does anyone use routed(8) anymore ?

I am new to the BSD scene, but an idea I have read many items about is cathedral development. openbsd seems to have cwm as their official user land window drawer, does freebsd have something similar? I.e., a window manager / DE that is included in the cathedral development?

no_warranty: I don't think the GUI is in the core OS at all with FreeBSD.

I'm surprised that it would be in OpenBSD honestly

Well, you know OpenBSD, "We'll make our own SSH client, SSL library, VCS... with blackjack and hookers." attitude.

oh wiat, they make the SSH server too.

Adding an X11 server to the list doesn't seem too far off for them.

But yeah, I'm surprised it's in their core OS too.

I can't even remember the last time I ran OpenBSD

it's called xenocara

xenocara is only the x11 library

no_warranty: It doesn't look that way in the source repos.

cvsweb.openbsd.org/xenocara There are lib, server, and app subdirectories. It looks like Xenocara covers all of X.org.

What I mean is that Xenocara is the windowing system, but it is not a DE / window manager. I tried openBSD, and their window managers are cwm and fvwm, which runs on top of xenocara.

So I don't think it is accurate to say xenocara is a complelete userland GUI.

no we don't have a DE

pick whichever one that brings you joy

nobody's saying that, xenocara is openbsd's xorg, just that

got it

@aaro: I re read the convo. Forgive me as I should go to sleep soon.

np

no_warranty: xenocara includes cwm and fvwm

cvsweb.openbsd.org/xenocara/app/cwm and cvsweb.openbsd.org/xenocara/app/fvwm

Under FreeBSD does Postgresql server use 8KB pages or 16KB pages? Planning to setup a psql server and adjust the ZFS record size to match PostgreSQL's page size.

tercaL: 8k

As along as they align, it probably doesn't matter if you set ZFS to 8 or any multiple of 8.

it does, databases are one of the (very) few use-cases where setting recordsize explicitly is recommended, otherwise you can end up with a lot of read and write amplification using the default 128k

Ho, folks. Asking for future me as I don't have a laptop picked out yet. :) Is there specific tuning needed to run FreeBSD with a GUI on a laptop? Will it be fine to just run desktop-installer on a laptop and run with that?

If tweaking for a laptop is needed, where is that documented please?

I am looking at this: wiki.freebsd.org/Laptops

no specific tuning needed

Thanks. So battery life will be good?

unixman_home: probably not any better than on linux or windows, but good enough

Okay. Thanks.

vortexx: are you sure power saving features always supported in freebsd?

(okay, i actually haven't tried desktop-installer myself but general instructions to install desktop-environment should do)

There's a desktop-installer? I've always just pkg installed the stuff I needed/wanted

unixman_home: you'll want to make sure powerd is running and you have the appropriate kernel modules loaded for your CPU's frequency control driver (i don't think all of those are in GENERIC)

Either powerd, powerdxx, or the newer in kernel frequency scaling (I forget the driver name) which is reported to be less featureful.

vkarlsen, yeah, I just found desktop-installer today. :D

lw, rrwp, thanks.

s/rrwp/rwp/

My older desktop cpu requires powerdxx. We were discussing things here a few days ago and I learned that newer cpus require a completely different frequency scaling governor that is apparently built into the kernel as a driver. There was complaints that it was less featureful.

AFAIK the things to pay attention to on a laptop are suspend-resume (where I have had problems with the graphics driver) and the wifi (which I hear is much improved in 14) which may require wifibox.

Got it.

sbar awl_0 add -before awl_0 -alignment left usercount

Out of curiosity, do you guys create one jail for each service on a server?

I don't have a database jail. I keep my db in the jail with the rest of the related items. But, yeah, syncthing jail, pixelfed jail, navidrome jail, gitea jail, bookstack jail, etc. Generally all thin jails, and usually not VNET, but it depends

Thank you, and interesting. Last time I set a server I separated everything; also the database.

I was also thinking about using VNET jails next time; assigning everything public IPv6 addresses, and support IPv4 only as secondary option for web servers or so...

I tend to start working with things not in a jail and then move things into a jail as they mature. Meaning as they become obstacles to upgrades I contain them in a jail so I can upgrade the host and then come back and deal with the obstacles to upgrade in a later phase of upgrade.

Sounds like a good way to prevent confilicts when upgrading, never thought about it this way.

There are zillions of different use cases. All different. (A maze of twisty little passages all different.) In the end you must choose what works for you.

