00:01:18 hello I had a question for openssl 00:07:30 koolkat332: have you tried asking it, or would you like to wait for one of our psychics? 00:08:01 Better ask your question directly. Then someone who can answer it will be able to. 00:08:42 RuntimeError: OpenSSL 3.0's legacy provider failed to load. This is a fatal error by default, but cryptography supports running without legacy algorithms by setting the environment variable CRYPTOGRAPHY_OPENSSL_NO_LEGACY. If you did not expect this error, you have likely made a mistake with your OpenSSL configuration. 00:12:13 koolkat332: looks like an openssl question/issue, not an freebsd one to me... 00:12:39 setting environment variables? 00:13:30 koolkat332: what's throwing that error? 00:13:45 certbot 00:13:53 weird. 00:19:09 koolkat332: you need to upgrade py-cryptography and py-certbot 00:20:22 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254853 00:20:24 Title: 254853 – security/py-cryptography: Update to 41.0.3 00:22:15 helloo 00:22:30 I reinstalled those packages did not solve the issue 00:22:31 I can't pass bhyve_options in vm config using vm-bhyve 00:22:55 I mean I set the bhyve_options but seems like it's not being used when launching the vm 00:23:08 anyone experienced something similar? 00:23:38 I'm trying to passthru a usb device to the vm 00:23:50 also py-openssl 00:23:50 also py-openssl 00:24:35 koolkat332: what os version and where installed from? 00:24:55 huh irc lagged a bit there 00:26:54 i installed via poudriere, ot built directly from ports 00:29:53 freebsd 14 release 3 or 4 00:30:06 installed from not sure the question 00:30:33 pkg install most likely then 00:31:42 in that case then I dunno. hte change meant to accomodate/fix the 'legacy' thing is in that fault report but thats from a while ago.. 00:34:25 how do I set the environment variable to open ssl? 00:35:41 two options either load the legacy provider or set the environmental variable cryptography_openssl_no_legacy this is an error that ensued as a result of upgrading to freebsd 14 00:36:16 I think it's a make variable. But I never used that. I rebuilt those three ports locally and it worked 00:36:16 env CRYPTOGRAPHY_OPENSSL_NO_LEGACY=1 certbot … 00:36:42 i use certbot on 14 and don't have this problem 00:36:47 what's going on 00:38:22 fold: you can only pass pci devices to bhyve; so are you trying to pass the usb controller? 00:39:57 koolkat332: i think the fact it broke after upgrading to 14 is relevant. how did you upgrade to 14 and did you reinstall all your ports? 00:40:16 also what does freebsd-version -kru report 00:40:22 there were issues I had someone help me after 00:40:29 so if I'm using ZFS on this install, if I don't want to bother with full-disk encryption, but would like to have portions of the disk encrypted, say passwords or stuff in ~/.cache so that stuff like website login cookies wouldn't be able to be hijacked if my laptop is stolen, do I have to plan for that ahead of time during disk partitioning? 00:40:47 14.0-RELEASE-p3 00:40:48 14.0-RELEASE-p3 00:40:48 14.0-RELEASE-p4 00:41:06 I know ZFS basically doubles as a logical volume manager, so I'm basically wondering if geli can operate on those logical volumes or if it can only operate on the actual block devices underlying them 00:41:13 ok - did you reinstall all your ports? 00:41:21 I believe so 00:41:34 pkg upgrade -f ? 00:42:13 tm512: you could create an encrypted volume using a volume of zfs 00:42:27 it's important because the api changes with major version change 00:44:24 zfs create -V 20G zroot/sekret; and then horse around with geli and ufs on top of that. 00:46:43 does anyone here get some segfaults with these? https://paste.mozilla.org/preuMHCB https://paste.mozilla.org/MJB1rc32 00:46:44 Title: Mozilla Community Pastebin/preuMHCB (C) 00:48:45 rtprio: thanks. I'm still a complete noob when it comes to ZFS, but I guess now isn't a bad time to learn, since it's also a popular choice over here in Linux-land 00:49:26 for the most part I have mostly avoided these "next-gen" filesystems, just used ext4 on Linux and UFS on BSDs 00:49:38 that's not 'using zfs' as using a chunk of the disk for othr things; 01:04:25 rtprio: well even if it's UFS on top it's still using ZFS to create the logical volume? 