00:00:44 I don't know what your plans are for a machine, but i usually setup my user, and install a bunch of packages before declaring voila 00:02:06 I usually do that after install from network yes 00:04:43 the way you provision cloud servers isn't usually with a CD Installation procedure 00:07:04 Meena, I see. Unless the providers already have FBSD ready images, right? 00:07:04 you just splat an already installed disk image onto it. and then a piece of software runs (usually cloud-init) and configures the network, grows the disk / fs, and Sets up everything else you told it to do (install packes, create users, configure NTP, etc) 00:11:34 but, yeah, if you don't wanna buy from the marketplace, and yandex doesn't provide images for freebsd, you can usually do an install, then Customize your vm, and then take a snapshot of that vm and setup future vms from that snapshot 00:12:54 some cloud providers integrate this so well, that it's completely transparent afterwards 00:13:54 Is there any reference for that procedure? 00:15:24 tomorrow, now sleep 00:17:45 Ty 02:05:12 I'm still thinking of jumping from 14-CURRENT to 14-STABLE, once `stable/14` gets branched from `main`, and it technically it shouldn't be a problem since the ABI and KBI will be the same or compatible... but I also like helping out by finding bugs from the `main` branch. But the best way to find bugs is to use something regularly like as a daily driver. 06:40:40 Morning :) What are the plans for OpenSSL 1.1.1 - which is eol in september 2023 - in FreeBSD 12.4 (supported until dec 2023) and FreeBSD 13.X (which is supported until ??)? Is there an official statement from FreeBSD? 06:41:58 have you checked the mailing lists? 06:44:53 I did check freebsd-announce - on which i'd expect such a statement. 06:48:35 3.0.9 only made it into current last month 06:52:19 https://lists.freebsd.org/archives/freebsd-current/2023-June/003823.html 06:52:20 Title: OpenSSL 3.0 in the base system update 06:53:03 I know. I did get that. And it's not about current. It's about EoL-Software in a supported RELENG-Release and how Sec-Adv's would be handled in the case they occur (and they will..). 06:53:41 i suggest you ask Ed Maste or security@ 06:54:12 you ask here as if irc idlers are actually directing the project 06:54:31 i just wanted to ask here before bugging them directly via mail :-) 06:54:41 i tought thats what channels like these are for too 06:56:23 haha, nope. 06:56:53 there is one channel #freebsd-dev perhaps ? 07:46:15 danel1: there are, roughly, six operating system / distributions that will have a supported OS release out, but have an unsupported OpenSSL. they'll probably share patches 07:47:00 because none of them can afford to pay OpenSSL for long term support, and even if they could, they probably couldn't release it 07:50:00 i suppose it's a bit hasty to talk about MFC while there's still some ports fallout 07:51:08 Yeah that were my thinkings too. But tbh fixing the issues / vulnerabilities will result - pretty sure - in the same end result es the patch from OpenSSL. And when releasing that to public, even though they might have done it themselves, would absolutely destroy the sales argument of the OpenSSL Project. And then there is still the "time argument".. What if critical issues can't get fixed timely. 07:51:10 yeah, i reckon we might see an MFC after the release of 14 07:52:00 maybe yeah, but surely not for FreeBSD 13.2 and who knows if for 13.3 07:52:40 I dunno how much sales OpenSSL makes… 07:54:25 but, yeah, given the cadence at which RELEASEs… release, i reckon around 13.3 we might have big discussions about whether to MFC or attempt our own patches 07:55:37 I totally goofed and upgraded to mariadb106 from mariadb103 before exporting my databases. Now the database on one machine is crashed and I need to go back to mariadb10.3.38 to repair it. Anyone know if there are pkgs around on some mirror somewhere for older pkgs? 07:57:37 yep meena, thinking the same.. 07:57:43 Oclair: if you don't run pkg clean they might be on your machines 07:58:12 where do they reside? 08:00:02 In /var/cache/pkg if I'm not entirely mistaken 08:01:55 meena: thanks, unfortunately I built them from ports it appears.... 