pikvm rox, happy owner of 1

hi all, how do i skip upgrade openssl from 1.1.1 to 3.0

?

n30: did you figure out why you even have an openssl package installed? and from the pkg output you shared previously it seemed like you already have 3.0 installed; maybe pkg lock but no idea what other effects that will cause

na this is on a jail

then you could try pkg lock

pkg version|grep "<" say that perl5-5.34.1_3 needs to be upgraded but portmaster -aD say that nothing is to be upgraded

UPDATING has instructions for portmaster users to update perl, but you should have said that you build your packages yourself earlier, then I would have suggested that DEFAULT_VERSIONS+=ssl=openssl111 (ok, that also forces stuff that would use base openssl to use an openssl package

using poudriere makes managing that stuff a bit easier

n30, What OS version is running in jail?

i have upgraded perl

parv: freebsd

n30, I was asking for the version, not the name. Is it 13.2?

parv: ah then yes

n30, Thanks

but im srsly confused why pkg version says that i need to upgrade perl when i recently have done it and all the dependencies for perl

the default version of perl changed to 5.36 and it seems like portmaster gets confused by default version changes that don't change something else of that port or something

ah, that default version change changes the dependencies of every port depending on perl and I don't think portmaster checks if it should rebuild because of changed dependencies

n30: i suspect you're going to have a bad time

ahhh 5.36 then

wonder where i got from that 5.34 was the latest

oh seems like -> 5.34 was 20230730

yeah noticed that now ... then its just to upgrade :d

do I have to use .eli postfix for geli labels?

may i use eli0?

because eli0a looks much better

hello, could anyone link me to a manual that describes the steps for installing freeBSD manually without using the installer? i have tried search engines but the results were either incomplete or 5+ years old

exactly this is what i am doing now

i can give you my wscript

(stuff is going wrong and i think i know why, i don’t need further help at this point, just a complete list of steps to reproduce exactly what the installer would do, what partitions are required etc, so i can change the parts that i need to)

wikan: please and thank you

wait

which pastebin to use?

chat title seems to link one that looks good enough

wikan: bsd.to

Title: script - Pastebin

this is old and BAD script

today i will have good, new version ;)

this script works fine up to 180 line

i know what i did wrong :)

and after all you need this -> gist.github.com/yzgyyang/4965d5673b5c79c644a695dd75fa8e05

Title: FreeBSD mount img files · GitHub

this script install freebsd on ecrypted / partition

today i will have correct script

and maybe in 2 weeks my own dialog based installer

if you want me to share with you, priv me your mail, so i will send it to you

wikan: thank you! i just want to get freeBSD running on my weird old laptop with a weird EFI, so i think i should be fine with this, i will probably be back if i can’t figure it out

in my code is a bug. script stops when creating users

so I had have to finish installation by hand :D

well this is my first script I wrote maybe 1 month after I started using freebsd :)

how do you all organize your poudriere runs? the automatic number of builders is dicey cause it fires 11 builders seeing as i have a ryzen which is swell for most packages until we get to the heavy hitters (llvm,rust,gcc,browser)

Gooooood mornininink

!gm

what does "Root mount waiting for: CAM" mean?

means just that

the CAM system is a physical layer that has to settle before a disk can be mounted

man -k cam will give you a bunch of man pages

hmh, and what does it mean when i get repeated errors and timeouts that mean it takes forever to boot and even when it’s finally finished booting keeps spamming my console?

man 4 cam will give you more than you need to know

skyenosaur: could be you have a failing disk

skyenosaur: could be a bad device driver

it would help to know the hardware involved.

it’s 10 year-old thinkpad that is kind of banged up anyway, but has so far been running smoothly under linux, i just need it as a freeBSD test machine

skyenosaur: pkg install smartmontools might help you

smartd will tell you what's up

skyenosaur: which thinkpad?

it keeps complaining about ahcich1 on different slots

Dianora: z50-75

it does have a broken cd drive, maybe it’s that

that would do it

man 4 ahci

hope that helps. I have to step out

yes i got it from here, thank you Dianora!

you are welcome.

skyenosaur: you should be able to disable it in device.hints

man device.hints

gotta go

i'll probably just disconnect the drive instead :)

Hey all, any LDAP fans out here? I wrote this article, and if you're interested in running LDAP+LDAPScripts, I would love if you can test this article to make sure it's all working fine. wiki.freebsd.org/LDAP/Setup