01:04:54 and I just mean I'm completely unfamiliar with working with ZFS in any capacity 01:05:03 well, "using" 01:08:04 tm512: yep; without encryption it'd be zfs create -V 10G zroot/myufs; newfs /dev/zvol/zroot/myufs; and mount it 01:10:57 seems kinda similar to loop mounting a disk image 01:11:07 creating a virtual block device in both cases 01:17:30 hm, didn't zfs gain native encryption with 14.0? then you could encrypt only some datasets you want to be encrypted and really use zfs 01:52:57 guess for disk setup I should just go with the guided ZFS option? I'm used to guided disk setup doing stuff I don't like, like splitting the disk up into many partitions 01:55:28 Guided ZFS worked for me for both 12.x and 13.x. YMMV if using 14.0 or -current. 01:57:24 at least on other systems, it ends up being really annoying being pushed into a rigid partition layout, I always just want almost everything on / so that I don't have to make guesses about how much space certain parts of the filesystem will need 02:00:33 I'm guessing that guided ZFS is not going to divide the disk into a rigid partition layout, and will instead just use logical volumes that can be resized on the fly without risking data loss 02:00:50 Well, guided ZFS solves that. You end up with a single zpool, out of which several filesystems are created, sharing the same space. 02:04:14 yeah, I figured it was something like that. so I won't end up in a situation where, say, I need 1GB of space somewhere, but the only free space on the disk is allocated to a completely separate partition? 02:04:54 and the separate filesystems under a zpool are only given the appearance of being separate partitions? with the option of disk use quotas presumably 02:11:04 hmm, "Error while extracting lib32.txz: Can't unlike already-existing object" 02:11:14 s/unlike/unlink/ 02:11:36 this is in the FreeBSD 14-STABLE installer, the jan 25th snapshot 02:17:53 I'm seeing suggestions that this can happen if you're trying to install FreeBSD over an existing install, but I'm overwriting the Windows 11 install this laptop came with 02:20:36 also other suggestions that it might be due to a lack of disk space, but that also doesn't really make sense. this is a 128GB SSD 02:20:51 how do I remove a line from env ? 02:26:41 Yes, quota are possible with ZFS. (Have you read https://docs.freebsd.org/en/books/handbook/zfs/ ?) 02:26:42 Title: Chapter 22. The Z File System (ZFS) | FreeBSD Documentation Portal 02:27:56 V_PauAmma_V: haven't gotten that far yet 02:28:26 can't even get through the installer evidently 02:30:26 well my memstick.img.xz checksum does match, but I wonder if something went wrong in writing it to USB. might try rewriting it 02:32:09 well the installer even checks the checksums of each set before extracting so that probably isn't the issue 02:33:45 it installed fine this time around, though it gave me a warning about the zroot pool already existing, asking me to confirm that it should be reused. and now it's talking about multiple FreeBSD EFI boot entries 02:34:24 should I have nuked the disk before attempting the installer a second time? 02:35:20 Maybe. I've never installed twice on the same hardware or VM. 02:38:47 now unsurprisingly, it's unable to initialize the wifi (rtw88). guess I have to set that up manually after I'm finished with the installer, since I have to have compat.linuxkpi.skb.mem_limit=1 set in order to force it into a 32-bit address space or something like that 02:41:13 make: "/usr/ports/Mk/bsd.port.mk" line 1204: UNAME_r (14.0-RELEASE-p3) and OSVERSION (1302001) do not agree on major version number. 02:41:19 what can I do about this? 02:48:14 koolkat332, was that host upgraded from 13.2 to 02:48:21 koolkat332, was that host upgraded from 13.2 to 14.0? 02:48:27 yes 02:49:42 Looks like either the upgrade is incomplete or you had jails that weren't upgraded. 