02:58:55 <ring0_starr> muahahah
02:59:06 <ring0_starr> a security camera running freebsd??
02:59:20 <ring0_starr> more likely than you think
03:07:48 <ring0_starr> and you know me, i am ALL ABOUT SECURITY :--)
03:15:51 <sig`> ring0_starr: what security camera? you self hosting it?
03:16:03 <ring0_starr> "self hosting"???
03:16:10 <ring0_starr> I don't get what you mean by that
03:16:20 <sig`> streaming it to freebsd server?
03:16:32 <ring0_starr> No, it IS a freebsd server running on a tiny SBC.
03:16:37 <sig`> ah
03:16:44 <ring0_starr> Like a quad core ARM Cortex-A53
03:16:52 <ring0_starr> Drawing 3 watts max
03:18:04 <fgarcia> if i understand correctly, self hosting is using a computer you own as a server, instead of renting
03:18:32 <sig`> yeah, I have security cameras that I have setup to stream video
03:18:34 <ring0_starr> well when did you equate a security cam to a web hosting server
03:19:03 <ring0_starr> think of the absurdity of renting a security camera
03:19:14 <sig`> who said rent
03:19:16 <ring0_starr> although it increasingly is "like that"
03:19:43 <ring0_starr> modern day IP camera vendors.  they only do things through the cloud.
03:20:06 <ring0_starr> My company despite my initial fears doesn't force people to connect to the cloud when they buy their product
03:20:42 <ring0_starr> Although they have so much product security that as an outside researcher, assuming it all works as designed, you'd have a hell of a time getting into yourself
03:20:43 <sig`> ring0_starr: not all... many are RTSP ONVIF
03:21:30 <sig`> and use zoneminder for RTSP or mjpeg streams, that way you have no vendor cloud lockins
03:21:40 <ring0_starr> I was working on hacking some Wyze cameras last year and i lost motivation pretty fast especially due to family issues
03:22:00 <sig`> amcrest, reolink and lots more
03:22:34 <ring0_starr> then I have some stupid Chinese aliexpress no-name IP cameras that run some kind of hacked together barebones buildrooted busybox linux with an ancient kernel, like 3.6 or something
03:23:06 <ring0_starr> I mean that's cool and all because it's somewhat open, all of the code is vendor provided and it's so deep that i don't think anybody tried understanding the system at any deep level
03:24:13 <ring0_starr> all of the documentation on those Chinese clone budget arm SoCs are horrible, you need to wonder who were they writing it for?
03:48:56 <jpb> here's my writeup on crash recovery with ZFS:  https://www.jimby.name/techbits/recent/zxfr/
03:49:03 <jpb> comments welcome!
03:50:24 <ring0_starr> I got caught with my pants down last month. I made a change to my FreeBSD website and rebooted, which I do from time to time. But … it crashed. And not only did it crash, but it trashed the boot code and would not boot at all.
03:50:24 <ring0_starr> Not for nothing, but (insert whiny voice) this was not my fault!
03:50:44 <ring0_starr> jbp:  this sounds like a hardware problem, not a filesystem problem.
03:51:30 <jpb> ring0_starr: i'm sure it was.
03:51:37 <ring0_starr> You can design around that with some capacitors or a tiny backup battery
03:52:50 <jpb> i'll leave that to the fanatical support people.  this is a write-up on how to use zfs snapshots for backup and recover of boot environments.
03:53:07 <jpb> *recovery
03:53:22 <ring0_starr> I would focus effort on prevention but that's just me
03:53:47 <ring0_starr> recovery is bound to be imperfect at best
03:55:10 <ring0_starr> there are more issues at play that may go wrong, instead of a bulletproof because physics says so electronic power circuit that saves your system from crashing while its various controllers are in odd states
03:58:12 <jpb> i've seen a lot of writeups on using zfs for backups, but couldn't find any that focused on recovery from a boot problems,  as with all things internet, i hope it helps someone else.
