00:43:51 that site is a store ? 02:27:52 cpet it has a store tab 02:28:03 i have prints on canvas for sale 02:28:12 but it mainly is a blog 02:28:32 Oh PCI compliant 02:28:36 Heh 02:50:20 rwp, hernan604: lol 03:45:56 Pretty much how it goes 03:46:14 Kind of like reading Linux hard coded bins in scripts 03:57:22 roflma0 my desktop is blazing fast again l0l0l 03:57:56 cpet: you told me to give up i will never forget that. 04:02:56 It's ok 04:03:23 I don't even remember the issue so heh 04:06:22 i had a some wierd0 sysctl shared memory lines i totally forgot lma0 04:06:56 also aio_load was disabled now its a NASA laptop again 04:13:05 a what? 04:32:47 rtprio: a brand new CCCP approved workstation setup. 04:33:24 IF you say so 04:33:44 feels like g00d s3x, imagine being nearly a complete month with micro/macro freezes/hangs constantly 04:33:51 and then smooth as butter 04:50:03 badkat: how's it failing today? 05:03:01 ketas: its not anymore! 05:03:09 dude im having cybersex with the kernel 05:06:05 it was some clunky sysctl.conf/loader.conf stuff i had changed that actually destroyed the performance, those ipc.shm* made the mess, dont even remember when that happened 05:07:01 those same settings didn't harm anything on 14.1 but made 14.2 crash? 05:07:33 tykling: i had ~120 days of uptime probably those changes were not applied 05:08:11 no crash, but absolutly demential degradation of the desktop usability 05:08:34 so at some point in that 120 day period you added that, didn't test it, and eventually upgraded to 14.2 and rebooted, and then the issues began? 05:09:11 yep, when i came to the channel on friday i was blaming zfs lol 05:09:23 yes we were here :) it happens 05:09:33 :D 05:10:42 made my day... 08:03:09 < badkat> dude im having cybersex with the kernel 05:12:43 what those changes were anyway? 05:12:57 were they limiting up or down 05:13:49 i bet lot of people also do zfs arc limit still, not all of them need this anymorr 05:13:52 e 05:13:55 etc 05:20:42 ketas: arc limiting not needed anymore? since when? 05:21:46 has it been fixed 05:23:22 as i understand 05:23:31 it's not needed now 05:23:56 now that you ask 05:23:58 unsure 05:24:08 0.6* ram? 05:33:24 depends a lot on what the workload of the machine is.. storage box? no limits for arc, database server? maybe 10-20% for arc 05:34:02 back in the day the kernel used to be slow to release the memory used by arc so I got in the habit of limiting it everywhere 05:48:49 tykling: well previously things ran out :p 05:49:06 i wish one could do % limits 05:49:44 yeah I do do % limits but ansible does them for me 05:59:12 ketas: back, those shared memory params were silly high numbers 06:00:59 i just remembered that i had some issueswith SDR hardware that was not having the sampling rate it should and i exagerated the number of ipc.shmall along others a few times 06:01:38 my ZFS ARC limit was always 1G, but in this debugging days i tried increasing to 2G, 0 difference 06:02:53 aio_load=YES seems to be a must for desktops too, i disabled that module the day i did the upgrade for some reason. 06:56:03 29 06:56:05 (woops) 16:11:24 <__sbrk> Hello all. Trying to get the radeon driver to work with X11 on a wyse terminal (nice and compact), under fbsd 13.5-RELEASE 16:11:45 <__sbrk> It seems to initialize the driver just fine 16:11:46 <__sbrk> [drm] Initialized radeon 2.50.0 20080528 for drmn0 on minor 0 16:12:23 <__sbrk> [ 79.212] (II) modesetting: Driver for Modesetting Kernel Drivers: kms 16:12:29 <__sbrk> [ 81.585] (II) modeset(0): using default device 16:12:54 <__sbrk> then X11 exits with 16:12:55 <__sbrk> [ 81.586] (EE) Cannot run in framebuffer mode. Please specify busIDs for all framebuffer devices 16:12:59 <__sbrk> [ 83.953] (EE) Server terminated with error (1). Closing log file. 16:13:19 <__sbrk> I am in group video 16:13:23 <__sbrk> any thoughts? 16:24:23 <__sbrk> does the radeon modeset driver need linux binaryt compat? 16:40:54 __sbrk: maybe you should specify the busids for all framebuffer devices 16:45:20 At least it's nice about it and says please. 18:11:00 hi folks, i'm a newbie (both in freebsd and C) but i'd like to contribute in a way that would improve my knowledge in both topics; one of the things mentioned in the "Contributing to FreeBSD" article is fixing warnings for ports which do deprecated things, does that mean literally going through the /usr/port, building random stuff and submitting patches? 