00:30:13 <ivy> neat, found a kernel panic in mac_do :-)
00:36:50 <ndut7> brb
00:38:58 <kevans> ivy: quick fix it before anyone notices
00:39:22 <ivy> kevans: this code looks surprisingly in depth so i am just going to make a pr :-p
00:39:55 <ivy> trigged by this fwiw: sysctl security.max.do.rules='gid=5>uid=*'
00:39:59 <ivy> triggered
01:05:37 <Macer> so i made a fbsd jail to use as a "shell box" and it seems like sssd can't run because root is not root in the jail
01:06:11 <ivy> Macer: that is not normal, sshd works fine in jails unless you've configured something oddly
01:06:43 <Macer> sssd
01:06:53 <Macer> i'm trying to join it to AD
01:06:53 <ivy> oh, sssd.  but still, that should also work in a jail
01:07:00 <Macer> SSSD couldn't load the configuration database [1432158324]: File ownership and permissions check failed
01:07:05 <ivy> although i have found sssd on freebsd rather... unreliable in the past
01:07:23 <Macer> yeah i typically use samba and winbind
01:07:27 <Macer> (for freebsd)
01:07:45 <Macer> but i figured i'd give sssd a go.. but it seems to not agree with a jail. i wonder if there is an option for sssd.conf to turn that check off
01:08:09 <ivy> i assume you checked the file permissions on sssd.conf etc.?  does anything look strange there?  root is still uid 0 in a jail, so it shouldn't be able to tell the difference
01:10:31 <Macer> oh ok. that's my fault
01:10:39 <Macer> i forgot to change nsswitch.conf
01:10:51 <Macer> i guess that's kind of important lol
01:44:04 <Macer> hm. ok.
01:44:19 <Macer> so auth is telling me that the authorization was successful... but it's not letting me login still heh
01:51:01 <Macer> authentication success... then pam error. wth
02:14:26 <Macer> that didn't seem to work. let me try with samba/winbind
02:14:39 <Macer> if i can unearth a blog on how to do that
03:15:40 <Macer> worked
03:15:46 <Macer> i think i know where i went wrong with sssd too
03:15:57 <Macer> but i already have samba+winbindd working for it
03:26:26 <fonks> belated: my sssd experience is entirely with Linux but over there it's kind of a pain if sssd isn't packaged right, you have to explicitly import sssd's pam modules or else absolutely no authentication will work no matter how many times the AD controller gives you the green
03:26:47 <fonks> Looking at the issues you had here, Macer, it looks like that might have been the case
03:26:52 <ivy> i've never actually got sssd working on freebsd, last time i tried it either wouldn't load a valid configuration or would randomly SEGV
03:27:01 <ivy> but that was a while ago, maybe it's improved since then
03:47:57 <Macer> yeah. i typically take the krb5/samba/winbind approach with fbsd.
03:48:35 <Macer> now to find out why bastille won't bootstrap bookworm
03:48:39 <Macer> i wanted to try out a linux jail
04:20:38 <kevans> do people actually like sssd?
04:20:59 <kevans> i still have nightmares from having to administer it in a past life
04:27:28 <skered> Last time we tested it at work it was two commands to setup.
04:28:44 <ivy> kevans: on RHEL it works great, i have nothing against it
04:39:40 <rwp> I heard people talking about sssd and I didn't think twice but ran away immediately.  Not screaming but whimpering quietly.
04:44:54 <ivy> rwp: you prefer winbind?
05:17:39 <Macer> skered: yeah it's usually fairly simple in linux .. not so sure about fbsd.
05:17:52 <Macer> although i think my last attempt i was just messing up the pam files
05:18:05 <Macer> i think the sss.so should have been placed above unix.so
05:18:17 <Macer> which i noticed when doing winbind
05:29:09 <rwp> ivy, I prefer not dealing with ActiveDirectory.  (shudder)
06:42:33 <unwrapped_monad> yo
06:42:54 <unwrapped_monad> wut is this traditional distribution sets vs packages in freebsd 15?
06:44:15 <unwrapped_monad> ('^' )?
07:15:22 <remiliascarlet> unwrapped_monad: Sets are part of the FreeBSD system, some of which are mandatory, others are optional. And packages are 3rd party (as in not maintained directly by the FreeBSD core dev team) software.
07:16:00 <remiliascarlet> Different from Linux, where every piece of software is essencially a package.
07:17:00 <unwrapped_monad> ooh i see
07:19:00 <remiliascarlet> Actually, in the case of FreeBSD, only "base" is mandatory, the rest is optional.
07:20:44 <remiliascarlet> You can enable "ports" to also have a Gentoo-like experience in addition to a package manager, enable "kernel" and "src" if you want to have the full FreeBSD source code locally (for customization and tweaking if you really have to), "lib32" if you need 32-bit libraries, and "tests" for...I don't know.
07:39:40 <rwp> unwrapped_monad, You are asking and so I will say that most likely you will install the FreeBSD base system in the /usr tree and then will use pkg to install precompiled binary pkgs to the /usr/local tree.  Packages aka pkgs are precompiled "ports" and ports are source code for self compiled packages.
07:41:18 <rwp> The base system (at this time) is upgraded with freebsd-update to upgrade the base system.  Packages aka pkgs are upgraded using pkg upgrade.  These are managed separately.  This is good because the base system is a consistent thing and your system is almost always reliably able to boot.  And then everything not in base is a port and installed on top of the reliable base system.
07:48:36 <Macer> does anybody know how i create a helper for rclone for fbsd?
07:48:45 <Macer> in linux you just ln clone to mount.rclone
07:49:00 <Macer> linking it to mount_rclone doesn't seem to work in fbsd
07:50:06 <remiliascarlet> Never heard of rclone before.
07:50:29 <Macer> https://github.com/rclone/rclone/issues/7432
07:50:31 <Macer> well then
08:01:45 <Macer> got it. the md at the bottom of that did the trick
08:01:53 <Macer> it has to be rclonefs linked in /usr/local/bin
08:10:49 <Macer> i can mount it on the host just not in a jail. fuse still can't be used inside jails?
08:12:09 <Macer> oh i guess you can.. not sure where to put this though
10:05:38 <TommyC> 2/ws 11