00:00:01 <o0x1eef> man 4 capsicum but you'd have to design your entire application around that model, so I'm not sure it is that portable, it is quite challenging to write capsicum software (compared to pledge & unveil from OpenBSD)
00:03:16 <jonaslund> Thanks, gonna check it out. I think the portble part is a bit messy. Basically developers will run stuff without sandboxing on other OS's , and forking the simulation processes from the manager, but for deployment the simulation processes should de-privilegie themselves as much as possible (hence my #ifdef comment.. the deployed version can behave
00:03:17 <jonaslund> differently on the deployed server whilst there isn't as much need on dev-machines).
00:47:56 <jonaslund> o0x1eef: Thank you! Loving the "default-deny-everything" thinking so it feels like a good option, capsicum does impose some constraints but simulation code was designed to be contained (Wasm sandboxes within the host has been on the table) so adapting by adding a "capsicum mode" with subprocesses should be doable without too much headache compared
00:47:56 <jonaslund> to other drawbacks for the other options.
04:14:08 <Chip1972> why dsbmc show no partitions?
06:38:34 <farhan> Was gdb removed from the kernel for remote debugging?
13:16:11 <Remilia> I really want to figure out how to build custom kernel packages properly but it is still eluding me hmm
13:16:28 <Remilia> and I seriously do not want to buildworld for this
13:16:30 <zip> Folks, pkgbase jails are amazing
13:18:06 <zip> You basically copy the pkg keys to the right place and run pkg -r /jail/path install FreeBSD-set-minimal... and that's very nearly it. Slightly less hassle than digging out a base.tgz
13:19:26 <Remilia> zip: I used bsdinstall to create a template in a zfs dataset then just `zfs send` that template for new jails
13:19:53 <Remilia> it's a lot more convenient than manually dealing with distribution sets
13:20:23 <Remilia> `bsdinstall jail /dest/jail/dir`
13:20:59 * deconfed installed
15:03:29 <Macer> cool. i yanked the old pool out and have to relabel the zfs partitions.. wish me luck lol
15:16:34 <dvl> Macer: good luck.
15:19:48 <zip> Remilia: oh neat!
16:37:14 <Macer> It seems to be working.
16:37:31 <Macer> I tested it on 2 drives and reboot to make sure the labels stick in the pool.
16:37:57 <Macer> Worst case is it would revert to the daX devices (I think).
16:39:25 <Macer> I’ve done 7 of 14 and wrote this up because there doesn’t seem to be definitive documentation on how to do this. https://crazy.macer.life/swap-gpt-labels-for-zfs/
16:54:35 <dvl> Macer: Let me guess? zfs got confused and mounted a swap partition as part of a zpool? I had that happen. Now it's labels, not /dev/ada0p1 (for example)
16:57:31 <dvl> I just learned "gpart restore -F da5 da6 da7 da8 da9" <--- multiple drives. good.
17:06:18 <dvl> I also didn't know about `zpool set path` - thanks Macer
17:19:14 <Macer> no. i'm just moving them around and have them labeled so i know where they are
17:19:27 <Macer> but zfs shouldn't mount a swap partition if it's not a zfs partition or part of the pool
17:20:28 <Macer> afaik zfs tags what is part of a pool
17:42:12 * deconfed joins a pool
17:43:08 <dvl> Macer: I did have a zpool mucked up after moving drives around, the zpool definition was not using labels.
17:55:21 <Macer> that's odd. like i said it shouldn't matter what /dev/daX it uses
17:55:29 <Macer> zfs tags them so if they move around that doesn't happen
17:55:35 <Macer> just for that reason
17:56:26 <Macer> I'm rebooting now and crossing my fingers. Hopefully it all worked out. I just renamed 16 labels (x2 for swap partitions i never even use)
17:57:22 <Macer> best thing i ever did was set up ipmi sol lol
17:58:41 <Macer> SUCCESS!
18:00:52 <Macer> now i have 20 empty bays to expand with :)
18:05:52 <Macer> onto the next thing. seeing if i can manage to install the old disks in another server and use ipmi to turn it on... zfs send backups... then turn it off :)
18:27:07 <dvl> Macer: Yes, it should not matter. I'm talking about swap, not ZFS. which uses entries in /etc/fstab ....