02:52:43 I'm not sure 02:53:07 there is one jail in the system but it's not active it's only 2gb cloud system that I spend a lot of time with 02:56:17 tm512: each 'zfs' is a partition. a zpool is a collection of disks 02:56:40 tm512: the datasets can have quotas and optionally inherit quotas 02:56:45 any hints? 02:57:01 serious? any way to make it functional? 02:58:12 koolkat332: did you `pkg upgrade ` again? anything need updating? 02:58:31 no it's not even the issue 02:58:45 the libssl30 issue? what's the issue now? 02:58:49 packages are all up to date 02:58:53 ok the issue is the same 02:59:21 certbot does not work, so I tried to do the setting, apparently that's with /etc/make.conf and then I tried to rebuild openssl but that also doesn't work 02:59:43 what's the paste of the error message ? 02:59:47 because I have two different version numbers 02:59:49 er, where 03:01:00 https://bsd.to/XQ17 03:01:00 i have two version numbers too. 111 and 30 03:01:01 Title: dpaste/XQ17 (Plain Text) 03:01:01 would be nice if the FreeBSD installer let me go back a step, accidentally hit enter instead of space 03:01:44 koolkat332: and the contents of make.conf ; and again, why are you doing this? 03:02:06 because when I do the command certbot I get the following error 03:02:42 https://bsd.to/qogG 03:02:44 Title: dpaste/qogG (Plain Text) 03:03:00 tm512, at what stage of the installer are you? I think you can revisit most stages where you enter data or make choices before the install is finalized. 03:03:54 and it's not unreasonable to want the ports to work , etc.. 03:03:54 koolkat332: what version of py39-openssl do you have? 03:04:15 koolkat332: obviously. 03:04:25 py39-openssl-23.2.0,1 Python interface to the OpenSSL library 03:07:19 V_PauAmma_V: I was at the point after configuring the network where it was asking me about services to start up automatically. I know I could just go in after the install and put this in /etc/rc.local or whatever, but *shrug* 03:07:21 that's the same one i have 03:08:12 apparently going and doing gpart destroy on the disk wasn't enough to get rid of the "zroot is already taken" warning 03:08:25 You'll get an option to revisit that in rhe installer. 03:08:40 oh lookie there; i have the same error message 03:08:54 The services startup part. 03:09:43 koolkat332: what was wrong with setting th environment variable ? 03:09:44 I'm confused about where the zpool info is being stored if not on the disk I'm trying to install to. I guess gpart destroy wasn't enough to scrub that? 03:10:50 tm512: you dlted all parts? 03:11:34 deleted 03:11:40 I thought gpart destroy deletes the entire partition table 03:12:12 so it does 03:12:41 but it might be caChed if you did not reboot 03:12:42 rtprio the certbot command doesn't work 03:13:03 rtprio: I'll try rebooting 03:13:14 I use it to get ssl certificates 03:13:29 why do I need that, why do I need to do anything really I mean I don't know 03:13:45 I agree but I am trying to learn something 03:13:49 its a pretty clear message 03:13:56 I'm trying to do something 03:14:49 but yes I could say why do I need a computer , etc.. but it's supposed to be what I am doing for a lot of years, I need to do something I think 03:15:00 rtprio: still a message about the pool name already being used. I don't even know if it's worth worrying about, like it might be fine to just proceed anyway 03:15:42 for fucks' sake man, just run CRYPTOGRAPHY_OPENSSL_NO_LEGACY=yes certbot 03:15:48 like it tells you to 03:16:53 I wonder if the pool info is stored in EFI stuff anywhere 03:17:57 command not found 03:18:16 rtprio command not found 03:18:33 I'm still seeing a FreeBSD boot entry in the UEFI boot selection, and it's not an entry for the USB flash drive, since it shows up even without the flash drive plugged in, hrm 03:20:42 koolkat332: what shell do you use? 03:20:49 sounds like csh still 03:20:56 yes 03:21:04 setenv CRYPTOGRAPHY_OPENSSL_NO_LEGACY=yes ; certbot 03:21:09 tm512, what I think happened is: After the "gpart destroy", the data in the partition that says "this is a ZFS partition with a zpool named zroot (or whatever) on it" was still present. Then, the installer recreated a partition table with the same partitions as already existed, and that made the parition reappear as ZFS. 03:23:23 V_PauAmma_V: in which case I guess I could probably safely ignore the warning and continue with it named zroot? 