seems like jail command should have an option to start jail up even if depend directive isn't satisfied

hm anyone seen RhodiumToad? never here anymore

polyex: I'm not aware of any way to force a jail to start if it has a depend. You can always just temporarily comment out the depend line in jail.conf, though.

doesn't work for my workflow

had to make a dirty workaround

the reason is depend is overloading 2 functions, dep graph, and startup order. would be nice to say something should start before another thing, but not NEED it to start up

polyex: Well, I believe that's the entire point of having a depend. If one won't work without the other, it shouldn't start. Just like any other software dependency. If you'd like it to start even if the depend isn't running, just remove the dependency.

What's the dirty workaround?

again, depend (as in, do not start unless dep is started) is different from startup order sometimes. i want a jail to start after another's started if possible, but still boot if that fails

lemme dig in code

polyex: Ah, I think I see what you're saying. You're using jail_list in rc.conf and depend lines in jail.conf? And the jail_list order isn't always the same? If that's the case, that would be a bug. The man page for rc.conf specifically says jail_list should be the order started and depend lines in jail.conf would be used to override this order.

Maybe open a PR for that.

found a segfault :P

nmap -6 -pn polarian.dev segfaults

it was a typo, should have been nmap -6 -Pn polarian.dev

polarian: Is it just nmap that segfaults?

yes

Well, that's a plus.

ek no sorry i wasn't totally clear. no jail_list because that caused conflicts. just jail enable YES, then depend in jails. so what i want is depend (start jail after and ONLY if other jails are started) but ALSO i want after (order the startup of jail after other jails, but it can start even if other jails fail to start)

oh i use jail parallel start YES too

I've got a weird issue, periodic's daily stuff is staying locked and never completes. This only started a few days ago, I haven't changed anything in the config in months on this machine apart from new IPv6 adressing

ps x | grep perio

returns 10 entries of scripts running and processes marked LOCKED

polyex: Well, I'd guess that's the problem then. If you use jail_list and not jail_parallel_start, I think that'd solve your issue.

can't use jail_list it causes conflicts

"i have 4 jails. A depends on B. B depends on C. and D depends on C. they all start and run fine if i remove the depend directive, but having it in, jail B fails to start because "jail: C already exists". can't depend handle multiple dependants of the same jail?"

polyex: If you have depends for jail C on both B and D jail configs, it fails because C already exists when the second jail tries to start or what?

i guess? but same deps, just removing jail_list, works fine. then add jail parallel start YES, still works fine

vortexx: What does /var/log/{daily,weekly,monthly}.log say? Any errors?

polyex: Thats seems awfully strange (and somewhat backwards from the recommendations via documentation.) I really do think you should file a PR about it.

what doc recommendation are you thinking it contradicts?

polyex: rc.conf (5) and jail.conf (8)

ya but what points

ek: I don't have those logfiles

polyex: rc.conf (5) states that jail_list is the startup order or all jails (unless unlisted) and that "depend" lines in jail.conf would override this order. The jail.conf (8) states that required jails should be started up to the last exec.poststart.

ya so it seems jail_list ISN'T being fully overridden if the depend directives cause problems

Howdy, folks!

polyex: Yeah. That's my thought. Could be a bug. If anything, filing a PR will either bring it to the proper person's attention, or someone will provide you with the correct flow to make it work (hopefully, with explanation so everyone else in the future will also be able to understand.)

Well, for my FreeBSD laptop, i managed to get X.Org set up, as well as getting htop up and going as well.

vortexx: If you kill those periodic processes and manually run a "periodic" command as root, what happens?

Hiya, nicholaus04.

And yes, i even got sudo set up as well.

nicholaus04: Excellent! I hope it's all running smoothly.

Got a total of 198 packages on the system.

ek: Yep, all set up!

Fantastic!

Though, since the laptop uses a Nvidia GPU, i had to get an Nvidia driver from the package repo.

nicholaus04: Was that a problem?

That took some time (Though, not much time.) to get configured. But it's not too bad.

freebsd

Good to hear.

rj1: Ineed.

Indeed, even.

i need freebsd

ineedfbsd

freebsd rules!

Basically, having to silence the ABI warnings which X treated as errors.

And turning off ACPI so the nvidia kernel module would run without it pooping itself.

nicholaus04: I haven't used Nvidia drivers in a while, but I'm glad to hear you got everything sorted out. Did you just follow the documentation that was available?

ek: That, as well as searching for solutions for the rest of the problems.

But other than that, not too bad.

And yes, in terms of X, OpenGL works!

