muahahah

a security camera running freebsd??

more likely than you think

and you know me, i am ALL ABOUT SECURITY :--)

ring0_starr: what security camera? you self hosting it?

"self hosting"???

I don't get what you mean by that

streaming it to freebsd server?

No, it IS a freebsd server running on a tiny SBC.

ah

Like a quad core ARM Cortex-A53

Drawing 3 watts max

if i understand correctly, self hosting is using a computer you own as a server, instead of renting

yeah, I have security cameras that I have setup to stream video

well when did you equate a security cam to a web hosting server

think of the absurdity of renting a security camera

who said rent

although it increasingly is "like that"

modern day IP camera vendors. they only do things through the cloud.

My company despite my initial fears doesn't force people to connect to the cloud when they buy their product

Although they have so much product security that as an outside researcher, assuming it all works as designed, you'd have a hell of a time getting into yourself

ring0_starr: not all... many are RTSP ONVIF

and use zoneminder for RTSP or mjpeg streams, that way you have no vendor cloud lockins

I was working on hacking some Wyze cameras last year and i lost motivation pretty fast especially due to family issues

amcrest, reolink and lots more

then I have some stupid Chinese aliexpress no-name IP cameras that run some kind of hacked together barebones buildrooted busybox linux with an ancient kernel, like 3.6 or something

I mean that's cool and all because it's somewhat open, all of the code is vendor provided and it's so deep that i don't think anybody tried understanding the system at any deep level

all of the documentation on those Chinese clone budget arm SoCs are horrible, you need to wonder who were they writing it for?

here's my writeup on crash recovery with ZFS: jimby.name/techbits/recent/zxfr

comments welcome!

I got caught with my pants down last month. I made a change to my FreeBSD website and rebooted, which I do from time to time. But … it crashed. And not only did it crash, but it trashed the boot code and would not boot at all.

Not for nothing, but (insert whiny voice) this was not my fault!

jbp: this sounds like a hardware problem, not a filesystem problem.

ring0_starr: i'm sure it was.

You can design around that with some capacitors or a tiny backup battery

i'll leave that to the fanatical support people. this is a write-up on how to use zfs snapshots for backup and recover of boot environments.

*recovery

I would focus effort on prevention but that's just me

recovery is bound to be imperfect at best

there are more issues at play that may go wrong, instead of a bulletproof because physics says so electronic power circuit that saves your system from crashing while its various controllers are in odd states

i've seen a lot of writeups on using zfs for backups, but couldn't find any that focused on recovery from a boot problems, as with all things internet, i hope it helps someone else.

jpb: nice

I just recently did a full migration snapshot to a brand new server... pretty cool

sig`: thx.

SponiX: Well noted! Heh. Thank you.

ppl here that warned me against using zfs native encryption saved my butt ty. hope they fix it but till then geli is fine

is it actually still messed up?

UFS2+J isn't that bad you know.

mewt: no, it's fixed since a couple of months ago

:thumbsup:

Feels like I heard really incredible amounts of FUD about that

well, it was a pretty serious bug that went unfixed for years, so people were understandably a bit annoyed

i still don't really understand why they never updated the documentation to warn people about it

are kernel modules considered part of the userland, for version purposes? I guess they have to be, or I've messed up somehow

define 'for version purposes'

as in, if I run freebsd-version -kru and only userland shows as 14.2-RELEASE-p5, and everything else shows as 14.2-RELEASE-p1, and the advisory tells me the min corrected version for the zfs module is 14.2-RELEASE-p4, am I good?

yeah, that's a little wart-y indeed

...hm

you should be fine, it's just that kmod-only fixes won't bump the kernel version

well, I just ran a freebsd-update fetch and freebsd-update install and rebooted, and this persists...

