00:21:23 kevans, I admit not to being very familiar with postgresql. Not for any reason except that other people direct me to I have always run MySQL now MariaDB. 00:21:41 Most of the time those will upgrade in place. But sometimes notable versions will just fail to upgrade. Therefore I always make an SQL backup dump before the upgrade. Then either upgrade or purge and install. Then load the backup. That's a guaranteed way to success. 00:25:20 rwp: minor versions can upgrade in place, e.g. 16.0 to 16.1. major versions cannot upgrade in place, you have to run pg_dumpall 00:25:57 this is well documented in the manual and, i would assume, familiar to any postgres operator 00:31:14 do you ever start a buildworld and by the time it's done you can't remember what you were trying to test? 00:32:07 All of the time! All of the time. 00:32:42 I must keep notes about what I am doing or I lose the juggle. Especially for things which take a while and therefore I try to do multiple things timeslicing. 02:26:44 https://forums.freebsd.org/threads/a-solid-howto-with-bhyve-on-freebsd-14-and-windows-11.92236/#post-652613 02:26:45 Title: bhyve - A solid HOWTO with BHYVE on FreeBSD 14 and Windows 11 | The FreeBSD Forums 04:30:17 I messed up. I tried updating a machine while it was updating (I thought I was logged into another machine.). Now I get some version of "ld-elf.so.1: Shared object "libutil.so.9" not found, required by "sudo"" when I try to run anything 04:30:54 I'm a bit beyond what I know to recover from this 04:39:53 trying to login from the console gives the same (but with login instead of sudo in the error, unsuprisingly) 04:40:49 If I can boot the vm from a cd image, can I repair? 05:00:36 gp5st: sometimes this kind of issue can be fixed with 'pkg -f upgrade' to reinstall everything 05:00:57 I can't run pkg or sudo because it complains about missing libraries 05:01:12 ah you can't log in at all? that's unfortunate 05:01:28 what version were you previously running and what did you upgrade to? 05:01:36 I'm going to try to copy /lib /lib64 and most of /usr and see if I can get something working 05:02:05 13.2 to 13.3 but I think I ran freebsd-update install at the same time as another one was running 05:02:15 otherwise I'm not sure what I did :-\ 05:02:38 i suggest booting from install media, if you can, and use freebsd-update -r to complete the upgrade 05:03:04 OK 05:03:04 you may need to mount your existing system on /mnt or whatever to do that 05:03:50 gp5st: but wait, if you can get a root shell, try pkg-static 05:04:09 i can't get a root shell since I can't sudo, su, or login :/ 05:04:10 e.g. reboot, at the loader prompt type 'boot -s', get single user root shell, run pkg-static upgrade -f 05:04:45 ah, ok, let me see 05:16:41 can I boot on a microvm on Qemu KVM??? 05:17:04 something like: https://www.qemu.org/docs/master/system/i386/microvm.html 05:17:05 Title: ‘microvm’ virtual platform (microvm) — QEMU documentation 05:17:17 but like on x86 64 05:17:27 so ignore URL 05:17:44 actually noo URL is good 05:17:45 aaaaa 05:18:01 it's a digitalocean vm 05:18:36 I want to run on my Thinkpad locally 05:19:01 oh sorry, I misread 05:19:05 with minimal amount of motherboard emulation 05:19:12 it's okay 05:19:26 typed it like a shitstorm, but we got there 05:19:27 sry 05:19:30 lmao 05:22:40 mmmm virtiofs 05:23:05 can I build FreeBSD from Linux? 05:23:45 I want to hack on the kernel from the Linux side until I can virtio all the things 06:05:14 yay I got a cool thingy to do the happy dance 06:05:25 Got the nographic installer looking hella pretty 06:05:35 love the EFI boot menu on FreeBSD 06:05:40 it's so preeettttyyyyy 06:05:44 O.o 06:08:28 qemu goes brrr 06:08:39 installing git on FreeBSD :) 06:08:49 can I plan9 share myself or something??? 06:08:55 that'd be really really nice 06:08:57 frfr 06:09:13 I'd love y'all forever if that was like a thing 08:46:07 What -exactly- is the difference between the -memstick and the -disc images? 