is 'newfs -U -j -t -S 4096' readonable for a filesystem on a bhyve VM backed by zfs? i can't keep up with all the new types of su/journalling they keep adding

they added journaling ages ago

yes, but i haven't used UFS since the original softupdates

there's also two different types of journal, i guess gjournal is older and SU+J is preferred? newfs manpage doesn't really offer any guidance

yes, su+j is preferred afaik

it's also the default

as in, it's what's used by bsdinstall

both journaling and soft updates can be enabled at runtime with tunefs(8) too

Is journaling better (in terms of least data corruption & faster recovery) via "gjournal" or via "soft updates"?

journaling and softupdates and gjournal are three separate things, and SU+J are best used together

gjournal can, in theory, add journaling to any filesystem that doesn't have it

mckusick.com/softdep/suj.pdf is worth reading.

I wrote "journaling ... via "soft updates"" because of (from "newfs(8)"): -j Enable soft updates journaling ...

Read the paper to understand why it says that ;)

too long for now; will read later.

parv: btw, I was able to migrate back to CURRENT recently and tried out the drm-61-kmod package for my Arc A770 GPU, and sadly it kernel panics atm, even when I supplied the appropriate firmware bins from the linux-firmware by hand. :(

just to let you know

kenrap, Much appreciate the update. I had forgotten; after reading 2-3 times I realized why you had addressed me (because I had requested)

yeah, a month back or so :)

kenrap, Thanks to you for remembering for both of us

;)

kenrap, So do you use VESA driver instead?

parv: I went back to my other GPU for now

Ah. Ok

hello hello! I hope you all are having a great Saturday!

Hi

freshbsd.org/freebsd/src/commit/aa3b7a2 \o/

Title: FreeBSD / src / aa3b7a2 / /etc/rc add trace debug and verify - FreshBSD

Nice!

Yea, it's pretty neat

It will come in handy that's for sure :)

Happy Saturday

I've been a unix and linux user for decades but for some reason I have the hardest time understanding pam.d ... I'm trying to get winbind working for ssh, console, services, and sudo ... I can ssh in as a directory user and I can sudo for some commands (eg date) but I can'd sudo su -

/etc/pam.d/su paste.debian.net/1306872

Title: debian Pastezone

pam.d is an asshole.

Yep... on day three of fighting this

I also cannot mount any NFS shares on this new box, I get Stale NFS file handle every time

Pam and I aren't friends... I wish it was as simple as updating nsswitch.conf.

I just wish there was good documentation

Currently I can't sudo su - because it doesnt think root is a pam_winbind user

Does it work outside of sudo?

No, I can't login as root on the console anymore either

You'll prob want to boot into recovery and look at the contents of nsswitch.conf

Did you edit nsswitch.conf or only pam.d stuff?

Both

Do you remember what you set for the passwd line?

I dont think it's an nsswitch issue... it's almost certainly pam.d

passwd: files winbind

I can ssh in as a domain user and can sudo many things... I just can't switch to root because it seems to only be looking for domain users

files is in there so ya, no issues there like you said.

One sec, I run ldap so a little diff but same idea. Let me pull up my notes there. Did you remove anything from the pam files or just add?

Ok, in pam.d, I edit: sshd, su, and system

And I'm only adding lines

Which version of freebsd are you running btw?

13.2

pastebin.com/RiywNRpa <-- this is a snip from my notes for how I edit pam.d

Title: sshd```bashvi sshd``````bash## $FreeBSD$## PAM configuration for - Pastebin.com

bsd.to is throwing http 500 errors.

Thanks for sharing that

It's ldap instead of winbind but should at least serve as a reference for what I added and where. Just look for the ldap lines.

Yep going to try and emulate

Damn its just getting worse now

Can you restore the pam.d files to their orig?

I did, and that gets me back in with local users

Ok good! In theory you should be able to drop the winbind entries into the same spots I did my ldap entries.

