00:03:50 another question related to jails networking using vtnet, would anyone recommend netgraph instead of "classical" epair + bridge ? 00:15:17 RhodiumToad: hm...I'm lost 00:29:47 anyone know why the redmine package was removed in 13? I can't believe all the shit I have to build just to reinstall it lol 00:31:58 From /usr/ports/MOVED: www/redmine42||2023-06-30|Has expired: Broken with all supported Ruby versions 00:38:24 ah, so I guess at some point redmine50 (which is a port) will be an available package? 00:38:29 Search https://bugs.freebsd.org/bugzilla/ for any other details 00:38:30 Title: FreeBSD Bugzilla Main Page 00:38:41 parv thanks 00:39:19 pjs: is it not already a package? 00:39:22 If anyone would care to send the update (or new port) as patch 00:39:54 RhodiumToad: doesn't appear to be.. I've even `pkg update` and it's not there 00:40:18 pjs, RhodiumToad, Sorry, did not see "redmine50" port 00:40:19 it seems to be missing on some architectures, maybe build problems 00:40:39 what ABI are you looking for packages for, and which repo? 00:42:20 FreeBSD:13:amd64 seems to be the one missing tier1 build 00:42:48 Yea, that's what I'm on 00:42:59 (latest, not quarterly) 00:43:49 took a few hours but the build is done 00:44:29 looks like the last package build for it failed because x265 failed 00:46:41 also looks like there's a 13/amd64/latest build running now, with about 18? hours to go, which will contain the package 00:46:53 the worst part is I actually run it from a git checkout, just use the package to install the dependencies. I updated from 12.x to 13.2 (I know, I know) today and the package disappeared and I didn't realize it uninstalled it lol. So fun times ensued but all good now 00:47:17 18 hours? wow 00:47:41 yeah, package builds these days typically take 4-5 days 00:48:16 wow, just not enough resources or what? 00:48:50 the builder machines aren't small :-) 00:49:06 I imagine not heh 00:51:17 see https://pkg-status.freebsd.org/beefy16/build.html?mastername=132amd64-default&build=1129bbfc327e if curious 00:51:19 Title: Poudriere bulk results 00:53:48 that one doesn't look as bad as most, 72 elapsed hours and 80% done gives an estimated 3.75 days total 00:55:12 there's at least three ports with >24hour build times, but in that build they're already done 00:55:33 oh I see, you mean it takes that time to build ALL packages 00:55:33 (chromium x2 and iridium) 00:55:41 I thought you meant just redmine lol 00:55:57 right, but packages don't appear in the repo until (some time after) the whole build run is done 00:56:25 right 00:57:20 No worries either way. redmine is back and it's Saturday so no one cares it was down hehe 00:57:34 redmine itself took only 2.5 minutes, presumably mostly installing dependencies 00:57:34 Thanks for the info though. I hadn't seen that pkg-status site before 00:57:58 it's not easy to navigate if you don't have ipv6 (possibly even if you do have ipv6) 01:11:50 builders still don't use ccache? 01:12:09 No one wants to eat the init. cost of it? 01:19:28 wouldn't help with some of the larger issues, and you'd need a monster size cache 01:20:17 one of the issues for example is that curl updates very often, and rebuilding curl forces a rebuild of rust, and hence all rust-dependent ports 01:41:08 building rust is a drag 02:31:06 zeylos: i recall seeing someone test that and netgraph was noticably slower than epair+bridge in the same configuration, although i don't remember the details or where i saw it 02:41:31 <_0pr__> Hi all, anyway to use rsnapshot backup to include /zroot bhyve vms installed? 02:41:45 can a wireguard Endpoint have multiple ips or only ever 1? 02:45:23 i think it can only have one 02:47:26 <_0pr__> In config file I have included /, but seems the VMs folder under /zroot is not included in the backup file. 02:53:18 <_0pr__> nvm, got it... 03:12:15 anyone around who knows the NFS kernel code? the nfs client on this system seems to have locked up, kgdb shows: https://bsd.to/ZPOp 03:12:16 Title: dpaste/ZPOp (Plain Text) 04:49:37 ive upgraded to freebsd 14 and now my vms cannot connect to the internet ive checked my configuration and everything looks the same as it was on my freebsd 13.2 box 04:49:43 not sure what else i need to check 04:54:35 bsdbandit: what virtualization? 