builtin sshd doesn't ignore sshd_config LogLevel config or stop at INFO?

sshing to a sshd inside a jail with LogLevel DEBUG3 doesn't show what I would expect in /var/log/auth.log for DEBUG3.

It being inside a jail is the only thing I could think of that might be interesting about the setup.

skered: most likely due to the default syslog settings in /etc/syslogd.conf , you could add a file in /etc/syslog.d with something like: "auth.debug;authpriv.debug /var/log/auth_debug.log"

alternatively you could stop your sshd service then run sshd in the foreground like: /usr/sbin/sshd -ddd

not sure if your intended debug level outputs sensitive data

(so maybe better to keep it out of auth.log or any file, even)

It was just for testing something that I've since figured out.

But good to know.

oh it's in /var/log/debug.log

Is there a file that stores the current "dmesg" buffer? /var/run/dmesg.boot only stores boot messages.

Question, I just upgraded to 14.2 according to the instructions but I have 2 weird issues:

1) I get a message at boot "BOOT LOADER IS TOO OLD - PLEASE UPGRADE"

2) The text console no longer works, when I switch with Crtl-Alt-F1 the X11 screen freezes but doesn't show the black console screen

To unfreeze it I still have to do Ctrl-Alt-F9 as before, it's just like the whole console screen framebuffer is not there

Until it boots I see messages but once it switches to X11 it normally goes to a tiny font (I have a 4K 24" screen) but now the framebuffer seems to fail to reinitialise

It's strange the boot loader upgrade failed somehow, never seen that before

this message can be ignored

Ah but I was googling it and I saw that sometimes it could cause problems with zfs upgrades?

It didn't say how to fix it tho

if you zpool upgrade you must update the boot loader first

Yeah but how?

The update instructions didn't mention this part

depends if you use EFI or not

Ah yes EFI

how you boot this shit on the serial console without the menu completely blindly?

Ahh I think I found the reason for the other problem

Video acceleration is broken now

then you just have to mount every ESP partition and cp /boot/loader.efi to replace the BOOTX64.EFI file

that's all

check $> man efi

ahh ok thanks

I can do that

don't forget to do it for every ESP partitions otherwise if a single disk fail in a raidz-x system (or ...) it will be unbootable

Oh yeah that's no issue

I have only one SSD in this system, it's a NUC

Thanks! That boot loader issue is fixed

I think something big changed with the graphics drivers but I don't know if that was 14.2 related

A whole load of kmod gpu stuff came in on the last pkg update

packages are still compiler against 14.1 so just wait or build related KMOD from ports

compiled

ahh

Maybe I can revert with bectl

The problem is this machine is my daily driver and I can't really work like this (videos aren't important but even normal desktop ops are slideshows)

But that explains a lot!

Would you know how long it takes for the packages to come for 14.2?

I don't know how long 14.2 was out even, I just saw that it was available when I was updating everything :)

mage, which message?

panic: running without device atpic requires a local APIC

is this thing fatal or just warning

 

Heya! What happened to Dia, the diagram editor? I've used it for years and was under the impression it had solid community support. If it's been discontinued, what's the suggested replacement?

is it no longer in ports?

I'm running into the problem "go.mod:1: unexpected input character '\x1f'", like described here: bugs.freebsd.org/bugzilla/show_bug.cgi?id=280619

But the fix suggested isn't working

This is my Makefile: bin.morante.net/?6ed58ccb5e83696a#4…jGnybFUx72oqLGYAwirp3ULCazArn6XFPa9

net::ERR_CERT_AUTHORITY_INVALID lol

go.mod should not be binary data, is yours?

It appears the ports system is downloading a large binary file

ah needed to change the MASTER_SITS to: raw.githubusercontent.com/${GH_ACCOUNT}/${PORTNAME}/${DISTVERSIONFULL}/ I just copy/pasted not realizing

Either way, there seems to be some kind of a problem with the ports system and *.mod files

uh

rpthms I'm not sure my ports up are to date, but the page at gnome .org seems to be gone, and brew on mac says the upstream project has been discontinued.

rtprio I mean..

last updated 2014... yeah. well i use graphviz

tuaris: you download github.com/grafana/tempo/archive/refs/tags/v2.6.1.tar.gz, right? go.mod looks fine to me

When I properly use the 'workaround' in the bug report I reference it downloads properly. Without the workaround, it downloads "go.mod" as a copy of the compressed tarball

what comment # is the workaround in?

29. He adds a MASTER_SITES and DISTFILES to override go.mod

that's kind of weird

is there not a better go example you can find in the ports?

or rather: is this pattern in any other port?

I based my port off sysutils/alloy doesn't seem to need to workaround

I don't see much diffrence between security/openbao

well, I take that back, the post-fetch seems to be another hacky workaround

hmm, sysutils/hcloud doesn't have any workarounds, and that one works

the tar of the repo should look very similar

hey, I need to export some directory over NFS4, using raw UIDs/GIDs. I've done this some years ago, but I've forgotten what flag should I set

can someone help me?

what do you mean raw uids? i wasn't aware nfs4 encoded username/groups

there is idmapd or something like that, I want to bypass it

I forgot the name

Asked this a few days ago but it does not seem like I had any responses, using wg-quick and configuring dual stack doesn't work on freebsd, trying to ping6 or send any packet via IPv6 is instantly dropped, even after I disable pf... IPv4 still works... however if I connect from my phone dual stack works just fine, so the router side config for IPv6 should be working... any ideas?!?!?

so you bring the interface up and add an ipv6 address?

Hi #freebsd, I just installed FreeBSD-14.2. I have one 1TB disk (ada0) and two 8TB disks (ada1 & ada2). I installed FreeBSD with GELI and ZFS, but i'm not sure I did it correctly. Here's what I did.

For ada0, I used gpart to create 3 partitions: a small efi partition, a swap partition, and then a massive root partition (type "freebsd-zfs").

For ada1 and ada2, I used gpart to make each have just one large partition of type freebsd-zfs.

then I used geli to encrypt the following: ada0p3 (the root partition), ada1, and ada2 (notice that I used no partitions here, I just put in the whole disk name).

that seems right. what seems to be the problem

THEN, I created two zfs pools: (1) zpool create -m none -R /mnt rpool ada0p3.eli, (2) zpool create -m none -R /mnt vpool mirror ada1.eli ada2.eli

the point being that a dataset, vpool/var, will ultimately mount to /var in a RAID 1 configuration.

sorry for rambling. now the installation has completed. I can boot and login fine (yay!)

but only rpool shows up. I don't see vpool at all.

when I check dmesg, I see ada1 and ada2 are there, and I see GEOM_ELI created ada1.eli and ada2.eli

it's not a raid1, it's a mirror, please call it a mirror

i'm not sure what i'm doing wrong here, though.

rtprio: okay, sorry. a mirror.

dfdx: can you `zpool import` vpool ?

"cannot import vpool: pool was previously in use from another system." shall I try with -f?

yes

aha. yes I see it now when I run `zpool list`!

and yes, `zpool status` corretly shows it as a mirror.

now I assume I just `zfs mount vpool/var`

uh, it should mount itself

but doing zfs for /var this way is not normally how it's done

oh whoa... `zfs list` does indeed show that.

i am surprised because /var is populated with files.

i mean, it's a filesystem, right? what else would it have?

okay, it seems i'm frustrating you. sorry for the noise. i'll go read about zfs more before i come back with dumb questions. thanks again for your help.

you might also read about bectl, which is how the installer does it

your way you lose the ability to easily rollback operating system updates