Though, since i tested it with glxgears, i've only proved it works with 1.x API based programs.

nicholaus04: If you ran into issues that weren't documented (and you have additional input you can provide,) you can always submit that info the the documentation site to have it accepted and updated. Might be able to help some others. :)

And yes, i've even enabled (But not tested, nor set up.) linux compatibility.

nicholaus04: Nothing wrong with that. Being as some things are built specifically for Linux and it's libs, sometimes it's required. It's an option for a reason. :)

And yes, like my devuan machine, i'm using OpenBSD's CWM as my X.org WM.

I like CWM.

does freebsd use syncache or syncookies?

i forget the details i used to know

Since i'm literally writing a SDL-ish game framework in C, it would allow me to test for both a native FBSD build, as well as seeing if it works on FBSD's Linux compat.

GoSox: syncookies only (AFAIK)

nicholaus04: Very cool!

All on 100% real hardware!

GoSox: I stand corrected. Looks like sysctl provides options for both syncache and syncookies.

Well, FBSD-14.1-R anyway. Not sure about older versions.

And yes, the laptop is using a i386 based version of FBSD, since that's the sort of CPU it uses. (Not that it's a bad thing in my perspective.)

my server is under essentially constant synflood attack, and my current os has basically zero protection against it.

but between those two options, i should be able to cover my ass on the new machine

GoSox: Bummer! I certainly hope so. You able to utilize something like SSHGuard or Fail2Ban to try and counter it or does that not help due to the exhaustion?

nicholaus04: Nothing wrong with i386. Been a long time since I've used anything 32-bit.

my data center put me behind their anti ddos system

for free, which is nice. but now they want to charge me which is fair but also its super expensive

plus i want my server to be able to take care of its self

pf firewal even has some form of syn flood protection built in, but somehow apple managed to break it in my os version

GoSox: Apple? What do you mean?

its an old mac server

GoSox: Ah. Gotcha'.

Huh. Quick hint: it seems like SBCL conflicts with /etc/periodic/daily/100.clean-disks

Under the mismatched checksums check in the email, sbcl-2.3.9_1,1: missing file /usr/local/lib/sbcl/sbcl.core

Hello, is anyone using Talos Linux over bhyve ?

if we were, we'd be in #linux not #freebsd

do you deploy kubernetes over freebsd ? if so, how ? :-)

i wanna try running kubernetes with freebsd

anyone doing that?

why would you do such a thing?

it sounds.... miserable

isn't it good for controlling deployments?

i want to run freebsd as host, in prod, no matter what. Unless i manage to do deploy k8s cluster with bhyve, i will be forced by superiors to migrate to another host operating system.

L3Fr0g know if k8s can even run on freebsd?

isn't k8s just... .docker containers?

doing an unattended bsdinstall that needs to set up a few jails. they all go fine except 1 of them gets a line in the error log: cannot unmount ... pool or dataset is busy. any clue why?

doing an unattended bsdinstall that needs to set up a few jails. they all go fine except 1 of them gets a line in the error log: cannot unmount ... pool or dataset is busy. any clue why?

Kubernetes is a tooling set to manage (orchestrate) containers (docker)

why can't it work on jails too then

I cannot remember. I've played with it some time ago, but abandoned it. IMHO nobody needs it at home or in small/medium business.

Because whoever concentrates their software development around Docker and/or Kubernetes hates humanity.

what's bad about kubernetes?

when i do a unattended bsdinstall how do i print data into the error log window that shows at the end?

What's bad about installing programs the Unix way?

if you can't just answer without shitting a question back at me i can't take any use from your 'kubernetes obviously bad dur'

Calm down princess...

any idea for:

chouffe% sudo zpool attach zroot mirror-0 da1p3

cannot attach da1p3 to mirror-0: can only attach to mirrors and top-level disks

?

kubernetes probably has it's use cases, but for deployments with just a few containers it is just over complicated

I just want to add a disk to a mirror zfs vdev

this is what I have gist.github.com/silenius/e6e7816369b4581f011512c1dcc30f15

Title: gist:e6e7816369b4581f011512c1dcc30f15 · GitHub

zpool status?

thanks

zpool attach [-f] [-o property=value] <pool> <device> <new-device>

try: zpool attach zroot mirror-0 da0p3 da1p3

ah.. right!

thanks

polyex: I think that Kubernetes can use different "container engines" via a thing called Container Runtime Interface (CRI). It could be something that runs jails or Linux processes under linuxolator, maybe

Just curious, does man (8) pkg-create for anybody else say for the "-a" option: "This option is incompatible with the" and just stops there?

polyex: looks like some is building the tools github.com/tnorlin/kubernetes/releases

