My upgrade finally completed on this desktop! All good. The file install took forever for some reason. And it insisted upon installing /usr/src no matter how I tried to prevent it.

There must be some configuration left behind after I initially installed and included /usr/src but I don't know what that is in order to disable it.

how many freebsd machines do you have? :)

I have a very small number at 6 total production working machines now. With another few VM for hacking and testing.

That number is slowly growing over time as I convert more machines to FreeBSD.

cool

i'm working on a couple that don't have specific purposes yet

tis fun imo

I think I should benchmark the zfs file system on my desktop and compare it to the other machines. I think something may be causing it to operate very slowly. It took a very long time to upgrade it whereas the others went reasonably quickly.

my first thought is a bad disk...?

ewrapt [~thaewrapt@user/thaewrapt] has joined #freebsd │ ashnur

For normal this and that everything is fast enough that I don't notice anything. But as it was grinding through the 54k files in /var/db/freebsd-update/INDEX-NEW trying to install it was just grinding through very slowly.

rwp: misconfigured IPv6 or no IPv6 might have slowed you down

No IPv6 here.

maybe checksum related?

But when I watched the process listing it was the install_from_index() function working through sort -k 1,1 -t '|' $1 | tr '|' ' ' | install -S -o ${OWNER} -g ${GROUP} -m ${PERM} ${HASH} ${BASEDIR}/${FPATH} that was taking forever.

Initially I saw the -S and that's an fsync() call forcing O_SYNC to disk so I thought it was that. I hacked it out and things were better but still not super great.

It was working through hundreds of thousands of files in /usr/src, /usr/ports, so I hacked those out of INDEX-NEW but I guess I didn't get upstream in the flow enough because it recreated this anyway. I'll have to look into where that is created.

I am sure I broke the ability to "rollback" but... Boot Environments FTW! So I wasn't worried about that particular feature.

polyex: no idea, I try very hard not to touch the installer

I know you can choose to include/exclude those parts during initial install, so maybe that choice is remembered somewhere

/etc/freebsd-update.conf, Components and/or Ignore

I don't remember FreeBSD man pages not wrapping properly but it seems maybe since 14 man pages wrap words vs shifting them to the next line indents are respected.

Anyone able to check that with a ~66 column terminal and `man man`?

errrm... pkg is doing something in the background and it is eating all disk IO and cpu

skered: I don't think that changed, 78 is the default number of output columns, you could use `MANWIDTH=66 man man` to make it work correctly; there's also MANWIDTH=tty to use the terminal size, but sadly it's only used if terminal columns > 80 for some reason in /usr/bin/man

there a way to send a message to all my i3 windows at the same time?

i wanna blast myself with a reminder on a cron

i don't wanna use mail for it

like wall, but wall doesn't show on all screens

looks like notify-osd works

dunst works too

we can make popups on our desktop from cron jobs. the future is fucking here

hmm, lw seems to have disappeared

meena and rhodium aren't around much lately either

hrm

i hope they're ok

lw at least had posted a bug just a couple days ago, maybe just busy

just summer hours?

hot damn, it is summer

i made a cronjob to send me a notification every minute but it's not working: */1 * * * * polyex /usr/local/bin/notify-send foo bar. but notify-send foo bar from cmd line works?

pj ot

oh it's sending me emails saying /bin/sh: polyex: not found

wtf

user field doesn't exist if you're constructing it in a crontab

er, user crontab

only /etc/crontab and /etc/cron.d

ok i took user out

hm now the error mail says cannot autolaunch d-bus without x11 $DISPLAY

GOT IT

rwp: could you have been scrubing a ZFS drive when your slow down happened?

jauntyd, rwd: probably just running daily periodic script. it kills my zfs too. rarely finishes on time.

for some periodic script you should mark zfs datasets that shouldn't contain executables as noexec, at least one scans all mounts that allow something executed from them (iirc it checks suid executables, but not sure anymore), I should really look through all those enabled by default periodic scripts and disable those I don't need

woohoo freebsd

yuripv: Ok i thhink that's my issue or the issue. MANWIDTH defauts to something that isn't COLUMNS

Thanks.

