00:00:05 At least uname and freebsd-version say so 00:03:07 Huh, weird. After another reboot the EOL warning is gone :O 00:03:25 bendodroid:generic kernel? 00:03:39 flatdog: yes 00:04:08 Hmmm, weird 00:04:16 I'll see if the other machine that is still installing updates shows the same behavior 00:05:14 Maybe it was just some weird cache thing? Are there mirrors involved in the EOL check that might have been out of date? 00:06:10 Upgraded from 13.2 or something else? 00:06:27 RC, whatnot 00:07:07 From 13.2-RELEASE 00:09:03 I think this was already happened on the forums, let me check and I will point you to the thread, if you wish (SirDice rocks) 00:10:17 If you have the link, yes please :) 00:10:56 bendodroid: I've seen this before, i think it is hopefully fixed by an upgrade to freebsd-update 00:14:10 but I'm not seeing anything here, https://freshbsd.org/freebsd/src/branch/releng/14.0 00:14:11 Title: FreeBSD / src - FreshBSD 00:19:30 Ok, so the second machine finished upgrading and it gets better: 2 consecutive 'freebsd-update fetch' invocations lead to the first having the EOL warning and the second one not having it 00:19:41 This sounds like a fun bug :D 00:19:54 can I get FreeBSD 14 torrent yet? 00:24:12 3 times, bendodroid. 3 times 00:33:35 Well, on the second machine I did the final reboot according to the handbook and then 2 fetches and it went away without a reboot inbetween 00:33:43 14 00:34:10 So I didn't miss a reboot after all *relieved sigh* 00:34:30 Why in the world did the update delete sudo pkg? I had to look up the root passwd! 00:34:59 yeah? I'll reinstall that 00:35:14 i'm not going to use doas or whatever 00:38:27 :) 00:39:01 pkg reinstalled 549 packages, but whatever I try to use seems to be missing: sudo, bash, startx fails. 00:41:24 mariuss: even when the full path is provided? 00:42:18 Update: startx is working after manually reinstalling sudo and bash. 00:42:34 Yup. The packages were gone. 00:43:55 Also, a number of packages (19) downgraded. Most, just revisions, but others to a previous version. 00:46:28 mariuss: https://forums.freebsd.org/threads/14-0after-pkg-upgrade-sudo-dont-works.90987/ 00:46:29 Title: Solved - 14.0After pkg upgrade sudo dont works | The FreeBSD Forums 00:47:18 post #16 00:49:18 Yes, I went and edited the conflicts. Both /etc/group and /etc/password are correct. 00:51:49 After reinstalling both packages (pkg did not complain that they were already installed) everything worked w/o editing config files. 00:56:35 the EOL timestamp in http://update.freebsd.org/14.0-RELEASE/amd64/latest.ssl 00:56:35 is 1706659200 ie. in less than 3 months 00:56:45 so freebsd-update is warning 01:03:04 Whenever I do 'freebsd-update fetch install' it complains that /etc/ssh/sshd_config is affected by the updated but no changes will be downloaded because the file has been locally modified. How do I get around this ? 01:09:05 yea lol i remember updarting to 14.0 im loke why do /etc/groups and /etc/passwd have hashtags 01:09:11 s/loke/like/ 01:13:13 I just set up the poudriere jail for 14.0-RELEASE: I also see the EOL warning. lol 01:13:14 mns: but it didn't say anything about /var/db/etcupdate/current/etc/ssh/sshd_config ? 01:13:15 if so, you should be able to merge the file with etcupdate(8) 01:28:16 Could it be that you are on the RC which is now deprecated? 01:47:40 babz: no it did't say anything about /var/db/etcupdate/current/etc/ssh/sshd_config. Just to be clear, seeing that 14.0 is out now, I'm on 13.2-RELEASE-p5 01:48:03 let me look at etcupdate, I've not used it before. 02:02:48 Looking over at the release notes for 14.0-RELEASE, I see that sendmail is replaced by dma. dma seems simple enough, but no ability to receive email ? 02:09:32 with direct memory access, I hope the mails go fast! 02:09:37 Woot! Excited to discover how 14.0 it's doing with RPI. Going to try it really soon 02:11:22 I haven't had a good look at dma yet, except to see that for local mail it works on its own 02:28:08 mns i was also wondering about the best way to get those changes. i have not used etcupdate before. perhaps it's actually easy peasy 02:33:49 Hmm so I tired updating to 14.0 but I keep getting errors about the i915 module not working so it won't start the desktop 02:33:55 s/tired/tried 02:34:11 I reverted the snapshot and boot env so I'm back on 13.2-p5 02:34:46 I did keep running the freebsd-update install as suggested after the install but no luck, and the drivers were not installed from ports :( 02:35:36 I also got many libcrypto errors so it looks like it didn't update many packages properly 02:36:03 Did I miss a step perhaps? I thought freebsd-update install should have updated everything on the second run after the reboot 02:36:28 I love ZFS snapshots tho <3 02:39:27 Oh well I'll read up a bit more and try again, but if any of you have any idea it'd be nice 03:06:43 bash and sudo arn't in pkg 14 repos? 03:08:06 er... no. They're there.. wonder why it wants to uninstall them 03:12:29 * skered shrugs... was able to reinstall them 03:12:46 silly pkg doing silly pkg things. 