Title: Releases · tnorlin/kubernetes · GitHub

nice

when i do a unattended bsdinstall how do i print data into the error log window that shows at the end?

polyex: I don't know, something in the $BSDINSTALL_LOG ?

i forgot about that ty! ill check it

hm 'echo $BSDINSTALL_LOG'?

i tried that in my installerconfig script and it just outputted a blank line

but man page says it should have a default value?

polyex: if it is not set, it should have been the file mentioned in the manpage

TommyC: same here

saper you mean if it's empty then it's the default in the man page?

yes, or the default from the actual code running ;)

TommyC: I think this freebsd/pkg 7a55498 inserted the text at the wrong place

Title: create: allow to create a package with readable +MANIFEST · freebsd/pkg@7a55498 · GitHub

TommyC: freebsd/pkg #2294

Title: pkg-create(8): fix description of --all by saper · Pull Request #2294 · freebsd/pkg · GitHub

doing an unattended bsdinstall that needs to set up a few jails. in my installerconfig i service jail start jailname, jexec on the jail to do some setup, then service jail stop name to shut it down so i can snapshot the zfs dataset of the jail. works fine but the error log says umount fails because the pool or dataset is busy. so is service jail

stop jailname not cleanly shutting them down?

could happen, any processes left running?

maybe but shouldn't the service jail stop jailname shut them down?

possibly yes, but maybe there is some reason why it didn't

maybe what's happening is: fresh jail is started up in partially configured state, some daemon ran rc services fail to start up and get autorestarted by daemon. then because of that trampoline the jail never finishes shutting down

please check, maybe fstat can help

jail can be as simple as a single process. Also maybe maybe you don't need to start it to configure it. pkg(8) can install packages in jails with the -j option, for example

because i've seen it before that a jail i had that restart bouncing rc daemon issue and when i'd try to shutdown jail host it would get hung waiting for that jail to shutdown

sysrc(8) too

but what about things like adding new user groups, adding users to groups, i gotta start jail for that no?

yeah I've seen things like this too, I'd rather avoid starting jail during the install

no

we can run pw against a jail that's not running?

probably you could use -R option or something like that

saper: cheers

saper so what kinda things would you NEED to start a jail in installerconfig to do?

polyex: well, if you want to initialize a PostgreSQL database cluster inside or things like that

there is also "bsdinstall jail" just learned from wiki.freebsd.org/VladimirKrstulja/Guides/Jails

Title: VladimirKrstulja/Guides/Jails - FreeBSD Wiki

I must say bsdinstall looks impressive these days

in unattended bsdinstall installerconfig, i service start a jail, config it with jexec, service stop it, jls confirms it's stopped. but zfs umount ... errors: cannot unmount ... pool or dataset is busy. why pls?

ya unattened install is badass

no more fat fingering an install man

Anyone using devel/bear with 14.1?

Shit, karels@ passed away :(

Does it freak out?

:(

First commit from karels@ I can find was back in August of 1983, and he was last active less than a fourthnight ago.

ffs what a machine

would be cool to see his top 10 commits or smth

He spent a long time being a software engineer involved security at various corporations, which kinda prevented him from working on opensource.

when my unattended bsdinstall is done it shows an error GUI window. is that normal?

wish i coulda learned security from him

in unattended bsdinstall installerconfig, i service start a jail, config it with jexec, service stop it, jls confirms it's stopped. but zfs umount ... errors: cannot unmount ... pool or dataset is busy. why pls?

polyex: try fstat maybe

it can be run on a zfs mountpoint?

Of course you can.

whats the best way to sample all of the more popular GUIs availble for freebsd? does anyone make a 'sampler' with all of them pre-installed?

o/

I don't think FreeBSD comes with a GUI out of the box, unlike OpenBSD and NetBSD, which come with 3 or 2 window managers.

made a ghostbsd virtual machine and its alright but i suspect theres a better fit

I was under the impression that none of them came with a GUI of any sort, but installing OpenBSD on my laptop shattered that illusion w/r/t that OS

Halian: OpenBSD comes with fvwm (default), cwm, and twm. NetBSD comes with ctwm and twm.

And they both even come with a very minimal graphical login screen too if you enable xenodm on OpenBSD or however it was called again on NetBSD.

Ah

GoSox: pkg install a couple of them and just switch in your .xinitrc

i don't even know whats available

i'm from the land of - not getting to pick the GUI that comes with teh OS :D

once I stopped using DEs my workstation experience became notably less hassle

hassleful?

hasslic?

HASS!

Different strokes for different folks. I'm happy with Xfce.

indeed

exactly on that note: forums.freebsd.org/threads/will-fre…lt-desktop.93784/page-2#post-658712

Title: will freebsd15 have default desktop? | Page 2 | The FreeBSD Forums

it looks like xfce has a dock? is that similar in function to the macos dock?