18:11:42 TIL uname -U 18:17:47 benjamino: sort of, but maybe more going through open ports PRs or looking at ports marked deprecated and see if you can find some worth rescuing 18:23:15 tykling: I see, alright I'll take a look at those, thank you! 20:16:48 kern.securelevel=2 causes xorg to segfault 20:17:25 correction kernel.securelevel above 0 causes xorg to segfault 20:18:14 hmmm 21:08:48 Using a security level when used as a desktop isnt good 21:09:38 ^ true 21:10:25 polarian: think that securelevel modes enforce read-only in a lot stuff so if xorg wants to write something in that scope it will be a dead end leading to a crash. 21:12:13 openbsd folks could be more familiar with those kind of setups :P 21:12:41 xenocara works with securelevel=2, you could check the workarounds involved 21:27:03 cpet: old latitudes have a vulnerability which allows the EC write protection to be bypassed, makes flashing coreboot distros easy, but it also means that any attacker can write to /dev/mem if they get root access and infect the bios. secure level protects against this. 21:27:50 also I dont think "dont use secure level on desktop" is the correct approach to the situation, "desktop is not a priority" would be a better approach, but ultimately security features should really support desktop as well... 21:28:11 badkat: I am an idiot when it comes to kernel shit xD 21:28:24 solution? get on my hands and knees and beg :P 21:28:32 Reread what security levels do 21:28:46 They aren't meant to be used as a daily machine but server 21:28:58 They disallow some smithing which x needs 21:29:41 I only technically need to protect against write to /dev/mem (so level 1) 21:30:05 cpet: afaik it works on Linux with their /dev/mem protection... 21:30:28 I have heard it works as a security measure for the old latitudes, I have not verified it (will do shortly) 21:30:30 This isn't Linux 21:30:46 polarian: "privUsername Xorg 29005 10 /dev 16 crw-r----- mem rw" 21:31:00 xorgs needs that permissions over /dev/mem 21:31:05 I know... but my point is, Linux runs xorg, if Linux can restrict writing to /dev/mem for xorg, then freebsd might be able to do that too 21:31:06 ok? 21:31:18 badkat: hmmm 21:31:26 no BSD is a whole different ball game than Linux 21:31:41 im not a kernel dev but iirc /dev/mem is used to directly interface with hardware registers 21:31:47 (and flash) 21:31:56 and you dont think X needs that ? 21:32:12 polarian: can you share that proof that linux xorg doesnt write that? 21:32:35 you need to see if that vulnerability is he same as with BSD 21:32:45 and if its local I would just wait for a fix 21:32:53 well I assume if it works on Linux then xorg on Linux is written to go via the kernel (which would be the more secure way of doing things, like how OpenBSD forces all syscalls to go via libc), I could then assume that FreeBSD doesn't support said features xorg relies on hence its implemented directly 21:32:58 hence the requirement to write to /dev/mem 21:33:09 linux "protections" usually are shit 21:33:19 but then again this all relies on the assumption that /dev/mem READONLY works on Linux, which I am yet to verify 21:33:24 badkat: I dont disagree 21:33:36 like you just change the place of things, doesnt mean that /dev/mem cant be write some other way around.. 21:34:14 secueity level 1 21:34:17 Secure mode - the system immutable and system append-only flags may not be turned off; disks for mounted file systems, /dev/mem and /dev/kmem may not be opened for writing; /dev/io (if your platform has it) may not be opened at all; kernel modules (see kld(4)) may not be loaded or unloaded. The kernel debugger may not be entered using the debug.kdb.enter sysctl. A panic or trap cannot be forced using the debug.kdb.panic, 21:34:17 debug.kdb.panic_str and other sysctl’s. 21:34:22 but from a security POV is it a good idea to be able to write to /dev/mem anyways? xorg being compromised therefore means that my laptop (an E6430) with a vulnerable flash could be rootkitted from a xorg vuln... 21:34:29 that is a major security consideration 21:34:33 on the other hand dont use EOL devices :P 21:34:59 again reread what secueity levels as they arent what you think they are by the looks of it 21:35:12 I have read security(7) 21:35:15 and dont compare