08:49:20 The one is flashable to USB, and the other is burnable to DVD or usable on VMs. 08:51:34 remiliascarlet: Yes, that's what I'm thinking, too. But - e.g. the proxmox image does not diffeentiate between those two. 09:00:12 OK, seems that it does not make a difference for amd64, but for any other architecture. From /14.0R/announce/ "Additionally, this can be written to a USB memory stick (flash drive) for the amd64 architecture" 09:34:22 hi all 09:45:57 hi there adilix 10:43:08 * meena builds lw's new MINIMAL kernel to see if it'll boot 10:58:20 wy isn't there a way of saying: don't build the modules 10:59:39 my laptop consistently gpu crashes every 2 days 10:59:46 only the mouse cursor still works 10:59:49 and audio 11:03:36 oh, the VM has 4 vCPU / 4 GB RAM… that's why this is taking forever 11:05:52 sfox: you getting any dumps? 11:06:57 no 11:07:14 it doesn't dump. i have to hold the power button 11:07:53 does anything appears in /var/log/messages BEFORE you do the power button check? 11:10:39 lots of complaints about the atheros wireless driver 11:11:03 some gpu stuff 11:13:24 https://dpaste.com/EMRERXYLX.txt 11:18:20 www.nuegia.net/dist/messages 11:22:28 So the wifi guide for FreeBSD involves editing /etc/rc.conf to provide ifconfig flags, and also editing wpa_supplicant for adding entries, this is all well and good apart from when you are on the move and switching between networks... I don't want to be broadcasting saved networks (no autoconnect) as that will leave me vulnerable to evil twin attacks, secondly, switching between WPA at home, and 11:22:30 public unencrypted networks at university is troublesome as I keep needing to change /etc/rc.conf, I am aware this is a role of a network manager... but I don't want to use something really heavy... is there any simple network managers... or even a simple way to handle this with less mental overhead? 11:30:37 If you're looking for a GUI network manager, there's wpa_supplicant_gui. Otherwise, there's wpa_cli. 11:31:30 (wpa_supplicant_gui is a package. wpa_cli is installed with the base system.) 11:40:37 just got a 2nd person reporting weirdness with rc.d scripts in jails in 14.0-RELEASE that only start if run manually 11:41:37 I can reproduce this, but .. maybe I am doing this completely wrong? 11:43:56 dch: works fine here. maybe you are doing it wrong, or maybe I'm just lucky :) 11:44:34 SKull: yea I am making a minimal rc.d script in the hope of finding some insight 11:45:35 this example https://docs.freebsd.org/en/articles/rc-scripting/ doesn't run at startup for me 11:45:36 Title: Practical rc.d scripting in BSD | FreeBSD Documentation Portal 12:03:29 dch, can you be more specific? Which example are you trying? (Also, I suspect that article needs a refresh. Going by the copyright years, it hasn't been substantially updated for 12 years. 12:03:37 ) 12:07:00 V_PauAmma_V: take the very first example script, #3 a dummy script, it doesn't work. 12:07:18 it's not supposed to do anything... 12:08:00 babz: it is supposed to execute, which it doesn't. 12:08:02 what do you count as workng ? 12:08:15 running rc_startmsgs=YES rc_debug=YES dummy_enable=YES dummy_flags=flagging 12:08:25 I would expect to see something in syslog from it 12:09:23 a slightly fancier one also isn't executed 12:09:38 https://www.irccloud.com/pastebin/7LmRzJR9/%2Fusr%2Flocal%2Fetc%2Frc.d%2Fdummy 12:09:39 Title: Snippet | IRCCloud 12:10:36 when the jail is restarted, this script is never run 12:10:58 and yet, `jexec wtf service dummy start` shows it executing happily 12:14:37 I think it has to have the `# PROVIDE: dummy` to run at boot 12:15:26 OK, that article definitely needs a refresh. The examples don't include the magic lines specified in rcorder(8), including the one you just mentioned. 12:16:17 it does ? 12:16:29 are we reading the same page ? 12:16:43 https://docs.freebsd.org/en/articles/rc-scripting/#rcng-hookup 12:16:44 Title: Practical rc.d scripting in BSD | FreeBSD Documentation Portal 12:17:25 Oh, I was looking at the same early examples dch mentioned. 