00:54:36 <johnjaye> rtprio: first thing i do for any irc client
00:55:19 <johnjaye> ZedHedTed: the counter to the one that joins, asks, and leaves is the one who sits patiently waiting, but only one person responds, and they answer every question with another question.
01:04:25 <V_PauAmma_V> And there, there's me. I came in in 2019 with a question and never left. :-)
01:05:21 <rtprio> same, but 1999 or so
01:11:23 <mns> n/28
01:11:34 <mns> wrong window :(
01:20:55 <rtprio> too many windows, nms
01:20:57 <rtprio> too many
02:00:19 <scoobybejesus> i'm getting stuck.  i have zfs on root, mirrored, nda0 and ada0, booting from nda0p1 (efi). i need to be able to boot from ada0p1 so i can zfs replace nda0 with a new drive.
02:09:11 <scoobybejesus> `dd if=/dev/nda0p1 of=/dev/ada0p1 bs=1m`   << seems like that should put the necessary bootcode where it needs to be.
02:12:49 <scoobybejesus> `efibootmgr -a -c -l /boot/loader.efi -L efi-new` gives me an error "efibootmgr: Cannot translate unix loader path '\boot\loader.efi' to UEFI: No such file or directory"
02:26:26 <scoobybejesus> forgive me for rubberducking, but here we go.  `mount -t msdos /dev/ada0p1 /mnt` so i have access to the actual loader bin. then `efibootmgr -a -c -l /mnt/efi/boot/BOOTx64.efi -L efi-new` and it seems there's a new entry now. time to reboot, swap nvme, and hope i boot into ada0
02:28:57 <scoobybejesus> we're booting!
03:10:10 <remiliascarlet> I installed a network card (PCIe) some time ago, but can't seem to get it online, even though the card itself gets recognized by FreeBSD just fine. Anyone knows why? Card in question is igb0@pci0:2:0:0, Intel I210 Gigabit Network Card.
03:10:50 <remiliascarlet> But even assigning an IP or even DHCP won't make it connect.
03:36:40 <voy4g3r2> remiliascarlet: what does your /etc/rc.conf have for the card?
03:39:09 <remiliascarlet> voy4g3r2: ifconfig_re0="DHCP" and ifconfig_igb0="DHCP"
03:40:17 <voy4g3r2> the realtek one works.. but the igb0 one does not?
03:40:23 <remiliascarlet> Yes.
03:47:14 <voy4g3r2> and ifconfig igb0 shows anything?
03:47:31 <voy4g3r2> i take it you ahve done this stuff already, probably
03:49:40 <remiliascarlet> voy4g3r2: Yes, ifconfig igb0 shows the flags, options, the MAC address, media type, and status as "active", but no IP address.
03:53:46 <voy4g3r2> scoobybejesus: that was a fun experience.. i just did something similar myself but went from ada0 to nvme
03:55:30 <voy4g3r2> remiliascarlet: last question, does it work if you have a static ip address?
03:56:30 <voy4g3r2> something like this: https://dpaste.org/4b84h
03:56:31 <VimDiesel> Title: dpaste/4b84h (Plain Text)
03:56:39 <voy4g3r2> this is my rc.conf related to network
03:58:54 <remiliascarlet> voy4g3r2: As I already said, it doesn't. Neither static nor DHCP.
04:06:34 <remiliascarlet> voy4g3r2: Just curious, what does "cloned_interfaces" exactly do?
04:06:42 <remiliascarlet> Just to check if my assumption is correct.
04:07:22 <remiliascarlet> Also, is "netmastk" a typo?
04:07:59 <voy4g3r2> it is setting up virtual nics for bhyve and jails
04:08:11 <remiliascarlet> Oh, so not what I thought.
04:08:13 <voy4g3r2> so it will make "copies" of re0 for use in the subsystems and bridge them
04:08:28 <voy4g3r2> and i have a typo.. errr
04:08:47 <remiliascarlet> I was expecting something like "in case network card 1 fails, automatically switch to network card 2".
