I have always "made do" with echo-prints but it is the lowest form of debugging. The lowest form that all of us have done repeatedly.

I keep thinking I should drag in the bash debugger and see if it would work with the newer /bin/sh now as I think sh now might have all of the features needed to support the debugger. And then could single step through sh scripts.

ok made some progress in trying to run a command as an rc.d daemonized script: termbin.com/k1ob but it won't service logg stop

any help appreciated

polyex, why are you calling "logger" explicitely instead of using daemon(8) options to syslog output? That would let you get rid of the pipe, the wrapper script, and the need for bash, and may (by giving daemon a single process to run instead of 2 or 3) solve your stopping problem.

ah i'll try that V_PauAmma_V

ya there we go

seems to work

any way to trim empty lines from the output of: tcpdump -n -l -e -ttt -i pflog0? it's making my syslog parser choke

ooh, someone updated multimedia/navidrome

what's that

now i can move that off linux

polyex: music streaming server (think on-premise spotify)

niiice

does syslogd strip off the hostname when it sends to @remote ?

i look at /var/log/messages and it'll have like "May 24 05:05:05 myjail polyex[12345]: logger msg..." but opentelemetry collector's syslog receiver reports getting "May 24 05:05:05 polyex[12345]: logger msg..." with the hostname missing. anyone know what's going on pls?

nvm just changed syslogd's output format to 5424

I think FreeBSD is misdetecting the battery a bit

I know battery charge is just an approximation

but its been at 2% for a good 15 mins

any ideas?

(bare in mind it went from 100% to 2% in 2 hours)

I think it displays whatever is provided by BIOS

polarian, Are you using something like powerdxx to scale the cpu frequency? If not then I recommend it as it made a big difference for me. My Intel cpu needed powerdxx not powerd, my cpu was too new for powerd.

rwp: E6430 has 3rd gen intel

polarian, htop has gained the feature of being able to display the cpu frequency in real-time. It's under Setup, Display Options. For laptop use especially I would verify that the frequency is being scaled appropriately.

for certain values of realtime, including not realtime

Well... FreeBSD is not a RealTime(TM) kernel. So, right, not hard-real-time like a hard real time kernel.

Not like the Apollo Guidance Computer landing the Lunar Module! :-)

rwp: well, there's also the tiny issue that measuring even using pmc(3) can bump up the frequency

we hould all replaces our freebsd boxen with apollo guidance computers then

no, freebsd isn't hard-realtime, but it's got dynamic tickless and has a time resolution down to nanoseconds

i'm also not sure most people would want a hard-realtime general-purpose OS

RTEMS does use a fair amount of FreeBSD code though, which I always found interesting

Also, in finding the correct term above (ie, "dynamic tickless", which I was blanking on), I got periodically distracted by a reminder of this paper: usenix.org/legacy/events/bsdcon03/t…ech/full_papers/baldwin/baldwin.pdf

when 'periodic daily' runs base makes a network connection to vuxml.freebsd.org, any way to disable that pls?

maybe something in pkg.conf

It's probably /usr/local/etc/periodic/security/410.pkg-audit

hmm /etc/defaults/periodic.conf says 410 is status-mfi

13.3

pkg(8) isn't part of the base system

debdrup so to disable that check i'd put like security_status_pkgaudit_enable="NO" in /etc/periodic.conf?

You'd need a - between pkg and audit, but otherwise that sounds reasonable.

s/-/_/ (I think)

I don't know why you would want that, though.

V_PauAmma_V: the script is called pkg-audit, not pkg_audit

Can you have - in a shell variable name?

i don't have a fw rule allowing it out. only disabling it till i think that through

Oh, hm. That's a good point.

Yeah, it'll have to be an underscore as V_PauAmma_V points out.

That's a good catch.

debdrup i had to disable security_status_baseaudit_enable AND security_status_pkgaudit_enable to disable those network conns during periodic daily/monthly/weekly

Still not clear on what you're trying to achieve.

the network connection to the vuxml.freebsd.org site

dunno yet if i wanna use pkg audit because it means i gotta allow a fw rule out

why is allowing a connection out a problem?

if you don't trust anything from freebsd.org, why are you using the OS?

an attacker could use the pass out rule to download hack tools no?

if that's a serious threat modeling, you need an airgapped system.

so you're saying just allow any outgoing http connection? pretty loose no?

who are you, RMS?

if someone can initiate an outgoing connection, they either 1) have physical access which means they can have root access in very short order, or 2) if they can initiate an outgoing connection but don't have physical access, the attacker is already on your system