GELI encryption. Might be a pain with upgrades (always have to get on the Vultr console to type the phrase), but the installer support for zfs/geli encryption is solid. Very easy setup.
21:16:18 <mason> spork_css: Heh, I just sent up a new FreeBSD box on Vultr a couple hours ago. Good day for it.
21:16:29 <mason> I just took their default install of it and upgraded.
21:45:37 <meena> upgraded to zfs?
21:45:40 <meena> :P
21:46:00 <mason> Nah, not enough memory to do that and run other stuff. Just updated everything.;
21:46:57 <meena> why is the default install UFS it seems so strange if you have more than two gigs of RAM
21:47:42 <mason> Only one gig on the one I got.
21:48:20 <meena> I guess if you're doing the cloud thing of destroying the machine every time you change anything, you don't need bectl, do UFS is good enough
21:49:15 <mason> Nah, I just make regular back-ups. No destruction imminent.
21:49:36 <meena> I need to destroy and rebuild this machine
21:49:58 <meena> but… i would just rather rebuild it as aarch64
21:50:22 <temp64> aarch64 is such a gay name for arm holy shit
21:50:48 <meena> as soon as we boot in Hetzner, I'll do it
21:50:48 <mason> Derogatory language usage isn't generally acceptable here.
21:51:26 * meena slides uncomfortably close to temp64 i know right? i love it, too
21:52:17 <temp64> :D
21:53:16 <meena> I know pride month is over, but, did you know that the original arm architecture was developed by a trans woman?
21:54:18 <temp64> what was his name?
21:54:38 <mason> !ops
21:54:41 <meena> nope.
21:54:44 <mason> hm, no such command
21:58:58 <temp64> what was that supposed to do?
21:59:52 <meena> a failed attempt to summon the ops to kick and ban you
22:00:43 <meena> we'll get there, in the meantime, we'll put you on ignore 🤷🏻‍♀️
22:00:57 <temp64> I am morally and intellectually stronger than you. There is no remedy against me
22:01:05 <temp64> You can only ban me
22:01:25 <chud> what's the problem?
22:02:08 <temp64> meena is just sperging out over "his" word
22:02:38 <mason> chud: Use of "gay" and "him" in ways intended to be hate speech.
22:02:56 <chud> yikes
22:03:01 <temp64> oy vey
22:04:16 <meena> we don't like people hating to the gays and the transes, and not just because they are pillars of our community, but also… because it's mean, and we don't need that
22:04:38 <temp64> maybe if you stopped worrying about such trivial matters apple would actually start funding your project
22:04:41 <yuripv> you could stop after "hating"
22:05:11 <chud> As a rust user I agree with meena, we have to be inclusive
22:06:42 <temp64> i ain't hating though, i just thought aarch64 sounds kind of gay
22:07:05 <markmcb> you mean like happy?
22:07:12 <markmcb> i agree, aarch64 makes me happy
22:07:15 <markmcb> :)
22:07:24 <mquin> now would be a good time to let this drop
22:07:29 <meena> yeah, yuripv is right, i could put lots of categories after, and it would never be exhaustive and people still find reasons to hate specific groups, and we don't need and don't want hate. it's not great for building community
22:07:33 <chud> aarch64 being gay would mean it is superior to amd64
22:08:06 <meena> anyway, yes. let's drop it
22:08:11 <temp64> can't argue with that tbh chud
22:09:19 <Melon> sounds like this conversation needs to goto  #freebsd-social. #freebsd is basically a support channel for freebsd
22:09:53 <chud> drop(problem); 💪🏿💪🏿💪🏿
22:10:10 <temp64> if this is tech support, i can't imagine how #freebsd-social looks like
22:11:07 <chud> anyways do you need any help with freebsd temp64?
22:11:29 <markmcb> curious, what's the most jails anyone has running?
22:12:04 <chud> over 9000
22:12:04 <temp64> how many are there in the us?
22:12:11 <markmcb> 9000???
22:12:14 <markmcb> wow
22:12:21 <markmcb> here i am proud of my 7
22:12:23 <markmcb> lol
22:12:28 <temp64> heard black people get locked up there left and right
22:12:37 <chud> I know I run many jails at the domestic and federal level
22:14:27 <meena> markmcb: jails are pretty lightweight. it's easy to spawn a lot
22:15:13 <meena> try it out in a loop with /rescue as root
22:16:06 <markmcb> ooh, what's /rescue? another corner of the OS to explore
22:16:27 <yuripv> one huge static binary containing a lot of utilities
22:16:44 <temp64> niggas legit reinvented busybox, i'm impressed
22:17:07 <markmcb> nice, seems pretty handy
22:17:33 <meena> https://man.freebsd.org/rescue(8)
22:17:34 <VimDiesel> Title: rescue(8)
22:20:45 <markmcb> meena: so if i understand correctly, i could config a lightweight jail with path = "/rescue"?
22:21:33 <meena> markmcb: lemme draw up a shell script
22:27:38 <temp64> It was a great night, it was a Homocaust
22:27:38 <temp64> Bona fide homocide, 50 lives lost
22:27:38 <temp64> No Pulse, just Blood on the Dance Floor
22:27:38 <temp64> Now the fags are more butthurt than before
22:27:40 <temp64>  
22:27:42 <temp64> Look here, a muslim walks into a bar
22:27:44 <temp64> And orders shots for everybody, hardy har har
22:27:46 <temp64> And he should've killed more but he was not a straight shooter
22:27:50 <temp64> Almost makes you wanna cry like that bitch Anderson Cooper
22:27:52 <temp64>  
22:27:54 <temp64> It's a tragedy, too many faggots got away
22:27:56 <temp64> So instead of Islam they're gonna die from AIDS
22:27:58 <temp64> If survivors wanna feel guilty, that's their prerogative
22:28:05 <kenrap> inb4 a banning
22:28:20 <meena> meena@websrv2-hel1 ~> for j in (seq 1000) sudo -H jail -c persist ; end
22:28:42 <meena> markmcb: this took about ten seconds to execute
22:29:12 <meena> and about a minute to write, because I'm doing it on my mobile phone, which after 23:00 Turns black and white
22:29:18 <markmcb> meena: cool, I'll give that a whirl
22:30:00 <meena> A_Dragon: might be worth banning the /64
22:30:16 * yuripv votes for kline
22:30:24 <A_Dragon> `<-- ╡ temp64 (~temp64@2a02:a314:8348:100:6e87:87c5:8ae1:7636) has quit (K-Lined)`.
22:30:30 <yuripv> heh
22:30:40 <mason> Thank you.
22:35:25 <meena> markmcb: jls now shows 1006 jails running, but since they're not doing anything, top is unaffected. all I've done is created 1000 additional process name spaces (which all map to the same file system name space (/rescue) and network name space (none))
22:37:30 <meena> i got my paste wrong
22:37:36 <meena> meena@websrv2-hel1 ~> for j in (seq 1000)                                                              sudo -H jail -c persist path=/rescue
22:37:36 <meena>                       end
22:37:51 <markmcb> very cool ... i have much to explore :)
22:39:53 <meena> like, jail -r
23:40:56 <A_Dragon> that works
23:41:13 <debdrup> A_Dragon: thanks for the assist
23:41:25 <A_Dragon> no problem, sorry for stepping on your channel
23:41:56 <debdrup> no, you were right to - i was in bed trying to fall asleep (unsuccessfully), so i wouldn't have noticed had i not gotten up