04:09:08 <voy4g3r2> i am not sure if you can do that
04:09:35 <voy4g3r2> the context i was helped with, make epair (jails) tap (bhyve)
04:09:35 <remiliascarlet> If you could, it would be really useful.
04:09:59 <voy4g3r2> so i can have 2 bhyve instances running at once and a jail running
04:10:03 <voy4g3r2> if you want more that add more :)
04:10:25 <voy4g3r2> and i am not 100% sure why your situation is happening but figure maybe showing mine would spark an idea
04:10:34 <remiliascarlet> I don't really have any usecase for jails myself.
04:11:03 <voy4g3r2> i started doing my manual pages craziness with a jail then transitioned to bhyve when it made more sense to do that work in a -CURRENT instance
04:11:15 <voy4g3r2> since my base is 14.0 can not make a jail that is higher than base
04:12:12 <voy4g3r2> with bhyve i was even thinking of trying haiku
04:12:21 <remiliascarlet> Maybe the one usecase I can think of would be to put Steam in a jail, but Steam doesn't even work on FreeBSD without a jail to begin with anyway.
04:12:22 <voy4g3r2> or plan9front keeps coming up in my youtube stuff
04:12:49 <voy4g3r2> i have thought about doing a jail for my git server
04:13:00 <voy4g3r2> right now i am just using a git user and a spot on zfs
04:13:14 <voy4g3r2> and for some reason my bhyve instance lags when i try to commit to git
04:13:28 <voy4g3r2> too many ideas, not enough time
04:13:36 <remiliascarlet> I tried both. Haiku installs in under a few seconds, but crashes a few minutes in after installation. And 9front has the issue that I can't get my mouse working no matter what, and the OS is a mouse centric system.
04:14:38 <voy4g3r2> a very "weird" mouse centric system at that
04:14:49 <voy4g3r2> the concept is quite neat but it is like.. what use case
04:15:06 <voy4g3r2> and be was just awesome .. so there is that
04:34:33 <voy4g3r2> does anyone know of a way to "figure out" if a package is a contrib package in base without going to each file?
04:34:50 <voy4g3r2> i was thinking that everything in contrib/ would be the whole thing.. but that is clearly not an all inclusive list
04:35:14 <voy4g3r2> https://wiki.freebsd.org/ContribSoftware <-- not really sure if this is even accurate
04:35:16 <VimDiesel> Title: ContribSoftware - FreeBSD Wiki
05:54:34 <kevans> voy4g3r2: contrib/, sys/contrib, crypto/
05:55:26 <kevans> oh, and sys/cddl, sys/gnu
06:05:07 <kevans> and cddl/
11:47:00 <voy4g3r2> kevans: thank you!! perl scripts are now being updated..
11:52:23 <voy4g3r2> and one wonders, why i did NOT ask that question earlier :)
12:03:15 <voy4g3r2> remiliascarlet: https://man.freebsd.org/cgi/man.cgi?query=lagg&sektion=4&format=html <-- this looks like how you could do "aggregation" of network connections.. but i do not think it oculd work with that bridge thing.. tap0 epair0 stuff
12:03:16 <VimDiesel> Title: lagg(4)
13:15:38 <mage> stupid question, how many jails is too much jails ?
13:16:53 <mage> I'm currently hosting 50+ webapps and I was wondering about the feasability of having one jail per webapp
13:17:26 <mage> (currently I have one jail for Python webapps, one jail for Ruby webapps, one jail for PHP webapps, etc)
13:19:36 <mage> it would ease deployment of those webapps as I was planning to have one zfs dataset per webapp, so the plan is to create a new zfs dataset on the "build" machine, build stuff, and simply use zfs send/recv to redeploy
13:57:34 <voy4g3r2> mage: beyond the environments using different technology stacks are they all using the same web server? as in nginx or apache or whatever?