03:15:09 mns, The merge notification about sshd_config was something that happened in 13 and several of us have commented upon it but so far no one has gotten to the root cause yet. It did not do that in 12 so this is new but new in 13 and 14 just appears the same as 13 for this. 03:19:24 scoobybejesus: yeah I don't think I need etcupdate. I made somce changes to /etc/ssh/sshd_config around April timeframe 03:24:38 rwp: ok so that's good to know that I'm not the only one :-) 03:27:21 I did the same. I mean, I think the default config has permitrootlogin no, and I have it as yes on my vps. so every freebsd-update tells me that, so I don't get the upstream changes. but I guess upgrading to 14 gives the option to edit the file 03:38:29 I just upgraded a couple of boxes to 14.0-RELEASE and discovered that any user who types "su", automatically gets root now! 03:39:46 No password required or anything. 03:42:22 rwp: did you make changes for hardening sshd ? 03:42:29 mns, You are not the only one. Recently saw this thread on the mailing list about it too. https://lists.freebsd.org/archives/freebsd-stable/2023-October/001527.html 03:42:30 Title: Re: FreeBSD Errata Notice FreeBSD-EN-23:09.freebsd-update [REVISED] 03:42:41 scoobybejesus: I keep that setting always set to no. no one should need to ssh in as root 03:42:55 That thread has many replies but no real root cause. But it did have a few interesting ideas in it. 03:43:51 crazy how lang/python pkg will install 2.7 - 3.11 in freebsd 14 03:43:54 I'll have to look at that thread 03:44:04 rwp: the hard drives are in the enclosures.. the fun is starting :) 03:44:45 the machine with the 3 drives has 14.0 also.. figure might as well try it out with a software raid restore :) 03:44:54 what could possibly go wrong.... sarcasm 03:45:07 mns, scoobybejesus, I also must change PermitRootLogin to yes now too because that's how backup works here. And no it is not a security weakness as no one is going to crack an ssh key by brute force. 03:46:21 voy4g3r2, Good luck with the recovery! And yes I am familiar with the SCT ERC issue. The page you want for Western Digital is this one. https://blog.westerndigital.com/wd-red-nas-drives/ 03:46:23 Title: On WD Red NAS Drives - Western Digital Corporate Blog 03:47:07 That WD page identifies which drives their marketing department slipped in SMR drives into the normal CMR drive space. If you have an SMR drive I guess you can only remove it and replace it with a new CMR drive. 03:48:12 voy4g3r2: after doing some research on the rpi red led thingy, if it were to lit off, it means it had a "brownout" because of not having enough power but clearly our rpis are still functioning when running 14.0-RELEASE. Another thing I found out is that in Linux, one can turn off both red an green leds if they want to. My hunch is that something in the boot process (like an rc script) might be turning off the red led by defaut. 03:49:00 kenrap: yeah that is what i am seeing too the gpio are "on" by default through their raspi-config 03:49:11 so some magic is happening 03:56:42 https://bsd.to/cxfx 03:56:43 Title: dpaste/cxfx (Plain Text) 03:56:45 fun times.. 03:56:57 time to fsck some drives, it looks like 04:01:24 rwp: interesting email thread. I didn't realise Include was a supported option 04:02:00 Anyone who has upgraded to 14.0-RELEASE? 04:02:14 iio7: a few :) arm64 here 04:02:48 On my amd64 boxes, all users who type "su" at the terminal gets root access without being prompted for a password now. 04:03:09 After the upgrade from 13.2 to 14.0. 04:03:31 are those users part of the wheel group? 04:03:53 for my install i am prompt for users to su , denies if not part of wheel group 04:03:56 No. 04:04:27 But even if they where, they are supposed to be prompted for the root password. 04:05:18 Noone else seeing this? 04:12:29 mns, The interesting idea for me out of that thread was to add specific options to the command line argument list. That does not work for Include. But it does work for the majority of my needs. 04:13:05 It also does not work for the Match configuration either which is another custom environment I live in too. But that's pretty unusual. 04:14:35 For me it was just using the '-f' option. It is a work around though, since /etc/ssh/sshd_config should be modifiable and freebsd-update should be able to work with that 04:15:19 Agreed. sshd_config should be locally modifiable and the update should handle it. It's a regression that it does not. 04:16:33 voy4g3r2, I am just a little concerned about your disk gpart paste showing all of the corrupt flags. Didn't you say your synology was running mdadm software raid on Linux? Wouldn't that be the place to do the recovery then? 04:18:32 iio7: not seeing that. su works as expected for me. 04:18:46 rwp - it is SHR/multiple disk.. i would but the synology motherboard died 04:19:33 voy4g3r2, I know your motherboard died but if the synology ran linux then though this might be heresy to say here I would recover it on a linux system not a freebsd system. (shrug) 04:19:49 yeah... 04:21:01 After you recover you would want to move all of your data over to ZFS on FreeBSD of course. But until then I would boot your favorite linux flavor and then do the recovery there. Because I don't know why it would be showing corrupt from gpart. That would make me nervous. 