How do I have a rc service file change the working directory?

tuaris: cd ?

Ah, I remembered about `_chdir`. I tried that once in rc.conf, but it didn't work. I think that variable can only be set in the service script/

tuaris, What rc script are you talking about? It would help if we knew and then could look at it.

I found what I needed: man.freebsd.org/cgi/man.cgi?query=rc.subr&sektion=8&format=html

Woot!

i can run ping from my user account, but when i run a some ping code using a ping lib i get an error Protocol not supported (os error 43) any clue what's causing that?

i tried some other ping code from my 14.3 user account and it errors saying permissiondenied operation not permitted

but i can run `ping` and it works

kerneldove: the system ping runs as root. you need to be root to access SOCK_RAW afaik

what's the difference between system ping and `ping` bin that i run as regular user?

system ping runs as root afaik

i.e. if you copy system ping somewhere and make it owned by your user, you will get the error

true. /sbin/ping is setuid-root

docs.rs/surge-ping/latest/src/surge_ping/config.rs.html#20-29 is the code i'm trying to use

i don't need to be root to ping using dgram right?

if you can, try running your program as root and see what it does

kerneldove: normally, you need to be root to open a raw sockets (that traditional /sbin/ping uses)

i ran it as sudo and it worked as expected

otis ya but i can run `ping` and it works fine, so it must not be sending raw?

kerneldove: when you 'ls -l /sbin/ping' you'll see a 's' field, which causes the program to run as root

ya but i don't run sudo ping, i just run ping, and it works

am i misunderstanding?

kerneldove: en.wikipedia.org/wiki/Setuid

so the setuid bit means any regular user can run it, and when it runs it runs as root?

yes

ok so there's actually no way for freebsd users to send pings unprivileged?

no, because you need a raw socket for that and only root can open raw sockets

i read that to send unprivileged pings, you can send a dgram ping, but that's not true?

dgram instead of raw

do you mean UDP echo aka what Windows used to use by default

not sure but maybe

ya looks like it

it's not enabled by default

is there any way to enable that so unprivileged users can ping?

how can i enable it?

you shouldn't

why not?

you'd have to drop the privileged ports restriction almost entirely

well how am i going to make a ping bin in rust that runs unpriv?

the answer is you don't

im making a server monitor tho

i need to test reachability

does ssh have ping built in?

no

so what do i do?

Remilia?

do what everyone else does, spawn a new process running a laser-focussed SUID binary

why are you asking me? look at munin, nagios, etc.

ugh i dont wanna run privileged

you don't want to read

no i heard you it just makes me sad

I'm not sure why executing a tiny SUID binary made purely to do ECHO requests makes you sad

you could either do that, or compromise your system by setting privileged port limit to something like 6

which would let any user listen on ports like 25, 53, 80, 443, and so on

UDP echo requires port 7 and UDP echo responses are not enabled by default

if i have a tiny setuid binary for doing ping, i'd just have my program run the system `ping` and parse its output

like it's great that you want to use UDP datagrams to ping stuff, but have you considered that the hosts you ping need to have inetd running and the echo service enabled in inetd.conf?

another idea is i could use the ssh connection to each server that my tool will initiate, send a message over the ssh connection and time how long it takes to get output?

TCP is slow

though if your host listens on a given port, you could TCP connect and time it

it'll still extremely unreliable for timing, of course

be*

i wonder if `ping` supports libxo so i could take json output

doesn't look like it from man page

dang

so i gotta parse the output for "time=x"

ugh

implement your own ping tool and SUID it

but then i just need to parse its output so what's the difference from parsing output of system ping bin?

make it output in json so i can parse its output easier?

yours might give you more options and produce JSON or whatever you prefer

ya hm i might need to do that

for example it could take a list of hosts

ok ty i'll think it over. maybe i can get away with scrapping ping, and just make reachability based on if it can establish an ssh connection and if that later disconnects and fails to reconnect

is there any way to allow unprivileged user accounts to send raw sockets so they can ping without setuid root? looks like jail has that but not base system?

jails do not support that, the allow raw sockets option for jails only allows it for root

ahh ok, dang

Are BSD Apps cross platform ?

maccampus: what do you mean by "BSD Apps"?

things you can open & run & do things BSD doesn't do by its own ?