13:57:52 <voy4g3r2> the first thing that pops in my head.. that is a lot of jails to manage.. where the main focal points are 3 technology stacks
15:08:33 <JohnGalt> I have a laptop with a Intel Graphics Iris Xe on a 12th gen i7 system
15:09:01 <JohnGalt> (frame.work) it doesnt detect and when I load i915kms it hard locks
15:09:13 <JohnGalt> Is this a known issue?
15:34:54 <jbo> JohnGalt, has been encountered before - yes
15:34:56 <kevans> voy4g3r2: I don't know, but I don't blame you for asking (it's a mess) or for not realizing these other directories are generally contrib (who isn't going to be blindsided by crypto/ being contrib?) :-)
15:35:03 <jbo> JohnGalt, FreeBSD & DRM versions?
15:35:09 <jbo> kevans, I was just thinking of you :>
15:35:12 * kevans runs
15:35:15 <jbo> kevans, any news on the newlib efforts? :D
15:36:36 <kevans> mage: 999999 is too many jails
15:37:00 <kevans> jbo: no, sorry; trying to push through this last bit of effort to wrap up my ecc branch
15:37:18 <jbo> kevans, no need to apologise :o
15:37:25 <jbo> I'll just be salty about it :>
15:41:33 <scoobybejesus> voy4g3r2: did you come to learn anything about nvd vs nda vs nvme?  my drive is an nvme that i'm replacing, but i don't understand why i see nvme0, nda0, and nvd0 in /dev, and in `zpool status`, `geom disk list`, and `gpart show` it uses nda0
15:42:08 <scoobybejesus> if there is a resource to read about these, that summarizes a comparison with notable points, that might be super useful
15:42:14 <kevans> jbo: heh :-)
15:42:34 * jbo boots a VM to do CM4 development :<
15:43:36 <kevans> if this ecc branch hadn't just reached its three year anniversary I'd be more than happy to deprioritize it, but I do want to get it out of my local tree
15:43:59 <jbo> kevans, fully understood :)
15:44:06 <jbo> kevans, curiosity: ecc?
15:44:29 <kevans> https://en.wikipedia.org/wiki/Elliptic-curve_cryptography
15:44:30 <VimDiesel> Title: Elliptic-curve cryptography - Wikipedia
15:44:40 <kevans> as an alternative to RSA for signing
15:44:48 <jbo> kevans, so ed25519 et al?
15:44:50 <kevans> yeah
15:45:19 <jbo> kevans, what exactly are you working on?
15:45:34 <kevans> pkg
15:46:02 <jbo> ah, that is nice. I'll gladly nuke my RSA keys
15:46:18 <jbo> kevans, you wouldn't be rolling your own crypto tho, right?
15:46:40 <kevans> oh yeah. :-) no, not at all
15:53:12 <voy4g3r2> scoobybejesus: i could never figure out 100% it was my understanding that nvme is the controll and nda is the drive
15:54:04 <voy4g3r2> scoobybejesus: i used this great article from mason to help me with the clone: https://wiki.freebsd.org/MasonLoringBliss/ZFSandGELIbyHAND
15:54:04 <scoobybejesus> coolio thanks for the input
15:54:04 <VimDiesel> Title: MasonLoringBliss/ZFSandGELIbyHAND - FreeBSD Wiki
15:54:11 <scoobybejesus> ah awesome
15:54:30 <voy4g3r2> and lw brain
15:54:40 <voy4g3r2> awesome work and i got tons of onenote stuff
15:56:14 <voy4g3r2> i started with lw and then went on what mason shared to fill in holes
15:56:31 <voy4g3r2> i had issues with the efi partition stuff .. i had the situation where my old drive, tiw as using that efi partition and not the new one nda0
16:12:15 <dch> mage: 1000 jails is quite common. over that it gets less common.
16:22:49 <souji> What tool do do you use to manage that many jails?
16:23:26 <jbo> sysutils/cbsd is nice for larger setups. it allows to register multiple nodes, migrate between nodes etc.