04:21:23 https://kb.synology.com/en-us/DSM/tutorial/How_can_I_recover_data_from_my_DiskStation_using_a_PC 04:21:25 Title: How can I use a PC to recover data when my Synology NAS malfunctions? - Synology Knowledge Center 04:21:45 i found an article and trying to see how i can replicate.. 04:22:28 to your point, following them may make more sense 04:23:28 Earlier this year I found myself in a problem on my 6 disk NAS. I was really paranoid because I didn't want to lose the data. I also did not have a backup, my bad, and so I really sweated through it. But it was ZFS on FreeBSD for me and eventually I was able to recover 100%. I now have a second NAS for backup now. Whew! Survived through it. 04:23:53 well at this point... i am looking at tarsnap.com 04:24:39 because i have hit that threshold myself and i can have a debian box up running real quick anyway 04:24:43 just need to flash real quick 04:25:02 these are time i wish my home lab was NEXT to me and not in another area of the house 04:26:06 I just skimmed that Synology article and it looks pretty good to me. That flow looks reasonable to me from here without warranty. 04:26:35 yeah i have played with lvm2 before synology 04:26:44 figure it could not be that hard to get it working on freebsd 04:26:49 fusefs-ext2 and geom 04:27:06 but yeah.. i get to the point of.. it is showing drives in stripe but complaining with said paste from before 04:27:22 It doesn't really say how to drive mdadm because I think it is likely that it might snag up there. But mdadm is very reasonable and I think you can get the raid online at that point. And then the rest should flow. 04:27:56 I don't doubt that you could get the array mounted up on FreeBSD. The problem is trying to get something which *might already be corrupt* up and running. 04:29:44 makes sense to me.. flashing the card now with debian and see where it takes me 04:30:37 If it were me I would try to make the best luck for myself as I could and match the Synology environment as exactly as possible. Which is Debian/Ubuntu as per Synology. And then I would migrate the data to ZFS on FreeBSD where it can be safe for all time. 04:31:49 yeah.. freebsd found the 3 drives.. only 2 usb3 04:32:00 but that is a whole other thing.. we have discussed laready 04:32:03 usb no bueno 04:37:20 i am getting too comfy with flashing these cards last few days 04:48:04 rwp: well that found it and yea... personality complex anyone? https://bsd.to/vtJR 04:48:06 Title: dpaste/vtJR (Plain Text) 04:48:56 but it found it :) progress 04:51:52 voy4g3r2, Good deal! Looks like it assembled the raid5 with no problem at all. I am not used to seeing "[4/3] [UUU_]" there and don't understand it with regards to a 3-disk raid. I go, huh? 04:53:19 hehe, yeah well that is how i roll 04:53:31 logic made sense at the time 04:53:35 EXT4-fs (dm-0): Number of reserved GDT blocks insanely large: 7491 04:53:49 this is a funny one, seems since the synology had such an old kernel.. the newer ones fixed a bug 04:53:53 You can always use mdadm to probe for more information about the array. "mdadm --detail /dev/md2" and "mdadm --examine /dev/sda" and so forth. But it looks good at this time. 04:53:54 which makes it not mount 04:54:33 Onward through LVM and then mounting. Good luck! 04:59:48 haha.. they fixed a bug in kernel afer 2018 that wil stop me from working 05:00:01 i got sloppy, i need version 18.04 of ubuntu from 2018.... 05:00:53 gotta love it 05:05:23 well til tomorrow.. i have done too many flashes .. the adventure continues 05:06:55 That's why i like freebsd. nothing is what it seems. you gotta keep working at it. not old and stale like linux that just works. lol Freebsd prevents me from distro hopping 05:07:47 jb1277976: there is tons of history of this situation outside of it.. synology uses a kernel that had a flaw.. that was resolved in newere linux kernels 05:08:04 so the only way to get around it, is to use a kernel BEFORE the fix was done 05:08:15 Aw 05:08:49 use the tools you have.. on any given day i am jumping between 3 os because i have to 05:09:07 i just get use to it and do not have the luxury of just using one.. sometimes it is 4 if i have to play with an oracle database 05:09:14 keeps me on my toes 05:12:50 Nice 05:37:09 Now that the default shell is sh, is there a summary somewhere of the differences between sh/csh/tcsh? 05:48:33 tehpeh: They're different languages. 05:49:10 Any difference in featuers for interactive use? 05:49:41 Yes, you can't use the same loops, etc. 05:50:07 I think there were some usability features coming for sh in 14, but I'd have to look to see if they exist. 