04:09:08 <sig`> jpb: nice
04:09:27 <sig`> I just recently did a full migration snapshot to a brand new server... pretty cool
04:17:23 <jpb> sig`: thx.
04:20:16 <mason> SponiX: Well noted! Heh. Thank you.
04:55:48 <kerneldove> ppl here that warned me against using zfs native encryption saved my butt ty. hope they fix it but till then geli is fine
05:04:35 <mewt> is it actually still messed up?
05:04:51 <ring0_starr> UFS2+J isn't that bad you know.
05:06:04 <ivy> mewt: no, it's fixed since a couple of months ago
05:06:16 <ivy> https://www.freebsd.org/security/advisories/FreeBSD-EN-25:10.zfs.asc
05:06:20 <mewt> :thumbsup:
05:08:28 <mewt> Feels like I heard really incredible amounts of FUD about that
05:08:58 <ivy> well, it was a pretty serious bug that went unfixed for years, so people were understandably a bit annoyed
05:09:22 <ivy> i still don't really understand why they never updated the documentation to warn people about it
05:20:24 <mewt> are kernel modules considered part of the userland, for version purposes? I guess they have to be, or I've messed up somehow
05:20:48 <kevans> define 'for version purposes'
05:21:50 <mewt> as in, if I run freebsd-version -kru and only userland shows as 14.2-RELEASE-p5, and everything else shows as 14.2-RELEASE-p1, and the advisory tells me the min corrected version for the zfs module is 14.2-RELEASE-p4, am I good?
05:22:51 <kevans> yeah, that's a little wart-y indeed
05:23:04 <mewt> ...hm
05:23:21 <kevans> you should be fine, it's just that kmod-only fixes won't bump the kernel version
05:23:25 <mewt> well, I just ran a freebsd-update fetch and freebsd-update install and rebooted, and this persists...
05:23:29 <mewt> mk
05:23:40 <mewt> yes, that's what I was asking, whether module changes bumped kernel version
05:23:47 <mewt> just in very bad wording
05:24:03 <kevans> if it was a module that happens to also be built into GENERIC you would have noticed a bump, but just zfs.ko won't trigger the kernel to need re-linked
05:24:11 <mewt> gotcha
05:24:13 <mewt> thanks
05:24:23 <kevans> i kind of suspected this is what you were asking, but yeah- good to be sure
05:24:45 <ivy> shame what(1) doesn't work anymore
05:25:07 <ivy> (at least not on kernel modules)
05:58:37 <kevans> it's seemingly not that hard to get newvers.sh versioning for kmods
05:59:46 <kevans> i have a prototype here, just wondering if it'll be useful in a post-freebsd-update world
06:01:06 <kevans> well, I guess it'd still be useful MFC'd for the remainder of 14's lifetime
10:31:03 <ivy> kevans: i can't really say if it's useful or not, but i think if it works on the kernel it should also work on modules, just for consistency
10:36:43 * ivy thinks we should bring back __SCCSID, but this is probably a minority opinion
12:47:18 <voy4g3r2> hello, i am working with llama.cpp and trying to "force" the model to load things into the GPU and CPU RAM. WHen I try to "force" the model to stay in system memory.. through an option.. i get failed to mlock() message.. which says to do ulimit -l as root.. which does not work.. are there options, available in the sysctl area that allow mlock to behave with 140001280-byte buffers?
12:47:50 <ivy> voy4g3r2: are you running it in a jail?  if so, did you enable allow.mlock?
12:50:32 <voy4g3r2> no jail
12:50:46 <voy4g3r2> i wish i could run llama.cpp in a jail.. but that is outside this problem
12:50:50 <voy4g3r2> dang the gpu passthrough
12:59:12 <voy4g3r2> i am getting recommendations to change vm.max_user_wired and some other /etc/login.conf and to be honest.. just seems to not be the "right" thing as it is just thrwoing darts at a board
13:00:06 <voy4g3r2> this server has 64 gig of ram so i know i have plenty of space to keep in memory.
13:07:40 <voy4g3r2> hrm... security.bsd.unprivileged_mlock=1 move to 0.. i get a different message..