12:46:04 babz: if we're going to have tutorials then they should work OOTB 12:59:30 how do you stop a process supervised with daemon(8) from restarting? a simple example: daemon -r -R 3 ls / 12:59:49 outside of sigkill to the daemon process 13:02:27 llua got to kill the daemon itself, signals aren't propagated to the child 13:02:59 ok, thank you 13:04:10 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212829 has more details 13:04:20 I logged it only 8 years ago 13:44:43 llua, dch: i've put togehter https://reviews.freebsd.org/D44944 13:44:44 Title: ⚙ D44944 daemon: Add -C (--restart-count) option 13:45:23 meena: ^^ otis has a thing, I think you looked at this a while back 17:21:04 favorite stack for freebsd observability? already heard grafana, prometheus, netdata, and collectd. what else are ppl using and liking? 17:49:22 alepzi: munin 17:50:17 added to list ty ridcully 17:54:10 polarian: broadcasted out of the house? what? 17:56:47 rtprio: I am not a wifi expert, but what I know of it is when you attempt to join a wifi network you are broadcasting a request for a specific SSID 17:57:10 this can then be intercepted by a malicious user, and then a fake network can be broadcasted, your device then automatically connects to this 17:57:15 Evil twin attack... 17:57:40 I don't want to keep wpa_supplicant from looking for saved networks 17:58:27 I think WiFi networks can only ever be treated as untrusted networks. Don't let it fool you that it includes some weak encryption into thinking it is secure. 17:58:32 do you do that for all your devices? that sounds incredibly inconvenient 17:58:41 but, sure, ok 18:00:15 maybe you can set up wifi with public key auth? 18:00:32 so evil twin won't have the key you set it up with? 18:17:05 alepzi, WiFi is a product of the Wi-Fi Alliance a consortium of equipment vendors who make money licensing devices. 18:17:11 They operate behind closed doors. They are notorious for creating brand new standards with design flaws. 18:17:16 Every time they release a new generation and standard then security researches look at it and go, "Oh man... If you had only let us comment on this awful thing before you make it a hard requirement. Here's the list of problems with it." 18:18:46 WiFi is the available radio network but I would never treat it as a trusted network. WiFi is always going to be an untrusted network. Which is okay if you treat it that way. 18:18:51 so no pub key auth? lmao wifi 18:19:33 rwp: thats not what I mean 18:19:59 rtprio: I disable autoconnect... and turn off the antenna when I am not using it 18:20:00 The Wi-Fi Alliance is really meant as a way to make money licensing the logo that vendors put on retail packaging. 18:20:23 Its how I run a Linux laptop, I manually connect when I want to... other than that it shouldn't connect. 18:21:22 alepzi: that would require compatible APs 18:21:31 and off the shelf consumer APs aren't going to cut it 18:21:33 polarian, If my machine connects to an Evil Twin that's going to be annoying but I won't be worried about security. 18:22:01 also theres one additional issue leaving an antenna broadcasting... 18:22:09 its constantly draining power trying to find a AP 18:22:10 Basically if I ma connected to an Evil Twin then I will start to see network failures as certificates fail to validate and connectivity is rejected. 18:24:00 rwp: I heard from someone that without TLSv1.3 channel bindings this can be bypassed too 18:24:05 how? they never gave me a reference to how you can 18:24:25 but TLSv1.3 channel bindings are not widespread supported currently (at least I know it isn't for the XMPP community) 18:24:53 There are also various attacks against the various TLS versions too. But again those are at the layer below. Those attacks do not void things like https or ssh connections. 18:26:08 I am not a fan of the centralized Certificate Authority model of https but regardless that is the security model that has been adopted to keep connections secure. And of course ssh has Trust On First Use which protects the 2nd connection. 