00:03:13 it would be helpful if we could even figure out how to mount the drive in the VM... 00:03:46 kinda hard to copy it or shrink it if we can't even mount it 00:04:08 mjp, Reading man zfs-remove it says "Top-level vdevs can only be removed if the primary pool storage does not contain a top-level raidz vdev, ..." which limits the useful ability of that recipe. I mean working on mirrors is great and mirrors are very common. But not working with raidz vdevs is limiting because large arrays are always raidz vdevs. Though again probably it's unusual to want to do this with large arrays. 00:04:41 Soni, You can't boot the VM? 00:05:24 rwp: we can boot the VM but that doesn't help us 00:05:38 we don't know how to attach the filesystem we're trying to shrink 00:06:23 If you can boot the VM then I would boot the VM and rsync the data over to any other storage location. Then rebuild the file system. Then copy it back. That's most reliable. 00:07:38 You said VM so I might assume it is at a cloud host, because if in the local office things would be easier to backup onto a local disk. At a VM hosting company one could temporarily rent out a little bit of storage space for anything that was there. Then release it after the backup-restore cycle had completed. 00:08:26 And if it were me I would definitely feel less stressed if I had a full backup before doing the operation. Just in case something goes wrong. You make your own luck. 00:09:11 this is a qemu VM running locally 00:09:19 on a linux host 00:09:30 look we can't read UFS on linux 00:10:09 hence why this requires a VM 00:10:16 Ah! For me that would make things much easier since I would then just rsync the data over to my desktop where I have a lot of space, or over to my NAS where I have even more space! But I assume you don't have such luxury. :-( 00:10:48 but we can't figure out how to make the UFS filesystem visible to the VM 00:10:53 people may knock it but my office365 cloud space was a LIFE SAVER when my synology died 00:11:01 so basically we're stuck at "nothing can read UFS" 00:11:28 bsd reads ufs ^.^ (sorry for trolling, I'm done) 00:11:38 Install FreeBSD on a new VM and use it to mount the block storage space of the other VM? 00:12:06 mount -t ufs not available? 00:12:23 Since I have given my thoughts and brainstorms I am going to back out wishing you Good Luck at solving this problem. Real life is calling me afk right now. Good Luck! 00:12:30 mount -t ufs ? 00:12:47 qemu-system-x86_64: -blockdev driver=raw,node-name=ext,read-only=on,file.driver=file,file.filename=/dev/sdc: 'file' driver requires '/dev/sdc' to be a regular file 00:13:20 this is the linux BS we're struggling with 00:13:22 so the qemu is operational? but you can nto just mount the ufs inside the qemu 00:14:45 i know this is unhelpful right now, but this is why i vehemently oppose "remove X because X is old and probably has problems". like, show us the problems or hush. linux deprecated ufs because it's "old and broken" but it's not broken, the original author is still maintaining it and adding new features even. 00:15:29 we are having problems right now with other people deprecating stuff because it's "old and broken" that is actually just very stable. 00:15:47 soni, did you try nomadbsd? 00:15:59 it's like a livecd of freebsd with a desktop 00:17:21 anyway, we think our question (how do you shrink) is answered (you don't) 00:17:36 unless anyone wants to help us with qemu on linux 00:17:47 okay, sorry 00:24:03 maybe if we knew why you wanted to shrink it we could try to help you find an alternative solution to your problem 00:25:56 we can just move the files 00:26:01 in theory 00:26:18 if we can figure out how to get this thing to work 02:02:11 is there any freebsd tool that something like ubuntu's needrestart? 02:02:48 implying we know what needrestart is 02:03:49 after updates it tells you which process need to be restarted and can automate that 02:08:54 markmcb: checkrestart 02:09:26 And just assume you have to restart during most freebsd-update's 02:09:47 Not always true but a safe thing assume if it' 02:10:05 's outside of soemthing that isn't core 02:11:19 skered, thanks 02:35:05 I'm beginning to think that the description for file descriptors should have the keywords "standard streams" because wikipedia and others are calling them that now. Is this reasonable? I'm having trouble smithing a document description to that effect. 