05:50:19 I've noticed sh needs two tabs to get an auto-complete suggestion list, and csh/tcsh only one tab 05:50:24 for example 05:51:44 I haven't been able to find a summary of features yet 05:57:01 tehpeh: Try them both and see what feels right. 05:57:17 will do 05:58:07 When I search for the binary package "radarr" on freshports, I get version 5.1.3.8246. When I search using "pkg search" on FBSD 14 with pkg set to latest repo, I get 5.0.3.8127_1. Anyone else seeing a newer version in pkg search? 05:58:39 have you done a pkg update ? 06:03:19 Yup. 06:07:43 iio7: look at the table on freshports 06:08:55 5.0.3 is expected for 14 06:10:37 markmcb, weird, so 14 gets an older version. 06:11:07 tehpeh: Ah, here we go: https://cgit.freebsd.org/src/commit/?id=d410b585b6f0 06:11:08 Title: src - FreeBSD source tree 06:12:21 mason: thanks :) 06:13:01 tehpeh: I used to be an avid pdksh fan, but FreeBSD's Almquist might do the trick for me now. I'll spend some time with it. 06:14:04 normally I'm fish, but on my server want to keep it to what's in base 07:24:38 Cannot find a GUI for bluetooth manager in pkg. Is there any? 07:25:18 how do i report a bug on the official wiki? 07:25:43 point 2 needs to qoute the inner " chars: https://wiki.freebsd.org/Ports/QuarterlyBranch#How_to_switch_from_quarterly_to_latest 07:25:44 Title: Ports/QuarterlyBranch - FreeBSD Wiki 07:25:54 CueXXIII, https://bugzilla.freebsd.org - I would think 07:25:56 Title: FreeBSD Bugzilla Main Page 07:28:58 So there is NO bluetooth gui in freebsd/ 07:29:05 So there is NO bluetooth gui in freebsd? * 07:38:03 Beladona: Bluetooth in FreeBSD is something I generally try to avoid in FreeBSD since it's bluetooth support is mediocre... 07:38:14 I see 07:38:22 elirco: so bad sound quality? 07:39:08 no, it just is a hassle to set it up and even does not work with a lot of devices. (that is my experience) 07:39:54 elirco: ok by the way, is there even a gui based bluetooth manager? 07:46:52 Beladona: i don't think so, you have to use command line. 07:49:22 Beladona: GUIs for managing Bluetooth are generally integrated into desktop environments 07:50:10 meena: I have freebsd desktop env 07:50:26 which one? 07:55:58 meena: is there one "desktop environment bluetooth GUI" that actually works und FreeBSD? Never seen one. 08:12:20 meena: xfce 08:12:53 elirco: :) I am with you with sympathy 08:13:23 But freebsd is not a desktop OS at its core 08:13:28 (I think) 08:25:24 That's right, rather it's a "desktop-able" OS. Just DIY. 09:04:41 So like Linux, a few years ago (and i guess windows and macos users might say: still) 09:08:58 I mean, when It boots, your hardware, maybe... 09:12:53 wasn't there a great quote from Linus about QA in Linux: when it compiles it's good, when it boots it's perfect 09:52:40 https://lkml.iu.edu/hypermail/linux/kernel/9804.1/0149.html 09:52:41 Title: Linux-Kernel Archive: Re: LINUS ISN'T SHARING!! :) 10:34:46 meena: one could make the argument that modern versions of Windows and macOS are also desktop-able OS'.. 10:35:55 With power users, it's never just pick-up-and-go - in my experience, with Windows you have to spend a few hours removing all the ads and installing a proper package manager, and with macOS you need homebrew and a whole bunch of other things. 10:37:20 Mind you, I treat Windows like an appliance OS - because I do all my daily work on FreeBSD; so I'm probably not the one everything should be measured against ;3 10:47:23 I have no idea what windows is these days, and after 7 months of using the previous version of MacOS i never want to do that again 10:55:48 o/ 10:58:43 Do we manually need to execute command for ZFS update/upgrade, after FreeBSD upgrade from 13.2 to 14? 10:58:54 as the release 14 has new ZFS version 10:59:42 zpool upgrade is an administrative command, it should always be issued manually. 11:00:42 and don't forget to upgrade the bootstrap code 11:00:56 (before running zpool upgrade) 11:04:13 Thanks debdrup. Mage: so it seems the command is: gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i 1 ada0 for that, "ada0" so it seems that's an example disk name, how can I check mine? 11:04:38 "zpool status" lists two things, 1: zroot, and 2: ada0p3 under "NAME" row. 11:04:54 So I assume it should be "ada0"? 11:07:35 tercaL: do you use UEFI or classical BIOS ? 11:07:53 with UEFI you can do something like for p in $(gpart show -p|tr -s ' '|grep 'efi'|cut -d ' ' -f 4) ; do mount -s msdofs /dev/$p /mnt ; cp /boot/loader.efi /mnt/efi/boot/bootx64.efi ; umount /mnt ; done 11:08:02 mage: It's actually a remote Hetzner bare-metal server, I don't really have an idea. How can I check for that? 11:09:07 on a box of mine, I get: sysctl machdep.bootmethod: UEFI 11:09:13 and the other one: sysctl machdep.bootmethod: BIOS 11:12:29 for UEFI, I just do 11:12:30 cp /boot/loader.efi /boot/efi/efi/boot/bootx64.efi 11:12:41 (and also /boot/efi/efi/freebsd/loader.efi) 11:14:23 babz: You do these before or after zpool upgrade command? 11:14:56 different answers on the forums; some do it before, and some do it after. 