00:52:15 <polyex> i make /etc/devfs.conf why does sudo pw groupadd -n network -m logg error that m is illegal option? man page shows it
00:52:24 <polyex> it's just how to add a user to a group
00:53:01 <polyex> oh -m is just for groupmod
00:57:49 <polyex> why isn't my devfs.conf for /dev/bpf* working pls? https://termbin.com/swpp the groups should be network but they're wheel?
01:12:46 <skered> I don't think you can glob match in devfs.conf?
01:13:05 <polyex> frfr?
01:17:37 <skered> If you want to use glob match you need devfs.rules
01:21:14 <polyex> can i use that in a jail?
01:21:44 <polyex> jail host devfs.rules has add path 'bpf*' unhide, so what would the jail devfs.rules have to apply those same rules?
01:22:48 <skered> mode ... user ... group ... ?
01:25:09 <polyex> ok then set in rc.conf with devfs_system_ruleset="localrules" man page says ty i'll try it!
01:56:07 <polyex> ok i think i'm doing it right but why are the perms of /dev/bpf* still root:wheel? https://termbin.com/pxua
02:05:43 <polyex> should be root:network
02:35:08 <polyex> anyone know?
02:49:57 <skered> oh this is in a jail?
02:50:11 <skered> Just do it on the host
02:50:35 <polyex> i need the jail to be completly independent from jail host
02:50:41 <polyex> i don't wanna mix configs
02:51:11 <skered> How are you starting the jail?
02:51:22 * skered only has exp. with devfs rules with ezjail config files.
02:51:25 <polyex> from the jail host
02:59:20 <skered> You have a devfs_ruleset in your jail.conf for the jail?
02:59:53 <skered> jail_name { devfs_ruleset=<number> ... } ?
02:59:59 <skered> I guess 10 in this case?
03:00:06 <polyex> https://termbin.com/8nz4
03:16:16 <polyex> does that show the info you want?
03:27:54 <skered> No idea.  I've only done devfs where the config is on the host and in ezjail.
03:28:11 <polyex> there has to be a way
04:09:12 <polyex> so then in a jail, what's the right way to allow a regular user access to /dev/bpf so it can run tcpdump?
05:16:57 <polyex> skered https://cgit.freebsd.org/ports/tree/net/wireshark/pkg-message seems you /can/ use bpf* in devfs.conf?
05:16:59 <VimDiesel> Title: pkg-message « wireshark « net - ports - FreeBSD ports tree
05:24:05 <rennj> network general packet sniffer.. the sniffer
05:24:36 <rennj> https://en.wikipedia.org/wiki/Sniffer_(protocol_analyzer) why a jail?
05:24:37 <VimDiesel> Title: Sniffer (protocol analyzer) - Wikipedia
05:25:39 <polyex> why what?
05:25:59 <rennj> why you putting the tcpdump/sniffer/wireshark foo in a jail?
05:26:02 <kevans> polyex: yes, devfs.conf is processed in /etc/rc.d/devfs; the device field is generally open to whatever shell globbing you can come up with
05:26:56 <polyex> kevans i can't get it to work either by modifying the jail's devfs.conf OR devfs.rules. https://termbin.com/hl75, https://termbin.com/0x75
05:27:16 <polyex> what's the right way to allow an unprivileged user in a jail access to bpf so it can run tcpdump?
05:27:28 <polyex> it's a vnet jail fwiw
05:29:12 <rennj> so they can sniff their chroot jail..swell
05:29:32 <kevans> devfs_system_ruleset isn't used in a jail
05:29:46 <polyex> so what's the solution?
05:30:30 <polyex> my end goal is to put pf block/allow loggings into syslog. this is the only way i've found
05:30:47 <polyex> i can get it working if it's running as jail's root but i'd rather it not use the root
05:30:54 <polyex> tcpdump -> logger
05:31:07 <kevans> it wouldn't be unreasonable to throw it in the host's devfs.rules
05:31:15 <kevans> hmm
05:31:20 <kevans> maybe the group doesn't exist
05:31:24 <polyex> i'd prefer to keep jail's self-contained as much as possible
05:31:28 <polyex> network?
05:31:51 <polyex> pw group show network shows it
05:31:56 <polyex> also shows my logg user in it
05:32:14 <kevans> oh, no idea- I closed those tabs eons ago now :-)
05:32:42 <kevans> I'd probably just shove it in /etc/rc.local, then
05:32:51 <polyex> shove what?
05:32:52 <kevans> I can't think of a clean solution here
05:32:55 <rennj> vnet network traffic within the jail is isolated from the host system and other jails..so your jail needs this ?