13:08:00 <voy4g3r2> just seems wrong to run a LLM as root...
15:03:59 <voy4g3r2> well looks like.. if i run the llama.cpp program as root.. problem goes away :(
17:05:56 <ring0_starr> https://paste.debian.net/plain/1390569
17:06:11 <ring0_starr> maybe nevermind on that freebsd security camera
17:06:34 <ring0_starr> i can't even get a crash dump.
17:14:34 <Tenkawa> ring0_starr: what bus is that camera?
17:15:09 <Tenkawa> pci/usb/gpio?
17:19:33 <ring0_starr> usb, but i don't even have that plugged in yet.  this is just the board.
17:20:12 <Tenkawa> What board are you working with?
17:32:53 <ring0_starr>  https://libre.computer/products/all-h3-cc/
17:33:44 <Tenkawa> Ah an Allwinner SoC...
17:34:07 <ring0_starr> linux works fine with it so it's not like allwinner is the problem
17:34:09 <Tenkawa> Unfortunately one of the few ARM vendors I don't use
17:34:51 <ring0_starr> I guess the issue where I can't get a crash dump makes sense when the issue is the mmc controller timing out on its i/o.
17:34:57 <Tenkawa> ring0_starr: never said it was although Allwinner is not viewed highly in the Linux world either...
17:35:19 <ring0_starr> we don't always get to choose our hardware
17:36:23 <voy4g3r2> i do not know if this will help... but this person does a lot of ARM/risc stufff.. maybe her X feed bac help?
17:36:27 <voy4g3r2> https://x.com/bexcran
17:36:39 <voy4g3r2> real sharp and shares a lot of stuff on boot loading and troubleshooting
17:36:43 <Tenkawa> have you tried enabliing the ddb to go over serial?
17:36:50 <ring0_starr> at work one of our products use this "airoha" soc that's so shitty, it uses some custom unauthenticated protocol over bluetooth rfcomm profile for any and all debug functions
17:37:01 <ring0_starr> they just didn't add authentication
17:37:13 <Tenkawa> If it wil work on that unit it should be able to dump a crash dump via serial
17:37:19 <ring0_starr> so like that level of attention to detail
17:37:30 <ring0_starr> it's really a race to the bottom wherever anybody can cheap out they will
21:02:21 <Remilia> kernel{arc_prune} please go away already, I don't want to downgrade to 14.2…
21:56:31 <vortexx> mrsas0: Exit due to Hardware critical error from mrsas_ocr_thread <--- my raid card appears to be having more and more issues, I'm considering moving it into jbod mode...
21:58:15 <vortexx> device     = 'MegaRAID SAS-3 3108 [Invader]'
21:59:27 <vortexx> it's randomly setting drives on the same 4-cable connector as Unconfigured(bad)
21:59:33 <vortexx> reboot will clear this
22:29:08 <rwp> I hear that this implies that it is a hardware raid configuration card.  I would definitely reconfigure it to IT mode JBOD mode and then have ZFS manage each disk and raid itself.
22:41:57 <vortexx> rwp: correct
22:42:15 <vortexx> and I know this is the ZFS guidance
22:48:57 <vortexx> I'll test changing the cables round to see if it's the cable or the raid card connector, too
22:50:15 <vortexx> (2 connectors on card, has raid cache module, 2 2.5" HDD drives on one cable and 4x3.5" HDD drives on the other, a fair amount of testing to do if I swap connectors as well)
22:53:40 <rwp> If your system is throwing storage errors then it's a good time to ensure that your backups are current. :-)
23:07:37 <vortexx> they are
23:08:12 <vortexx> I've had to rebuild the raid-5 config in the last month due to issues so backups & storage are current
23:08:36 <vortexx> (hw is 2020 vintage)
23:08:51 <vortexx> (at time of purchase)
23:55:40 <jason123onirc> I am looking at playing encrypted dvds but it looks like the package libdvdcss is not in the 14 repos
23:55:54 <jason123onirc> is there still a way to get it installed