how good is uart card support on FreeBSD? Do most/all startech cards work?

the card I am looking at has a ASIX MCS9820CV chipset I can't seem to find any hardware support list or anything, so is this a matter of buy it and see?

after swapping out that SN770 nvme for this Crucial P3 one, i haven't had a single crash. i've rebuilt all my ~700 ports multiple times, transfered several 100gbs, and it's been up for >2.5 days (longer really, but i was doing reboots and updates and upgrades)

with the SN770 i didn't make it even a couple hours, so i think i can consider the problem solved

what is the conventional place to stick root scripts to run as cron on FreeBSD?

i think I recall polyex recently claiming that the environment changed in terms of running rc scripts in 14-RELEASE vs 13... and i just found that my script running PHP in 13- could find php just fine, but in 14- i needed to put /usr/local/bin/php, a change that stumped me for a while, because i expected the same script would Just Work™

hi guys. i'm trying to redirect a freebsd terminal to a raw tcp socket, with socat or something. i found some instructions for linux that called for "socat -v tcp-l:3334 pty,link=/dev/trs80" so i tried all /dev/ttyvX devices but it doesn't seem to work.... what device should i be trying to hit? (the device i'm trying to connect from doesn't support telnet)

i can connect and i see my packets arriving, but i don't see a login prompt or any other response

jauntyd, scrubbing was not running. I do wonder if there is something that is not fragmentation (showing 8% here) but something related as zpool history | wc -l yields 345630 due to running zfs-auto-snap since 2022-10-22. Or it might be because I am using Boot Environments and disk clones are needing to fork disk space when used.

wcarson, That is a pretty strong finger pointing blame there. Since I have two of those in the collective at a client's machine let's hope you pulled a bad lot and not all of them are that way.

rwp: sadly i think it is the drive... or they must have a lot of "bad lots" -- there's huge threads on it

:-(

that said, as someone else mentioned, it's like the #1 most sold drive on amazon

and it's very highly rated, like >4.5 stars or whatever

so, is it just that there are a few one-in-a-million-but-we-sold-many-millions problems with the drive? or is it a zfs+sn770 issue? or a zfs+sn770+freebsd issue? hard to say. although there are linux (zfs) users reporting the same thing in that openzfs issue

My client bought a Penguin Pro 14 system (thinkpenguin.com/gnu-linux/penguin-pro-14-gnu-linux-desktop) with two of those installed. Obviously the ThinkPenguin folks think it is okay too or they wouldn't have chosen it.

Installed there is Ubuntu 24.04 + ZFS and so far have not seen a problem with it. (me makes various superstitious signings after saying that)

well, that's good!

could also be a particular controller, since i was seeing controller timeouts in the logs

for me, i'm just glad it was a simple solution

and plus the crucial was $50 cheaper :D

Whew! Good to have solved it for you anyway.

polarian, I think if you ask 10 people that question, where to place root scripts, you will get 12 different unique answers. I don't think there is a convention. People place their own programs where they think they should go.

welp /root/bin it is then :P

And some of that answer for me depends upon if I want it in the Boot Environment or outside of it. If inside then either /root/bin/ or /usr/local/sbin/ but if outside of it then I usually stash it in /home/ instead.

I have also created a /local/ directory in order to emphasize that what was there was something unique to that system.

I personally never warmed up hugely to the whole /opt/ thing. That was designed and targeted for vendors to put things, like /opt/google/bin for chrome and such.

It's good for them though. I think that is a fine place for them to put those types of things.

hjf, Your configuration question immediately makes me think you are wanting to simply install telnetd there. Doesn't the telnetd do everything you want it to do?

And I won't argue that passwords in the clear are a bad idea because I am sure you are operating it in an isolated network and that's not a problem.

But then you said "the device i'm trying to connect from doesn't support telnet" and I am wondering why socat or nc didn't work, assuming it has socat or nc?