04:54:59 bhyve 04:55:26 do you use vm-bhyve or something similar? 04:55:27 im running bhyve on freebsd 14 04:55:51 im thinking about rolling back to freebsd 13.2 04:56:38 are your interfaces the same? are the bridges created properly? 05:08:08 yeah 05:08:31 its like as soon as i upgraded to 14 i started having these issues 05:27:00 there no way to make unbound read data from /etc/hosts? 05:33:04 can you show your topology? 05:33:11 polyex: i don't think so 05:33:33 that's not how the resolver works 05:45:58 in an environment where you want to serve /etc/hosts to clients, dnsmasq might be more appropriate as it's more designed for that kind of situation 05:50:03 this is a fun bug: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=275871 - zfs+union can result in creating a file with '/' in its name 05:50:05 what's weird is i feel like it's already working. i can ssh myothermachine and it connects, but myothermachine's ip is only in /etc/hosts 05:50:06 Title: 275871 – [unionfs] [nullfs] [zfs] corrupt filesystem 05:50:09 yet i'm using unbound 05:50:34 polyex: if it's in /etc/hosts on the machine running the ssh client that's expected, as /etc/nsswitch.conf uses both files and dns by default 05:51:16 oh wow wtf is nsswitch.conf dont think i ever looked at this 05:54:11 it configures where the system looks for name service databases (users, groups, hosts, and a few other things). the default for hosts is 'files dns' because you wouldn't want the system to stop using /etc/hosts just because you configured a DNS server in /etc/resolv.conf, that would make /etc/hosts fairly useless 05:54:55 so why can't i type 'host myothermachine' and get its ip back? 05:55:37 because host(1) doesn't use the system NSS database, its purpose is specifically to make DNS queries. try 'getent hosts myothermachine' instead, which will use nss (and therefore /etc/hosts) 05:56:19 wow! tyvm 06:06:55 why does chrony require dns for time service to work? 06:13:37 polyex: It wants to pull time from a reliable public source. 06:15:51 i also learned i can replace the hostname in chrony.conf with its ip and it doesn't complain 06:31:49 polyex: your local resolver should check /etc/hosts 06:40:26 why can i get a result for host www.foo.org but if i try to ping it i get udp connect no route to host, but if i ping the ip directly it works!? 06:40:47 Different resolver behaviours. 06:41:01 hmm 06:41:12 what makes ping hostname fail with udp error? 06:41:14 you get a UDP error from ping? can you show the entire error? 06:41:25 ping should be using icmp not udp, how can you get udp connect no route to host? 06:41:28 ping: UDP connect: No route to host 06:41:32 from ping www.foo.org 06:43:05 On the surface I don't see how that would be possible. I would like to learn how that might be possible. 06:43:11 this seems to be related to ping's attempt to determine the source address in the IPv6 case, most likely you're using an IPv4 literal but the hostname resolves to an IPv6 address, which ping prefers 06:43:32 (see src/sbin/ping/ping6.c:1059) 06:43:54 you could use 'ping -4' to fix the problem (probably) but it seems like a bug that it does this instead of just falling back to IPv4 06:43:59 i dont have any ipv6 rules set by pf so it's prolly blocked 06:44:34 that worked!!! 06:44:43 ping -4 www.foo.org works 06:44:54 do you have non-link-local IPv6 addresses assigned to the but no IPv6 default route or something like that? 06:45:02 s/to the/to the host/ 06:46:13 i have ip6addrctl_enable = NO 06:47:27 does seem like a bug to not fallback 06:48:16 why did you set that to NO? if you don't want to use IPv6 at all, the default address selection behaviour should just prefer IPv4 when no routable IPv6 addresses are assigned 06:48:50 tried to turn whatever ipv6 shit i found off to keep it simple. didn't find any clear doc on how to turn ipv6 off 06:49:45 i wouldn't be surprised if that was (directly or indirectly) the cause of this problem, the default configuration is designed to just not use IPv6 when you don't configure it 06:50:08 although it does seem like that setting alone shouldn't actually break it 06:50:22 if you're sure i'll take that out 06:51:03 well, i can't comment on your network, but it's very unusual to need to change the address selection policy. although presumably enough people asked for it that they added a setting for it... 06:52:54 i also have ipv6_network_interfaces = NONE because default is auto. is that unneeded? 