18:26:23 rwp: you are free to make your own trust store :) 18:26:42 And of course for OpenVPN connections we do make our own trust store. 18:27:35 I am just saying that when I take my mobile device to a coffee shop or airport I always assume that I am operating in a hostile environment. Trust No One! 18:31:40 maybe we could set something up so you can allow anyone open wifi connection, but they can't pass any data unless they use pub key auth to a sidecar? 20:29:03 can I use dma to fetch imap mail? 20:36:34 https://fosdem.org/2024/schedule/event/fosdem-2024-3282-soft-reboot-keep-your-containers-running-while-your-image-based-linux-host-gets-updated/ 20:36:36 Title: FOSDEM 2024 - Soft Reboot: keep your containers running while your image-based Linux host gets updated 20:36:41 wonder if freebsd could do that with jails? 20:42:49 concussious: I dont think so, since it's a MTA 20:43:13 https://man.freebsd.org/cgi/man.cgi?query=dma&sektion=8&format=html 20:43:14 Title: dma(8) 20:44:18 I have a text file that somehow became corrupted or it contains some unprintable chars or something 20:44:21 not sure how that might have happened 20:44:29 is there a way to clean it ? 20:47:30 for some reason file patch.diff thinks it's a binary file 20:51:02 souji: I didn't either, and didn't see anything that seemed appropriate in dma(8), but I just wanted to check here. thanks! 20:52:15 concussious: no worries :) 21:07:46 what do I have to put into loader.conf for a verbose boot? 21:13:07 boot_verbose=YES 21:19:44 i'm running into problems with my locally compiled pkgbase repo 21:20:44 the kernel (+ its -dgb) package have FreeBSD_version: 0 as annotation instead of the true kernel ABI version number 21:20:59 which causes pkg(8) to refuse the repo 21:22:43 crest: wow, how'd you do that? 21:22:53 meena: no idea 21:23:07 about why it broke 21:23:16 kevans: now I just need to figure out howto scroll in the qemu(?) window… or maybe switch to serial console to do that?? 21:23:25 let me check the older versions maybe it's only that the latest pkg 1.21.x notices this? 21:24:28 nope my 14.0p5 repo has a valid ABI version 21:24:58 kevans: https://github.com/freebsd/freebsd-src/pull/1199 in case you know any better 21:24:59 Title: sys/amd64/conf/MINIMAL: remove virtio by llfw · Pull Request #1199 · freebsd/freebsd-src · GitHub 21:29:27 meena: probably need virtio_blk as well 21:29:32 maybe 21:30:34 ideally we wouldn't be removing virtio at all until loader can actually autoload beyond fdt 21:32:14 why not remove the ahci driver while you're at it 21:32:22 and nvme 21:33:05 how much code size do the virtio_* drivers add to the resulting kernel (assuming you don't rip out all of pci)? 21:33:23 removing virtio is well within the scope of the ultimate design of MINIMAL 21:33:26 it's just that we're not there yet 21:34:14 isn't it more imporant to boot in common hypervisors without having to load moduls on the loader prompt to even add the device drivers back in via loader.conf? 21:34:53 because i suspect small virtual machines are the most common usecase for MINIMAL other using it as a starting point for custom kernel configs 21:37:02 meena: even more curious the FreeBSD-kernel-generic-14.0p6 package already installed from the repo has a valid FreeBSD_version annotation 21:37:07 there is no most common usecase for MINIMAL right now 21:37:19 wtf?!? how did i get into this state 21:37:50 lets try make cleankernel buildkernel followed by building the (kernel) packages again 21:39:08 did i do something stupid? maybe upgrade the pkg package from 1.20.* to 1.21.* while building the kernel packages? 21:39:15 strange 21:43:57 kevans: is there a usecase/goal for the MINIMAL config other than the smallest build artefact that still gets to the missing rootfs prompt? 21:44:42 the goal is GENERIC - all the crap that can autoload 21:44:43 e.g. what about removing IPv4/IPv6? what about SMP or ACPI support? 