03:24:17 I think so. Worth a try anyway. 03:25:02 I just don't want to run into any weird issues from ignoring warnings and not fully understanding the implications 03:25:29 Fair enough. 03:25:44 same error rtprio 03:25:54 guess the alternative would be to dd garbage to the SSD and use up write cycles, which doesn't seem appealing 03:26:38 or maybe I could get by by just making some UFS partitions on the drive 03:28:04 That may also have potential to cause issues down the road. I've never done that, so I don't know. 03:37:24 well, install appears to have been successful, gonna try to get rtw88 working, otherwise I'll get wifibox set up 03:40:34 seems like one of the things I was worried about (sleep) was a justified worry. the screen doesn't come back on waking from sleep 03:41:48 * V_PauAmma_V should go to sleep himself. 03:54:30 rtprio: yes I'm trying to pass the usb controller 03:54:52 I mean the only one that have usb when running pciconf 04:19:02 so, after waking up this laptop from sleep, I can ssh in, and I don't see anything weird in dmesg even though the screen doesn't turn back on on the laptop itself :/ 04:20:17 nothing in /var/log/messages either 04:20:24 not sure where I should look 04:25:07 is there a list of planned features for the next release? for the curious? 04:33:05 tm512: i think you'd have to press a key 04:33:22 on they keyboard 04:35:53 rtprio: I do, and it wakes up, I can ssh in, but the screen stays off 04:37:51 the laptops page on the wiki has this under the suspend/resume section for the ThinkPad E14: (./} 04:38:00 guessing that's supposed to be a checkmark? 04:39:22 why do you want the screen off when you ssh in? 04:40:16 I don't think you're understanding. I want the screen on, because this is a laptop, and the screen is a vital thing to have 04:40:36 I'm ssh'ing in just as an attempt to debug what's going on 04:41:02 you're saying the screen doesn't turn on when you press a key 04:41:02 but I'm not seeing any indication that the i915 driver is having issues regarding the screen 04:41:06 or after sleep 04:41:17 after waking up from sleep 04:42:30 what's your `sysctl hw.acpi.lid_switch_state` 04:43:25 you already browse https://wiki.freebsd.org/SuspendResume ? 04:43:26 Title: SuspendResume - FreeBSD Wiki 04:50:33 yeah, I've looked at that page. I can check the lid switch state sysctl momentarily, though I dunno how relevant it is. I'm suspending with zzz 04:53:55 so does resetting the videocard work from ssh ? 04:54:07 is the laptop in x, wayland or at the console? 05:11:07 rtprio: sorry, was eating. this is at the console, I haven't installed any packages yet, so no GUI 05:11:15 I'm not sure how I'd reset the video card 05:12:04 it's in that wiki page 05:12:25 Try "sysctl debug.acpi.suspend_bounce=1" followed by "acpiconf -s 3". This tests SUSPEND/RESUME methods of all loaded device drivers. 05:19:18 not sure what this is going to do to help given that suspend/resume already appears to function, just the screen doesn't turn back on 05:19:32 like I need to know where to look for debug information regarding the screen 05:20:53 well the screen stays on with acpiconf -s 3 while suspend_bounce is set 05:22:17 network connection seems to drop though, which it wasn't doing earlier 06:05:59 hopefully I don't end up having to resort to Linux. super reliable, I run it on my desktop, but it gets boring 06:06:12 gonna try this reset_video sysctl, see if that has any impact 06:07:40 this isn't like my desktop where I already leave it on basically 24/7 so it doesn't really matter whether suspend works properly, whereas on a laptop it's kind of a dealbreaker 06:12:41 it almost