00:36:07 Macer, Wrong channel. :-} 00:38:45 rwp: Yeah. I was racking my brain wondering what that had to do with anything. Figured I'd just let ignore it and let it slide. 00:40:15 lol 00:40:22 i'm trying to bootstrap debian 00:40:34 for linux jails using fbsd 00:54:13 There are a bunch of us that have feet in various camps. It's easy to cross-pollinate. 00:54:49 I have avoided spending time on the https://wiki.freebsd.org/LinuxJails process because as it is described there can be only one https://wiki.freebsd.org/Linuxulator running at a time. That just felt too restrictive to spend a lot of time on it. 00:56:56 If multiple of those can run at a time on a host then that would be very interesting to me. I have been a pretty hard core Debian person, until, well, until Debian took that left turn. Now I am a pretty hard core Devuan person. In addition to being a pretty hard core FreeBSD person. If I could run multiple LinuxJails on a host that would be very interesting to me. 00:59:10 yeah that's a fair point. i just thought it was nice to have options 00:59:18 but i guess on the freebsd server i'll stick with native jails. 00:59:24 otherwise what's the point? 00:59:38 there's always bhyve if i desperately need linux on it 00:59:53 which is probably a much better option than compat tomfoolery 01:03:47 If there is a native FreeBSD way then that is always going to be best. But sometimes one gets squeezed needing to run a Linux only something and then it is good to have options. 01:04:49 I have converted most of my infrastructure from linux to FreeBSD and the improved stability has been great. FreeBSD has been a breath of fresh air. 01:06:53 Here is a datapoint. Ubuntu in 2024 released a security patch Linux kernel needing a reboot every two weeks over the entire year. That feels like an excessive number of kernel security vulnerabilities! 02:16:22 ouch 02:16:33 so you're saying that people had to reboot servers every two weeks? 02:16:45 i get mad when i have to reboot after a year lol 02:29:20 Macer: if you want a stupid amount of uptime. You should be on 14.2-RELEASE. It very seldom gets updates to kernel or userland that need a restart 03:37:16 i am 03:37:57 @@@ INTEL GPU OFFLOAD NOTES @@2 03:38:18 This feature was removed in version 1.32.2.7002 03:38:32 my xeon doesn't even have quicksync .. but still though. what's up with that? 03:48:25 Macer, If those people were following the rule that they apply all distro provided security patches then yes they would need to reboot at least every two weeks for just the kernel. But in reality it is more often than every two weeks because any update to systemd, udev, or dbus also requires a reboot to put into effect. 03:49:17 On FreeBSD RELEASE you can count on a quarterly roll-up of everything that is outstanding in the last quarter and I plan on rebooting them then whether they need it or not. 04:13:27 alright 04:13:37 have a plex jail running with rclone mounting the media in the jail :) 04:13:54 that's two down. about 10 more to go. 04:15:27 wow i honestly didn't realized how spoiled i was with my little nvidia P400 for the offloading. this thing only has 1 pcie slot on its riser though and i put a 10gbit nic in it :( 08:02:22 Hi there 08:02:43 Can I upgrade straight Freebsd 13.1-> 13.5 ? 08:02:58 Yes 08:03:27 This is critical due to box is located in a place which is very far away 08:03:32 thanks 08:04:30 You don't need to do a touch-and-go for each version number 08:05:03 yes but if something is going wrong ... 08:05:52 %s/is going/will go horribly/ 08:09:53 nerozero: i highly recommend using bectl(8) with the 'activate -t' flag in that configuration, although it won't catch all possible issues. it does work better if you at least have someone on site to power cycle 08:10:47 ivy, i had a lot of issues with bectl i'm using zfs snapshot -R zpool... 