HER: ummmm "clevis" i think it is, the linux thing

fedoramagazine.org/automatically-decrypt-your-disk-using-tpm2 "A tool called clevis generates a new decryption secret for the LUKS encrypted disk, stores it in the TPM2 chip and configures the TPM2 to only return the secret if the PCR state matches the one at configuration time."

Red Hat: Making Linux Into Windows Since 2008 (tm)

jaredj: you heard about the new tech? Since Pottering (systemd guy) is now working for Microsoft. Linux is getting BSOD (blue screen of death) as a feature. Oh, and there was also a version of systemd that ate users home directory - another great Microsoft feature ported over ;)

systemd really has some bright spots - managing services instead of just starting them is cool, and having services for a user is cool too (e.g. bluetooth, pulseplumbwireaudioserverer)

and some of those features depend on others, to be sure. but i have no love for the destination it arrives at

Using TPM for FDE is a legit use case for managed Linux desktops

sure. and when you have compliance checkboxes, you need to be able to check them with RHEL

I like the service management of systemd for the most part also. But some of the other stuff like systemd-resolvd I just end up getting rid of. And I miss old school plain text logging

i asked Michael Dexter once if he thought SMF might come to FreeBSD. but as i recall, he reckoned there was only enough energy for one init system, and to have it be CDDL-licensed and also not rippable-outable would probably not fly

jaredj: that the one from Solaris?

yes. the few times i've had personal contact with it, it's seemed overengineered, but then i saw a talk about it, possibly involving bryan cantrill, who i find very convincing

jaredj: I would have rather Sun just Open Sourced all of Solaris and went bankrupt

i mean, cddl is an open source license

buut yeah getting my docs from oracle.com is not my cup of tea

I would not complain if we had just minor improvements to the existing init system in FreeBSD

If a service enabled in rc.conf dies, by default we should restart it if it dies?

maybe? maybe not?

time for systemd in freebsd

hah

well, see, yeah, you gotta do at least one thing smarter than just blindly restarting it endlessly

would be a sad day for freebsd if that happened

void's xbps and runit seem to be good solutions

both smf and systemd back off if it isn't working

the only nice thing I'll say about systemd is the logging is good

An rsyslog target can be set up to log in plain text BTW.

For example, the journal can be in RAM and the text logs on disk.

I am quite impressed by the github.com/emtiu/freebsd-outerbase project. Will try it soon.

heh FreeBSD 14.1 ... very odd (to me) reporting of space of zfs storage 84T pool with multiple data sets provides a variety of 'sizes' based on what's in the pool and i think the order of creation... anyhow complete mismatch between df and the pool size.. is that expected behaviour or errant behaviour? example: pastebin.com/eCB637yY

expected

the accounting under USED includes the children

in the zfs list

That's perfectly normal disk usage reporting. ZFS is a tree of reference pointers. The zfs list REFER column most closely mimics the df Used column.

Michelle, Try running "zfs list -o space" which adds more columns specifically for space stuff and looking at the results there.

jaredj: last time I tried to read man pages from oracle's website the page was broken... I just pretend solaris doesn't exist and stick to illumos

nmz, lol

to follow up as it appears (some) people misunderstood check the "size" column in the df... it's the same 84T pool.

rwp: (pastebin appears to be down.. so can't post the update - but really didn't change what i was commenting on)

rwp: it booted just fine after installing UFS under MBR/BIOS. Doing the same install with ZFS, i get "Missing operating system" even having picked the disk in the boot menu. .. and when i go into a live system after failing to boot into the zfs install, there don't seem to be partitions on my disk - only /dev/ada0, but no /dev/ada0p0 for example

nmz: systemd is not all bad. but i'm not sure about the logging. journalctl spits out way too much by default. i'd still rather grep some files in /var/log

SKull: Isn't systemd among the main reasons why so many Linux users are switching (or at least considering to do so) to the BSD's?

SystemD stopped being an init system a very long time ago, it's an almost complete operating system at this point.

well, the idea that you should have a service manager instead of running random shell scripts is correct, no idea how well systemd implements that or any of the other stuff systemd brings

systemd is the wostr

nimaje: Honestly, I prefer the BSD style script approach the most. Because it's simple, easy to work with and understand, and non-bloat. But when it comes to service managers, I think runit does a way better job than systemd.

And even runit has its flaws.

running processes in the foreground in tmux would be better than systemd

Hi, I just installed FreeBSD in a Dell R720 on the first virtual disk. Is there any special thing to pay attention to to ensure the server boots up using that virtual disk? it does not boot up after installing. thanks

there isn't enough info to give a useful answer to that.