06:53:31 I am connected on an IPv4 only network and I don't do anything special to disable IPv6 and everything works for me. 06:55:52 from what i remember (although i don't have any IPv4-only hosts to check this), getaddrinfo(3), which is what ping uses to determine if it should do a v4 or v6 ping, shouldn't return IPv6 addresses if the system has no routable IPv6 addresses configured 06:56:54 ok ya disabling those 2 doesn't seem to add any ipv6 stufff to ifconfig automatically 06:57:02 polyex: there should be no need to configure that either. the default behaviour is to just bring up IPv6 link-local addresses on each interface (which are not routable). if you're using a firewall, you can just block all inet6 traffic (which is much more reliable anyway). is this system running PPPoE or something like that? perhaps the peer assigns it an IPv6 address 06:57:02 guess i'll delete that 06:57:24 (Wireguard or other VPNs might also do this) 06:57:27 i'm blocking all ipv6 in fw too ya 07:01:17 ok ya taking out ipv6_network_interfaces = NONE also didn't seem to add any new ipv6 shit to ifconfig 07:02:12 fwiw i just tested this and i can't reproduce your issue: https://dpaste.com/9BKWB24ZK - removing the IPv6 address just makes ping use IPv4, which is what i'd expect 07:02:13 Title: dpaste: 9BKWB24ZK 07:02:39 did you have ipv6_network_interfaces = NONE too? 07:03:05 no. i just mean in the normal case (with no unusual configuration) it seems to work 07:03:11 I did a truss ping -c3 example.com (which has an IPv6 address) and it shows that there is an immediate connect IPv6 addr No route to host and then it falls back to IPv4. 07:03:49 k well i'm taking those out and will try ping again 07:05:12 fwiw, if you want to completely disable IPv6, the correct method is to remove INET6 from the kernel and then set WITHOUT_INET6=yes in /etc/src.conf and build world. but that's probably not worth the effort 07:05:43 (also, i wouldn't be surprised if this breaks some ports or other stuff, it's probably only really tested on embedded systems) 07:05:48 ya not worth it i'm gonna start using ipv6 soon anyway 07:06:21 well ping works without the -4 hack now ofc 07:25:09 uh 07:25:46 i just have ip6addrctl_policy="ipv4_prefer" but i didn't follow everything 07:29:25 rtprio shouldn't AUTO choose that if no ipv6 ip is configured? 07:36:03 Got a question. In 2023; nanobsd or poudriere is the way to go to build a FreeBSD image for an appliance, i.e. an old Soekris - that is still not dead. 08:03:46 is there a way to find out why poudriere built a particular package (i.e., what other packages depend on it)? 08:59:30 unixwitch: pkg info? 09:19:48 syslogd_flags="-ss" what's -ss mean and how am i supposed to find it myself? 09:20:07 polyex: man syslogd 09:20:15 (that should answer both questions) 09:20:34 TommyC: i was hoping for something that would work for build-depends too, or does the pkg metadata include that? 09:21:04 omg i was looking in syslog.conf but that's dumb 09:21:08 ty 10:04:54 unixwitch: I can't recall off the top of my head. There probably is, though. 10:37:03 unixwitch: pkg rquery '%rn' $dependedpkg 10:39:24 kenrap: that doesn't seem to include build dependencies... for example texlive-base lists tex-formats, but tex-formats lists nothing. i'd like to know why poudriere built texlive-base 10:59:19 unixwitch: I haven't followed the whole discussion, but maybe 'cd /usr/ports/.../... ; make missing" helps? 10:59:42 make missing also includes build time dependencies... 11:00:36 elirco: aiui that would show me what this package requires to build, but what i want is to know what other packages (in the set of packages that poudriere is building) require this package to build 11:01:06 ah ic, the other way round... 