GoSox: if you have ports, you can expore /usr/ports/x11-wm directory

I am using dwm, but that's not for everyone

I couldn't tell. I've never used a MacOS more recent than 30 years ago.

GoSox, yes, you can have the macos dock experience: github.com/helloSystem/hello/blob/m…shots/20201229-desktop.png?raw=true

oh i really like that, what is that a picture of exactly?

just a pre-configured FreeBSD: hellosystem.github.io/docs

Title: hello — helloSystem documentation

jbo i mean what gui is that? and i assume it has a mac theme added on to it?

GoSox, AFAIK it's XFCE with just "look similar enough to MacOS themes"

neat

ill look in to that

vanilla XFCE4 can be customised to have UI similar to MacOS, HelloSystem is maybe derrived from XFCE, but definitelly it's not clean XFCE4

there's xfce4-docklike-plugin in the ports and other goodies

Title: hello — helloSystem documentation

i'm not lookign to use a UI thats an exact copy of macos

just one thats more mac like than windows like

If like something original, try cde

Isn't CDE still fully commercial?

It's free software for some years now

I remember when multiple commercial OSes shipped it and thinking it looked so cool.

I remember it was quite heavy back in the days and today it feels very lightweight

But then when you attempt to daily-drive it, you realize it's a horribly buggy POS, and can't imagine that anyone would willingly pay for it.

i had CDE for Linux on a laptop many years ago (not the Caldera one, a different port)

I used it on AIX and it was very stable for me.

Solaris, AIX, SCO Unixware, HP/UX. . .

Trying to think what other OSes I used it on.

It wasnt' so much instable. . . it just didn't work in so many ways.

Cy Schubert maintains a very polished CDE port for FreeBSD

Like if you accidentaly moved that button bar off center, there was to way to get it centered again.

What's it called?

The FVWM2 that used to ship with BSDi looked really nice.

x11/cde x11/cde-devel

unicode support got better

Ah, CDE ... brings back memories... I think the last time I used it was back in uni ... so ~2006 at latest, they still had some HP-UX workstations labs

I think they called it VUE or something

VUE is something else, that's the one that came before CDE

vue,openwindows/libxm xview,sun news, sun did couple,

although interestingly wikipedia claims CDE was largely based on VUE which is interesting

motif was $

CDE meh...hp,sun,ibm settled on 1 thing, windownt ate their lunch

comp.windows.open-look and alt.toolkits.xview

usenet

I loved VUE

And yes CDE is very much based on VUE in the visual sense

IBM brought in the "boring business" look

And Sun I don't know what they brought

VUE was much fruitier

And yes it was all based on motif like pretty much everything those days

no mwm was not same

libmotif/mwm was pay to play.

till lesstiff anyway

oh I don't remember mwm

But fvwm

Title: LessTif - Wikipedia

yeah but do you have bootable install tapes?

ignite ux

hp also charged for raid1, mirror ux

you want tmpfs..yeah pay for that also

hp-ux was crazy

I don't have tapes no

posix sh for shell, compiling kernels for ddt tape drives..one first things i did

I had a J210XC that did have tapes

But I sodl it because it was a huge tank of a machine

i didnt have to compile kernel on solaris, but hp-ux compile

I do have CDs and an old SCSI CD Drive

Yeah and HP-UX also came with an amazing management tool, SAM

hp c8000 on ebay NOS pa-risc

new old stock!

I think I have a 700/80 or something

Also PA-RISC

Itanium only runs HP-UX 11i

yeah..

They were throwing those itanium boxes out at work and it was sad to let them go

But they are so huge

And they run nothing anymore, not even linux

i had rp8400/superdomes, l,d,k,v2600 was top500 supercomputer

Yes we had them too at work!

v2600 128cpu/128GB = 4 cabinets

The superdomes

in the 90's

We had an old beige PA-RISC one and a black itanium one

Both just 1 cabinet

And all talking to the SAN

ssp was b180l for v2600

b180l nice box

We had them until way into the 2010s by the way

yeah i walked away in 2006

In fact they used to come and ask me questions because there were very few people that knew HP-UX