Firefox

so you mean third-party applications like vim, or KDE? those generally also run on other platforms, yes

it would be quite odd if Firefox only ran on FreeBSD

most third party programmes are built against POSIX, not Linux or FreeBSD; POSIX is the common standard to which both operating systems adhere, meaning programmes written to it can compile with minimal, nowadays automatically-done, modifications

yes but obvious Linux Firefox will not work, but will FreeBSD Firefox work on NetBSD ?

nope

no

have to build it separately for each of the BSDs

And why is that, on linux it works on multiple distro's

FreeBSD and NetBSD are not "distros", they are completely separate operating systems

the only connection is that they are both descended from 4.4BSD, which was released in 1992. a lot has changed in 30 years

Same about linux they all desend from the thing that Swidish guy made, and a lot has changed the last 20 years too

maccampus: Linux distros don't "descent" from the Linux kernel, they *are* Linux. they all use the same kernel.

different linux distros all share the same kernel ABI, and generally all include GNU libc. BSDs each have their own kernel and libc.

So why did you never decide to use the same Kernel ?

what would be the point?

a lot of source code is shared between the various BSD forks, but binary compatibility would be a huge amount of effort for very little gain

Because then one could switch distro when one's preferences and needs changed, want to be mainline, want to be secure, want to be open (nah no point in that changing platform will brake applications anyway)

A bit like asking why an x86 binary won't run on ARM, you need the binary compiled for your platform

thats why i said nah on the OpenBSD see above

again, the BSD forks are not "distros", they are completely separate operating systems

But thee is that OS that manages just that

They call is UB2, UB & FAT

A third party application built on one Linux distribution isn't guaranteed to work on another.

then i was lucky so far

you may as well why why FreeBSD doesn't have binary compatibility with Solaris so you can switfch OS as your preferences change

sure, in theory it would be possible to implement that, but it's a huge amount of work for very little benefit

it instaled on 3 distro's and worked

Great, whatever "it" is.

Firefox

Ubuntu, Fedora and even RHEL all build firefox differently. If you happened to copy the firefox binary from Ubuntu and got it working on RHEL, that is amazing indeed.

good god

how old are you, maccampus ? and how long have you been involved in computers at this level?

TommyC: well, RPMs generally work across RH-derived distros just as if it's .deb it will *probably* work on Debian-derived

you can't just copy the Firefox binary after all

Copying binaries between systems, I've done it too on my first 8-bit pc :)

divlamir: I think binaries would generally work between CP/M, MP/M, and MSX-DOS, though for the latter you'd need to do some patching iirc

the OS was very little, in those days

UNIX operating systems are a lot more

oh but Turbo Pascal 3.0 for CP/M, as an example, would fail to give you command line arguments if you compile on MSX-DOS

there was Pascal/TURBO+ which was a clone of TP3 I think

Llampec: yeah it's like trying to copy an OS/2 binary to Windows and expecting it to work

(note: a Windows 3.x binary will run on OS/2 Warp 3.0)

Remilia: I'm aware.

Remilia: Truth is I don't believe that maccampus got a binary copied from <insert very different distro A> to <insert very different distro B> and got it working unless the copied-from distro used the Mozilla-provided static firefox binary.

actually what if you compile Firefox as an entirely static binary? that would theoretically work on every Linux distro as long as syscalls are fine

lol, that would be a fat one :)

Remilia: or compile it normally but ship the shared libraries with the binary

ivy: I guess if you install it in something like /opt

it would be easy to move around

my brain is full of cursed nonsense

provided the appropriate namespace

there could be the remote psosibility of conflicts

Is it possible to convert a FreeBSD installation from BIOS to UEFI? The system supports both.

I can see no reason it would not be.

This is what gpart show is: bin.morante.net/?c4b5668c2ae52def#3…mLKarjLUKwuEdSjngN8YUHLMgp9gLccmYqJ

I'd have to add an efi partition, wouldn't I?

tuaris: if you are already using GPT this is somewhat easy, even if you do not have an EFI partition

tuaris: you have a 512K partition of type freebsd-boot; delete that and create a 512K EFI partition instead, the loader will fit

tuaris: pastee.dev/p/LH0o4rgS from my scratchpad

double check indices, device names, etc.