11:24:25 So far as I remember, the order of operations should be: System upgrade, then bootcode upgrade (which'll depend on the partition and disk layout), followed by zpool-upgrade(8). 11:51:23 wow, love phk's scathing review of blocklistd. he ends it with: "Other than that, once you get it set up right, it seems to get the job done…" 11:53:15 tercaL: I usually do it after because the command reminds me to do it 11:53:57 but i guess it's slightly safer to do I before 12:05:22 babz: Got it, thanks. You gave an example for UEFI systems, and what about classical BIOS cases? What would change in those commands? 12:07:48 bios ? what is that ? 12:08:13 from the before times 12:08:16 the long long ago 12:13:24 babz: non-UEFI systems 12:13:32 With MBR 12:18:27 Upgraded FreeBSD to 14.0-RELEASE according to instructions on the website. Now running "pkg update" gives me `ld-elf.so.1: Shared object "libssl.so.111" not found, required by "pkg"`. 12:19:59 I mean; this is my case, the output of geom -t: https://pastebin.mozilla.org/WNocFxYt 12:20:01 Title: Mozilla Community Pastebin/WNocFxYt (Bash) 12:20:03 there should be pkg-static, no? 12:20:13 babz: In such system ^^ 12:20:31 babz: "bios ? what is that ?" Basic Input/Output System. The firmware of your motherboard on pretty much all computers (except for Apple) sold in 2010 or earlier. 12:20:44 lol 12:22:18 You can thank Microsoft and their stupid TPM bullshit they started pushing with Windows 8 and beyond. 12:25:19 i think the BIOS concept is older than microsoft, as a compagny 12:26:13 but i dont see the link with tmp 2.0 12:26:22 remiliascarlet: you'll want to use /usr/sbin/pkg (aka pkg(7)) to bootstrap pkg again 12:26:46 Do check that you have backups in /var/backups/ though 12:26:48 CueXXIII: Thanks. While it didn't resolve the problem per se, it did show me to run "pkg bootstrap -f", which did solve the problem. 12:27:04 pkg-static bootstrap -f 12:27:04 pkg upgrade -f 12:27:44 pkg-static is pkg(8) compiled statically, not the same as pkg(7). 12:28:13 pkg(7) only exists to install pkg(8) when you run pkg first time on a system, or to fix issues with pkg(8) like the above. 12:28:38 Quite a busy month in the UNIX space. 12:29:17 * remiliascarlet upgraded all her computers to FreeBSD 14.0-RELEASE, OpenBSD 7.4, and Linux 6.6.2, just because she can. 12:29:53 babz: it is important to do the cp for each efi partition, not only the first one 12:30:52 Well I only have one 12:31:00 BTW it was an outstanding bug in the FreeBSD 13.x installer (not sure avec 14.0) 12:31:25 babz: ok that's ok then 12:32:46 .. but if you have a raidz2 with 4 disks the bootcode should be copied to each ESP partition, otherwise of disk1 died for example the system becomes unbootable 12:33:38 mage: In case of two disks with ZFS stripe? 12:36:05 tercaL: yes, it must be done on both ESP 12:36:40 I'm wondering if it has been fixed in 14.x 12:36:55 fixed what ? 12:38:17 the FreeBSD installer in 13.x correctly create an ESP partition on each disk, but the bootcode is only installed in the first one 12:38:35 What I hope for is better laptop support, maybe one day... 12:38:44 so if the disk dies system is unbootable 12:39:33 mage: is this reported anywhere? 12:39:38 yes 12:39:41 ID? 12:40:04 258987 12:41:00 also 262770 12:47:25 thank you all 12:48:26 there is a review to fix this https://reviews.freebsd.org/D42150 12:48:28 Title: ⚙ D42150 bsdinstall: when installing UEFI, place the bootloader on all disks 13:02:30 also https://cgit.freebsd.org/src/commit/?id=0b7472b3d8d2f1e90fade5236b44fd98d8e396c2 I really don't understand the advantage of mounting the esp partition just to "just change /boot/efi" 13:02:31 Title: src - FreeBSD source tree 13:28:10 Loading kernel modules ktls and ocf does work anymore under FreeBSD 14 it seems. Are they removed? 13:43:11 tercaL: they've been included in GENERIC I think 13:45:54 i saw that update earlier 13:45:59 i'm curious if it works out of the box now 13:50:36 mage: Well, much likely. I had: kld_list="ktls_ocf" in my rc.conf file, after upgrade, dmesg reports; kldload: can't load ktls_ocf: No such file or directory Unable to load kernel module ktls_ocf 13:51:56 Checked with: "sysctl -a | fgrep kern.ipc.tls.stats" and it seems it works out of the box. 13:52:05 The digits are increasing. 13:56:14 But under 14.0, the default for: "kern.ipc.tls.enable" is still: "0". So I'm going to keep; "kern.ipc.tls.enable=1" in sysctl.conf (it doesn't work without it) 13:57:23 You say that like it's a horrible hack. 14:00:22 A quick technical question on container/jail stuff and visibility on the outer levels. On Linux you can nest container stuff (like Docker inside NSpawn) and there are easy clues visible for a task manager to pick this constellation up and show that a certain process is running inside such a nested container. A) Is such nesting possible with FreeBSD (e.g. Jails) too? and B) Can this be picked up easily? 