02:36:01 I also kind feel like the wikipedia article is what needs to be fixed, and not our manpage. 02:37:44 file descriptors to be honest make me think it is ALWAYS a file.. and one could say STDOUT is a file, along with anything else.. but you could just in theory pipe it to a terminal 02:37:57 i like the standards streams concept but you know.. manual pages :) 02:38:50 i probaqbly should of did this jellyfin ports install with a ports manager.. the amount of entries required by the user is crazy 02:40:18 currently we have "fd, stdin, stdout, stderr – file descriptor files" 02:40:29 I suppose you could say the Unix definition of a file also includes things that aren't in the filesystem 02:42:17 and sometimes i do not trust wikipedia but that is just me 02:43:27 never trust wikipedia. I started editing wikipedia when i was 8 years old. 02:44:15 you said never, i said sometimes 02:44:28 it is on the list of source for verification just not the sole source of truth, that is all 02:44:42 in freebsd, experts review my PRs. in wikipedia, there's just a bot that oftentimes reverts important details 02:45:00 I was also half-joking. i read wikipedia everyday. 02:45:18 but, i have tried to fix incorrect information on there and had a bot revert it. 02:45:46 i just think of the The Newsroom episode where they tried to updated wikipedia due to an error. 02:46:29 honestly if an impassioned child is writing textbooks, that's probably pretty good quality vs someone who is mad at their wife on the way to work that they view as "getting their hours in". 03:14:50 markmcb, Look at the output of "freebsd-version -kr" and if they are different then you need to reboot. 05:14:03 I'm extremely concerned about the proposed WYSIWYG editor for the handbook. 05:15:08 The FreeBSD Handbook is one of the finest tutorials in all of computer science. It's written like the best textbooks I've saved up money for. 05:17:35 Archwiki is a very, very high quality resource which is a completely different type of thing with a completely different level of professionalism which is completely out of place in the handbook. 05:30:21 can anyone clarify what to do ebout cpu frequency and intel speed shift. now that latter is enabled, i have set epp to 100 to have maximum powersave, i seeing that cpu frequency is at 800MHz ( as expected ). when epp is that at 0, then it goes all up to 2000MHz. However, this cpu base frequency is 1800Mhz with turbo-boost up to 4000MHz. 05:30:21 https://ark.intel.com/content/www/us/en/ark/products/122589/intel-core-i7-8550u-processor-8m-cache-up-to-4-00-ghz.html 05:30:23 Title: Intel Core i78550U Processor 8M Cache up to 4.00 GHz Product Specifications 05:31:05 question is - i want to run poudriere build at max possible freq to speed things up, and then go back to maximum powersave 05:31:14 where is to set that and how? 05:31:29 https://termbin.com/i0rq < -- dev.cpu sysctl 05:33:17 https://termbin.com/s6pp relevant part for hwpstate 05:34:39 How are you controlling the cpu frequency? powerdxx?? One could restart "powerdxx -a max" for the build and then restart it again with defaults afterward. 05:34:56 powerdxx is obsolete with intel speedshift 05:35:11 i.e not working properly 05:37:13 as well as powerd 05:37:44 Well... I have older systems and I need powerdxx on my system. powerd does not work at all on my Intel E3-1240 cpu. 05:38:42 so, then, maybe someone else can help 05:39:37 hopefully 05:52:06 rwp: Ah, that's too bad. I thought the idea was for powerdxx to be deprecated as powerd caught back up. 08:59:09 for a new laptop should i install 14.0 now or 14.1 beta 08:59:25 or wait for final 14.1? 09:55:22 nomia: you can always install 14.0 and upgrade once 14.1 is out 11:46:56 rwp, thanks but i was more looking for something that focused on packages and the services they provide, e.g., if i have 10 servers running service xyz, and an update to the package is pushed, i'd like to be able to say "if xyz gets an update, restart the related service" 11:47:59 o/ 12:01:15 o/ 12:22:47 dstolfa: ok thx 12:23:05 i was just wondering if i should wait 12:29:46 /dev/vtbd2p2 899G 24G 803G 3% /mnt/oldinst 12:29:46 yeah... can we shrink this? 12:30:01 it is ufs 12:32:17 *sigh* where are we gonna shove 24G... 12:34:49 24G in freebsd is how much again? 