sounds like you already convinced yourself to go back to Linux for your laptop 06:13:18 And "boring" is usually a good thing, "if it ain't broke, don't fix it" :) 06:20:07 kenrap: I mean, Linux was always the backup plan, but I want FreeBSD to work 06:27:39 so there don't seem to be any kernel modules loaded that are related to i915 06:27:56 is this built-in to the GENERIC kernel, or...? 06:28:11 as in, not something that would show up in kldstat 06:31:25 oh, they are an external package? that seems odd to me, but hopefully with i915kms actually loaded, this will start working again 06:31:50 probably should check this out: https://docs.freebsd.org/en/books/handbook/x11/#x-configuration-intel 06:31:51 Title: Chapter 5. The X Window System | FreeBSD Documentation Portal 06:37:03 yeah, I found that 06:37:30 let's see if this fixes the resume issues 06:41:28 yes, yes it does 06:44:37 what's weird is that I ran FreeBSD on my desktop for over 2 years and I have absolutely no recollection of needing to install kernel modules through pkg 06:47:42 not out of the woods yet though because I also need to get wifi working, and ensure that the wifi (whether natively through rtw88 or through wifibox) survives a suspend/resume 07:00:13 now I'm hoping that compat.linuxkpi.skb.mem_limit=1 (to get rtw88 working, supposedly) won't break stuff with the GPU since that appears to be using linuxkpi as well 07:00:54 seems that sysctl limits DMA to a 32-bit address space and that feels like there's the potential for a performance hit at least 08:03:48 does anyone here get some segfaults with these? https://paste.mozilla.org/preuMHCB https://paste.mozilla.org/MJB1rc32 08:03:49 Title: Mozilla Community Pastebin/preuMHCB (C) 10:33:19 Under FreeBSD 14.0, I've a VM running as a mail server, and my host machine has a single physical NIC with public IP address. The VM is connected to a subnet of 192.168.2.0/29 as vm-vmswitch. How can I open VM to the public internet, so that the mail server could update packages from time to time, via PF without NAT? 10:34:09 Without NAT, redirections are working fine; such as; an SSH redirection from VM's local IP to my PublicIP:2222, like; "rdr on $ext_if inet proto tcp from any to ($ext_if:0) port 2222 -> 192.168.2.4 port 22" 10:34:40 However, the only thing remains is; how could I give my VM outgoing Internet access? 10:35:21 Any advices please? Much appreciated. 10:40:45 tercaL: that should just be a matter of routing 10:42:20 what does your routing look like, on the host? 10:45:19 meena: On the host, (a remote dedicated server with no physical access), I have a "re0" interface with a public IP provided by my server provider; inet 135.181.116.26 netmask 0xffffffc0 broadcast 135.181.116.27 10:45:46 And one more interface named "vm-vmswitch" (and tap0) with: inet 192.168.2.1 netmask 0xfffffff8 broadcast 192.168.2.7 10:46:09 I can't read hex, I'm sorry 10:46:22 my VM has; 192.168.2.4 and gateway as; 192.168.2.1 (IP dedicated to vm switch), and subnet as; 255.255.255.248 10:46:25 what does netstat -nr look like? 10:52:12 meena: Here's the output; https://pastebin.mozilla.org/5qy41ZpT 10:52:13 Title: Mozilla Community Pastebin/5qy41ZpT (Bash) 10:53:11 My server's public IP: 49.12.126.150 - my VM network: 192.168.2.0/29 10:56:40 And this is the output of 'netstat -nr', within the VM itself: https://pastebin.mozilla.org/OKQ0fKE6 10:56:40 Title: Mozilla Community Pastebin/OKQ0fKE6 (Bash) 11:00:16 tercaL: 192.168.2.0/29 192.168.2.4 UCn 1 0 - 4 vio0 11:00:20 what's that for 11:03:21 meena: This might give an idea? https://pastebin.mozilla.org/5cCH3AH6 11:03:22 Title: Mozilla Community Pastebin/5cCH3AH6 (Bash) 11:05:16 tercaL: can you get rid of that route and see if anything still works? 11:08:05 meena: How can I try that? 11:08:22 I mean getting rid of the route 11:08:34 man route, see del 11:08:48 it's usually the same as add 11:09:25 meena: Got it, in the host machine, right? 