11:01:45 good morning 11:03:15 unixwitch: I'm guessing using "%dn" was probably what you wanted instead e.g. `pkg rquery "%dn" texlive-base`. In addition to the build deps, I suppose you could use poudriere-testport(8) to discover them through the build output. 11:05:33 kenrap: isn't %dn just the list of the package's own dependencies? 11:07:30 unixwitch: you're right, nevermind on that one 11:08:04 i'm sure i saw this information somewhere in the poudriere HTML output, but i can't find it now, and iirc it also vanished after the build was finished... 11:09:02 * kenrap is out of ideas and will stop throwing out suggestions 11:31:58 can freebsd boot with secure boot enabled bios? 11:44:10 Miles8of9, atm no. 11:44:27 https://wiki.freebsd.org/SecureBoot 11:44:28 Title: SecureBoot - FreeBSD Wiki 11:47:20 from the task list, it seems like you *could* use secure boot, but you'd have to enroll your owns keys and sign the loader yourself 11:50:26 https://freebsdfoundation.org/freebsd-uefi-secure-boot/ 11:50:27 Title: FreeBSD UEFI Secure Boot – FreeBSD Foundation 11:54:52 unixwitch: poudrieres html contains *one* reason in the queue part, maybe portgraph can help, but no idea if it can take multiple ports as starting point 13:25:28 wow, drm-kmod actually supports the integrated graphics on this ancient intel laptop. i'm mildly surprised 15:27:25 .. 15:39:58 i seem to be unable to run openvpn on user nobody in FreeBSD 14 15:40:15 do you get an error message 15:41:35 no 15:43:52 well, it has to do network stuff, would be strange if 'nobody' where allowed to configure that stuff 15:44:34 it's bufg 15:44:36 bug 15:44:54 openvpn starts as root then drops privileges 15:45:00 that's the desired behavior 15:45:28 on 14 if i do that i see configured interface tun0 and no openvpn on the process list 15:45:53 and the whole thing isn't working 16:01:21 Merry yule to all those who celebrate 16:03:15 mfm_: poudriere-image(8) with the firmware type 16:09:57 debdrup: Merry yule to all... -> Scandinavian I suppose? 16:10:23 pr-asadi: Danish, so yes 16:10:39 I know we're largely indistinguishable to everyone but ourselves :D 16:11:42 Scandinavian: Swedes, Danes, Norwegians. Right? 16:11:59 Since it's off-topic, would you not mind if we continue in private? 16:12:33 well this is awkward: pid 1131 (kadmind), jid 0, uid 0: exited on signal 11 (no core dump - bad address) 16:12:48 apparently something has broken adding principals to kerberos 16:13:20 pr-asadi: yea, Scandinavia is just those three countries, for what's now mostly-historic reasons. 16:13:53 I prefer keeping conversations in public, and since there ain't much going on, it's probably fine. 16:14:25 unixwitch: last time I played with Kerberos was when using NFS. 16:14:39 debdrup: i use it for NFS and SSH 16:14:49 (i know, ssh keys, but... i already have it for nfs) 16:15:32 I've been eyeing ssh certs instead of keys lately. 16:15:41 at least i got a backtrace, time to file my third bug this week :-) 16:15:57 debdrup: I prefer keeping conversations... -> I thought off-topic is not allowed on technical/supporting channels. 16:16:07 unixwitch: I hope it has symbols :D 16:16:40 debdrup: i might consider SSH certs in a large organisation, but for our home/soho network it's way overkill. last time i was in that position i wrote a custom script to pull them from LDAP, which actually worked pretty well, but certs seem a bit neater. 16:16:51 pr-asadi: We've gone back and forth; we have -social where we can move things to if things are busy (ie. multiple people are helping multiple other people), but if it's relatively quiet, I think it's fine to keep it in here. 16:17:07 unixwitch: what's this over---kill..? I do not comprehend. 16:17:31 If I could see through walls, I could eye the full rack I've got sitting... 16:18:02 debdrup: Well then, what are the historic reasons? I am fond of Nordic(And proto-Nordic) people. We have -social? You meant "#freebsd-social"? 16:18:21 Yes, we do have #freebsd-social. 