mk

yes, that's what I was asking, whether module changes bumped kernel version

just in very bad wording

if it was a module that happens to also be built into GENERIC you would have noticed a bump, but just zfs.ko won't trigger the kernel to need re-linked

gotcha

thanks

i kind of suspected this is what you were asking, but yeah- good to be sure

shame what(1) doesn't work anymore

(at least not on kernel modules)

it's seemingly not that hard to get newvers.sh versioning for kmods

i have a prototype here, just wondering if it'll be useful in a post-freebsd-update world

well, I guess it'd still be useful MFC'd for the remainder of 14's lifetime

kevans: i can't really say if it's useful or not, but i think if it works on the kernel it should also work on modules, just for consistency

hello, i am working with llama.cpp and trying to "force" the model to load things into the GPU and CPU RAM. WHen I try to "force" the model to stay in system memory.. through an option.. i get failed to mlock() message.. which says to do ulimit -l as root.. which does not work.. are there options, available in the sysctl area that allow mlock to behave with 140001280-byte buffers?

voy4g3r2: are you running it in a jail? if so, did you enable allow.mlock?

no jail

i wish i could run llama.cpp in a jail.. but that is outside this problem

dang the gpu passthrough

i am getting recommendations to change vm.max_user_wired and some other /etc/login.conf and to be honest.. just seems to not be the "right" thing as it is just thrwoing darts at a board

this server has 64 gig of ram so i know i have plenty of space to keep in memory.

hrm... security.bsd.unprivileged_mlock=1 move to 0.. i get a different message..

just seems wrong to run a LLM as root...

well looks like.. if i run the llama.cpp program as root.. problem goes away :(

maybe nevermind on that freebsd security camera

i can't even get a crash dump.

ring0_starr: what bus is that camera?

pci/usb/gpio?

usb, but i don't even have that plugged in yet. this is just the board.

What board are you working with?

libre.computer/products/all-h3-cc

Ah an Allwinner SoC...

linux works fine with it so it's not like allwinner is the problem

Unfortunately one of the few ARM vendors I don't use

I guess the issue where I can't get a crash dump makes sense when the issue is the mmc controller timing out on its i/o.

ring0_starr: never said it was although Allwinner is not viewed highly in the Linux world either...

we don't always get to choose our hardware

i do not know if this will help... but this person does a lot of ARM/risc stufff.. maybe her X feed bac help?

real sharp and shares a lot of stuff on boot loading and troubleshooting

have you tried enabliing the ddb to go over serial?

at work one of our products use this "airoha" soc that's so shitty, it uses some custom unauthenticated protocol over bluetooth rfcomm profile for any and all debug functions

they just didn't add authentication

If it wil work on that unit it should be able to dump a crash dump via serial

so like that level of attention to detail

it's really a race to the bottom wherever anybody can cheap out they will

kernel{arc_prune} please go away already, I don't want to downgrade to 14.2…

mrsas0: Exit due to Hardware critical error from mrsas_ocr_thread <--- my raid card appears to be having more and more issues, I'm considering moving it into jbod mode...

device = 'MegaRAID SAS-3 3108 [Invader]'

it's randomly setting drives on the same 4-cable connector as Unconfigured(bad)

reboot will clear this

I hear that this implies that it is a hardware raid configuration card. I would definitely reconfigure it to IT mode JBOD mode and then have ZFS manage each disk and raid itself.

rwp: correct

and I know this is the ZFS guidance

I'll test changing the cables round to see if it's the cable or the raid card connector, too

(2 connectors on card, has raid cache module, 2 2.5" HDD drives on one cable and 4x3.5" HDD drives on the other, a fair amount of testing to do if I swap connectors as well)

If your system is throwing storage errors then it's a good time to ensure that your backups are current. :-)

they are

I've had to rebuild the raid-5 config in the last month due to issues so backups & storage are current

(hw is 2020 vintage)

(at time of purchase)

I am looking at playing encrypted dvds but it looks like the package libdvdcss is not in the 14 repos

is there still a way to get it installed