Linux and BSD they are ifferent beasts and may upset some people as well 21:35:37 I am aware, completely different codebases... (although I will poke the bear and say FreeBSD has imported a ton of Linux code soooo... :P) 21:35:43 * polarian looks at LinuxKPI 21:35:50 fuck linuxkpi :) 21:35:51 yes as required 21:36:05 due to the way linux does thing we had to include that to get X working 21:36:07 total wormhole 21:36:22 oh wait... 21:36:29 maybe the issue isn't xorg, but LinuxKPI 21:36:53 look, if you want to do what you want, you need to patch kernel-level stuff 21:37:02 yeah I get it 21:37:06 if you dont want that, go to openbsd desktop that supports your needs 21:37:16 it is unfortunate though... 21:37:18 but the filesystem is a joke 21:37:26 total waste of hardware 21:37:34 but accomplish the paranoid 21:37:37 maybe one day I would be smart enough to fix kernel bugs :P 21:37:42 if you only use X local you really dont need to do that 21:38:03 I wonder if it would work under wayland (I would assume no), although I rather not touch wayland... :P 21:38:12 do I want secueity and a pai to run X 21:38:20 or do i want to limit secueity and have a working X 21:38:23 i chose working X 21:38:37 well lets be real, I think freebsd has bigger security issues rn than some security feature not working with xorg 21:38:51 * polarian looks at the fact xorg was vuln in the pkg repo for 1 month before being updated 21:39:05 MIcrosoft had fixed a bug that was 16 yrs old 21:39:10 so nitpicking this one thing is in the grand scheme of things... irrelevant 21:39:10 whats your point ? 21:39:17 cpet: disproving my own moan :P 21:39:26 no better argument than arguing wiht yourself yk? :P 21:39:42 fbsd is server oriented, so the packages that are not involved in providing services from a datacenter have way less relevance in the manteinance cycle 21:39:52 and im agree with that. 21:40:10 badkat: yea I am aware of that, but freebsd foundation is coughing up a lot of cash to get the framework laptop desktop-worthy 21:40:12 and freebsd doesnt really make a good desktop for me atleast 21:40:21 excels as a server though 21:40:27 I have found it to be decent for the last year I have used it full time as my main laptop 21:40:41 cpet: for servers it beats Linux hands down... 21:40:43 i want to play games and Wine sucks at it 21:40:48 so bleh 21:40:58 it is a great desktop, but you have to suffer some times, its pretty much worth in my opinion. Desktops are not only for fun & c00m 21:41:07 you can work too 21:41:20 my main machine is a Mac mini :P 21:41:30 I dont get how Linux sysadmins live without adopting a BSD, weekly kernel updates? a package update can update the base system and require a reboot, but you never know when so you reboot every update even if its userspace... what hell! 21:41:36 i do have a remote X i use to do admin stuff on server 21:42:03 anyways this gives me a reason to patch some docs to stop recommending securelevel on freebsd desktop to protect against vuln flash 21:42:19 which doc is it ? 21:42:23 libreboot :) 21:42:25 fkash is dead and has been for a lng time 21:42:40 freebsd have lots of security issues but the good part is that atleast is not a giga spagetthi laberynth to go through 21:42:53 everything has secueity issues 21:43:07 badkat: Linux went downhill the moment it started to merge usb shit into the kernel iirc 21:43:13 and all we do is put blocks and limitations and dont fix the actual issue 21:43:18 mainly openbsd, but we should not talk about that ^^ 21:43:26 why not its a BSD 21:43:43 i mean about the sec issues they have haha 21:43:49 read the man pages you will see a very large set of rivers ported from openbsd 21:43:53 our pf is based on openbsd 21:43:55 badkat: what sec issues 21:43:57 oh 21:44:11 if I hear another person use isopenbsdsecu.re again I will facepalm 21:44:27 that site was written by a Linux security dev, who obviously opposes everything OpenBSD stands for 21:44:33 nothing more than BSD bashing 21:44:39 that webpage is 90% truth 10% intentional beef to upset fanboys 21:44:48 switch the two numbers and I will agree 21:44:58 i use OpenBSD as my server OS ;/ 21:45:00 lol, i use a lot of openbsd anyways 21:45:08 as with every OS they have pros and cons same with Free and Net 21:45:19 the whole thing about the spectre vulns taking too long to patch is because intel/amd