05:32:57 <kevans> ownership change
05:33:27 <polyex> am i the only person that wants a jail to be able to run tcpdump?
05:33:40 <kevans> nah, it's a reasonable task
05:33:49 <polyex> what's the normal clean way?
05:34:43 <kevans> normally you'd do it in devfs.rules, but that rc script is tagged nojail entirely
05:35:20 <polyex> so i'd definitely NOT do it in devfs.conf?
05:35:50 <kevans> yeah
05:36:24 <nmz> I wonder how much of an ideot would it be to set up a directory which symlinks everything in $PATH to it and runs on a cron job
05:36:49 <nmz> idea*
05:37:08 <kevans> polyex: and devfs.rules are provided by the jail's parent and immutable to the jail, so that's out
05:37:29 <polyex> kevans so you're saying the cleanest solution is put chgrp and other things into rc.local. ill try that now
05:37:31 <kevans> that generally leaves you with... something that runs at startup, e.g., rc.local
05:37:35 <kevans> yeah
05:37:44 <kevans> well, I wouldn't claim 'cleanest', no
05:37:57 <kevans> It's the cleanest that I can see at the moment, and generally easy to do
05:41:05 <polyex> ok so i added the https://cgit.freebsd.org/ports/tree/net/wireshark/pkg-message chgrp chmod chmod to rc.local. i start the jail back up and /dev/bpf* perms are...
05:41:06 <VimDiesel> Title: pkg-message « wireshark « net - ports - FreeBSD ports tree
05:41:44 <polyex> for /dev/bpf it's crw-rw---- root:network, /dev/bpf0 -> bpf is lrwxr-xr-x root:wheel
05:41:47 <polyex> is that good?
05:42:26 <rennj> umask 0660 foo...you put in earlier...
05:42:43 <polyex> what?
05:42:49 <rennj> exactly
05:43:34 <rennj> perm bpf* 0660
05:43:41 <rennj> a umask
05:43:51 <polyex> do that in rc.local or?
05:44:12 <rennj> https://en.wikipedia.org/wiki/Umask
05:44:13 <VimDiesel> Title: umask - Wikipedia
05:44:44 <rennj> https://cgit.freebsd.org/ports/tree/net/wireshark/pkg-message that link you posted
05:44:45 <VimDiesel> Title: pkg-message « wireshark « net - ports - FreeBSD ports tree
05:47:24 <polyex> ok seems to be working
05:51:53 <polyex> yes it's working!! tyvm kevans you are my hero
05:52:06 <polyex> i want to hold your hand and look into your eyes and thank you
05:52:58 <kevans> if you go to bsdcan you can send a beer in my direction =-)
05:53:26 <polyex> what kinda beer you like best?
05:53:33 <polyex> ipa or dark ale or?
05:55:43 <kevans> the drinkable kind, in general
05:55:47 <kevans> i like experimenting
05:56:06 <polyex> we could do all kinds of experimenting together
06:20:08 <polyex> so bpf in a jail can sniff the jail host and other jails traffic? i thought vnet gave each jail a separate network stack
06:28:10 <rennj> cut copy pastw computing, doesnt really work well in the end
06:28:16 <rennj> cut copy paste computing, doesnt really work well in the end
06:28:23 <rennj> bridge epair perhaps
06:28:53 <rennj> plent of bind/sendmail cut/copy/paste computing...using a computer and not understanding anything
06:29:32 <rennj> dangerous computing, risk digest
06:30:28 <rennj> https://wiki.freebsd.org/Jails
06:30:29 <VimDiesel> Title: Jails - FreeBSD Wiki
06:30:34 <rennj> https://wiki.freebsd.org/MasonLoringBliss/JailsEpair
06:30:35 <VimDiesel> Title: MasonLoringBliss/JailsEpair - FreeBSD Wiki
06:37:31 <aalu> Hi folks. I run FreeBSD 13.2 as a guest of Linux KVM and found the virtio pci devices not use MSI but legacy pin based irq, is this expected? Thanks.
13:10:20 <nerozero> Hello guys, off top, anyone else experience issues with ddg search ?
13:10:50 <nerozero> here is the error: "We're currently experiencing an issue with DuckDuckGo Search. Thanks for your patience while we get our ducks in a row.