Remilia: are you sure? the 15.0 amd64 EFI loader is 647KB

oh

I guess things changed since 13

can't cheat any more

i would suggest reducing the size of the swap partition to create an EFI partition

and delete the freebsd-boot partition at the same time

I can expand the volume. It's a VM.

if you can expand the volume, just add another 256MB or something and create an EFI partition there, that's probably the easiest way

Oh, it doesn't have to be at the start?

it does not, it only needs to have the 'efi' partition type and the firmware will find it

oo, interesting

well... the quality of EFI firmwares does vary and i could imagine a firmware that requires the partition to be at the start of the disk

but it *shouldn't* require that

EFI needs to be formated as FAT, correct?

yes, use newfs_msdos(8)

if it's a VM you probably have that open source EFI thing which definitely does not care about where the partition is

EDK-II, yeah

Then I just mounnt it and "cp /boot/loader.efi /mnt/efi/efi/freebsd/loader.efi "

or something like that

you'd need to set EFI boot variables for that to work

This should be a fun experiment

tuaris: i recommend placing the loader in \EFI\BOOT\BOOTX64.EFI, this is the most compatible path

^ this

tuaris: so if it's mounted on /mnt/efi, then /mnt/efi/efi/boot/bootx64.efi

cool, let me do a backup of my VM, then I'll give this a try.

what annoys me is that the UEFI firmware for apu4d4 is borked so I am stuck with gptzfsboot

like, it boots and works but the watchdog timer triggers every hour :D

Remilia: that sounds weird and annoying

can you not disable the watchdog?

ivy: it's in the firmware and it just hard resets the system

known issue

hm

does it need a driver? or is it just a firmware bug?

I'd tell you more but I last poked it in late 2019

and I cannot poke it now because there's 2000+ km between me and the router, and there is no one who can console into it to fix

ivy: apparently it does need a driver and you can disable it at firmware compile time now...

I think NetBSD will greatly benefit from all SciTECO power users that are now considering switching to NetBSD.

Oops, wrong channel. Sorry.

shit happens

Thought about it and decided that I'd probably want to move the swap to the end in case I ever need to grow my ZFS partition. So this is what I ended up with: bin.morante.net/?ac7ac36869c9eb70#C…zXoiY2LKvCpwyLiyRZtGcaei9uBFQNu97JC

it wasts about 2GB, but that's not a big deal

Okay, the loader is in place: bin.morante.net/?ef9ece2594158db7#9…nZTD514f79Vvu2wQquymQ3x8YHmq73e3Chr

What do I need to do for this? "set EFI boot variables for that to work"

nothing

remilia's comment about EFI vars was if you did not use \EFI\BOOT\BOOTX64.EFI as the loader path

but since you did, it should it detected automatically

ah okay. So I'll just reconfigure the vm to boot with UEFI and see if it works.

lets see...

wow, it booted

I'll post some links to before/after vids

btw, your pastebin site's TLS certificate is not trusted by Firefox

yeah I know :)

You know what's interesting... I forgot to update the swap entry in fstab. The system didn't complain at all and swapinfo says the device is activated

what about swap size?

It was showing something small, but usage was 0, so I wonder if it was going to just write to the EFI partition. I turned off swap and fixed it asap

writing to EFI can be bad news (I hope it didn't). Next boot will tell.

it didn't. It booted up fine

The before and after videos: download.morante.net/unibia/screens…ts/freebsd/VM-FreeBSD-BIOS-Boot.mkv and download.morante.net/unibia/screens…ts/freebsd/VM-FreeBSD-UEFI-Boot.mkv

great. Apologies for interrupting a constructive conversation.

Oops, -current pkg repos are currently almost empty.. :D

Ltning: they did a special build for re@ containing only the packages required to build the snapshots, the next build will include all packages again

Yea I almost did pkg upgrade -y here. Would have been fun. But anything to get snapshots and release building :D

In editline I can use `bind -v` to set vi mode. Is there a way to display a mode indicator prompt?