11:09:38 no, on the machine it's on 11:09:49 the vm 11:13:26 meena: Did "route delete -inet 192.168.2.0/29" in the VM, and it seems the port forwardings (from VM to Public IP) are stopped. (a sample rule, like; rdr on $ext_if inet proto tcp from any to ($ext_if:0) port 2222 -> 192.168.2.4 port 22) 11:13:55 cool cool cool cool cool 11:14:13 wait 11:14:26 what does your pf rules look like, in general? 11:16:52 here's mine https://codeberg.org/pkgbase/website/src/branch/main/howto/jails.md#network-config 11:16:53 Title: website/howto/jails.md at main - pkgbase/website - Codeberg.org 11:18:42 meena: Here it is: https://pastebin.mozilla.org/Ymv5kRXc 11:18:43 Title: Mozilla Community Pastebin/Ymv5kRXc (Bash) 11:19:39 And it works. Just trying to give outgoing internet access to VM, without NAT. So just simple port redirections and outgoing internet in VM. 11:20:58 i don't think you can do that without assigning it an external IP to give to to the vm, and if you don't have one, then NAT it is 11:22:28 meena: I see, so, without NAT, a public Internet access in a VM is not possible?... 11:23:04 unless you have more IPs to spare, no, it's not possible 11:23:17 what's your aversion to NAT? 11:23:24 I can request additional IP from my server provider for that VM, but would you suggest having two different PF on the same box? (one for host, and other for VM itself)? 11:23:43 you're probably sitting behind a CGNAT yourself right now 11:23:52 meena: I feel like under NAT, if the number of my VMs increase in the future, the host machine would remain portless, no? 11:24:02 what 11:24:16 number of the connections 11:24:32 from public Internet to those VMs 11:24:59 how many thousand VMs are you planning to run? how busy are they gonna be? 11:26:25 are we talking one couple thousand VMs or couple hundred thousand VMs? 11:26:28 meena: I've been reading a warning on that kind of networking with NAT. Oh, not really more than 15-20 VMs I think.. 11:26:46 So it's not that easy to get out of ports.. 11:27:07 I would like to know what you read that have you that impression 11:27:35 and secondly, in terms of network performance, I thought NAT would be slower than direct stuff. 11:27:46 as it's always translating and translating things. 11:28:06 but as you said, assigning VMs public IPs are the only way it seems. 11:28:47 meena: I really don't know, big, bold, red letters with that warning.. :) "don't exceed number of VMs on a single box" 11:29:18 this kind of translation has been optimised for decades, so i would say you shouldn't notice 11:29:29 what was the number? what was the context? 11:29:43 those things matter 11:30:01 Well, I definitely see your point now. Great ideas and tips! Much appreciated. 11:30:11 and see my mistake and mistakenly thoughts. 11:31:20 I'd request additional IPs and implement PF within each VM then. 11:37:58 that sounds expensive but fun 14:04:32 anyone know what happened to the bsd devroom at fosdem? 14:21:28 ascreen: there isn't one 14:21:53 they didn't accept anything BSD this year 15:01:30 Hello 15:02:00 Can i temporarily pause one of HDD in mirror? 15:02:13 of the HDDs 15:02:44 in ZFS 15:03:11 since 3.5" is very noicy 15:03:18 noisy* 15:03:35 V-T60: depending on what you want to do, you could offline it, detach it, or split it. sounds like you want the first 15:04:02 lw: i wanna offline like during night 15:04:17 or tweak for my needs 15:04:31 but how do i do that? and how do i revert? 15:04:43 you can put zpool-offline(8) in cron or something, but i don't think i would want to do this, i believe zfs will refuse to import the pool if the other disk fails while one is offline 15:05:02 this seems like a really bad idea, if you're not going to use the second drive in the mirror for most of the time then just use that drive for backups. 