18:28:29 <dvl> Macer: Entries without labels.... like /dev/ada0p1
18:29:10 <Remilia> hmm how do I slim down a jail after pkgbasify
18:29:26 <Remilia> because it just... adds 2 GB to each jail
18:29:46 <rtprio> Remilia: just a guess, pkg delete
18:30:00 <dvl> Remilia: Guessing, did it go into /var/cache/pkg ?
18:30:01 <Remilia> rtprio: The following package(s) are locked or vital and may not be removed:
18:30:23 <Remilia> dvl: no it installs kernels/src/tests in my jails
18:30:38 <Remilia> I do not think I need /usr/src in jails
18:32:06 <rtprio> Remilia: even.. bluetooth. clang? *lib32* ?
18:32:34 <Remilia> no I am fine with clang
18:32:52 <Remilia> and lib32 is not there thankfully
18:35:01 <rtprio> Remilia: FreeBSD-tests* ?
18:37:33 <Remilia> rtprio: that too
18:37:43 <Remilia> I think I will just have to re-do my jails
18:38:03 <deconfed> and what you need to do
18:46:41 <Remilia> rtprio: creating a brand new jail dataset with minimal-jail set in it and installing the same software gives me 269 MB used
18:49:12 <rtprio> i didn't `minimal-jail` set was a thing
18:49:33 <Remilia> it seems to lack jail-related stuff
18:50:09 <Remilia> and only has 60 FreeBSD- packages
18:50:21 <Remilia> the pkgbasify jails have 216
18:50:42 <rtprio> i need to redo my VMs too
18:59:28 <Remilia> rtprio: btw I stand corrected, I forgot to include -jail for radio and the difference is a further 18 packages
18:59:54 <Remilia> minimal-jail is: The following 42 package(s) will be affected (of 0 checked):
18:59:59 <Remilia> just 42
19:01:03 <Remilia> but that stuff is *extremely* minimal huh, not even a shell
19:01:55 <Remilia> wait I am an idiot, no csh, sh is there
19:02:49 <rtprio> oh good, just the way i like it
19:03:10 <deconfed> yeaahhh
19:04:33 <Remilia> 136 MB for minimal-jail
19:04:46 <Remilia> (with nothing else)
19:05:17 <Remilia> now I need to migrate data and configration of 19 jails to new ones :|
19:05:37 <deconfed> cya
19:07:50 <CrtxReavr> I get a kick out of how some of this Linux distros manage to fuck up the hosts line in their /etc/nsswitch.conf.
19:07:57 <CrtxReavr> hosts: mymachines mdns_minimal [NOTFOUND=return] resolve [!UNAVAIL=return] files myhostname dns
19:33:08 <deconfed> 3
19:48:50 <Macer> wow
19:48:55 <Macer> this using pkg to upgrade freebsd...
19:49:07 <Macer> i'm at a loss here just reading how to do it from the handbook :)
19:49:29 <Macer> probably need an easier command like pkg upgrade-os
19:49:49 <Macer> either way. i was considering reinstalling anyways and just keeping it with freebsd-update. i'll cross the pkg bridge when i get to it.
19:49:54 <deconfed> make installkernel KERNCONF=mine
19:49:58 <deconfed> then make installworld
19:50:01 <deconfed> enough
19:50:45 <Macer> well. i just use freebsd-update fetch then install for minor updates.. seems to do the trick quite well... i'm looking at the pkgbase instructions like ... wth?
19:51:19 <Macer> hopefully this isn't something that's going to be done in the near future because i'm scratching my head thinking it still has some ways to go
19:51:25 <deconfed> use git and compile using /etc/make.conf optim
19:51:50 <Macer> i'm not too fond of "the gentoo way" lol
19:51:53 <Macer> i'd rather use bins
19:52:43 <deconfed> using fast yum (fast startup) in FreeBSD-CURRENT
19:53:48 <Macer> i was just playing with that server anyways. i'm going to just re-install using 15-RELEASE.. it's running stable .. at the time i figured it was going to be the new thing so i decided to choose it but now i'm sort of regretting it because the instructions are confusing.