13:10:50 <nerozero> In the meantime, you can use other search engines right here by using "bangs":"
13:11:53 <BinGOs> ddg backend to bing and that is suffering some issues apparently: https://www.theregister.com/2024/05/23/bing_and_copilot_fall_from/
13:11:54 <VimDiesel> Title: Bing and Copilot fall from the clouds • The Register
13:12:21 <dstolfa> yeah, noticed it today. moved to startpage for now
13:12:40 <nerozero> :(
13:13:21 <BinGOs> From that article "Bing's downtime meant that DuckDuckGo, which uses Bing as a search results source, was also down"
13:13:56 <nerozero> never used startpage
13:14:17 <nerozero> what about privacy things on startpage?
13:16:42 <dstolfa> dunno, didn't look too far into it. it seemed mostly acceptable when it comes to the stuff it was showing me, so i'll just stick with it until bing is operational again
13:17:16 <nerozero> thank you guys for quick replies
13:52:53 <Demosthenex> so, if i want to launch a single process from the CLI, but i want to make sure it can't use networking, is that possible? i don't want to setup a jail.
13:54:20 <Dooshki> Demosthenex: In my case, I have a dedicated user for that, with a pf rule to block all network activity from that user
13:54:54 <Demosthenex> ooo. tsocks!
13:55:18 <Dooshki> it literally takes just a single line in pf.conf:
13:55:20 <Dooshki> block all user disconnected_guy
13:55:42 <Dooshki> (of course, using your username of choice)
13:56:46 <Demosthenex> yeah, but $$ tsocks myapp        is much easier
13:56:54 <Demosthenex> and i want x11
14:01:57 <nimaje> hm, casper seems like what you want, but I have no idea where you can find it https://www.bsdcan.org/2016/schedule/events/661.en.html
14:01:59 <VimDiesel> Title: BSDCan2016: Capsicum and Casper
14:06:02 <Demosthenex> nimaje: a ldpreload like tsocks was enough for me ;]
14:59:29 <Lovis_IX> lithio
15:20:28 <sydbarrett74> hi all
16:54:46 <Steeve> If I observe a bug / incorrect behavior in a program, would it be rude to email the maintainer and offer to help?
16:55:20 <Steeve> I see that there is a FreeBSD bugzilla, but other than just report the bug, I'd want to offer to research / proopse a fix
16:56:46 <Steeve> And lastly, if someone is listed as the "Maintained by:" field on ports.freebsd.org, would the "artifacts" they maintain also correlate to the binary package of the same name?
16:56:59 <ek> Steeve: You can do that in bugzilla. If you label the PR properly, the maintainer will be notified. Then, you can propose fixes, provide patches, make suggestions, etc... all in bugzilla as well. It's meant to be used as a collaboration tool.
16:58:02 <ek> For the last bit, yes. The packages are also maintained (not built/provided by) the port maintainer.
16:58:40 <Steeve> Great, thank you
16:59:26 <ek> You're welcome.
19:22:30 <Teraii> Hello here
19:22:45 <Teraii> FreeBSD is fully working on rpi3 ?
19:23:09 <Teraii> i can't see linux and systemd anymore :)
19:24:00 <bbrtj> Wifi is not working on rpi3
19:24:06 <Teraii> arg
19:25:04 <Teraii> well i'm waiting more :)
19:25:15 <Teraii> learning linux :p
20:53:28 <kenrap> I think the rpi wifi support is heavily dependent on the firmware, right? It won't happen until the firmware supports FreeBSD.
22:00:36 <rtprio> i thought there was pi info on the wiki
22:50:36 <polyex> trying to make a rc.d service but even tho it runs it doesn't return when i type service logg start. just sits there Starting logg... forever https://termbin.com/k4y9 but i'm using daemon to run it so what i'm doing wrong?
23:03:22 <scoobybejesus> cmd piped into itself? reading on mobile is tough, but that looks weird/recursive
23:03:48 <polyex> i'm trying to just make sure it's always running
23:04:00 <polyex> it's how i'm piping pf log events into syslog
23:04:11 <polyex> if i'm doing it wrong how should i do it?
23:04:12 <scoobybejesus> ah that's a new line
23:04:20 <scoobybejesus> my fault
23:11:56 <polyex> know why it doesn't return?
23:34:27 <scoobybejesus> perhaps running with -x will point to the issue. verbose of course
23:47:43 <polyex> where scoobybejesus?
23:55:53 <rwp> In the rc script put in "set -x" and then run it and see where it is hanging.
23:56:49 <rwp> The -x will emit tracing print to stderr an echo print for every command executed.
23:59:12 <polyex> hm well i ran that and a bunch of stuff outputted but duno
23:59:35 <polyex> i feel like there's gotta be an easier way to make it return