07:14:23 so i'm back to learning about nullfs in jails. in https://docs.freebsd.org/en/books/handbook/jails/#creating-thin-jail-nullfs it has a fstab line "/usr/local/jails/templates/14.2-RELEASE-base /usr/local/jails/thinjail-nullfs-base/ nullfs ro 0 0" does that mean the jail's 'OS' base is mounted read only from the template base? 08:41:08 pkg upgrade was running when the connection dropped and i wasn't using tmux. now when I run pkg upgrade it says there are no updates when it was only half way through before. how to I get it to resume? 08:53:53 guess i'll just run pkg upgrade -f 09:43:18 crest when you're around next, is the skeleton stuff in the thin jail guide a way to separate immutable parts of base (shared between thin jails) and mutable parts? (1 per thin jail) 09:43:39 which documentation are you following? 12:07:27 crest, https://docs.freebsd.org/en/books/handbook/jails/#creating-thin-jail-nullfs 12:08:18 the complex thing about thin jails is how you handle updates 12:08:56 if you go all the way to immutable it's a solved problem, because you don't update you replace 12:09:17 anything less than that becomes messy 12:09:45 you could have /etc and /usr/local/etc extra filesystems 12:10:16 if you use nullfs for the underlying filesystems the nullfs source must contain the mountpoint directories 12:10:56 with zfs clones you can make the clone writeable, create the mountpoint directory, set it read-only again 12:11:15 just make sure to not use writable clones for anything you want to keep 12:11:23 because you can't "rebase" them 16:22:06 bastille makes thin jails easy enough. for patch releases, update the base jail (which is nullfs mounted in all the thin jails). done. for a point release, you bootstrap that new point release and update the thin jails' fstabs to point to the newer point release. for an upgrade to a new major version, it's two steps. you do the bootstrap step, 16:22:06 and then they have an etcupdate command that you run on each thin jail. 17:10:24 wish all that was documented in the jails chapter 17:13:29 the thin jail concept, thick jail and vnet are.. bastille is an external tool that helps manage it easier. 17:18:18 no i mean the upgrade notes scooby said 17:18:31 how to handle patch release, point release, and major release 17:21:39 admittedly, bastille isn't necessarily doing the Correct Thing, because there isn't really a Correct Thing to do. they are making choices and doing things sensibly. some may disagree with how they do things. I kinda like it because it's all shell scripts, which makes it somewhat align with the manual steps you might otherwise learn 17:43:29 how long x86-32 still will have pkg support? 17:51:36 yeah, that is how i learned it.. minus the bastille part.. i just follow the handbook and do some manual moves of files myself 17:52:22 fortunately or unfortunately there are multiple ways to manage upgrades of the various jail types.. i am a fan of vnet+jail no matter how big or small the need is.. for consistency.. some would argue if you are only jailing a service.. why go through all those extra steps and wasting of space 21:01:14 hubertm: possibly 32-bit pkg support continues as long as the support for freebsd 14.x, november 2028...?