hello I wrote FreeBSD: { url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest" } in /usr/local/etc/pkg/repos/FreeBSD.conf and it does not find any package

pkg update -f

I get "pkg: No packages available to install matching ..."

it works now. thank you!

my jail is out of control i can't stop it: service jail stop foo

I get Stopping jails: foo: jail_attach: Operation not permitted

I get "Stopping jails: foo: jail_attach: Operation not permitted" what could be the issue?

is this true freedom to jail user? invisible container with full privacy

hopefully nothing to do with 14.0

freebsd-version -u

sorrty

hello I am having the following issue

trying to add swap space and $ sudo gpart create -s GPT vtbd1

sixpiece: what do you see: $ [ -e /dev/vtbd1 ] && echo 'si'

nothing

lol

just a new line

sorry. you have another device corresponds to vtbd1 in the example

in the example it uses the device 'vtbd1' but your system have another device rather than one you found in the example

would it be vtnet0?

nothing either

sixpiece: i don't know. it's up to what disks you have

ok so what do I do?

sixpiece: 1. determine which dev you want to have swap space 2. try the same command with the device name

sixpiece: feel free to ask

what do you mean by that which dev you want to have swap space?

what is a dev I know I see it but don't know more than that

like dev/sda1 dev/sda2 etc.. on different virtual machines but I don't know more than that really

sixpiece: yes the numbered device name you see under the path /dev represent virtual/physical device. some of them represent storage or disk which you want to have the swap space in

by the way if you are not individually doing it, if this is part of your company work, you can alway consult me professionally. I can help more thoroughly

i want to get paid though. i need a job

if not, that's also ok. i still help no worries

thank you, yes I am also looking for work

sixpiece: easy way could be what device did you get after you phyiscally or virtually attach a new volume?

I have a virtual private cloud 2gb 1 core cpu and 55gb disk space shared

sixpiece: try: $ df -h

sixpiece: try: $ uname -a

FreeBSD videotron.eu 14.1-RELEASE FreeBSD 14.1-RELEASE releng/14.1-n267679-10e31f0946d8 GENERIC amd64

sixpiece: ok try: $ gpart list

sixpiece: so you only have volume 'vtbd0' already formatted in ufs on latest FreeBSD.

sounds correct

the easiest way to check the presence of your new device, if you attached one, is to ls /dev

sixpiece: in brief reading of the tutorial you showed, it seems it expect you to have an additional volume attach

I am not sure about that tutorial it's really a thread that I posted that motivated this

sixpiece: meaning that when you have a new volume (same kind of your root volume) you will have vtbd1 and you would not have any problem

it's a lot to read but basically they suggested a swap memory it seems

so is there a solution to this ? like redimensioning the drives?

this is a virtual disk correct?

sixpiece: if you don't want to have additional volume, you can also partition the root volume to spare. you will lose the current system though since it overrides

sixpiece: do you see that your second paste board "2. Name: vtbd0p2"

there is no way I am going to start again fresh to do this this took me years to get here...

sixpiece: that's the filesystem takes up all rest of your volume.

interesting

sixpiece: what was so difficult to take you years for it?

sixpiece: something i can help for partitioning at the reinstall?

getting the sendmail to work, opendkim , etc.. php-fpm etc..

sixpiece: I see. it seems important. why don't add an extra volume?

ok I will try

can it be hdd?

or it should be nvme?

sixpiece: is this vm?

yes

sixpiece: on cloud? vultr?

yes

sixpiece: do they provide the volume of your choice?

I can add a block volume

sixpiece: yes. once you add, you will see what's new in the commnad: gpart list

yes either hdd or nvme and I choose the size 1$ for 10gb of nvme or 40gb hdd

how much space do I need?

7gb nvme is enough? or I need more?

sixpiece: i remember swap space in linux was something to do with factor of ram size but not sure if this is the case

sixpiece: let's stick to the example you can have less than 7g

sixpiece: did you do: $ swapinfo

sixpiece: my machine has even if i didn't pay attention at the installation

yes four times the ram so it should be like 8 I think according to the manual

sorry double the size

sixpiece: make sure you don't get any out put from command: $ swapinfo

sixpiece: I installed and I didn't even know I have swap space

sixpiece: also my swap space is set 1/10 of root volume. I don't have any idea of how I did so

interesting I am trying to attach it now not sure how exactly

sixpiece: that's your cloud platform. I can't help

interesting understood

the instructions don't work...

