00:06:47 the 3 things that make HUGE difference in bug reports: 1) clear/concise 2) reproducibility steps 3) responding whenever the bug report gets replies asking you to do something, like provide more info or test a fix patch 00:08:58 Here is the 3 I request: 1. How to reproduce. 2. What was the expected result. 3. What was the actual result. 00:40:41 _opr, bhyve is an entire operating system along with a kernel running. It's much heavier than a light weight container. Docker is a fork of the linux-container system and similar to FreeBSD Jails. You can run a hundred jails on a host and hardly feel it. You can't run a hundred VMs on it without the added load causing stress and slowdown. 00:41:09 _opr, Instead of using docker on a linux system you might consider exploring FreeBSD Jails and using FreeBSD for it. A lot of expertise here for doing it. 06:14:21 <_opr> rwp: hey, thanks for the explanation. yes i've been using jail for a long time, no issues at all. just curious bhyve could have so much more impact on my resource than virtualbox. Just out of curiosity. :D 06:16:15 do you guys add users to your jails so you can ssh directly into the jail? or do you only add users/sshd to jail host? 06:19:23 <_opr> i add users in jail for me... 06:19:41 and run sshd in jail so you ssh directly into jail? 06:21:56 <_opr> ?? sry my brain's broken. ssh to host, then do whatever there. 06:22:14 ok so you don't ssh directly into the jail 06:22:33 <_opr> haven't considered any best practice but in this case you won't have to add keys to every jail... 06:22:41 <_opr> no, just to host. 06:23:03 ok. i've been ssh'ing into jails directly i wonder if i'm the only 1 doing that 06:27:50 _opr thats some chance, I'm running bhyve on 2 hosts with no problems for example - so it could be easy to say, there is no problem. However, every fixed issue starts from recording it and the circumstances and then we can start to work towards the fix 06:30:02 kerneldove: I've only host sshd running, for interactive use it's enough. But if you need some script to access a jail, then sure: go for a in-jail user 06:31:01 i have daemons and tmux sessions and stuff in each jail so i treat them as closer to full OS instances 06:31:18 i guess i put the thick in thick jails :) 06:31:30 it's still lighter than a full vm instance for each tho 06:31:43 and each jail gets its own ip 06:33:17 <_opr> tsoome, yes yes, good point. I'll test more and see if it's the same behavior. File a report when I think it's necessary. Thanks. 06:33:18 Depends how you interact with them. For non-interactive usage, say a borgbackup jail, I'd use in-jail SSH 06:33:42 For interactive usage, ssh to host, then console to jail 06:33:59 by interactive what do you mean? just running commands and stuff? 06:34:06 yes 06:34:11 ah ya 06:34:20 tyvm 06:38:17 _opr if you fancy to lean new tricks, I would try to get FlameGraph from running that bhyve https://github.com/brendangregg/FlameGraph - it could provide some ideas.... 06:38:27 s/lean/learn/ 06:38:38 kerneldove, It depends upon what type of jail I am accessing. For non-VNET jails then no I never have sshd set up in jail. I ssh onto the hosting system and then "jexec -l thejail login -f root" or otherwise run commands there. For VNET jails posing as a full system then yes I would set up sshd in the jail. 06:39:37 <_opr> tsoome, thank you sir. Will check it out. 06:39:51 So for example running MariaDB in a jail. No. I have it share the host IP address. For example nginx in a jail. No. I have it share the host IP address. Setting up a test network of VNET jails with routing and each with their own IP address? Yes. Always set up sshd in them then. 06:40:17 I am just now setting up a borgbackup jail to centralize home network backups, and it's the first time I need to enable SSH in a jail personally 06:40:42 Did you give it its own IP address? 06:40:50 Sure 06:40:59 Not VNET though 06:41:06 Just an alias 06:41:16 Then I would set up sshd in the jail so that clients can push backups to it. 06:41:42 Yep, doing just that, that's why I mentioned it as an example 06:42:08 Non-VNET jails make using aliases much more tedious. Because then daemons can't wildcard bind to all addresses but must be configured for the right one. On both the host and in the jail. That's why I don't like to do it in those cases. 06:42:47 makes sense 06:43:03 Yes, it could be a pain in certain cases, but I have SSH on the host listening only on the primary address 06:43:26 divlamir, why not use vnet? 06:43:47 Less is more, if I had to, I would 06:43:56 ah 06:44:29 for me, either jail is 'thin', no sshd, uses host ip, or 'thick' with sshd, vnet, its own ip 14:30:31 Yo mama so thick she has her own IP! 15:10:48 just to be clear, that is not the definition of thin and thick jails 15:12:01 thick jails have as complete copy of the base system whereas thin jails share the same copy of base 16:24:37 yesterday I tried wayland and it was amazing. gave a really cool feeling of the bare-bones computing. I didn't feel it for a decade using Darwin as a primary desktop OS. I'll try to setup Minisforum um690l as my main working machine in the office next week. The idea is to use as much from Omarchy to streamline the process as I can. We'll see how it'll go 18:07:38 kerneldove: I usually SSH into my jails if I'm going to "use" them from WireGuard. Otherwise physical access to host and jexec from there (I don't SSH to host if possible). 18:15:26 And if a jail already has SSH and I can do my stuff through SSH, I usually do it that way even if I can use jexec. No reason other than consistency. 18:24:58 ty dango 18:25:48 jbo ya maybe there needs to be another set of terms to distinguish it like narrow vs wide or smth 19:27:11 hi 19:29:18 o/ 21:25:19 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=289220 still collecting information and attaching it 21:41:23 hello 23:04:34 pop quiz: what is the difference between running "/usr/bin/make all" and "/usr/bin/make -j1 all"? 23:07:04 <_opr> only 1 job? saves some electricity fees? 23:07:26 _opr: but the default is to only use one job, right? 23:07:49 -j gives it more jive. 23:09:48 <_opr> ivy, this is interesting again for me... i'm cross compiling for windows on freebsd using llvm-mingw, i have to use gmake and default is the same compile time as -j4. I could have misunderstood the real impact with -jN, maybe not time-wise... 23:10:25 <_opr> rtj, XD 23:11:43 so the answer is (and this took me about an hour to work out the other day) even though 1 job is the default, adding -j1 disables compatibility mode, which breaks some makefiles 23:12:01 ivy: I had no idea ty. 23:12:23 (the fix is "make -j1 -B") 23:14:11 <_opr> a yes, -B for me as well. 23:34:24 ivy: yeah, I agree that the manpage does a horrible job of making it clear that compat mode is the default 23:35:30 it actually made me think i was losing my mind earlier when i was trying to explain someone why `\tcd dir\n\t\n` was a bad idea, but what I thought I remembered didn't feel supported by the manpage so I just told them that side effects ar ebad 23:35:40 earlier or yesterday. time is weirdly fluid 23:36:52 kevans: in the other channel i suggested making -j1 a no-op, but i wonder if we should make compatibility mode not the default, which might encourage people to fix their makefiles 23:37:46 this is "compatibility" with like, 4.3BSD, right? it's been considered wrong to rely on this since forever 23:40:47 given that one can apparently slap their bmakefiles with `.MAKE.MODE = compat` to "fix" it (in the least resistance way), I don't see a reason not to other than probably needing to slap the ports tree with it in bsd.port.mk 23:41:30 (specifically compat mode for the ports themselve, not suggesting a hammer for things built by ports) 23:42:16 i don't know what kind of crappery people have done in ports, but it could be more painful to weed out and it feels better to just focus on the other results you might get from an exp-run rather than weird infrastructure failures