16:21:52 pr-asadi: Denmark, Norway, and Sweden are the countries that the Vikings spread out from, and we've had more to do with each other throughout our shared history than any other country. In addition, we also have a common language root (Norse, though not the same dialect), so we're all mutually intelligeble to each other (though people not from here can have a hard time understanding the suble linguistic 16:21:58 differences) 16:24:29 English-speaking folks often think Scandinavia = Nordic, so they sometimes include Faroe Islands, Greenland, Iceland, and even Finland - but while most of those are countries that the Vikings settled/colonized, they're not strictly part of Scandinavia. 16:27:18 debdrup: I am well aware of your shared-history. Yeah, Norse. I am fond of Scandinavian(Including Proto-Scandinavian) people. 16:29:14 Yes, I am well aware of that as well(The people include Finland and some others when talking about Scandinavia). 16:29:42 debdrup: I assume you are an old-ways believer, am I right? 16:31:17 apparently the problem is that my openssl's md4 is broken. did support for that get removed? 16:31:27 pr-asadi: you'd assume wrong. 16:31:50 unixwitch: I honestly wouldn't be shocked if it has been removed. 16:32:56 pr-asadi: there's a place for tradition for the sake of tradition (I mean, why else do it?), but I think it's erroneous to assume that things were better in the old days, because a LOT of things about the past sucked, and if we're not prepared to learn from them, we're doomed to repeat them. 16:33:29 Knowing history, though, is the first step in trying to learn from it. 16:35:46 debdrup: thank You! 16:36:15 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=275916 16:36:18 Title: Bug Access Denied 16:36:25 hm 16:36:29 not publisjhed yet 16:42:37 so there's meant to be a [kadmin] default_keys = ... option to disable arcfour-hmac-md5, but it doesn't seem to do anything, it still tries to generate the arcfour-hmac-md5 key 16:50:47 debdrup: Excuse me sir, did I miss any messages after my last message? I got disconnectd. 18:15:51 unixwitch thank you (for epair + bridge vs netgraph), I indeed saw similar stuff on the mailing list archive, I'll keep it classical and not do too much crazy stuff :) 18:42:49 rwp: did u get your banana pi running? 18:43:06 i am going to try over vacation 18:43:21 (: i will let u know if i succeed 18:46:30 Hello FreeBSD. I need some help on locale ,there 's no my THAI locale "locale -a | grep TH" How can I manually add my locale language ? 18:47:35 I have installed KDE Dekstop on FreeBSD14.0 , no apps can display Thai Language 18:51:23 jediikai: what's your current locale? 18:52:16 As I recall "en_EN.UTF8" 18:52:54 i see that th_TH is missing, sadly, but with any UTF-8 locale you should be able to see Thai language 18:53:17 ok I could use some help here, I did a fresh install of 14.0 in a zfs fs on an existing system and now it won't boot, I try to use the install cd which will boot to bectl activate the old or the new install and i get a libbe_init("") failed. what's up with that? 18:58:18 yuripv: I think so ,but I am not able to see any Thai Chars, I have used Ubuntu It contains th_TH Can I copy to FreeBSD But I don't know how to do 19:38:36 crb: at which point does it not boot? can you capture the last few lines 19:39:08 rtprio, yes I can but I'd have to go back and boot it again and type them by hand stand by 19:40:35 failed to find boot able partition /boot/lua/loader.lua: no such file or directory 19:41:32 also before that Setting currdev to zfs:zroot/ROOT/13.1 19:43:49 13.1, eh 19:45:04 rtprio, I installed a 14.0 system which booted fine but I needed some information from the old install so I tried to bectl activate 13.1 and now nothing boots 19:49:56 :| i'm not sure how you'd recover from that 19:53:21 rtprio: yes I am not either I can boot the install disk and open a recovery shell but I can't run bectl 19:56:00 i don't think you'd be able to; 19:56:18 wait, if this was a fresh install i'm confused where 13.1 is coming from 20:05:56 crb: it may be sufficient to just set the bootfs property on the root pool to the correct filesystem 20:06:13 which you should be able to do in the recovery system 20:10:33 unixwitch, yes I've come to that conclusion but I'm not sure how to do that I keep getting invalid property bootfs 20:10:40 so I'm obviously doing it wrong 20:10:44 soo I 20:10:57 so I'm googling now to try to figure out how to do that 20:13:05 zpool set .... trying that now 20:13:38 that did it 20:13:45 unixwitch; thanks