I will open a ticket

thank you very much going to sleep soon or now I guess...

sixpiece: you're welcome.

we asked this in a few places without much of a satisfactory response (except we did almost give someone a stroke apparently) but, what does POSIX, or at least freebsd, have to say about this usage of sockets? chaos.social/@SoniEx2/113495834154945337

does anyone know if root on '/dev/ttyu' always have permission denied at the use 'jail_attach'?. if so, is this intended? if it's intended, do you know the reason?

Soni, it's kind of a stupid question no offense. To answer your question you should start with reading the source for SYS_socket: github.com/freebsd/freebsd-src/blob…/main/sys/kern/uipc_syscalls.c#L131

any pf expert? I ask to ask because I am not answered any how. worth to ask to ask before ask here

oh i figured though. thanks.

I have another question though

It does not need to be an expert since I'm an idiot

;p

I figured out. thanks

zijjgfs: so it is UB to use an fd after it's allocated but before it's initialized?

Soni: depends on who's defining said behavior

for freebsd? i do not see any such conditions mentioned in `man 2 socket`. so it's behavior that has been left undefined (implicitly)

but you're free to look at the implementation of kern_socket(), and if you find it deficient in how you think the scenario ought to be handled, you're welcome to create a patch for it.

say, do I need to do anything to secure the root account in a jail?

I can see that we start out with no password, but SSH won't permit root login, `su` users need to be in `wheel` which utility accounts shouldn't be, and presumably there's no ttys running getty

is this actually secure by default or do I need to set a root password for every jail?

I suppose I could simply assume the worst and write a tool that yells at me if I have a jail without a root password

zip: you should set a password or disable password login (i.e., set the password hash to '*'). i recommend the latter as you never need to log in as root on a jail, you use jexec. i don't think this is secure by default or really intentional at all, it just happens to not open an obvious remote vulnerability due to sshd default configuration

i used cloned_interfaces in netif service to create taps for each vm. if i add some more taps can i simply service netif reload to get them initialized? and if so, will that drop existing connections?

hello

my freebsd vm cannot connect to the internet after a reboot

ping 8.8.8.8 works but name does not resolve for some reason

koolkat332: cat /etc/resolv.conf

koolkat332: The resolvconf service might be tripping you up

nameserver 8.8.8.8

ivy: i figured as much. i guess I'll do that before I take the template snapshot

koolkat332: Ok, does `host freebsd.org 8.8.8.8` work?

honestly I'm half wondering if I should just install void on this machien and run all my services in podman

connection timed out no servers could be reached i removed the stuff that was commented out in

resolv.conf

and deleted the 8.8.8.8 entry but can readd it

but also half this project is just trying to get myself to stop being quiiiite such a docker-brained admin

I also added a block storage in the hope of getting a swap

everything is failed

permission denied on a ping

it was ipfw

btw no we can't add more tap interfaces to cloned_interfaces and just restart netif service and routing service. that sucks

wish we could dynamically reconfigure that without having to reboot

really?

cloned_interfaces="bridge0"

ifconfig tap0 create

ifconfig_bridge0="addm tap0 up"

not what i said

I thought bsdinstall cli was changed but it was the differnce between ttys

can you exploit the kernel via careful manipulation of file descriptor initialization in multithreading?

If l00py comes back perhaps someone could mention that after "service netif restart" they also need "service routing restart" too. That's likely what they are missing, no default gateway route.

FreeBSD specific question: I am trying kevent's for first time to monitor when a file changes. I get the event working flawlessly when the file is modified by a program but if I modify it manually in vim, the events are not triggered. Any idea or hint on why? bpa.st/5N5Q

uskerine: have you saved the changes you make with vim?

satanist of course

uskerine: vim may be unlinking the file and re-creating it rather than modifying it in place, i can't remember off hand if it does that by default

same if I change it using dd

it does not work

this is extremely weird

vim juggles temp files, no?

dd however should be rawdogging it

there muyst be something else

I also tried a basic C program and same

but it works flawlesly in the original main program

/* REGISTER THE KQUEUE FILE DESCRIPTOR WITH THE XT EVENT LOOP */

XtAppAddInput(appContext, kq, (XtPointer)XtInputReadMask, eventfile_callback, (XtPointer)client_data);

could it be that I am registering the callback in the Xt loop

have you tried the sample out of the manpage?

I need to register it using XtAppAddInput, is a X11/Xt app, if I do it normally it will block the X11 app

I think I am missing something relevant here

where can I learn more about kevents related to file changes?

in the manpage: kqueue(2)

search for EVFILT_VNODE

ok my fault --partially--

the plain C program works

VIM no, because it seems to change the inode (I check with stat)

same for dd

the tests I did with dd and C were not properly done

and vim changes the inode

good, gravity remains in place