15:05:28 i want to replace later 15:05:30 ok 15:05:48 yeah, sounds like a bad one 15:13:16 V-T60: if you want to keep a copy of data, you could set up something to use zfs send | zfs recv to copy one drive to the other at whatever interval you like. with incremental sends it doesn't need to copy the entire filesystem every time 15:36:15 meena: so it was rejected and not just no interest i guess 15:37:06 hi folks. i'm trying to use mod_openssl in lighttpd. i keep getting this message: 2024-01-31 15:30:35: (/wrkdirs/usr/ports/www/lighttpd/work/lighttpd-1.4.73/src/mod_openssl.c.3010) SSL:openssl library version is outdated and has reached end-of-life. As of 11 Sep 2023, only openssl 3.0.0 and later continue to receive security patches from openssl.org 15:37:31 i assumed freebsd-update fetch + freebsd-update install would fix it, i also updated from 13.2 to 14.0, but getting the same error again 15:38:16 ascreen: I don't know. That's the amount of information I have, and it's only from FreeBSD, not from FOSDEM itself. 15:38:20 i don't use ports. it's a pretty standard machine with lighttpd installed (as a normal package) 15:41:11 Dieterbe, what version do you have installed? 15:42:51 14.0-RELEASE should have 3.0.12 15:43:51 uh oh. seems like my day is about to get worse: pkg --list says this: ld-elf.so.1: Shared object "libssl.so.111" not found, required by "pkg" 15:45:32 Dieterbe, did you run freebas-update install after you rebooted? 15:45:38 freebsd* 15:46:25 Also, you need to look at https://docs.freebsd.org/en/books/handbook/cutting-edge/#freebsdupdate-portsrebuild as well to upgrade your ports/packages afterwards 15:46:26 Title: Chapter 26. Updating and Upgrading FreeBSD | FreeBSD Documentation Portal 15:47:53 Dieterbe: you should upgrade pkgs before the last freebsd-install step that removes old libraries (it should prompt you to do that). you can try 'pkg-static update; pkg-static upgrade' and see if that works to install the 14.0 packages 15:48:33 i followed https://www.freebsd.org/releases/14.0R/installation/, i'm pretty sure i ran 'freebas-update install' , i just ran it again to be safe. it says 'No updates are available to install.' and running pkg --list still breaks with the same error. i skipped the ports stuff because i don't use ports 15:49:27 you run freebsd-update install three times, the third times removes old libraries. you need to upgrade your packages before the third time or this will happen. ('pkg' itself is a pkg, so you can't skip that step if you want to use pkg) 15:49:30 oh, i never ran an explicit command to upgrade packages as such 15:50:01 you can't skip that step just because you don't use ports, the page says 'ports installed from the ports tree or packages installed by pkg(8)' 15:51:00 ok, my bad. so how screwed am i now? 15:51:10 try the pkg-static command i suggested 15:51:20 pkg-static is statically linked specifically to recover from this situation 15:51:37 The commands are in that handbook link I provided and it explains all you need to know. 15:51:38 thank you. i will try 'pkg-static update; pkg-static upgrade' now 15:56:49 that worked! any point rebooting at this time? 15:58:31 my .so error for pkg is gone, it works. and also mod_oppensl in lighttpd is happy now :-] thanks so much for your help folks 16:09:06 Anyone an idea for when OPNsense 24.1 hangs in pkg update at fetching the package lists? How to force upgrade to 24.1_1? 17:30:09 2 rules can make freebsd reboot 17:30:57 pass out route-to $tun_if all ; pass in fastroute all ; then run the tun... boom... 18:31:32 Heòòp 18:31:35 Hello 18:32:18 I'm installing FreeBSD on my new thinkpad 18:32:23 Any tips? 18:33:35 help 18:35:24 nasmConnoisseur: Tell us what problems you encounter and we can help. 18:35:37 ... i need somebody... help... not just anybody... help... you know i need someone... help! 18:35:46 * xa0z lolz 18:35:52 lol 18:36:20 @mason, well first of all: how do I know if my hardware is compatible? 18:36:49 Google "hardware here" +FreeBSD 18:37:20 https://www.freebsd.org/releases/14.0R/readme/ notes the hardware compatibility list, but it's not a link, so half a sec. 18:37:21 Title: FreeBSD 14.0-RELEASE README | The FreeBSD Project 18:38:15 Hm, https://github.com/freebsd/freebsd-src/blob/e6b8c1d780b490283dd378aa560591a14583caf1/sys/dev/isp/Hardware.txt#L4 seems not as useful for laptops 18:38:16 Title: freebsd-src/sys/dev/isp/Hardware.txt at e6b8c1d780b490283dd378aa560591a14583caf1 · freebsd/freebsd-src · GitHub 18:38:33 nasmConnoisseur: what kind of hardware? 