08:02:35 yea is there an archive for pkgs? 08:03:08 If you built from ports, which not just restore those and build again? :) 08:04:36 normally that would work, but attempting to rebuild via portmaster gave an error with postfix which was compiled with mariadb103 so to bypass break I had to install the mariadb106 pkgs 08:05:59 first off: even if you built from ports, you installed the package. if you haven't run pkg clean, the package is still in cache. or in Cache in your ports tree 08:06:37 secondly: if you're building ports, please consider doing that in a dedicated environment with poudriere 08:09:06 yes I know you are right 08:09:12 (aaaaand thirdly, i have no idea how anything with MySQL / MariaDB works. i refuse to even learn how sensible databases like PostgreSQL work, and exclusively use SQLite.) 08:11:49 So, if you don't have the packages any more, (and if there aren't any online archives…) you'll need to rebuild MariaDB 103, and for that, you "just" need to go back in time in the ports tree 08:12:35 HPS@ is dead :( 08:14:06 poudriere posts -c -p md103 -U https://git.freebsd.org/ports.git -B 08:14:07 Title: ports - FreeBSD ports tree 08:14:45 luna_:( 08:19:18 meena thanks for pointing me in the right direction 08:20:28 Oclair: good opportunity to put sql dumps into backups :) 08:22:21 rtprio I do have sql dumps just no way to export them to a different format without the older version from my understanding 08:23:19 mariadb 106 should read maria103's dump. that's the whole point of sql. 08:24:06 lets see if I am fortunate 08:24:07 if you backup /var/mysql (or whatever) those are not dumps, but binary files, in potentially an incomplete state and generally should not be trusted 08:25:18 er /var/db/mysql... i generally gave up on mysql and went with postgres back when mysql didn't support transactions 08:25:20 omg I do have the mysql perodical working on my servers 08:25:26 and they are recent 08:25:36 daily 08:26:29 and it will import 08:26:34 so then I should be able to import the databases omg 08:26:51 wonderful no mucking around 08:27:34 rtprio meena thank you both soo much! 08:27:55 👍 08:40:05 wheee 09:03:07 yes, what happened to HPS@ ? was he sick or something 09:03:58 Meena so....do you have any cool reference for vm image building? 09:37:26 tmic: https://klarasystems.com/articles/deploying-freebsd-on-oracle-cloud/ 09:37:27 Title: Deploying FreeBSD on Oracle Cloud | Klara Inc 09:38:10 you can ignore the patches, and just go right for the building part. and i reckon you just stick with amd64 09:40:29 The use of cloud-init is something that's imternal at the OS, no configuration needed right? 09:40:38 *internal 09:43:59 hi 09:54:24 angry_vincent: Traffic accident 09:55:35 does the stable/13 RC6 precede the 13.2 release? i've been tracking a bug with amdgpu (drm-510-kmod) and i saw someone from the list saying RC6 fixed it for them 09:56:12 vkarlsen: :( 09:59:49 rodri: there is no such thing as "stable/13 RC6", if it's releng/13.2, then yes, RC6 precedes the release 10:06:22 ok, thanks. yeah, i'm not familiar with the nomenclatures, i've been following -release all these years 10:08:31 rodri: between rc5 and rc6 there was a fix for https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=270489 10:08:33 Title: 270489 – Laptop doesn't wake from suspend anymore with 13.2-RC5 10:09:15 not sure if that could fix the amdgpu though :) 10:11:14 doesn't seem like it. i upgraded from 13.1 to 13.2 earlier this week and hell, that problem is being a complete pita to debug 10:12:28 i opened #272564 in bugzilla, and for a moment updating the kmods, following advice from the folks at #freebsd-bugs seemed to have solved it, but then the system crashed again 10:12:53 #272594* 10:37:18 hi all 12:37:18 Hey guys... if someone can help with a little PF question.. got 2 rules: 12:37:20 pass in on ix0 proto tcp from any to XXX.XXX.XX.XX port 2222 flags S/SA keep state (source-track rule, max-src-conn 2, overload flush global, src.track 1) 12:37:20 pass in on ix0 proto tcp from any to XXX.XXX.XX.XX port 2222 flags S/SA keep state (source-track rule, max-src-conn-rate 8/1 overload flush global, src.track 1) 12:37:28 but only the bottom one does overload to table 12:38:25 any way of making this work for both rules? 13:20:27 its a duplicate rule. the last one applies 13:21:21 the first one also does not have max-src-conn-rate 13:58:37 rofl my btop(1) bandwidth looks like a atari game where you have to protect the city that appears at the bottom of the screen. for the life of me i cannot remember the name 13:59:36 want to say its asteroids but feel like im wrog 14:01:18 https://capture.dropbox.com/AzssQMfJ16PnNAqp 14:01:19 Title: Dropbox Capture 14:10:22 CmdLnKid the first rule should only care about the maximum connections and nothing else, thats the whole point. 