08:10:54 then send it to external storage 08:11:16 bectl helped me only once, and failed 4 times 08:11:16 well, the point of -t is it can automatically reboot into the previous BE if the boot fails for some reason 08:12:04 if you don't want to use bectl, nextbook -k can do something similar for just the kernel 08:12:37 a month ago I lost access to zfs pool completely, no errors with pools, zfs just never imports pool 08:13:18 2 days with all possible tricks - zfs failed to mount pools 08:13:58 by sending entire pool to external storage at least you have a chance to recover everything 08:14:50 never heard about `nextbook` 08:15:51 s/nextbook/nextboot 08:16:22 ah ok 09:53:24 hey ivy could you bump https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=285833 on Discord? you said the documentation team all use Discord and thats how to get things seen... this has been stale for a few months... 09:53:43 almost 2 months... about 1.5 months 09:53:53 afaik now it just needs merging nothing else... 09:54:36 Thanks in advance :) 10:58:25 hi all 11:17:52 nerozero: no ipmi? 11:19:22 Macer - a small chinisium celeron box hanged under the roof in a different town ... 11:19:31 thanks for reply 11:20:21 ah ok. 11:20:22 2x ssd zfs root mirror 12:06:24 I have a zfs pool that doesn't want to load at boot time. I have to import it again after every boot. Any suggestions on how to resolve this problem? 12:28:23 how do you import it? 12:29:46 just: zpool import storage 12:34:25 tsoome: this pool was exported from a prior FreeBSD 14.2-RELEASE install and I did the import on my 15-CURRENT install 12:57:24 zpool get cachefile poolname ? 12:58:12 I got it resolved now. had to remove the /boot/zfs/zpool.cache file and have it re-created with zpool set cachefile=/boot/zfs/zpool.cache storage 12:59:24 the "" (empty string) uses the default location. 14:24:08 i'm setting up vm-bhyve and i am wondering. i already have bridge0 for jails. so for the steps with the switch can i just use the same bridge? 14:25:03 7. vm switch create public 14:25:05 8. vm switch add public em0 14:25:47 so that would just be vm switch create public ; vm switch add public bridge0? or is this something i'm not supposed to do? 14:26:28 Lines 7-8 Create a virtual switch called 'public' and attach your network interface to it. Replace em0 with whatever interface connects your machine to the network. 14:26:31 i guess i'll roll the dice lol 14:50:40 /usr/local/sbin/vm: ERROR: failed to add member bridge0 to the virtual switch public 14:50:42 or not 14:53:03 hm. i guess connecting it to lagg0 is a no go either 15:01:09 am i going backwards with this? should the virtual switch be added to the bridge and not the other way around? 15:06:23 manual allows you to attach 15:06:25 guests to a bridge that you have created and configured manually. 15:06:33 ah ok. i see. so i had to -t manual -b bridge0 public 15:07:33 NAME TYPE IFACE ADDRESS PRIVATE MTU VLAN PORTS 15:07:35 public manual bridge0 n/a no n/a n/a n/a 15:07:37 sweet 15:38:18 I am seeing something in my ssh/pf setup that doesn't make sense to me 15:39:01 <[tj]> always a fun start 15:39:45 sshd[32814]: error: in MaxStartups throttling for 2d22h34m, 166 connections dropped 15:40:13 lots of these 15:40:15 sshd sshd-sessi 56042 4 tcp4 94.136.7.161:2200 45.135.232.177:31562 15:40:36 like, *lots* - right now 94 of these open in some state 15:40:56 the AI is learning! 15:41:18 yes, so I got sick a couple weeks ago from this IP range 15:41:39 block log on $extl_if from to any 15:41:58 and `45.0.0.0/8` is in my pf blocklist 15:42:16 so ... how is that even getting to ssh in the first place 15:42:45 <[tj]> are they logging? 15:42:55 <[tj]> errr, is the log part of the rule working? 15:43:38 make that block log quick, and lets see what I'm seeing 15:44:24 00:00:00.000000 rule 1/0(match): block in on ng0: (tos 0x0, ttl 54, id 6349, offset 0, flags [DF], proto TCP (6), length 52) 15:44:24 45.135.232.177.24212 > 94.136.7.161.2200: Flags [S], cksum 0x2bf7 (correct), seq 1170109560, win 42340, options [mss 1440,nop,nop,sackOK,nop,wscale 12], length 0 15:44:35 we didn't need to wait long did we 15:46:00 I think this is an own goal 15:46:14 <[tj]> https://utcc.utoronto.ca/~cks/space/blog/sysadmin/OpenSSHMaxStartupsGotcha 15:46:25 that was a block log, but I have a `pass in quick ... port ssh` later on 15:46:38 <[tj]> ah yeah 15:46:48 blocklistd is supposed to handle repeat offenders already 15:46:53 which clearly also isn't happening 15:47:44 and I'm still seeing these dangling sockets 15:47:52 lets reboot the router first 15:49:38 tcp4 0 52 94.136.7.161.2200 45.135.232.177.52582 FIN_WAIT_1 15:49:47 50x more of these since I restarted pf 15:50:02 45. being the network that shouldnt get past pf 17:17:46 dch: do you have appropriate blacklistd rule for port 2200 ? 