12:37:11 okay that is powers of two 12:52:48 oh good we were wrong - we only need 1.2G 12:54:51 nomia: 14.1 seems to have some good things coming up, so it'll probably be worth an upgrade but the upgrade boils down to freebsd-update upgrade -r 14.1-RELEASE and running through the process 12:54:56 i've never had a freebsd-update break honestly 14:54:06 is it expected that http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/ is not served over https? 14:54:07 Title: Index of /pub/FreeBSD-Archive/old-releases/ 15:30:49 skered, rwp, checkrestart(1) and 20 lines of shell script does what I was looking for. I can whitelist a few services and if they show up in the checkrestart output I restart the service. Great for things like tailscale with frequent updates and installed on most of my instances. Thanks for the help! 15:49:19 Is there a CLI util for taking crc hashes of files similar in function to md5 or sha* ? 15:50:38 Hey. I have set PasswordAuthentication to no in sshd_config, but password based authentication is still allowed. Will UsePAM=no do what I want? 15:53:25 Internet tutorials mention ChallengeResponseAuthentication. It isn't present in the config file, so I assume that this information is outdated. 15:53:37 CrtxReavr, When you say CLI you mean command line interface, right? But md5, sha512, md5sum, sha512sum, and others are all command line interface programs, right? 15:53:58 And those are all in base too. No ports needed. 15:56:55 meator, Did you restart sshd after making changes to sshd_config? "service sshd restart" 15:57:07 rwp, yes. . . but I'm looking for something that does crc. . . or crc32c actually. 15:57:22 rwp: I restarted both the (virtual) computer and sshd. 15:58:38 To test this out, I moved my client's ~/.ssh to ~/.ssh~ and then tried to connect. This means that my client ssh shouldn't have access to my keys, so the server should deny me. But I was prompted for a password and I was accepted upon entering it. 15:59:07 CrtxReavr, Oh! Sorry. We talk about checksums so often when we mean secure hashing and such that I just took crc to be colloquial speech. My bad. 15:59:27 I don't know of any crc tools off the top of my head. They must exist though. 15:59:50 There's devel/crc32s, but that's a libary. 16:01:30 meator, I will try a local test with PasswordAuthentication=no and test it on FreeBSD as I know that works elsewhere. 16:03:09 I learned what I thought was an interesting technique the other day. I figured out that I could set sshd options in the /etc/rc.conf file. I know that is obvious. But I found it handy for some jail use. 16:03:39 I can set this for example: /jails/ikiwiki1/etc/rc.conf:sshd_flags="$sshd_flags -oPermitRootLogin=yes -oAcceptEnv='LANG LC_*'" 16:04:23 I modify the jail's /etc/rc.conf anyway. Found it convenient to put the custom flags I wanted for that jail there and it consolidates some of my configuration. 16:06:08 Hmm. I am not much of a FreeBSD expert, I use it only on a VM to test portability of my program. FreeBSD is pretty good for that, this is the second time I have found a conformance/correctness bug in my program thanks to it. I honestly don't know why it works on Linux, it should have failed there too, but only FreeBSD showed a more strict, but still conformant behavior. 16:08:14 sshd_config says that "Note that passwords may also be accepted via KbdInteractiveAuthentication." 16:10:47 meator, I confirm that if I leave PAM configured that turning off PasswordAuthentication=no is insufficient and I still get a password prompt. 16:11:08 But if I disable PAM then it turns off passwords too. sshd_flags="$sshd_flags -oPasswordAuthentication=no -oUsePAM=no" 16:11:31 What are the implications of disabling PAM? 16:12:04 However avoiding PAM would also avoid other authentication methods such as 2-factor which is usually configured through PAM and one-time-auth tokens and every other authentication method we think about. 16:14:13 I am not sure what other things are happening in the /etc/pam.d/* files. Probably doing environment variables such as LANG, LC_*, probably umask, and possibly process limits (ulimit -a), but honestly I am not sure and would need to inspect through it and try things. 16:14:22 If you are wishing to use ONLY ssh keys for login I think turning PAM off is probably okay and you would not notice any issues. 