14:11:17 The idea is to be able to separate IPs that do more than "X" allowed connection in table #1 and the IPs that don't do > allowed connections, but instead - the connection rate. 14:11:29 In table #2 14:12:27 For example I want to allow a max of 100 connections from IP, and a max rate of 20 connections per second, and be able to know what IP overreached which limit - hence the different rules & tables. 14:13:13 Any ideas besides "the rules are identical" ? 14:14:13 shoot! sorry dude missed the fact that it was seperate tables 14:14:32 def not identical 14:15:09 yeah.. question is .. why doesn't it work (and is there a way to make it work) :) 14:19:52 going to try and get some time to replicate this tonight but no gurantee's. just to replicate the conditions will take a while but ill take a stab at it. 14:20:26 see if i can do a 1:1 scenario 14:22:02 in the meantime can you enable logging on those rules ? and inspect pflog0 with some wireshark caps and see if what you expect is what you are actually getting ? 14:23:09 personally i create one ruleset with 'log' enabled and one without on every rule so i can see what might be interfering 14:24:05 'quick' rules and non-quick rules can have a significant impact 17:28:25 is there a way to turn a zfs zroot daily snapshot into a boot env? 17:41:21 is there a way to unmount /usr and /var to restore the environment from a daily snapshot? 17:45:00 Are /usr and /var separate filesystems? 17:45:13 Or just sudirectories of / ? 17:46:08 its a default zpool setup with daily snapshots, I updated mariadb103 and need to go back to those last snapshots as if it is a boot env 19:24:04 I am trying to build NomadBSD image on FreeBSD but if i run ./build all command then i got error: Please install textproc/markdown. But already installed from ports tree. 20:37:17 tyler82: this is the test it does pkg info --exists textproc/markdown 20:37:40 what does pkg tell you? when you do it manually? 20:40:51 meena: Things are getting complicated...again. i was installing the two required packages. x-11fonts/mkfontscale and textproc/markdown. when i was rebooting after sddm login my password was given and the kde logo popping up. then black screen. i can see only the mouse cursor. 20:41:17 i can not enter into tty 20:42:00 alt+ctrl+f1 or f2 combo does not work. 20:44:07 is this freebsd it nomad? 20:45:27 meena: no it is freebsd itself. i was just installing those two packages as required prerequisites un order to build NomadBSD. 20:46:11 and what else did pkg install? 20:46:31 meena: i cant check it... 20:47:17 as i am unable to boot now 20:47:33 tyler82: when you asked it to install, was there just one line, or a big Long list you happily approved? 20:47:53 meena: big long list.... 20:48:08 i was happily approved... 20:49:00 this is starting to sound to me like something i would build in a jail 20:49:40 ok. and then? just uninstall that package? 20:50:25 tyler82: can you get ssh access to the machine if you can't see anything displayed anymore? 20:50:36 x11-fonts/mkfontscale? 20:51:10 meena: good idea. give me a sec i will try... 20:51:33 tyler82: that package, and then run pkg autoremove (perhaps a few times… if necessary) 20:57:38 meena: wow. i am in!!! 20:57:45 tyler82: good. 20:57:54 so whats next? 21:02:04 tyler82: pkg delete x11-fonts/mkfontscale 21:02:11 tyler82: and then `pkg autoremove` 21:02:18 ok 21:04:34 the operation will free 3GB....sounds good to me 21:11:41 noice. i can boot in now. however 3GB delete plus 2GB autoremove caused no desktop environment. i donno what has been wiped. xorg only or the whole kde5...and sddm. i guess kde5... 21:14:20 lolsob 21:14:38 tyler82: so mkfontscale was conflicting with kde?? 21:14:48 i'd report that as a bug 21:14:54 meena: looks like that 21:16:19 i gonna try to build the NanoBSD image first. then will reinstall kde5....lets see how will it work that way... 21:16:40 not Nano sorry. NomadBSD. 21:38:18 meena: Ok. the building script does work now. however on the github page for NomadBSD both packages required from ports collection are outdated. simply need to install via pkg instead of ports. sudo pkg install markdown and sudo pkg install mkfontscale. 21:54:53 tyler82: no one said you couldn't do that 21:55:35 meena: ok. i was just following the instructions on the github page...