Title: LDAP/Setup - FreeBSD Wiki

antranigv: tks, will take a look!

cedb thank you! I will add the client side as well, using SSSD

antranigv: i dont see any pam related stuff, do you have a recomendation for a link on setting that up? its probably pretty simple just sanity/best practices yk

cedb so for that I use SSSD, I haven't documeented that yet, but lemme paste the code

sorry for typoes, texting iin a cabb

bsd.to is dead? sad

cedb here's the basic gist: reviews.freebsd.org/P614

Title: ✎ P614 SSSD config

cedb as you can see, I'm using NSSwitch instead of PAM, but the idea is the same. I used nsswitch because I'm more familiar with it, due to working with NIS for years.

antranigv: ahh okay not familiar with centralized auth i guess that makes a lot of sense to just nss into using ldap, theres just a bunch of pam modules id like (like u2f) hmmm

cedb u2f is for 2FA?

yep

cedb: I configured poudriere to work on 2 ports in parrallel each with 3 jobs as most stuff doesn't benefit from jobs anyway, but building 4 heavy ports in parallel was to much (as my cpu has 4 cores poudrieres default was 4 builds in parallel)

nimaje: I found that the limit on building packages in parallel is memory rather than CPU cores.

Schamschula: yep, but poudriere just looks at the cores for its default, well any default for that setting will be wrong, they should have just set it to 1

Yes, but "heavy" packages, like gcc, llvm and rust fail because of insufficient memory.

well i think my earlier question of what does this error mean has been succinctly answered by the hard drive dying, lol. my freebsd adventures are not off to a good start

skyenosaur: zfs or ufs

skyenosaur: I did say eh? ;)

Dianora: you did! and honestly i'm a little impressed that freeBSD started printing errors from the start, whereas linux didn't say a peep this whole time. the HD has been iffy for a while

cedb: not sure what your question relates to, sorry

your drive that is dying what is the fs on it

cedb: it was zfs, but i didn’t get file system errors, the system started freezing whenever it was running from hd (memory is fine, usb systems run)

i kind of gave up on it, its a 10 y/o laptop and i have other systems. i'm now preparing to install on my desktop

hm ya zfs sounds a little mean to old commodity hardware (why im asking in the first place)

cedb: why? (just trying to understand what’s so special about it)

but either way that can't really be the source of the problem. performance issues i could understand but not this, especially with the CAM timeouts and the system freezes and the way the HD has been excruciatingly slow for months. i was just waiting for it to fail tbh

can i mount a luks encrypted linux lvm partition under freebsd? sorry searching kinda hard bc no X yet and phone screen tiny

skyenosaur nope :( it works only on Linux. most encrypted disks are like that. However, you can use a bhyve VM to mount it using USB passthro

antranigv: aww okay thank you! its ok i will simply change it then

rwp: pikvm has been on my radar to check out for a while. Just had a closer look, and I'm very intrigued! In the mean time, I'm investigating installing an old FF in a jail for JRE (via ports-mgmt/portdowngrade probably), and I'll document my process just in case it works. :)

hi, i've got a bit of a problem: my boot ssd (for a manually installed fileserver) died (doesn't event speak sata anymore). i've got an `rsync -haHAX / /data/zroot-backup/` of the boot drive, _but_ i don't know the zfs dataset layout of the original system, and i don't know what freebsd version it was running in the end. what's the best way forward from here?

n-st: ugh.

i guess the blunt approach would be to reinstall from a boot iso (to get the partitioning, boot sector, and zfs datasets set up for me), then steamroll it over with the old filesystem contents?

n-st: that happened to me some months ago, which is why I ended up spending the $ to zfs mirror

n-st: yes

that's what you will need to do

(that would need the same freebsd version though -- how do i find that when i've only got the filesystem contents, including /boot though?)

or i could manually set up the partitioning and zfs datasets… would be more convenient since i can do it on my "proper" computer rather than hunched over with a portable screen -- but would have more room for error when it comes to dataset optinos

hmm, since i'll need to know that either way: how do i find out what version it was running? (i've got the zpool imported, but i'm on a linux machine, so can't just run `freebsd-version` from the backup)

n-st: man freebsd-version gives you one method in the man page

can you share any link to information about custom binary package repositories?

i wold like to make my own with my tools

so you could dig into /boot/defaults/loader.conf and /boot/loader.conf

wikan: poudriere

safest best bet

n-st:

To inspect a system being repaired using a live CD:

mount -rt ufs /dev/ada0p2 /mnt

env ROOT=/mnt /mnt/bin/freebsd-version -ku

good luck with it!