What works for me is that i started on linux on a pi, and it was debian based, and i needed the testing repo for a newer lib of something, meanwhile i was trying to learn openvpn, and this and that, and i ended up getting it into a state that i couldn't recover from.

Couldn't recover because you had locked yourself out of the remote system? That's pretty easy to do. I have tripped on that myself. I very much enjoy working on servers with remote console capability just for those reasons.

not only is a jail a good space for me to experiment and learn and teach myself, and be able to just blow it away and start over if i need to, but with ZFS you are literally wiping the slate clean with a destroy or rollback, as opposed to manually uninstalling software and trying to wrangle your way into an older state

couldn't recover as in i was a nix newbie who had a broken package manager and i didn't have enough know-how to even explain what was happening (and it was early enough that i still don't really know... all i know is that i had to reinstall the OS to do make use of the pi)

Good judgement comes from experience. Experience comes from bad judgement.

Here is an example of what I am talking about. I install a nginx+fcgiwrap+spawncgi+multiwatch+php system. It's port 80+443 and no port conflict. It will start in the base system. It started as a PHP4 system. It needed to run this PHP PostNuke web site that was being imported from elsewhere. (That should tell you the time frame.)

But everything moves on including PHP. This web site is used to do something specific for exactly one person, the boss person who is paying for the work. It does need to be updated. But maybe it can eventually just go away without needing more work.

I wrap it all up into a jail and then put it behind an nginx proxy with http-basic-auth so that nothing can talk to it except for this one person keeping it safe from hostile Internet poking. It's stuck in time but that's okay.

All else on the system gets upgraded and moves on.

That would be a case of a non-VNET jail which can share the network stack.

Meanwhile I absolutely LOVE the software defined networking capability of VNET jails allowing me to set up test networks of systems. I can set up a private LAN with a gateway router VNET jail and several other leafnode VNET jails to simulate a bare metal network. Such as setting up a database and working through setting up a replicated database system. This is extremely powerful.

The point I guess I am making is that there is no one canonical answer. There are many possibilities. Each are good in their own way.

I definitely need to play more with VNET when I have some time, I get the concept but never really used them.

And with jail management tools like bastille or cbsd it is also quite easy to create and destroy jails. And using ZFS like scoobybejesus mentioned

Hi, I myself am totally blind and have a virtual private server that I had someone help me install the Free BSD operating system on to as not sure how to run the installer over the serial console. The issue is the password for root is not working can I boot back into the iso image and reset the root password?

Or is there an installation option to run it over the serial console?

or better yet ssh access?

rwp / scoobybejesus : that PATH problem from yesterday. Today I changed root's shell from sh to csh on that 13.3 host - that is the default - I suspect we got a little ahread of ourselves: cgit.freebsd.org/src/tree/etc/master.passwd?h=releng/13.3

rwp / scoobybejesus : which means: problem solved.

dvl, I don't understand what you are trying to say with that paste. The paste shows what looks to me as a typical 13 password file entry for root as /bin/csh and toor (as /bin/sh by default).

But you said when you changed root's shell from /bin/csh to /bin/sh that after that change a local init script on your site started failing. Restoring root's shell to /bin/csh you said restored it to working.

Unfortunately the local site rc script was not sharable so we out here on the net don't know what's in it but last I said I was suspicious of SHELL then.

With that I am not understanding at all how the typical 13 password file for root showing /bin/csh is involved in marking the problem at solved?

nickgaw: can you reboot into single user mode?

rwp: The paste shows that the default root password on 13.3 is csh, not sh. So I settled on that shell, and the problem goes away. I suspect that changing root's default shell has side-effects. I have not looked up the changes associated with the change in 14 (.0 or .1?) which moved root shell from csh to sh, but I suspect it was not a 1 file change. I suspect the shell was manually changed in error during the upgrade from 13.2 to 13.3.

could be fun to clone that jail, upgrade it to 14.0/1, (changing root shell to /bin/sh) and then see if the script fails for similar reasons

Agreed.

While I would love to spend more time looking in the root (pun intended), I'm not going to. If the problem recurs when we go to 14.1, and it just works, we know the answer. If it fails then, we know we hvae to look.

scoobybejesus: fun, but not time I want to spend. This is $WORK. And there's way too much other stuff.

Past history being somewhat a predictor of future performance I suspect it will fail in that future time.

rwp: We shall see. Again, I suspect the root shell change also updated PATH.