14:29:00 you can nest jails 14:31:13 can this picked up easily? I don't know which pattern you're referring to 14:31:55 but at least you have sysctl security.bsd.see_jail_proc 15:10:31 we can do jails inside jails ? 15:11:44 yes 15:16:29 what is the status of pkgbase? 15:16:46 freebsd-update takes forever for 13.2->14.0 15:20:44 I'm sure there are a ton of changes to make, and you want freebsd-update to be careful with what it does as well. I seem to recall it taking a while to do things when going from 12.x to 13.0 as well, if my memory serves me well 15:21:11 yeah.. 15:21:52 point release -> release is usually longer than point release -> point release 15:22:53 plus, freebsd-update is a shell script, i won't expect it to be fast 15:25:28 mage: it works quite well, tho bootstrapping is still a pain. and we even have our first errata! https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=275051#c4 15:25:31 Title: 275051 – [pkgbase] Package versions for 14.0-RELEASE should be "14.0", not "14" 15:27:29 i may delay until first patch to upgrade to 14 =] 15:28:09 Demosthenex: proper decision 15:29:06 won't take long, and I have plenty of cigarettes 15:31:31 mage: also, freebsd-update mostly just takes forever when you have src installed (but yeah, even without…) 15:41:52 CueXXIII: the fact that it is a shellscript has nothing to do with how slow that is. 15:43:00 i think implementing a relational database with cut, join and pipes is tho 15:47:47 Demosthenex: if you use ZFS it could be a proper decision 15:48:19 it looks like there are several issues with 2.2 15:48:54 ATM I'm just upgrading our Poudriere server, just to check if everything is OK 15:49:19 launching a poudriere build is often a good exercise for stability issues :p 15:49:44 mage: nothing specific, just my general caution =] 15:50:10 to be honnest I'm mostly on 12.4 15:50:24 my next task is to go update my jails 15:50:39 we do that with Saltstack 15:50:56 we have almost 100 jails in total here 15:51:01 saltstack is actually pretty okayish I feel. 15:51:13 more or less, it has bugs too .. 15:51:25 but for orchestration it works pretty well 15:51:48 I was happy having to use that in my previous project, it wasn't as bad as people say it is. 15:52:10 people say Saltstack is bad? first time I'm reading this 15:52:32 I guess most people would point towards Ansible or Terraform nowadays? 15:52:44 Don't know, I was pretty happy using that, it worked fine. 15:52:51 Terraform is useless on bare metal 15:53:09 and I thing Saltstack > Ansible (but that's just a personal opinion) 15:53:16 hehe :) 15:53:43 the problem with Saltstack, etc (and the good thing with Terraform!) is idempotency 15:54:16 That's a problem with all low-end solutions I think, I need to be careful of that when writing shellscripts, too. 15:54:57 But yup., 15:59:54 mage: i have puppet setup, i experimented with salt and gave up 16:00:15 salt > ansible 16:00:21 shell scripts > ansible 16:05:05 I migrated my puppet setup to four shell scripts 16:09:02 remiliascarlet: "What I hope for is better laptop support, maybe one day..." I just checked, and unfortunately, it's still impossible to wake up a FreeBSD laptop from sleep. Missed oppotunity... 16:11:24 17:00 [ Demosthenex] shell scripts > ansible 16:11:26 Demosthenex: <3 16:12:23 Shell is still my #1 go-to tool in my box. 16:12:34 well I can wake up my laptop from s3 16:12:46 babz: That's not too bad. 16:14:52 i like ansible and terraform 16:15:35 I like POSIX compliant shell scripts. 16:16:09 we don't always get what we want :-) 16:16:56 meena: what sort of work do your 4 shell-scripts do that you were using puppet for before 16:32:04 babz: I was asking in the context of https://github.com/htop-dev/htop/pull/1334 ; which would (on Linux) display a nested container as e.g. /snc:foo/lxc:bar … For FreeBSD there's already a function in the platform code FreeBSDProcessTable_readJailName that uses jail_get (jid..name); though I guess that will only return the outer most jail? 16:32:05 Title: Guess container name from cgroup by BenBE · Pull Request #1334 · htop-dev/htop · GitHub 16:47:18 anyone have syncoid problems on 14.0-RELEASE? 16:49:34 moving to latest repo so see if the newer version will work, which is what i'm using on other comps 16:54:38 and now we're rocking at 113MiB/s. cool 17:00:42 yay 17:01:14 I'm going to stick to 13.2 for now, I still need to get my bug report for gcc13 not building m2 17:06:06 Hi, tried to update my Hetzner Server today to 14.0. That server needs realtek-re-kmod. I switched the sources to 14.0-Release with git checkout, followed by make buildworld && make kernel and rebooted. But now the realtek drivers can not be loaded due to version mismatch. Are the drivers incompatible? 17:12:44 rebuild the driver too 17:24:34 kk. prior to reboot I guess 17:29:27 armin: yaml... best to nuke it from orbit to be sure 17:31:39 i just downloaded the checksum file that is signed for 512 shasum 17:31:49 it tells me the key has expired 17:31:56 CHECKSUM.SHA512-FreeBSD-14.0-RELEASE-amd64.asc 17:32:07 8D12403C2E6CAB086CF64DA3031458A5478FE293 17:32:07 Demosthenex: That was my impression when I forst got in contact with it when I had to do Ansible. I was like "wait a second, I thought this is just YAML, how complex can this possibly get anymore...." at some point. 