16:24:49 <souji> I tried to use cbsd once, but never realy got the hang of it. It looked quite complex tbh
16:25:04 <jbo> cbsd jconstruct-tui
16:25:07 <jbo> cbsd jstart
16:25:08 <jbo> done :D
16:25:23 <jbo> cbsd --help if in doubt
16:25:24 <jbo> and docs
16:25:31 <jbo> and author is very responsive too
16:25:49 <souji> oha
16:26:32 <souji> In that case I was probably just stupid.... xD
16:27:27 <souji> Does cbsd also utilises ZFS like bastille does?
16:27:52 <jbo> yes
16:28:30 <jbo> I once had to move an entire jails dataset to a different pool and it worked flawlessly too.
16:28:56 <souji> that's pretty nice
16:29:27 <jbo> CBSD 14.0.4 was released yesterday and it now explicitly requires to have a separate dataset
16:29:43 <jbo> so newcommers should not run into the zfs-on-root-with-cbsd issue anymore
16:30:46 <souji> If I remember correctly cbsd required sudo, is it possible to build it without it?
16:31:39 <souji> I will definitely try cbsd again :)
16:31:50 <spmzt_> Hi, I have a question about openssl and x509. I'm trying to sign my intermediate ca csr by root ca. but I'm getting this error: "Signature did not match the certificate request" could anyone help me to understand what does it mean?
16:33:12 <jbo> souji, nope, cbsd requires sudo to do it's magic. the only reason I still have sudo over doas :(
16:33:41 <jbo> souji, main issue is that doas does not support wildcards
16:33:50 <souji> jbo: ahhh thats to bad
16:33:54 <jbo> souji, https://github.com/cbsd/cbsd/issues/83
16:33:57 <VimDiesel> Title: doas support · Issue #83 · cbsd/cbsd · GitHub
16:33:57 <VimDiesel> 83 – System crash after abrupt end of slip session https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=83
16:34:01 <jbo> souji, https://github.com/cbsd/cbsd/issues/536
16:34:04 <VimDiesel> Title: Usage of sudo · Issue #536 · cbsd/cbsd · GitHub
16:34:04 <VimDiesel> 536 – No copyrights in usr/src/lib/libc/stdtime https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=536
16:37:43 <souji> ok, I see the issue... it seems like the is no easy solution to that
16:42:43 <souji> spmzt_: I don't know about openssl but if you only need to do that for a development environment I can recommend the CLI tool from smallstep. I found it easier for working with certificates on the command line than openssl.
16:42:47 <souji> https://github.com/smallstep/cli
16:42:48 <VimDiesel> Title: GitHub - smallstep/cli: 🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.
16:47:48 <skered> There's also easyrsa (I think that the name).
16:48:41 <skered> easy-rsa
16:51:53 <spmzt_> souji: thank you, saw smallstep before. but for now, I need to use openssl. The error is so confusing. I can understand what a signature is in a CSR, But I can't understand what exactly is being compared to it?
16:58:52 <souji> spmzt_: fair enough. I'm sorry, but I also have no clue what this error refers to...
17:08:52 <spmzt_> Solved. but I still can not understand why a CSR with exact same parameters and extensions generated by openssl would not do the job, but the yubikey's tool (ykman) can?!
17:15:16 <scoobybejesus> i think i messed up.  there are no empty sectors at the end of my new, bigger, disk.  i just `gpart resize -i4 nda0`, and it took all the space.  but i want to leave space at the end.  what do i do now?
17:17:00 <scoobybejesus> can i just destroy the partition and create a new one?  it's just a partition scheme, right?  nothing should be filling the second half of the disk yet.
17:17:37 <cracauer> Why wouldn't you?
17:17:54 <cracauer> If you didn't create a filesystem on the partition yet.
17:18:28 <scoobybejesus> well, i spent 13 hours resilvering
17:19:15 <SponiX> sounds like a good time
17:19:20 <scoobybejesus> i am replacing the disks in my mirror zroot with larger disks.  this was the first disk
17:20:25 <cracauer> Oh. Yes, I did the same thing at least once.
17:21:19 <scoobybejesus> From what I understand, deleting the partition does not delete the data.  So as long as the partition starts in the same place it does now, I should be alright to delete it and recreate it a bit smaller.  I hope.