^ the root shell change in 14

I'll ask Brad - cgit.freebsd.org/src/commit/etc/mas…8bb8f35b9aa39b01b8ccfd88f4e2e21ebb5

I think that's the wrong commit.

It's a pity that the problem is in a site local rc script and we can't recreate it out here in the wild. I still think that there must be a problem in the rc script if it is failing due to changing the root shell.

No, it was cgit.freebsd.org/src/commit/etc/mas…585b6f00a26c2de7724d6576a3ea7d548b7

rwp: As previously stated, and I have no access here at home, the rc.d script is bland. The stuff it starts is ont.

*not.

^ Baptitse is the one.

In that case s/rc script/stuff it starts/. There. Fixed it! :-)

rwp: Yeah, sharing all the code isn't possible, your curiosity will remain unsated.

Just wondering is ssh access after an installation of Free BSD blocked for root?

permitroot is off by default, IIRC

So if I did not add another user during the installation can I use the installation media on this virtual private server and do so that way?

If root is disabled threw ssh is there any way to get nto this system to change that?

nickgaw: do it after the install, before the reboot. or add a mortal user who can either sudo or su to root, sure

I just hope I do not have to reinstall everything all over again just to fix a simple root login issue?

don't you get a serial console on that server?

or vnc

If I try to access it I just get blank screen can the installation be ran over the serial console?

it can

does anything show if you press enter a few times ?

When I am at the main installation screen what do I check over VNC to run the rest of the installation over the serial port?

the boot menu should have an opention to select serial or "dual, serial primary"

docs.freebsd.org/en/books/handbook/bsdinstall/#bsdinstall-view-probe option 5

but if you have console access you can log in as root and then create your user

This is a virtual private server not sure if it is running any software that lets me change booting options threw the iso image.

if it's freebsd it should have it

what provider is it

mythic-beasts.com

if it's installed but you can't ssh in, which i understand the problem to be

yes

does the vnc console show anything? what if you press enter a few times?

I connected to the serial console after booting from the hard drive image and pressing enter gives me nothing threw the serial port.

or is there only serial access?

VNC will probably let me login to it but it is their web VNC client.

Web VNC is how this system was installed.

can you webvnc now?

They provided the base iso image for Free BSD 14.1

can you webvnc to the host now?

yes but I am still booted into the installation iso and am totally blind so had someone help me do the installation with sited assistance as screen readers will not work in VNC If I reboot this installation iso image and launch the webvnc right away how can I launch the installation using the keyboard over the serial console?

They have a way to ssh into the serial console and pressing enter or entering any keyboard input does not give me any output.

ah, ok that makes sense

nickgaw:

Their support staff is not very helpful does Free BSD have support services that might be able to assist me with this small task?

i can tell you what to do to switch it to the serial console for when it reboots

That is what I am in now and ran console.

however, since it's in video console now, that would have to be done via the webvnc

Once I am in the console pressing enter does not do anything.

How do you switch it and I can try that?

you will need to add the line "console=comconsole" into /boot/loader.conf

then it should all be serial console from then on out and you should have far fewer problems dealing with it

This is on the real installed system not the installation iso right?

on the real system, correct. tell me again at which point is the installer? i recall it gives you an option to do some shit before you reboot. it could be done then

the user configuration section before the system is finished with the installation before the final reboot.

if you do make a real user, that user, with a password can ssh in. if you gave added them to the group 'wheel' they could assume root.

nickgaw, Can you reboot into single user mode on the system console? If so that is a root shell without a password.

The system is installed already but if I wanted to redo the installation threw the serial console once the installer is booted up to the screen what do I press to turn on serial console?

Should I be able to do this threw VNC?

nickgaw, Installing using the installation iso and a serial console is a multiple step setting of variables. I can send those in a paste bin.

I am hoping you do not need to install again. That seems bad.

no you don't need to install again.

So there is not an automatically running on the serial port or ssh access to the installer then?

but blind, it's hard to use vnc to do the thing, is the basis of the problem

I am hoping that your personal login is in the wheel group because being in the wheel group is required to "su" switch user to the root user.

No. I have often wished for a standard FreeBSD install iso that had the serial console enabled.

How do I manually add a normal user to the system as root if I can type it into the VNC web console?

The "adduser" command will do it in a command line.

adduser username will it prompt me for a password right away or will I have to do passwd username after running adduser?