And of course I am rather curious about the actual problem you are working on that would need such an unusual configuration in this day and age.

man.freebsd.org/cgi/man.cgi?hier or man hier

hier -- index of FreeBSD file system hierarchy

rennj, Yes but unfortunately that man page remains silent on the answer to the question. :-(

well opt is older then the netbsd freebsd openbsd

sun,hp,ibm,sgi had it for vendor foo unix wars

Yep.

lots of nfs back in the day also, when systems didnt have diskdrives or small disks.. nfs mount from server the local foo

like share var/mail from the mailserver to all the client machines..local mail from nfs mailerserver

sun /export/home export users homedir from nfs server and such..login any workstation have your home

So we can ask polarian's question of you and get your vote. "what is the conventional place to stick root scripts to run as cron on FreeBSD?"

My answer was that ten people will have a dozen opinions. :-)

somewhere it will not get hacked by non root users i suppose

lol

elevation of privilege, security

hardening freebsd says what ?

I violate the rules from hier(7) and for the most part put them in /usr/local/bin or /usr/local/sbin and just pretend that I own my system. I name things such that I am unlikely to name collide with a port.

(CIS, NSA, DISA) all have guides on hardening apps and os's

I also sometimes put them in /root/bin/ depending upon $THINGS.

I don't really think this is a hardening question. All of these directories have the same security level.

rwp: i'm connecting to this freebsd server from a Commodore 128

hjf, And a telnetd install didn't work?

but that would give me a telnet server. this thing doesn't seem to talk telnet. i tried with two different devicest that host telnet and i couldn't connect

i know it can connect to stuff because i can connect to commodore BBSs online. seems these don't really talk telnet but rather raw TCP

i was also able to connect to libera chat, since it can talk IRC too hehe

Though there is a TELNET protocol I rather recall being able to use nc to connect to telnetd okay.

And also it was common to use telnet to connect to things like we would use nc or socat to do today. Using telnet as a generic tcp tool.

yeah; i was going to say there's not much 'fluff' on telnet

you mean using nc as a proxy to telnet?

socat -v TCP-LISTEN:3334,reuseaddr,fork EXEC:"/usr/libexec/getty std.9600",pty,raw,echo=0

this seems to work at least from PuTTY on windows

I would monitor /var/log/auth.log during the attempt and verify that what's failing is what you think is failing.

Since you have such a nice example I must try it... I do. I see that the output goes to the invoking terminal and not to the remote end. Input is coming from the network okay though. I can log in. Which is pretty fun.

Oh, it's only stderr that is still attached to the invoking terminal. stdout goes to the socket okay.

hjf, Modify that command to add stderr option too: socat -v TCP-LISTEN:3334,reuseaddr,fork EXEC:"/usr/libexec/getty std.9600",stderr,pty,raw,echo=0

that was suggested by chatgpt actually

So what you are saying is that I have not yet passed the Turing test myself because I am not yet better than the machine? :-)

do you need to reboot between patch levels?

so going from 14.1-RELEASE-p0 to -p1 should reboot or nah?

It depends upon what has changed. A reboot is always the safest answer because then it is certain that all programs are running the updated code.

But in detail if the kernel was updated (freebsd-version -kr) then you must update to run the new kernel.

If running daemons were updated, or libraries used by those running daemons, then those running daemons might simply be restarted (service cron restart, for example) and no reboot would be required then.

ah that is what I thought, but I was curious because I saw it restarting sshd after patching it and stuff

hm... encrypted zfs... I can't seem to find it in the handbook, I assume you geli both disks and then geli the .eli partitions?

I do not know what automation the system is already providing to restart daemons. It might be doing this for you already. I don't know.

polarian, wiki.freebsd.org/MasonLoringBliss/ZFSandGELIbyHAND

oh there is an article on it

thanks :)

In this case RTFM means Read The Fine *Mason* docs. :-)

whats freebsd obsession with "tank0" and "tank1"

I feel that way too. But naming things is hard!

thats sun zfs

they used in the docs

see solaris zfs docs for tank foobar

zpool create tank mirror c1t0d0 c2t0d0

hjf, On the telnetd front I installed it for the first time in many years and poked at it. I see that telnetd has gotten very fancy and now tries to secure itself and all of that security is getting in the way of using a simple nc to connect to it. Even trying to turn all of it off it defeated my simple brute force attempts. Your socat+getty approach seems best! :-)

you could just use busybox binary for telnetd/ftpd/httpd of yore, no inetd needed

rennj: isn't the convention <disklabel>.eli?