help with Linux and not BSD 21:45:22 but lets be real, there is a lot of thing that is not warfare level secured 21:45:24 hahah 21:45:39 polarian: this is the same reason why everyone uses Linux and not a BSD 21:45:41 iirc there is a video on youtube about theo de raadt ranting about how its not fair that manufacturers dont share their docs with OpenBSD 21:46:09 polarian: why should they do that? linux devs get NDA for each device they port most of the times 21:46:12 well both the main people behind Open and LInux are tools 21:46:17 but lets not get into that :P 21:46:24 cpet: which proves my point, its not OpenBSD's fault... why should they be blamed for having to use vulnerable microcode because the tech companies disproportionate aid Linux?!!? again its just a BSD bashing website... 21:46:26 at least openbsd can rip off that work, thats how 80% of the network cards are gettin support 21:46:50 polarian: i dont know I didint click on it 21:46:58 i use what I use for my personal reasons 21:47:07 I sys amdin my machines using the same pricinpal 21:47:25 i like to redo my whole log and change all loging to *.log 21:47:30 some people may thing thats stupid 21:47:32 but I do it 21:47:33 :P 21:47:38 badkat: well its difficult because they dont have the whitepapers, and GPL copyright is a big problem 21:47:59 there is a line between selecting your software and acknowledge real things going on. OpenBSD is the most easy to maintean networking OS in the earth 21:47:59 opebsd fixed that by impleenting there own 21:48:07 this is why they have there own version of X and drivers 21:48:12 but that doesnt make the OS rock solid, different things. 21:48:17 and Linux devs love their copyright... moment you infringe it the fsf will have a court case against you within 24 hours! 21:48:24 badkat: i just upgraed to 7.7 with a simple sysupgrade 21:48:26 badkat: :) 21:48:42 do you even read what i said? lmao 21:48:48 badkat: OpenBSD has been long known as the routerOS :P 21:49:08 i use openBSD with my XPON setup, fiber and all the shit 21:49:10 i dont know 21:49:13 iirc the early development of OpenBSD was strongly bolstered by small ISPs across the globe which adopted it for security and because its cheaper than the proprietary alternatives (and more powerful) 21:49:29 but its not so secure :) 21:49:39 badkat: directly or via an ONT? 21:49:40 its securer than most 21:49:47 polarian: directly 21:50:10 badkat: based... I heard its not very well documented, and you need a special SFP connector for it 21:50:36 but the SMP implementation makes a bottleneck on network performance 21:51:07 unfortunate I only have xDSL and that requires a modem, in theory though I could use a openwrt modem/router combo and use it as a modem only... but modulation is L1 so the modem is a non-issue from a security perspective... 21:51:09 2025 and we still have OS wars 21:51:10 yay 21:51:12 so i have to lose 30% of performance just because the openbsd kernel doesnt have a good implementation on the router architechture (Octeum) 21:51:35 iirc the modem I am using Linux build is from 2011 21:51:42 thats secure, right? :P 21:51:42 OpenBSD isnt SMP aware still had Giant locks all over the place 21:51:52 yeah 21:52:00 (its bridged to a OpenBSD router) 21:52:05 if theres no known vulnerabilities 21:52:21 even so some comanies still use Windows 95 software 21:52:25 so bleh 21:52:46 did you both see the ML rant about 4chan, someone using some not so nice language on the ML 21:52:53 polarian: linux kernel 2.6 yay like putting your ass nude in the window heading to the street l0l0l0 21:53:09 they were running EOL FreeBSD and then FreeBSD gets the blame? laughable 21:53:20 polarian: that would be fun if I saw it 21:53:48 https://lists.freebsd.org/archives/freebsd-questions/2025-April/006485.html 21:53:57 polarian: people that blame fbsd 10 on 2025 are just retarded i wont matter much 21:54:13 does anyone care about 4chan anyways? 21:54:26 idk much about 4chan but arent they renown for being scum of the earth? 