16:16:04 For another site I maintain, it is a software forge site with ssh+git access for members doing only git commands and nothing else, I disable PAM due to other reasons and everything is okay there on that high use site. 16:18:12 Ah, I lost one of my keys by fiddling with .ssh too much. Thankfully nothing important. 16:18:21 rwp: Thanks for your answers! 16:18:25 What is your specific goal at this moment in the pursuit of disabling passwords? 16:19:57 security 16:20:03 I have SSH keys. 16:21:12 I use ssh keys too. But I also only ever use strong passwords. I am confident of the security of pI9lOPtmukafzOsV and no one is going to brute force through a password such as those. 16:22:15 My password is 1234 16:22:40 I use and recommend "pkg install pwgen" and create passwords using "pwgen -s 16 4" and then arbitrarily pick one of the generated set to use. Having a password such as one of those is safe as math. 16:22:42 So I was quite concerned about leaving password based auth open. 16:23:52 My password is more memorable. 16:24:02 I often will give a login to a friend on my personal machine. I ask for their ssh key and install it. I only ever rarely give them an actual password. They won't ever need it. And then I set their login account to have a disabled password. 16:27:06 Perhaps better is to audit accounts and ensure that accounts that do not need a password have their password field disabled. In FreeBSD '*' disables the password, as no hashed character will ever match the single star character, but allows the account to be active and other authentication methods such as ssh keys allow access. 16:29:08 I will routinely use vipw to just edit files but the pw -w no command can create user accounts without a password easily: pw useradd -n user37 -c 'User Thirtyseven' -N -m -w no 16:39:36 In those cases, I normally just let it set a random password, which I don't give them. 16:41:43 That's secure. But then later after I have forgotten I see that a password is set and I don't remember if it is one they have control over or not. If I see '*' there then I know that the account does not have an active password. It's a memory hint to me later, self-documenting. 16:47:00 It's an opportune time for me to complain that I wish FreeBSD did not use a compiled binary database for account data and wished it used the traditional plain text files instead. For the less than ~50 typical accounts on an typical system there is no performance reason to need it. Anyone with a thousand accounts is already using a database anyway. 16:52:05 rwp, it's not compiled, per se. . . but it's faster than a flat text file. 16:54:29 Re "compiled" might not be the totally accurate description but whatever word describes reading the plain text files and producing the binary indexed db(3) files. 17:00:07 I like the little things that set us apart from linux. 17:01:13 Linux? This sets FreeBSD apart from Unix! And that's where it needs serious discussion before doing. :-/ 17:01:51 Well, sets BSD apart from SysV. 17:05:42 System V uses plain text files just like Unix v7. FreeBSD is, as far as I know, unique in using a db(3) database for accounts instead of plain text files. 17:08:27 I must retract that as I look and OpenBSD also uses pwd_mkdb to create db(3) account databases too. 17:10:24 And so does NetBSD too. It's the entire family on this side of things. 17:10:40 So that mutation must have occurred pretty early in the fork. 17:13:08 4.3BSD-Net/2 17:13:22 ish 17:14:46 4.3BSD-Net/2 is the common ancestor of all of the current *BSD family. 17:16:44 The NetBSD folks have a good historical diagram: http://netbsd.org/about/history.html 17:16:45 Title: The History of the NetBSD Project 17:17:01 https://svnweb.freebsd.org/csrg/usr.sbin/pwd_mkdb/ 17:17:02 Title: [csrg] Index of /usr.sbin/pwd_mkdb 17:17:16 I don't have a freebsd vm on hand to check, where can I find the default value for the vm.overcommit sysctl in source code? 17:17:32 So before the 3 BSDs existed. 17:18:35 V_PauAmma_V, Seeing that history is really making me feel my age now. 17:21:20 uuuuu, I have a grep running but this popped out first: https://cgit.freebsd.org/src/tree/share/man/man7/tuning.7#n193 17:21:22 Title: tuning.7 « man7 « man « share - src - FreeBSD source tree 17:21:53 uuuuu, see sys/vm/swap_pager.c for your version of FreeBSD in https://cgit.freebsd.org/src/. 17:21:54 Title: src - FreeBSD source tree 17:23:55 uuuuu, Result of the grep: https://termbin.com/mius 17:24:25 freebsd can't mount exfat usb drives? 