Dianora: `env ROOT=/mnt /mnt/bin/freebsd-version -ku`? that would need a running freebsd kernel, though…

you'd be using a repair cd or usb stick no?

Diamora, nope, I want my own repo

so you'd mount your old system copy on /mnt

wikan: lots of stuff about it on the ML and it's documented but start with man pkg. You could add your local repo

Dianora: oh, actually that's a shell script and (mostly) functions on linux. turns out it was a 13.2-RELEASE :)

thanks

I've never had to make my own binary repo. Unless someone else here has I'd suggest crawling the ML as well.

wikan: You are welcome

n-st: ;) that makes it easier

Dianora: i will be using a repair stick eventually, yeah, but first i needed to find out which version i should download and use

n-st: good luck... and mirror that disk preferably with two different manufacturers

would have been a bit tedious to download one version, then inspect the dead system and find out i'd need a different one after all ':D

;)

but that's sorted, time to grab a 13.2 boot medium then ^^

Dianora: i wish i could :/ that thing is built down to a budget and size, so it only has two sata ports. one used for the os ssd, one for a data hdd. most of the data is backed up offsite anyway, so it's a reasonable trade-off to trade a cheaper system for longer recovery time on failure

and looky what we've got now: a failure and long recovery time >.<

what i would do different, though: zfs send|receive for the backup, instead of the rsync. would make recovery of the os at least a bit more convenient

and i see that some of the data might not be backed up offsite at all right now, which needs fixed as well

fwiw, this is the current backup cronjob:

# makeshift backup because of failing SSD 2019-07-28

0 6 * * * root rsync -haHAX --exclude=/data/ --exclude=/dev/ --exclude=/proc/ --exclude=/tmp/ --exclude=/var/cache/ --exclude=/qua/ --delete --delete-excluded / /data/zroot-backup/

n-st: fair enough

yes zfs send|receive is wonderful

the failing SSD in 2019 at least had the decency to throw SMART errors in advance, so i replaced it in time back then. but now the replacement has failed without any warning whatsoever…

n-st: that's exactly what happened to me

last question about the restoration: there really isn't anything special/"magic" stored somewhere, right? i.e. partition table + boot sector + default zfs options from installer + filesystem contents = the whole system, there's nothing missing from that?

n-st: You *are* doing gpt + zfs root?

in fact easiest for you is to install your 13.2 on that disk boot to make sure it works, then go back to install isk zap the /etc etc. etc. etc.

skip the second step if you want to save time

Dianora: uh, not sure to be honest… whatever was the default in 11.1 (bsdinstall_log says that's what i originally installed)

well it says it did `gpart create -s gpt "ada1"`

and `zpool create […] ada1p4`

so i guess that's that ^^

n-st: This is why all sys admins should keep a paper logbook

;)

Dianora: what do you log there?

I log the disk partition format, what is on each etc.

that's a bare minimum. saves a lot of time when recovering

log the commands needed to recover from a disaster etc. etc.

hmm, that's a pretty neat idea

until now that sort of information (if i even wrote it down) got lost in text files someplace or other, but i've had a logseq database for a while now, that would actually be a good place for that sort of documentation

what kind of stuff could trigger that? 'sh 91809 [zfs teardown inactive] 2095.72r 0.81u 8.37s 0% 4052k'

hmm, if I have a VM on a zvol, and the OS inside the VM uses ZFS, should I enable compression on both or just one of them, and if so, which?

I guess I'll disable checksumming and compression on the child and let the host handle that because VMs are slower

zwr, In practical terms it does not matter much if you enable compression both places or not.

The popular compressors like lz4 and zstd detect poor compression on already compressed data very quickly and auto-disable themselves quickly.

If it is compressed both places then the hosting storage will detect the already compressed data and it won't matter. Not much.

And then the VM will be configured just like any other. And the storage values for it will be on the compressed data. So I would tend to prefer it that way.

But if compression is turned off in the VM then the hosting storage will do the work instead. So don't think it really matters one way or the other.