17:21:47 <cracauer> Yes. And another resilver would uncover problems.
17:21:56 <scoobybejesus> Ah true
17:24:47 <scoobybejesus> now the device is busy.  maybe i need to offline it from the pool first.
17:57:42 <voy4g3r2> scoobybejesus: do you have a backup of your data? you can resize a partition but if anything is "off" you may lose data
18:21:53 <scoobybejesus> i have everything already on the other (ada0) drive of the mirror that i just resilvered from.  so i pulled nda0 offline, ran gpart backup ada0 | gpart restore -F nda0, and put nda0 back online. and then initiated a scrub. so far so good.
18:22:48 <scoobybejesus> the next time i resize, i will specify a size. hopefully i get it right.  gpart doesn't have a -n for a dry run
20:31:18 <voy4g3r2> scoobybejesus: nice!
20:31:40 <voy4g3r2> the one area that got me was making sure ebiboot knew about the other location
20:35:04 <voy4g3r2> kevans: yeah, well maybe i should write that down somewhere.. i have gone down the freebsd wiki rabbithole and man there is just "stuff"
20:35:22 <voy4g3r2> but it adding those directories, i found 6 more "contrib" packages that are no correctly aligned
20:35:37 <voy4g3r2> oh look at that.. the re0 kicked me off my ssh sessions
20:35:38 <voy4g3r2> errr!!
20:37:11 <voy4g3r2> scoobybejesus: so the efi boot partition is all fixed now and you are just scrubbing? may i ask why a scrub? i did not do that
20:37:15 <voy4g3r2> probably should
20:46:40 <scoobybejesus> ssd's will do wear leveling and basically whatever they want under the hood. i had expanded the partition to larger than i wanted it. after putting the partition back how it was previously, i wanted to ensure that all the data was still in place where i left it.  the scrub completed (0B repaired), so now i will put the bootcode back on nda0 and swap out ada0
20:47:02 <scoobybejesus> well.. after i resize correctly
20:47:16 <voy4g3r2> with such great power, requires great patience
20:47:19 <voy4g3r2> i got sucked into that area myself
20:47:23 <voy4g3r2> but glad you were able to get through it
20:49:19 <rtprio> i didnt know you could expand a mirror, i thought it was only a raidz
20:49:53 <voy4g3r2> rtprio: i picked from that mason article
20:50:07 <voy4g3r2> i did not do the mirror stuff but it had nuggets in there that helped with the efi stuff
20:50:15 <voy4g3r2> kevans: https://github.com/chrisdavidson/manpages/blob/master/tools/parse_broken_refs.pl <-- all fixed :) thanks again
20:50:16 <VimDiesel> Title: manpages/tools/parse_broken_refs.pl at master · chrisdavidson/manpages · GitHub
20:54:31 <rtprio> well cool
20:54:46 <rtprio> my sector size is wrong so sadly i can't expand the pool
20:54:55 <rtprio>  ada6    ONLINE       0     0     0  block size: 512B configured, 4096B native
20:55:11 <rtprio> (i mean i could, but the new drives would also be 4096 native)
22:40:07 <scoobybejesus> feels great to have 932G available
23:08:35 <mattie> I am geting bad PIN with gnupg and a yubikey with gpg when I have tested the pin on other machines and the pin is ok, also gnupg does not start a pinentry but instead prompts for a password
23:08:56 <rtprio> do you have pinentry installed?
23:09:02 <mattie> FreeBSD 14/gpg 2.4.3
23:09:04 <mattie> yes
23:09:21 <mattie>  /usr/local/bin/pinentry-curses
23:10:36 <mattie> sometimes it spams gpg-agent CONFIRM 1
23:11:21 <mattie> I was able to set the pin tries to 10, so I know the yubikey works
23:12:06 <mattie> clearly I cant keep trying things because it blocks, and I have to unblock it
23:24:56 <mattie> also I cant get a drm driver to load for my intel Iris Xe card, FreeBSD 14, tried loading i915kms and it hard locked