17:24:45 nomia, How are you attempting to mount one? 17:25:21 mount -t msdosfs /dev/da0s1 /mnt 17:25:31 msdosfs != exfat 17:25:34 Try this: mount -v -t exfat /dev/da0s1 /mnt 17:26:17 invalid fstype 17:26:44 Hmm... 17:27:55 What does "file -s /dev/da0s1" say for you? I am wondering if you actually have a valid exfat file system. 17:28:10 You need fuse and fusefs-exfat, IIRC. 17:28:41 https://www.micski.dk/2021/04/10/how-to-mount-exfat-formatted-sd-memory-card-on-freebsd/ 17:28:44 Title: How to mount exFAT formatted SD memory card on FreeBSD 17:28:49 Ah! I have "pkg install fusefs-exfat" on my system. That's why it works for me. Thanks V_PauAmma_V for that! 17:29:00 then i have to reboot 17:29:27 nomia, Why do you need to reboot? 17:29:36 idk 17:29:44 (: that page says so 17:30:08 That reboot at that page is just to test that everything loads okay at boot time. 17:30:21 k 17:30:29 In case one made an edit mistake in /boot/loader.conf file. You don't actually need to reboot now. 17:30:56 rwp, tangentially, see fstyp(8). 17:31:07 And as far as I know the fuse module is loaded on demand by some method because it works for me and I don't have that in my /boot/loader.conf file. 17:31:29 V_PauAmma_V, Cool! I did not know about that command. 17:31:52 And keeping with history there is no 'e' on the end of it. (shakes my head) 17:32:19 e was in short supply then. 17:32:33 They were used up elsewhere. 17:35:06 nomia, I read "man mount.exfat-fuse" and it makes no mention of needing to load a module. I think I have never needed to do it manually. So pretty sure it must be loaded automatically when needed. I do not have the module listed in my /boot/loader.conf file and think that micski.dk article might be overstepping what is actually needed at that point. 17:38:53 I note that fusefs.ko is part of base. Though the mount.exfat-fuse is a port the fusefs module is in the OS base. 17:40:09 I would need to sort through my bag of unlabeled USB sticks in order to test this theory today though. And at the moment I am being called away from the keyboard. 17:40:53 When it is all working for you it would be great if you mentioned here if anything more was needed to make that work for you. TTYL! 17:41:22 no luck 17:41:39 still says invalid fstype 17:49:36 nomia: whereis mount.exfat mount.exfat-fuse 17:49:45 mount.exfat -o ro /dev/da0s1 /mnt 17:49:48 that worked 17:49:56 not mount -t 17:49:56 the command naming isnt compatibe with mount 17:50:14 it expects mount_$fstype 17:50:36 i made the symlink in /usr/local/bin 17:50:43 It installs as /usr/local/bin/mount.exfat? 17:51:50 Um. . . /usr/local/ is ports/packages managed. . . *YOU* should not be creating symlinks in it. 17:54:28 k 18:35:03 does pkg offer a machine-readable output format? specifically want it for for pkg query, version and audit. 18:44:36 Doesn't look like it. . . not unless you write your own. 18:44:51 Though, it's ouput is pretty simple & consistent, so it shouldn't be hard. 18:49:54 scoobybejesus, https://text.is/4YMJ 18:49:55 Title: services_to_restart( &x22;authelia&x22; &x22;phpfpm&x22; &x22;nginx&x22; &x22;syncthing&x22; &x22;tailscaled&x22; &x22;zrepl&x22; ) - text.is 18:50:31 side note, not sure if it's just be, but bsd.to appears to be down 18:59:31 It would be useful if pkg had a runtime option for json output. 19:03:07 https://bpa.st/F7DQ 19:03:08 Title: View paste F7DQ 19:03:54 cool thanks! 19:12:32 What I am trying to do is disable overcommit and set global memory limits for the following outcomes: 1. Processes will get error if they try to allocate more than a set limit 2. oom does not activate and does not activate to kill processes that did not cause the allocation failure (eg. kill biggest process mode) and 3. system is not grounded to a halt because of thrashing. 19:12:33 I am looking for something similar to vm.overcommit_memory=2 vm.overcommit_ratio=99 on linux. 