19:54:01 <Macer> that's going to take some muscle memory and abandoned blogs for me to sort out
20:01:27 <Remilia> I used to run -stable but converted to RELEASE later
20:35:28 <voy4g3r2> i am probably going to go crazy but will ask anyway.. I am looking at vmstat and systat to see why i am using 32 gigs of swap and only 2.3gig out of 64 gig of ram. Would anyone know of a good tutorial/space that would help me understand it?
20:36:25 <voy4g3r2> what i am reading and what is being shown.. says this is "normal" but i am just lost.. especially when btop is only showing 2.3 gig out of 64 gig of RAM. One would expect the RAM to be much higher THEN a swap of 32 gig out of 32 gig... neo4j is peaking a CPU which i think is the swap issue
20:46:52 <mariuss> When updating from 14.3 to 15.0 my machine is in the .so twilight zone as I rebuild packages on poudriere.
20:49:00 <mariuss> also ipfw reports ipfw_ctl3 invalid option. Result: no network until I disabled ipfw
20:54:34 <Macer> hm. that's kind of odd. i can ping locally but can't seem to get out the network
20:55:11 <Remilia> I think the varnish7 port could use a dep on FreeBSD-clibs-dev hmm
20:55:30 <Remilia> (and clang if that is not implied)
20:55:32 <Macer> oh .. guess a reboot fixed that. weird. i guess swapping off the interface and turning it into a lagg maybe
20:56:08 <Remilia> mariuss: that is exactly why I run poudriere in a VM on my home PC rather than on the server that uses its packages
20:56:18 <Remilia> can build everything beforehand
21:05:00 <mariuss> Remilia: The machine running poudriere has first to be updated. You can't run poudriere for a newer OS than what that machine itself is running.
21:06:11 <Remilia> mariuss: that's the point of running it in a VM on a system that does not depend on it?
21:06:31 <Remilia> or just on a completely separate machine
21:06:46 <Remilia> I don't understand your point
21:07:21 <Remilia> my poudriere Hyper-V VM does not need itself to be updated, it uses poudriere-devel from FreeBSD-ports
21:07:50 <mariuss> I don't have a machine with the same type of hardware to run a VM. Other than my FreeBSD servers everything else is Apple hardware.
21:11:58 <mariuss> No worries, poudriere is grinding away. Once it's done everything should resolve itself.
21:33:26 * shbrngdo scrollback - somwe of us cut our teeth doing kernel compile/install from source, and spent a week doing 'portupgrade' (and there are ALWAYS builf errors).  I still rebuild from ports to get a stable 100% working system...
21:36:46 <shbrngdo> this time it's my server (not daily drivers) and with a major release (15) things are looking better using packeges and the installer (from scratch, 8TB drive), but I STILL do not like chasing moving targets on packages.  I want source and ports to be as close as possible t what is installed.  "old school" I guess...
21:44:16 <shbrngdo> thinking of VM's - I am using VirtualBox ut with a physical hard drive.  This is the 2nd time I've rebuilt my server in a VM like this.  I did run into problems with rsync, the VB NAT interface sometimes causes rsync to suddenly drop out and klikk a transfer.  Grok suggested using bridged mode for the interface, not NAT - this resolved it.  Not sure if that helps eith Poudriere in a VM ut if there are file transfer
21:44:16 <shbrngdo> issues maybe...?
21:45:35 <shbrngdo> [old eyes cannot see while typing... stupid keyboard]
21:47:05 <vkarlsen> I imagined you installing your first kernel by flipping bits on the front panel
22:15:03 <dvl> shbrngdo: For me, pkg, poudriere, and zfs have done volumes to improve my sysadmin tasks.
22:21:52 <Macer> Remilia: i don't even know why i did it. i know 15 wasn't out yet. i was just tinkering. i re-installed RELEASE on it
22:22:08 <Macer> i also learned that if a slog disappears on a pool then it won't import lol
22:22:30 <Macer> i just put the platters in and tried to import it. didn't work because slog drives were out
22:22:58 <Macer> i figured if the slog wound up missing after export/import then it would just drop them off and still import or at least give the option