17:33:32 which pgp public server does have the update to the key? 17:34:58 armin: encoding actions in yaml is hell, yaml is easy, it's the relationships and complexity buried in yaml that is hell 17:35:37 clemens3: yup the one I find expired on 21.09. 17:35:56 Demosthenex: +1 17:37:45 armin: jokers, not? 17:38:16 clemens3: I wish I could say something more meaningful now. <3 17:38:53 psst 17:40:20 armin: i tried Salt because i could write the config directly in python and skip all the yaml nonsense, and it was declarative (puppet) instead of imperative (ie: ansible). 17:40:52 Demosthenex: okay but don't get me started on puppet, that was such a horror. 17:41:18 Demosthenex: I know how to use imperative so that the result is idempotent, I'm fine with Ansible. :) 17:42:43 Demosthenex: I prefer to write 200 lines of BASH over 20 lines of YAML any day. 17:43:37 Demosthenex: I know exactly what I do there, why would I even remotely try to get into so much abstraction that I can't follow my own thoughts anymore? 17:50:07 Demosthenex: The other side of the spectrum would be something like NixOS, I believe? I've even been running that as my primary workstation OS, it's hm, yea okay I guess? 17:50:41 Demosthenex: Meh I dunno, I want to tinker around with my workstation, I can understand the declarative approach in IaC, but that's about it. 17:52:08 Demosthenex: I mean come on, the way that you usually apply in your daily living is pretty much imperative, it's like "I want THIS VERY DETAIL here, to change, right now, let me experience what happens when I do that..." 17:52:32 Demosthenex: for servers, and infrastructure, yea, I agree, that there one could ask for the declarative approach, but still... 17:54:10 Demosthenex: There's a HUGE hype about immutability in general going on, what's your thoughts on this? next big thing or not? 17:56:01 (ah, on THAT topic, sorry, I found salt-ssh to be quite useful.) 18:02:08 armin: so, i think of installing packages much like the package manager does, it resolves dependencies. that's better than imperative in my mind 18:02:15 i also want the minimum changes to match the state 18:02:29 and i like that puppet has a discrete agent instead of being messed up by the local python install 18:08:46 Demosthenex: Well in a perfect world, imperative "install these packages plz" command would just run for a couple of miliseconds, saying "all wanted packages installed already, goodbye" or something like that. 18:09:03 Upgraded a couple of boxes to 14.0 yesterday. On one box I upgraded the zpool, which now cannot boot. Getting "ZFS: unsupported feature: com.delphix:head_errlog" 18:09:28 armin: package managers do that 18:09:35 armin: i just think configuration management should be the same way 18:09:42 that's why i prefer declarative over imperative 18:09:46 Demosthenex: It depends on the package manager, pkg_add on OpenBSD has this functionality since...3 weeks. 18:10:31 Demosthenex: before that it would just iterate over all possible matches (which obviously is not a great thing to do, but hey). 18:16:41 iio7: you probably didn't upgrade the boot loader before upgrading the zpool. The release notes say this is necessary 18:20:48 vortexx, yeah. I didn't find information on how to do that. 18:21:28 The system is borked. Going to install Linux on the box. Don't want to bother with FreeBSD crap like this any longer. 18:22:36 lol 18:22:50 crazy story but you have to do that on linux too 18:23:28 i'm missing the context, but pretty sure win11 would solve all problems here 18:24:52 all that person had to do was mount the efi partition and copy /boot/loader.efi to /boot/efi/efi/freebsd/ 18:25:15 it's not exactly hard but it'd be nice if freebsd-update handled that or warned to do it 18:26:32 angry_vincent, thx, recompiling the realtek-re-kmod port with portmaster prior to rebooting to the 14.0 kernel did the trick :) 18:27:21 vortexx: zpool upgrade literally tells you to do it 18:47:57 wait, so he updated the version of the zpool? 18:48:02 instead of just doing a freebsd update? 18:48:05 separate items :P 18:50:10 It's always frustrating when people seem to work against the system rather than with the system. 18:50:55 Unfortunately I see people doing that for each and every one of the operating systems they run. Sigh. 18:51:40 isn't the best practice to keep the boot zfs pool at the lowest feature level 18:51:46 in case you need alternate media 18:53:12 When moving from 12 to 13 I think I waited most of a year before I decided I would zpool upgrade just in case I needed to boot the previous 12 again for some reason. 18:53:45 A question I always ask myself, do I need or want any of the new features offered? If not then there is no hurry. 