21:54:55 thats typical really 21:55:03 blaming the OS that is old and not maintained 21:55:10 a pretty famous psyop deployment place, nothing worthy in those places 21:55:35 idk why anyone would want to live in a toxic echo chamber, its why I left Linux :P 21:55:35 most site are hacked due to old software or broken passwords 21:55:40 not really the os itself 21:55:54 ssh was vyuln to some things so if you forgot to update well thats on you 21:56:04 cpet: that site was hacked with a ghostscript (javascript) pdf upload plugin for php 21:56:09 nothing to do with freebsd anyways 21:56:11 a lot of people will install OS, set it up, and never lok at it again 21:56:21 the OS was rocking the show 21:56:35 instead of logging in updating the programs 21:56:47 and restart php-fpm 21:56:52 probably would still be up hah 21:56:54 badkat: they deserved to get pwned for using php 21:57:04 if it works, you dont touch it. "Bankers" 21:57:12 any language can be hacked if not programed correctly 21:57:20 badkat: famous last words!!! 21:57:32 hi deimosBSD 21:57:33 some can fix itself like rust ad others 21:57:36 but a few cant 21:58:04 ciao polarian 21:58:50 deimosBSD: long time no see 21:59:29 and on that note, I must reboot 21:59:56 i should reboot my current install as well 22:27:41 Insert mode in the vi-mode of FreeBSD 14.2's /bin/sh sure doesn't like letting me into command mode much of the time. But sometimes it does. I haven't yet pinned down why it's inconsistent. 22:34:50 See if it happens in vim 22:35:30 Hm, don't have vim installed. But most of the time it works, and nvi has no issues. 22:35:53 It's weirdly erratic. 22:36:22 are you over tmux/screen? 22:36:34 No, just ssh. 22:36:44 same on tty? 22:37:00 crw--w---- 1 root tty 0x2bf Apr 28 22:36 /dev/pts/5 22:37:20 Dunno, it's a jail. There's no local to be had. 22:37:31 But that it works most of the time under ssh suggests that's not inherently a problem. 22:37:36 sending escape code/sequences over ssh sessions is not the same that doing direct input on the tty 22:37:48 The ssh makes it sometimes erratic? 22:37:54 ? 22:38:04 im saying the scenario is not exactly the same 22:38:20 try on tty console. 22:38:45 Is jexec going to give me something substantially different from ssh? 22:38:58 ok didnt saw the jail part 22:40:20 I'm stuck on the notion that it works most of the time on the shell, and all of the time (so far) in nvi. 22:42:53 could you provide some way to reproduce the issue? 22:43:29 I need to be able to reproduce it reliably here and I'm struggling to do that. But if I do, I'll certainly share it and probably open a bug. 23:17:30 Why not open the big and share it here 23:18:18 Bug 23:37:39 cpet: It's *so* intermittent... I really need to find a way to elicit it on demand. 23:38:06 So it's still there 23:38:15 I would submit a bug 23:38:16 It's not doing it now, but several times earlier I found myself locked in insert mode. 23:38:25 Alright. I just hate bugs that are so sparse. 23:44:07 cpet: I'm in one now! 23:44:13 Going to see if I can reproduce this. 23:45:07 Arrow keys aren't changing lines, although left and right work. There's no escaping into command mode. 23:47:03 mason: Even when you hit Esc a bunch of times it didn't get out of insert mode? 23:47:17 TommyC: Yeah. I'm going to see if I can get it to leave a core. 23:47:42 Also, I've tried a couple times now... I ssh in and I seem not to be able to escape at first. 23:47:53 mason: Weird ask but, are the keyboard layouts in the machine you're ssh-ing into and the one you're ssh-ing from the same? 23:48:04 I'm sshing into a jail fwiw. 23:48:17 I don't mean physical keyboard layout. 23:48:17 So, this is interesting. Once I "set -o" it seems to start working. 23:49:43 Alright, this is a worthwhile bug report. I can get it EVERY time I ssh in, and it goes away when I "set -o" to look, which shouldn't do anything. Trying nvi to see if going into that has an issue, or resolves the issue. 23:50:23 Interesting. I can go into nvi and it works fine, but going back into the shell, the shell's still broken. 23:51:04 just running "set" doesn't fix anything, but running "set -o" does, so there must be some funny race. 23:51:56 mason: Just to rule it out, does any other text editor cause the same problem? 23:52:16 TommyC: I don't think I have another installed, but let me try emacs mode and see if that has issues. 23:52:36 emacs mode doesn't have issues 23:52:59 This is probably wrong but, perhaps it's some sort of nvi setting? 23:53:31 TommyC: Nothing to do with nvi. nvi works fine. 23:54:04 TommyC: I ssh in, and despite .shrc having vi mode turned on, esc doesn't work until I run "set -o" 23:54:19 stty sane doesn't matter