I know

well I changed boot up from BIOS to UEFI and now it works, some hints on why would be great, is this related to having used GPT ?

virtual disk?

hardware raid array

right, I am using a perc 710

installing a efi bootloader instead of a mbr bootloader would explain that happening

i think a perc 710 is what i'm on

I have selected GPT, which means efi bootloader. Shall this be the standard practice in servers?

shall amd64 be the standard practice in servers? Sure if it's relatively modern?

gpt doesn't imply efi. i have gpt with mbr

yes

good to know, thanks llua

is there any OS module for idrac (rptrio is running a Dell I guess), if so, is it worth it?

I checked forums and a few places. Out of curiosity does anyone besides me install a system by building fro, ports? I like it becaue it makes it easier later on to fix stuff, add support options, etc and no version madness.

I used to do it in the past. Stopped when I went to college and didn't have time to babysit my computers

when building yourself, I recommend using poudriere or synth, to not have build dependencies installed on your system and have reduce the time window with inconsistent state of dependencies

thing is there is an option I'd like to have in make.conf, a "NO_WAYLAND" var that would default all of the libraries to build WITHOUT any wayland support. Not sure how popular that'd be but it WOULD bw nice to have. Maybe 20 or 30 ports affected

make config-recursive sometimes gets to be "too much" and so I look in /var/db/ports for things with WAYLAND in them, then go back and turn it off with script

anyway a faster method might be nice

don't use make config* use <optionname>_{,UN}SET and OPTIONS_{,UN}SET in a make.conf

Unfortunately I end up getting prompted with the dialog goxes anyway and all of the options differ between the several ports. I'm building the entyire system from the bottom up. 1000 ports

but yeah after doing that I check the options

use poudriere and configure stuff with the build dependent make.conf

yeah dd not want to install all that just to set up a couple of systems. the idea is to avoid going there...

thx anywayz

It would be nice if someone updated the topic to reference a different pastebin since bsd.to has been down for months now. It would help!

Michelle, I understood that the df was on the same pool as the 84T pool. (your previous pastebin.com/eCB637yY)

zfs changes file system semantics somewhat from the traditional UFS system. It's just different. And things are mapped differently.

df Size column is basically zfs list AVAIL column

Which is not expected for df on a traditional device. A device (provider) previous was a fixed size and never changed. But zfs reports the size as a value which is always changing based upon the space available pool.

"zpool list" will report the actual total size of the pool.

"zfs list -o space zroot" will report the available and used space in the pool.

And then df information is mapped from those values. The df Used is basically zfs REFER. And the Size is AVAIL. It's just different.

is it safe to remove /var/db/* files?

bad idea - installed ports and package info live there

etcupdate stores changes there too, used when upgrading for merge data

ok, how to clean that?

i want to remove some stuff for saving more storage

i'm on vps right now

you should include this tree when coing backups. very important

doing

i never do "ports"

only binary

packages?

shbrngdo, i only use binary, never compile from source via ports

The main consumer of space there is /var/db/freebsd-update and all other things there are insignificant by comparison.

That's used by the freebsd-update tool. If you never plan on using it again then that's 3GB (on my system) that can be saved.

wow - that is a LOT

I don't know all of the ramifications of removing that directory. I don't know if that is a cache for freebsd-update or if it is required for further upgrades.

al1r4d: removing /var/db/* would be like removing /usr/*, it's too broad. It only makes sense to ask about specific directories in there.

rwp, thank you for your explanation

bdrewery, i want to remove this -> 1.0G freebsd-update

maybe the update tool needs to store cached data and downloads in /var/cache instead

The /var/db/freebsd-update/files/ directory is a pool of updated files which supports the rollback feature of freebsd-update.

check the last paragraph in freebsd-update(8)

I keep them for a little bit and then delete them

Excellent information topcat001 and therefore that seems like a reasonable space reduction action.

maybe it's obvious what is safe if you df -h -d 1 /var/db/freebsd-update

tl;dr only keep for rollback

shbrngdo, What does the -d option do for you? It's not a valid df option here.

is there a command for that other than 'rm' ?

'-d 1' limits the depth to 1 directory

oh wait I meant du not df

What version are you running? Is that something in CURRENT? I am on RELEASE.

du, df, what's a single letter among friends? :-)

du -h -d 1 /var/db/freebsd-update

I have trouble typing nowadays. buzzy fingers

'out of space on device' in one case trashed the package db during a build. oops!

since I am making packages and saving them all, re-install is easy

actually found out how to increase zs after increasing VM drive's size. kinda cool. 'man growfs' describes the partiton change process and you need to set a flag on zpool to have it expand

people in Eastern Europe: is GitHub down for you right now?

down for me in eastern US

thanks scoobybejesus

in the middle of a build that calls out to github and it just failed due to URL returning 500

their status page says everything is fine, but doesn't work for me too githubstatus.com

fallback plan: do the *actual* work that i sat down to do

everythingisfine.gif