I'm on FreeBSD 14-release so my files look different from yours ... but I essentially dropped them in the same place

Now auth.log shows success but ssh and sudo still fail

Do the logs say why they failed?

pam_winbind(sshd): user 'XXXX' granted access

Failed keyboard-interactive/pam

I gotta run, going to a bday party.

I wish you luck

I'll be back later today tho

No updates needed to update system to 13.2-RELEASE-p9.

freebsd-version -k > 13.2-RELEASE-p8

why?

i have done freebsd-update -r upgrade for 13.2 and did run install 3 times + rebooted

freebsd-version -kru ?

pretty sure the kernel did not change in -p9

twice 13.2-RELEASE-p8 and third pos 13.2-RELEASE-p9

freebsd-update install > No updates are available to install.

your userland is at -p9, the kernel did not change after -p8 and you are running -p8, all fine

lsof: WARNING: compiled for FreeBSD release 13.2-RELEASE-p9; this is 13.2-RELEASE-p8.

that seems to be a bug in how lsof detects the freebsd version

so i was useful

:)

ah, well, while building packges in poudriere you can't know what the kernel version will be, so the userland version gets compiled in for that bugs.freebsd.org/bugzilla/show_bug.cgi?id=225986#c27

Title: 225986 – sysutils/lsof false warning

ok

hm php 8.2 yourls installed. configured. under nginx all php pages blank. running directly php info.php does not produce any error. in nginx error nothing. access log shows 200

in php.ini errors turned on

i cant get any php in web showing up. all blank

php-fpm

this was pkg upgrade from php 7 as well

i mean no error

so nginx gives 200, no error on logs, from command line works info.php for example but when requesting over web server then blank

hm php-fpm is configured ritgh way and nginx uses same socket

ivaat: obviously not or it would be working. do you want to share your configs or should we just guess

rtprio, if socket would be wrong then nginx would throw error. i get 200 ok. sharing conf right now. one moment

it's probably php that's unhappy; turn up the logging for it

rtprio, www.conf for php-fpm paste.ovh/view/6842b91e | nginx.conf paste.ovh/view/d3bc319a | paste.ovh/view/f0560b74

Title: nginx.conf - paste.ovh - troubleshoot easily

error loggin is turned on

on command line php does not print any error

when executing php info.php for example

i suspect that your app is more complicated than info.php eh

did you turn up errors in php.ini too ?

ovh has their own TLD? what a bunch of clowns.

app may be complicated than that but phpinfo should run too.. all php files under freebsd 13.2 nginx, php-fpm php 8.2.14 over web white blank page

in old php 7 worked.. this was upgrade

and the app supports php 82?

turn up the error level and logging in php.ini too

yes but again simple <?php phpinfo();?> should work as well

ivaat: Start removing all the stuff from line 9, up to (including) line 124, save and exit. make sure there is no mistake, so check with: nginx -t and if it says OK, then reload nginx with; nginx -s reload

and finally try a sample php file again.

Title: nginx.conf - paste.ovh - troubleshoot easily

adding the file into; /usr/local/www/shareurl.net/http/sample.php and checking with: yourwebsite/sample.php

thats what i did

you think sql injectiopn protection rules may affect?

i will try

used to work

nope, nothing

location / { try_files $uri $uri/ /yourls-loader.php$is_args$args; }

What's this?

this yourls docs nginx rule

yourls is php app

ivaat: Do you have /usr/local/etc/php.ini file

?

ivaat: You removed an older version of PHP and installed PHP 8.2, have you created/updated your /usr/local/etc/php.ini file?

yes i copied for test production ini file to /usr/local/etc/php.ini

cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini

ivaat: How about the content of /usr/local/etc/nginx/nginx.conf?

tercaL, i removed the lines you recommended. did not help

Pastelink the /usr/local/etc/nginx/nginx.conf file please.

tercaL, paste.ovh/view/484017dd

Title: nginx.conf - paste.ovh - troubleshoot easily

i have to go for today. thank you for responding

hmm, what does this mean Feb 10 19:33:15 thyme gssd[913]: gss_acquire_cred: principal_name for non-root

only one more PR and then I have nothing else assigned \o/