17:29:01 mzar: sort of, I have a bunch of WIP updates for blocklistd to handle more cases 17:29:23 anyway, pf bloch hammer now works, I just needed `quick` in my rule and a reboot 17:30:20 rule 'anchor "blacklistd/*"' should be sufficient 17:47:11 ls doesn't have a flag to show the path of a file you ls? 17:52:28 Macer: use `realpath` instead of `ls`? 17:58:14 ah ok. thanks. i just made an alias to call that lsd 17:58:29 i'm kind of surprised that's not built into ls tbh 17:58:54 in case you need to copy/paste a complete path/file into a conf or something 18:10:06 Macer, It's not like I don't myself use ls in scripts but the general scripting wisdom is that ls is not designed for use in scripts and one should use other commands such as realpath and stat and such instead. (stat is non-portable) 18:11:24 You might be wanting "readlink -f $filename" instead. 18:45:18 i just need something that is quick and easy to get a full path of something in case i need to put it in a config 18:45:21 ir crontab 18:45:24 *or 19:01:48 Macer: Yeah. That's `realpath` 19:02:46 just spent the better part of 10 minutes trying to sort out why an lftp script i made wasn't showing what lftp was doing and realized i forgot the ! in the shebang. :/ 19:03:53 Both realpath and readlink -f have had a non-simple history. On FreeBSD both are about the same. But portability is troubled with those two commands. At this moment I use and would recommend "readlink -f" for best portable use. 19:06:43 alias lsd="readlink -f" done lol 20:55:28 If you use reboot, please note it's not doing the same thing as shutdown. You may want shutdown not reboot, depending on whether or not you want to run the rc.d scripts - https://bsd.network/web/@dvl/114568386872281585 20:57:17 dvl, What I am missing? That link does not mention rbooting. 20:58:09 Specifically for everyone else, the simple answer should be "shutdown -r now" when you want to reboot as that will do the graceful shutdown and reboot. This is important if the system runs a database server! 20:59:04 rwp: Well, it's https://bsd.network/web/@dvl/114576110897957530, sorry for the wrong url. 21:04:24 dvl, Recently there was a discussion about this: https://lists.freebsd.org/archives/freebsd-arch/2025-February/000864.html 21:05:01 rwp: Today I watched a YouTube video which used reboot - so I wanted to tell them. 21:06:23 It is wrong of us to say reboot so casually when we really mean "shutdown -r now". This is very important on database servers and other similar systems with data in memory that needs to be written to storage and flushed all of the way through. 21:06:57 sometimes reboot is a cool feature. 21:07:06 But for most random laptop users without in-memory data floating around using reboot will probably be okay. Maybe. Probably. If you want to chance it. It's no worse than a power drop. 21:18:15 I'm honestly surprised "reboot" isn't just an alias for "shutdown -r now". 21:18:52 I'm trying to remember WHY I know that they are different. manual pages? handbook? experience? bad luck? 21:21:23 They just perform differently. I'd chalk it up to bad luck. One would think they'd have just gotten rid of "reboot" by now, though. I've never *HAD* to use it for anything. I'd much rather use shutdown. 21:22:03 Even on my heavy-lifting database servers it only takes an additional, I dunno, 3 seconds or so to shutdown? 21:23:18 It's a little longer than that but how often do you reboot? Not often enough to make me want to shortcut the safe process. 21:24:21 It's also not simply a matter of saying, "rm -f reboot; ln -s shutdown reboot" either because then what do you do about "reboot -r" which is super cool functionality and needs to continue. 21:24:36 rwp: If it is longer, it isn't much. And, yep, what's a few extra seconds to make sure data is properly retained? For me, unnoticeable. 