18:55:47 And I realize everyone is excited about 14 but honestly I won't be upgrading my production boxes to 14 until I have upgraded my development and test machines to 14 and verified that EVERYTHING is happy. My production systems will be the last ones I upgrade. 18:56:25 +1 18:57:42 or i may do the os upgrade, but not touch the storage format 18:58:08 i mean, he basically upgraded from ext4 to ext5, and forgot the kernel module for ext needed updating 18:58:49 That's my desktop plan. Because then I can always Boot Environment back if needed and then still boot. And also that would only affect me. And I could laptop while I was working my desktop problem. 18:59:30 The real root cause of the problem was a failure to read the release notes. Always read the release notes and do anything it says you need to do. That is true on every system. 19:04:13 I mean, it's not a big deal 19:04:32 you can reboot on the latest install medium and upgrade the bootloader 19:04:36 I understand the advice, but I've never broken a system by not reading the release notes. I've broken them because of bugs that weren't documented at the time. 19:06:20 I want to say that bugs are the best reason for most people to wait until the .1 release but I want *you* to run the .0 early so you can find and fix those problems before the rest of us. :-) 19:06:25 babz: *always* read the release ntoes 19:06:36 i get paid good money to read release notes to prevent problems ;] 19:09:23 on current we call them "commits" 19:09:27 but sure 20:30:03 right. i haven't read commits in several hours. thanks for the reminder, babz 20:36:10 is it safe to upgrade to 14 yet? 20:36:24 issues like this make me nevous: https://github.com/openzfs/zfs/issues/15506 20:36:26 Title: panic: corrupted memory in l2arc · Issue #15506 · openzfs/zfs · GitHub 20:36:27 15506 – Update x11-toolkits/gtk-engines https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=15506 20:37:29 my zpool has zvols and l2arc, so if it's an issue on the 2.2 tree that shipped on 14, I'm likely to hit it 20:50:01 KungFuJesus: we have a different zfs version in 14 and 15 21:03:27 meena: which version? 21:05:21 the filer found the issue with invariant assertions enabled on 15. And while that may have plenty of different code from 14, it's not that fat diverged from 14's release code, I suspect 21:05:30 far* 21:40:30 KungFuJesus: 14.0: zfs-2.2.0-FreeBSD_g95785196f 21:40:30 zfs-kmod-2.2.0-FreeBSD_g95785196f 21:40:45 KungFuJesus: 15.0: zfs-2.2.99-211-FreeBSD_g03e9caaec 21:40:46 zfs-kmod-2.2.99-211-FreeBSD_g03e9caaec 21:42:01 I don't have a 13.2 right now, but i can probably stand one up quickly… or, i could do something silly like look at the code 21:45:08 2.2 vs 2.2.99 is not significant as far as what could be causing that issue 21:47:07 There's still not a conclusive bisect for the issue nor is it clear whether or not BRT is the culprit for this. It's happening in the DMU in l2arc reads, with a smashed stack. Needless to say, I have concerns 21:54:35 Oh shit: https://dan.langille.org/?p=7633&preview=1&_ppp=3ee26fb87e 21:54:38 Title: While restoring my PostgreSQL database to a new FreeBSD server, I discovered the wrong database server in a configuration file – Dan Langille's Other Diary 21:58:46 i like the end the best 22:01:26 scoobybejesus: It made me feel better. 22:01:45 I've said it elsewhere and using different words, but I wouldn't feel comfortable with that setup (I can see nothing wrong about using Bacula to backup hosts, but Postgres DBs is a different category) 22:02:08 I'm glad it's ok in the end 22:05:09 dvl, since you're here, any chance you did something to divert rctl logs to some place other than /var/log/messages? to me, it'd be nice for it to get its own log file, but i don't know how to approach that (here https://dan.langille.org/2023/01/16/how-to-limit-a-jail/) 22:05:12 Title: How to limit a jail – Dan Langille's Other Diary 22:06:32 scoobybejesus: Usually that's via !rtctl or something similar. 22:07:24 Like adding a local5.none;local6.none to the /var/log/messages line in /etc/syslog.conf 22:07:57 many thanks, i will dig a little deeper there 22:08:13 scoobybejesus: But they are kernel messages, so perhaps it can be done. Not sure. 23:33:46 has anybody tried a yubikey *security* key (not the yubikey 5 series) with openssh? 23:34:04 they're 1/3 of the price of the fancier ones and I need to get some for the team 23:39:16 AFAICT only U2F support is needed according to https://www.openssh.com/txt/release-8.2 and https://developers.yubico.com/SSH/Securing_SSH_with_FIDO2.html 23:39:18 Title: Securing SSH with FIDO2 23:50:16 got 14 running now, all smooth. great release team!! 23:53:43 dch: i got 3 yubikeys here, and don't know which of them qualify for use with that… 23:54:28 meena: what sort of keys? I have 5 nfc, work great with ssh, but these security keys are 1/2 the $$ 23:54:43 and require openssh >= 8.2 which these days is fine for me 23:56:22 dch: i got 2 5C Nanos, and one YubiKey NEO 23:59:41 anyway, bed time, too tired for work-work.