I wasn't technically part of IT but I was in the friend zone lol

That was handy when things were being thrown out <3

my boxes interfaced with ibm system Z and sun e25k real nice boxes

Ohh I never worked with system Z

i wish i could have taken photo

We didn't have any of that

system Z and sun e25k sitting next to each other

We had one AS400 at one point

But that was tiny stuff

yeah system36/39 before as400, as400 was virtualizing

ibm was ahead of everybody on virtual machine foo back then

yes

Although they did most of it in hardware IIRC

but assholes

yes

jcl/rpg2

The high priests of IBM

i was pissed at ibm before the as400 came out

I feel like somehow those days were more adventurous

that how they did things high priests bullshit

Different architectures, OSes, always somethign to explore

Yes, if you were not blessed you would not get to touch anything lol

ibm holding the crown jewels close, $$$ no opensauce/freesoftware with them

least they dumped 1billion into linux to fight off m$

This is the second time that IBM coughed up $1 billion to promote Linux. The first was way back in 2000, when Linux was a fledgling operating system just finding its way into enterprise data centers and beginning to threaten Microsoft.

dell emc redhat box crapping the bed in 2004 classic...compared to my sun hp boxes

Netflix freebsd cdn boxen making #freebsd better!

Howdy, folks!

Well, i managed to goof with producing sound via /dev/dsp via the shell.

Basically, i did this: yes (WHATEVER)>/dev/dsp

hey folks

I'm having issues with AMD GPU. it's a MacBook Pro 2015

the Intel GPU one is working fine

this one, not so much

who can help me debug?

I instaled drm-kmod

and drm-515-kmod

when I do startx, the screen freezes

but I can still SSH in

And for the safety of your ears, don't do: cat /dev/random>/dev/dsp.

here's what I get

RADEON(0): [drm] Failed to open DRM device for pci:0000:01:00.0: No such file or directory

RADEON(0): Kernel modesetting setup failed

and it ends with: Screen(s) found, but none have a usable configuration

And yes, i know FBSD uses OSS as it's default sound output.

fstat can be run on a zfs mountpoint?

in unattended bsdinstall installerconfig, i service start a jail, config it with jexec, service stop it, jls confirms it's stopped. but zfs umount ... errors: cannot unmount ... pool or dataset is busy. why pls?

question: why do you stop the jail during the install?

so i can snapshot it

its zfs fs

polyex by any chance devfs is still running?

in the jail?

still mounted, rather than still running

but good idea

polyex yes.

polyex do something like 'mount | grep path/to/the/jail' to see what else is mounted

how do i check?

ok

polyex lemme know

checking now brb

btw fstat /path/to/jail sohowed nothing

k brb

polyex fstat shows files opened by processes, not mountpoints of the kernel.

polyex how did you create the jail btw?

polyex if devfs is not running, try "zfs unmount -f yourpool/datasetzfs". No need to bsdinstall. Just fetch the base, extract and make a snapshot.

install running, will have info soon. i created the jail by zfs clone template into its own mountpoint. then i cp my jail's config files into its dir then service jail start myjail

polyex if that's all you want to do, please have a look at jailer.dev

Title: jailer

i'll check it out after i fix this thing

devnull well i tried zfs umount /zroot/path/to/jail but it said pool or dataset is busy. so you're thinking try -f to force it?

ok it says devfs in addition to jail's mountpoint

zfs, local, noatime, nfsv4ac

antranigv looks like devfs is mounted for jali ya

polyex unmount that first

zfs umount /zroot/path/to/jail/dev ?

polyex it's not ZFS. just `umount /path/to/jail/dev`

and path is FS path not zfs mountpoint path?

polyex indeed. your Jail path is a ZFS path, but the /dev inside of it is just a devfs mount.

do umount then do mount grep line again to see if it's gone?

polyex indeed

install running

OK

umount line did the trick! devfs mount is gone. then error log no longer shows when bsdinstall is done!!!!

tyvm antranigv!

polyex congrats

so what i learned is that if my jail uses devfs, i need to unmount that after shutting jail down

polyex now use jailer :) it has all of these issues fixed

does jailer also upstream the fixes into base?

in jailer it's as simple as `jailer image fetch && jailer create jailname`

polyex thanks to Jailer (and other Jail management tools) there has been two fixed and a feature in upstream!

that's so great. i'll look at jailer for sure. know what it's coded in?

polyex POSIX Shell with FreeBSD extensions.

nice

did you make it?

polyex yes

polyex the history is at the bottom of the page

you ever run into prob that vnet jails can't do mac_portacl?

would be great if that was added

so we could allow a regular jail user to bind to a specific low port

polyex jails can do that, AFAIK

nope

testing now

last tested on 13.3 fwiw

hopefully you're testing 14.1 in case it works now

polyex tested on 13.2 and 14.0

root@e0fc9570:~ # sysctl security.jail.jailed ; nc -l 80

security.jail.jailed: 1

hello from the other side

polyex works fine

oh wait

this not VNET

sorry

1 sec