18:38:59 thinkpad e16 gen1 18:40:15 Which wireless card? 18:41:17 03:00.0 Network controller: Realtek Semiconductor Co., Ltd. RTL8852BE PCIe 802.11ax Wireless Network Controller 18:43:00 That may be your only issue. 18:43:08 Everything else looks supported 18:44:41 In case anything goes wrong I have a USB adapter that is compatible xa0z 18:45:15 nasmConnoisseur: worth looking into setting up wifibox, as long as Linux has proper support for the RTL8852BE 18:45:39 Linux does have support for it 18:45:49 basically proxies your traffic through a Linux VM, with the VM having control over the wifi card 18:46:58 What a hassle. When my Asus ROG's wireless card didn't work, I bought one on eBay for $15 that did work and swapped it out. 19:03:14 anyone know why sysutils/cpu-microcode is to be removed by a "pkg autoremove" ? I can't figure it out 19:03:57 because it's no longer a dependency of something else that has been, or is being removed. 19:04:28 yes, except in this case it's *the* package I installed 19:04:39 no wait, sorry 19:04:41 weust: iirc it was split into separate packages for intel and amd, then a separate rc script 19:04:51 see what 'pkg search microcode' says 19:06:07 it shows -1.0, -amd, intel- and -rc. but pkg autoremove shows inly -intel and -rc. this is a intel based machine 19:06:37 so mark -intel and -rc as manually installed then remove cpu-microcode 19:06:55 (pkg-set -A0 cpu-microcode-intel cpu-microcode-rc) 19:07:25 unless you really want to keep all of them i guess 19:07:49 I guess not, no need. 19:08:33 I also read about locking(wrong term?) them, but why is it listing in the first place? error in the pkg? 19:08:36 package* 19:11:02 I also know with plg I can list the dependencies of a package, but not the reverse. for exmaple, which package pulled in perl5? because I didn't do it myself. 19:11:52 try: pkg query '%rn' perl5 19:12:10 no results 19:12:17 i'm not sure what exactly changed in cpu-microcode to make it do that but i assume it's somehow related to the package split, maybe it's missing a depdency or something 19:12:46 well, does pkg remove perl5 list any dependencies? if not, nothing depends on it :-) i'm not sure how you would work out what installed it in that case though 19:12:50 Think I will email the maintainer 19:14:18 I did do a pkg all-depends on each package listed by pkg prime-list. nothing for perl5, or pcre or pkgconf. those are the other three I don't really get atm 19:19:20 thanks lw. will see what breaks in a short term, or not :-) 19:20:52 might want to check it still works the next time you reboot, but i'm fairly sure you don't need the base cpu-microcode package if you have -rc and -intel 19:25:59 I checked, I was wrong on the meta package. it's not installed. nor is the amd one. 19:26:27 just -intel en -rc 19:32:15 weust: pkg does log installs to /var/log/message, perhaps grep for perl5 and see if anything else was installed at the same time... but that won't help if it was over a week ago 19:32:34 I amsure it's was way over a week ago 19:33:15 But it's OK. if something break I will find out soon enough, I hope 19:33:32 famous last words 19:33:35 yup 19:34:08 luckily it's my home server for Samba and Poudriere. Samba won't go kaput, Poudriere maybe. will see 20:04:41 This is probably a long shot, but do any of you know how (if it's possible) to make pipewire on freebsd emulate a jack server? I figure it'd need wireplumber, which we don't have yet -- i did manage to compile wireplumber with some minor build system tweaks, and while it does seem to run and connect to pipewire, i still can't quite get the jack server bit going 20:07:58 Now you're just making shit up. 20:08:52 me? no :) pipewire has a built-in jack server, normally. 22:17:04 i suppose i could do with just jackd on oss, if there were a way to make a virtual oss device that combines multiple real devices. 22:18:08 i do believe that's the point of virtual_oss