21:45:00 i'm not going to continue to entertain this conversation if you're not going to read what I've already written 21:45:35 i did read it and i don't understand why it's considered an acceptable trade-off 21:45:42 16:33 < kevans> it's just that we're not there yet 21:46:14 I said it's not a trade-off, we're not ready but it's within the scope of what it was meant to do 21:46:19 acceptable trade-off 21:47:12 okay so until the automatic loading of kernel modules by vendor + device id works removing those drivers isn't a valid option? 21:47:23 imo yes 21:47:50 sorry. in that case i misunderstood you the first time around 21:48:03 if it's needed to get to multi-user because loader can't do it on its own yet, then it needs to stay imo 21:48:07 once it can be autoloaded it's fair game 21:49:25 at least those other than virtio_blk and virtio_scsi can be loaded later already by devmatch 21:59:53 crest: ahci and nvme have already been removed from minimal 22:00:07 virtio_blk is the only block device driver included 22:01:20 actually that's not quite true, the xen block driver is still there but that's because you can't remove that, i don't think it even comes as a module 22:03:27 i wish we could remove uart, that means fixing the console init stuff to allow the console to be a module 22:03:38 (which might also help with console on usb serial) 22:04:22 meena: sorry, only just saw your comments, in the middle of setting up a new system... 22:04:56 which had a really weird bug: it worked fine except reboot and shutdown would hang. turns out that was caused by killing the getty on ttyu2, but i'm confused about why... maybe it generates a serial break that drops into kdb? 22:06:29 meena: are you deliberately using virtio_scsi rather than virtio_blk? i'm not that familiar with virtio so not sure what the difference is (i guess scsi is to pass through a raw scsi device?) 22:12:31 lw: no change when I add blk 22:14:42 lw: i haven't looked at the code but i imagine virtio-scsi is still just virtio, but talking the scsi protocol 22:14:58 i don't think it does any kind of passthrough, it just emulates a scsi device 22:15:04 oh. weird 22:15:39 meena: also if you want to scroll up, just start qemu with -nographic and use the serial console 22:16:08 oh wait is this bhyve 22:18:13 lw: oh nevermind, i've just looked at the code and it seems to bridge directly to scsi devices 22:18:52 yeah, i guess it's so you can attach an iscsi lun to the vm directly 22:18:58 yep 22:19:03 looks that way from the code, anyway 22:19:11 (or any kind of lun, but iscsi seems like the most obvious application) 22:19:55 * dstolfa finds virtio-scsi to be a bit of an odd name for that 23:06:15 virtio-scsi hooks into the CAM target layer 23:06:52 CTL (CAM Target Layer) allows the kernel to act as both target and initiator 23:08:02 bhyve's virtio-scsi paravirtualised driver uses a CTL port (think of it as a virtual HBA) on the host to access the hosts CAM internal "virtual" scsi bus 23:08:21 and allows the guest to act as initiator through the virtio-scsi device 23:08:59 the big advantage over other block storage backends is that you need just one pci device in the guest for multiple block devices 23:10:16 it's also the only bhyve block storage implementation that supports hot plugging/unplugging (and resizing) of storage devices 23:10:41 the downside is that its complex to configure (correctly) 23:11:56 each bhyve guest needs its own CTL port and LUN mapping table (from per port LUNs -> global LUNs) for secure isolation 23:13:48 but afaik there exists no tooling to make it approachable for mere mortals^^ 23:15:08 but as of FreeBSD 14.0 it correctly passes through the scsi command tags (they're no longer truncated to 32bits) 23:16:58 the UEFI BootROM can boot of virtio-scsi devices 23:17:39 and in theory you could "passthrough" other scsi device types than block devices 23:17:52 if you have a streamer give it a try ;-) 23:19:47 but i doubt anyone is able to find working hardware and drivers to hook up the crazier types of devices that used to exist for the scsi bus e.g. NICs, eGPUs, flatbed scanners, etc. 23:55:06 kevans: is removing virtio part of pkg base? 23:56:30 afaik its unrelated