21:25:56 I wouldn't ever think about rm'ing "reboot". But, in the past when I shared BSD systems with others that used "reboot", I'd simply alias it to "shutdown -r now" just to be safe. 21:27:40 Never used "reboot -r", but looking at the man page that is a pretty cool feature. 21:33:33 I once used reboot -r to change a FreeBSD system from UFS to ZFS in place! 21:43:16 rwp: That's a pretty handy tool to have for that. 21:43:23 i didn't even know they were even different 21:43:37 i always assumed reboot was just something that called shutdown -r now 21:44:25 and i didn't know the -r was special either. you're saying it doesn't flush ram when using reboot? 21:44:54 okay looking at my journals, looks like I learned about it when I added a log message into rc.shutdown to "calculate" reboot time and I was using reboot, so I discovered the difference, according to my journal this was 2017, so 2 years into FreeBSD :D 21:45:44 i wonder what happened there. maybe two things doing two separate things that seem like they're the same but they're not? 21:46:12 ie: two apps from yesteryear that never really merged into one ring to control them all? 21:52:04 Macer: Pretty much, yes. 22:40:27 so i am connected to a shell using mosh. mouse works .. but if i ssh from there elsewhere the mouse doesn't get reported 22:40:44 i guess sort of like a passthrough? is there some option that needs to be changed for something like that or is it not really possible? 22:40:59 oh wait 22:42:02 ah yeah. so it works with the linux server i'm doing through tmux -> ssh but not with fbsd 22:42:17 that has to be an ssh thing 22:46:35 As far as I know shutdown calls the shutdown scripts and then calls reboot. Though of course shutdown could do the reboot action itself. I don't know. I haven't looked at that level of detail. 22:47:43 Macer, What terminal emulator are you using? It's doing the mouse proxy. Doing ssh again does not forward the mouse further. Because ssh does not proxy mouse actions. There could probably be a program which would do it on a side channel though. 22:49:06 Personally I am one of the old-school folks who hate that mouse proxy action and always set "XTerm*allowMouseOps:false" to disable it entirely. Because it breaks copy-paste for me. I would rather have copy-paste working normally than to have mouse ops that I don't want passed through. 22:50:08 oh so linux is doing some tomfoolery to get that working? 22:50:35 i'm doing tmux/ssh -> fbsd jail -> ssh -> fbsd server 22:50:57 tmux/ssh -> fbsd jail -> ssh -> proxmox / debian (mouse works) 22:51:06 freebsd doesn't ... so i can't click in htop as an example 22:52:26 Limiting closed port RST response from 1369 to 210 packets/sec 22:52:28 and what is that? 22:52:42 i wonder if that's why i can't get debian to bootstrap.. is that something from pf? 22:53:34 i don't even understand how it is possible for that to get scanned 22:53:41 it's behind my opnsense fw 22:54:29 there is no way for any inbound traffic to hit it 22:55:58 Macer, When you say linux I must translate that to terminal-emulator such as XTerm and others. It's not a linux thing and FreeBSD is exactly the same. It's an X terminal emulator thing. 22:57:39 Macer, I see those "Limiting closed port RST response from..." messages in my logs routinely on my private networks too and I don't know exactly what they are about. It's probably a sideeffect of something normal that hasn't been chased down yet. 22:58:03 However it will have nothing to do with bootstrapping a Debian VM, or at least I can't believe it would have anything to do with it. 23:01:16 pcregrep: line 1012399 of file /usr/local/bastille/tmp/var/lib/apt/lists/https:__deb.debian.org_debian_dists_bookworm_main_binary-amd64_Packages is too long for the internal buffer 23:01:18 pcregrep: check the --buffer-size option 23:01:47 i get that when trying to bootstrap debian with debootstrap and have no idea what's causing that. i tried a few different things like using an alias on pcregrep to increase the buffer size 23:02:09 or checking the debootstrap script to see if i can add that flag there but i couldn't figure it out 23:02:37 i guess pcregrep is perl based but i don't see where you'd change perl buffer settings anywhere 23:20:43 ah well i think i've given this the good college try