i keep it around for my older vm's like nextstep,beos,amiga

thats sun notes from 2004

not freebsd

where tank came from, i was showing the old docs

it was in the guide you sent on zfs and geli by hand

no clue... docs.oracle.com/cd/E23824_01/html/821-1459/fscreate-6.html but those docs rock

docs.sun.com was oh so nice..what money buys, good documentation

polarian, The Mason docs I referenced are using the names that were traditionally used in the old days.

so I am making a storage pool, is it bad to just geli the root device and run without a partition table?

rwp: heh

polarian: The original pool names were characters from the Matrix, and I'm particularly fond of "tank" because it's notionally related to "pool" and it contains things, in addition to being a character from the Matrix.

But you can use pretty much whatever you like.

ah

mason: can you geli the disk without a partition table, and then zfs the .efi after? or is it conventional to use a partition table even if its a single partition?

polarian: I wouldn't dream of doing it that way, but I believe you can, yes.

I use partitions exclusively. I prefer GPT partitions so I can give them human-readable labels.

mason: is there any downsides of not using a partition table

zfs is going to eat the entire disk either way

polarian: The commonly noted downside is if you have disks of slightly different sizes, you can get stuck various ways.

If you specify partitions, you can use a uniform size.

Plus, you're going to tend to want partitions anyway. I still don't trust swap on ZFS, for instance, so that'd be better as a gmirror.

And if you're on UEFI you'll need partitions to support your ESP(s).

mason: this is a storage pool

I already have an SSD as a single disk pool for boot

(I dont have another SSD to mirror it, and its not the biggeest deal losing the boot disk)

The other thing I get from always using partitions, and always having them be GPT partitions, is that I have complete consistency everywhere.

meh doesn't hurt just to use a partition table lol

github.com/mmatuska/mfsbsd in-memory ram os, Disks? Where we're going we don't need disks.

This minimal installation gets completely loaded into memory.

network drives or local drives, just data storage.

das,nas,san foobar, nothing but data.

closed session .iso image have fun with hacking virus/malware

en.wikipedia.org/wiki/Evil_maid_attack, en.wikipedia.org/wiki/Cold_boot_attack have fun.

encrypted FDE, steal my laptop, better not power it down, perhaps you can get keys of soldered ram...

s/of/off

keystroke logging or video camera while you enter the passphrase + keyfile might get you owned.

I was working on a bastille jail. Then i rebooted and the jail is gone. ls -la /usr/local/bastille/jails/my_jail/root shows dir is empty. maybe it needs to be mounted somehow ?

hmm that jail dir shows up in "zfs list"

why `freebsd-version`14.1-RELEASE-p1

Douglas Adams - Towel Day might save you..from the video camera anyway.. or Xkbd virtual keyboard, unless m$ recall like app taking periodic screenshots.

but they would have to hack the .iso

bah..i don't see any of that as worry

sorry, why does `freebsd-version` output 14.1-RELEASE-p1 but `uname -a` outputs 14.1-RELEASE?

forums.freebsd.org/threads/freebsd-…rsion-1-and-uname-1-different.70294 perhaps

freebsd-version(1) and uname(1) different?

freebsd-version -- print the version and patch level of the installed

system

Print the version and patch level of the installed kernel. Unlike uname(1), if a new kernel has been installed but the system has not yet rebooted, freebsd-version will print version and patch level of the new kernel.

i've rebooted after upgrading but still `uname -a` prints without the patchlevel1

You need to reboot, uname(1) shows the active kernel, freebsd-version(1) greps the kernel on disk. If freebsd-update(1) shows a newer version than uname(1) it means the old kernel is still active and the new kernel hasn't been loaded yet.

no clue Qual

still running the old kernel i guess..

yep still

anyways thank you rennj

np

Bo Burnham - Welcome To The Internet --> youtube.com/watch?v=k1BneeJTDcU

penelope scott - rät - youtube.com/watch?v=KqyXvMrQDk8

my old ass feels modern...