19:12:33 https://forums.FreeBSD.org/threads/how-to-make-impossible-memory-allocations-fail-in-a-sane-way.83582/post-550016 (whole thread is worth a read though) suggests that even with vm.overcommit=7 oom killer will still activate if programs memory used is passed swap limit (I have no idea why because earlier in the thread (https://forums.FreeBSD.org/threads/how-to-make-impossible-memory-allocations-fail-in-a-sane-way.83582/post-549905) 19:12:33 the user tried malloc with the with large size with sysctl set and it failed (or at least without them noticing anything being killed). So if this is the case, is there another way? vm.overcommit = 7 in combination with protect command is not good enough here unless protect -di 1 (init) stops all existing and new processes from being 19:12:33 killed by oom when existing swap space is exhausted (assuming oom isn't triggered by something other than exhausted swap space and/or protect(1) accounts for the other scenarios that may trigger oom). I see limits(1) may help, but does hw.physmem act on physical ram in addition to swap as I want programs to use some swap? 19:12:38 Title: How to make "impossible" memory allocations fail in a sane way? | Page 3 | The FreeBSD Forums 19:18:43 pkg: sqlite error while executing COMMIT TRANSACTION in file pkgdb.c:1157: database is locked 19:37:36 can somebody advise me on bhyve(-vm)? i have a win10 vm that's slow as hell. i assigned 4 cores with 2 threads each as well as 8g memory to it. i already moved it from an .img file to a dedicated (platter) disk partition, but it's still unreasonably slow, even for windows. 19:38:41 i did the move from .img file to disk by just dd'ing the contents of the .img to /dev/adaXpY and i have a hunch that this might be the cause, but i'm not sure and i can't find any information about the different disk types going more into depth than man bhyve… 19:40:38 phryk: did you install virtio drivers? https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/archive-virtio/virtio-win-0.1.240-1/ 19:40:39 Title: Index of /groups/virt/virtio-win/direct-downloads/archive-virtio/virtio-win-0.1.240-1Fedora People 19:40:45 in case that's important: sectorsize is 512 and type is ms-basic-data 19:41:15 jauntyd: i'm not using virtio, i'm currently using ahci-hd as disk type. is that so much worse performance-wise? 19:58:43 phryk: yes. This is an issue that affects all platforms and libvirt backends 19:59:46 uuuuu: i don't quite follow… if it's an issue for libvirt backends, doesn't that mean virtio is also affected? 20:07:28 mhh. i guess i'll just nuke one of my nvme partitions and set up a fresh win10 vm on that… 20:07:45 phryk: I was referring to disk performance being slow if not using virtio device for vm (added via virsh/virt-manager) and virtio drivers not installed on guest. When not using virtio device and drivers issue can be experienced with kvm backends on linux (I am not 100% on if xen is affected) for example 20:19:54 uuuuu: thanks for the clarification. i'm not using virt-manager or virsh, tho – but bhyve-vm. that technically supports virtio, but i think i'll try the nvme route first as it's explicitly pointed out for good performance in the bhyve-vm wiki. 20:35:33 in /etc/syslog.conf it has the includes after !*. ! inverts and * is a program or hostname, so does that mean it's saying the includes don't implicitly apply to any program or host? 20:39:10 https://man.freebsd.org/cgi/man.cgi?syslog.conf(5) # Reset program name filtering 20:39:10 !* 20:39:12 Title: syslog.conf(5) 20:40:05 but later it says ! inverts the logic. so there's 2 contexts for ! and they mean kinda the opposite lol 20:47:58 what's the style for multiple selectors in syslog.conf? most severe to the left, least specific on the left? 20:50:42 if i use kern.*;*.warn /var/log/messages then logger -p kern.info foo, foo never shows up in messages 20:53:54 See "IMPLEMENTATION NOTES" in syyslog.conf(5). 20:54:01 s/syy/sy/ 20:54:39 V_PauAmma_V ya i read that but what's it matter to me? 20:54:52 you saying my logger msg is being rewritten? 20:55:09 I'm guessing it is. 20:55:24 that kinda makes testing tough geez 20:55:50 how does syslogd know if a kern message is coming from the kernel or from the logger bin? 20:56:25 why do you think, it does know?:) 20:56:32 Different socket for kernel log messages, IIRC. 20:57:37 V_PauAmma_V that a security thing so ppl with shell access can't simulate kernel messages? 20:59:36 That just keeps you from shooting yourself in the foot unless you really want to. See -k in syslogd(8). 21:01:07 i read it 21:01:14 what's the danger in not having that? 21:02:27 I think it's less danger as such than POLA. 21:03:42 POLA? 21:03:57 Principle Of Least Astonishment. 21:04:00 shooting myself in the foot if... syslog messages are faked to be from kern? 21:04:12 in what scenario would that happen 21:11:27 I can't answer that question as asked, as people are ever-inventive in designing footshooters. 21:12:27 to avoid problems with multiple selectors being interpreted in weird ways, any problem with just putting 1 selector per line? 21:12:49 like kern.* /var/log/mylog, \n security.* /var/log/mylog... 21:24:09 That won't prevent the "mail.crit,*.err" example from acting as described. 21:24:42 so how do we learn how multiple selectors combine? because the manpage itself says it's not intuitive 21:35:02 The manual page doesn't make that crystal clear. So I guess trial and error based on the examples it provides? 21:35:22 (Which is arguably not ideal.) 21:35:54 ya that's terrible. is there any way i can do it 1 selector action combo at a time to keep it simple? 21:43:16 http://www.freebsdwiki.net/index.php/Syslog heh install syslog-ng, or perhaps check the oreilly FreeBSD® Unleashed book. 21:43:17 Title: Syslog - FreeBSDwiki 21:43:37 It is possible to create (or spoof) an event from the console using the logger command. 21:43:45 https://termbin.com/h3j5 is the logic i want 21:44:18 heh think freebsd handbook had that example already 21:44:24 I don't know what will happen if several lines refer to the same file. 21:44:28 you did check the handbook? 21:44:39 ya 21:46:37 https://termbin.com/t5u4 old old 20 years old...probably not valid anymore 21:47:18 What is the policy when it comes to ports... can anyone whos read the handbook submit port patches? 21:47:24 or should you leave that to the maintainer? 21:47:39 what if the maintainer hasn't replied in months? and the new update is pretty important? 21:48:23 *.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err /var/log/message 21:48:24 portmgr@, maybe? 21:48:57 rennj, that's a single line. :-) 21:50:42 polarian, is that a Bugzilla report? 21:51:29 V_PauAmma_V: no... because I was unsure if it qualified 21:51:34 I tried to reach them privately first 21:51:52 I talk to upstream a lot... so I was unsure if there was a reason they were holding back releases 21:52:01 no response... so I am wondering what options are there... 21:52:29 I assume bugzilla report is the first thing to do? but should you make reports for outdated packages? coming from Linux that is strictly prohibite d 21:53:45 I'd open a PR (with a patch for the version upgrade if you can, but not required). Worst that can happen is "nothing", which is the same as currently. 21:54:54 oki thanks for advice 22:06:44 did you even try single line then # Reset program name filtering !* 22:07:04 next single line, rest the filtering 22:07:06 next single line, rest the filtering 22:23:28 https://www.freebsddiary.org/syslogconf.php 22:23:29 Title: The FreeBSD Diary -- syslog.conf - putting stuff where you want it 22:41:45 https://docs.netgate.com/pfsense/en/latest/monitoring/logs/remote.html 22:41:47 Title: System Monitoring — Remote Logging with Syslog | pfSense Documentation 22:41:53 https://termbin.com/01i6 22:42:07 !* 22:42:07 +* 22:42:19 reset the filters 22:43:12 dont have to do the remote logserver part 23:24:07 any benefit to having daemons syslog to their own facility like local0 or is that pointless? 23:24:57 im curious if it solved your problems? 23:25:38 i just put all the selectors on 1 line 23:25:45 heh. 23:26:16 i use to do very very complex syslog/bsm auditing to remote dvd robot ...thank god it was solaris. 23:26:58 audits/logs burned to readonly dvd's 23:27:34 try hacking the logs on readonly/closed session dvd 23:28:19 udp not going to do 23:28:30 syslog remote box using udp...nah... 23:30:32 and i had oracle db processing that crap behind the scenes no less..madness. 23:30:57 like doing cisco netflow logs..tracking 23:38:07 500 sparc 5's workstations..collecting their logs... 23:38:41 back in the 70MHz days.. and 500MB/1GB scsi drive if lucky... 23:39:11 way before google 23:53:14 dvd rom robot was 2002 tech. after google..not sparc5 mid 1990 tech.. 23:53:29 same deal bsm audits/remote syslog server 23:54:22 if you didn't use udp syslog for shipping because it wasn't reliable, what'd you use? 23:56:25 what 23:56:27 make[4]: don't know how to make .o. Stop 23:56:27 make[4]: stopped in /src/freebsd/src/stable/14/sys/modules/dpdk_lpm4 23:59:10 well fbsd stunnel/tls it 23:59:24 solaris had billion dollar company behind it 23:59:35 $ buys features