00:09:09 deimosBSD: I have resorted to finishing the install manually 00:09:28 bsdinstall mounts it all for me, I have pulled the distribution sets, extract them to /mnt 00:38:34 deimosBSD: seems ntp is IPv4 only, what ntp do you use 00:38:36 for ntpd 01:22:42 I run my own stratum 1 server 01:23:11 there's also time.nist.gov which with dual stack 01:24:13 or nyc.he.net also dual stack 01:25:20 there was also this bug, that i think only got resolved because of the version change, https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=270536 01:26:17 actually 2.pool supports v6, https://reviews.freebsd.org/D39954 01:42:20 ah right 01:42:26 deimosBSD: I just set it to time.google.com 01:42:31 as I knew it was IPv6 01:42:35 anyways pf is playing up 01:42:52 block in; pass in proto tcp from any to any port 22 01:43:00 and nmap shows 22 is blocked 01:43:24 so I got no fucking clue 01:43:28 ; being newline 02:07:49 polarian: did you get it working? 02:12:22 deimosBSD: what bsdinstall? 02:12:24 no 02:12:36 I dropped out of bsdinstall, fetch'd the tarballs manually 02:12:40 and extracted them 02:12:40 no the pf 02:12:42 then bios booted 02:12:44 deimosBSD: no 02:12:46 no clue whats going on 02:12:48 I just pfctl -d 02:12:55 that works too 02:13:00 well its not a solution 02:13:11 it's a solution, just not a very secure one 02:13:14 I will check pflog and see whats causing it 02:13:19 but rn I dont have time 02:13:33 I just need a freebsd server to launch a bhyve vm 02:13:38 to finish a job of mine 02:13:41 and I am already overdue :/ 02:13:51 client is not going to be happy if I keep making more delays 04:39:31 polarian: did you get everything sorted out? 05:30:42 hello, this isnt my issue, but a friend of mine just installed freebsd 15 using pkgbase. when he was poking around he noticed that a jail was present, sharing the same hostname as the host machine and with the jail path sharing rootfs. ive never seen this before, did he misconfigure something? 05:41:47 during the installer, that could show up, but after the inital reboot i would find that extremely unusual 05:44:00 That does sound really crazy. What does "jls" say on the new machine after a reboot? 05:53:21 rwp: ill grill him for new details later, unfortunately he pinged me a while ago and now hes asleep. just kinda scouting information in case it was obvious. seemingly its not 05:54:04 rtprio: im curious, how is the jail involved in the installation? 05:54:37 well, i don't know, 05:54:51 it doesn't make any sense 07:16:20 specialbomb: maybe the service jail feature of rc? what is running in that jail? 08:35:23 After the id or name of the jail is known then you can list processes running in that jail "ps -J 1" and see what is running in jail 1. 09:16:22 Am I right or does it seem to me that `man pw' does not explain that with groupmod, -m means adding user to the group and -d deleting a user form the group? I see this informaion only when running `pw groupmod' with incorrect argumennts... 09:20:31 anyone awake? 09:23:03 I thougt I were not sleeping, am I? 09:24:20 ant-x: You are dreaming about us 09:24:55 "Everything is in the hands of Christ" -- "But the hands of Christ are the mind of Budda" . 09:26:45 so i’ve been putting off setting up a new freebsd serevr for years because . . who has the time. 09:27:21 but my current not-freebsd server has been having packet dropping issues for 3 days now and i’m still waiting for my data center to even awknowledge my high priority support ticket 09:32:11 In my case, the problem was solved by replacing the Eithernet cable's socket. 09:34:24 ant-x: section GROUP OPTIONS "-m newmembers Similar to -M, this option allows the addition of existing users to a group" "-d oldmembers Similar to -M, this option allows the deletion of existing users from a group"? 09:36:31 Then I /am/ sleeping. Thanks nimaje. 09:38:26 GoSox, I mean the 8P8C cable plug. 09:38:51 huh? 09:44:19 damnit my test machine is a mac mini with an ssd and an hdd and every time i boot it into macos, it wants to erase the drives and turn them back in to a fusion drive 09:44:21 I think telling about the package dropping issue was to explain why time is there now, not in the hope that switching to FreeBSD would help with that 09:44:44 oh, the packet dropping issue is due to ddos 09:45:28 (but who has the time to admin a non-freebsd os?) 09:45:46 well i’m a mac guy so admining a mac server is a piece of cake 09:46:12 the problem is, there are ZERO anti-synflood tools in the version of macos my server runs 09:46:50 the pf firewall is supposed to have a synproxy feature but its broken :/ 09:48:49 anyhoo, a year or so ago, i started learning how to set up a freebsd server and taking my own notes so i could repeat the process as i go 09:48:58 i need to get back in to that 09:49:20 so ill be here asking questions again, but none today 09:54:22 do you guys also hang out on the freebsd.org forums 10:29:07 one thing i could do, instead of settings up a freebsd rackmount server, is i could pay for a VPN service with a static IP, and then set up a macos server at home and tunnel the traffic in through the vpn 10:29:53 there would be definite advangages and disadvantages to that 11:53:55 SponiX: no lol 11:54:13 I wonder if its due to me manually installing freebsd 11:54:19 but bsdinstall is borked, ditto pf 11:55:09 this didnt happen on 14.x 11:55:16 all of this for some stupid pkgbase 11:57:46 well no 11:57:55 all of this to stay on time with a release that was really slipping 11:58:01 pkgbase in se is a good idea 12:07:48 SarahMalik: I have already had this discussion 5 times already 12:08:00 TL;DR I see pkgbase as the destruction of everything *BSD's stood for 12:08:24 FreeBSD has turned into Linux, the packaging nightmare of Linux + literally all new drivers are LinuxKPI 12:08:44 see it how you like 12:08:52 someone joked recently that they have FreeBSD ontop of Linux running Linux, so why not just cut out the middleman and run Linux, which I think is a pretty good argument 12:09:29 I dont care about the existance of pkgbase, if people want to shoot themself in the foot thats your choice, but my concern is the deprecation and removal of delta updates 12:10:31 freebsd-rustdate can do delta updates far faster than freebsd-update, and it keeps the base whole... or the good old mounting /usr/src and /usr/obj remotely to your device and make installworld/installkernel 12:11:15 but in freebsds constant attempt to become more like Linux, we have adopted the stupidity that the base should be divided into many different small packages. This would be good if FreeBSD was rolling release, but its not... 12:11:39 I would disagree with anyone who argues that pkgbase doesn't substancially drop the reliability of freebsd 12:19:29 well, base will still be developed together with the kernel, a main point is that it allows to install just the parts of base you need without building yourself and setting the required variables, so it is easier to have smaller jails 12:21:15 nimaje: until one package breaks and the entire of base falls apart 12:21:30 which is not uncommon on Linux, has happened a few times to me over the years 12:22:12 also freebsd is already reasonably small, it solves a non-issue imo 12:28:08 I don't think base updates enough on stable releases for that to be a real issue 12:28:28 if you were using packages to track current that could be a problem 12:28:52 but realistically you're going to be syncing with the traditional release every release 12:29:32 that will be an update step that will have already been thoroughly tested every time 12:33:34 yeah no one is gonna rewrite the package hierarchy for a patch release 12:33:49 at least not intentionally 13:02:20 "reasonably small" bruh it's like 2 gigabytes all-up 13:04:11 my basejail image is 22G 13:06:24 oh no that's a lie, I was reading the wrong thing 13:08:23 I thin provision to save on memory though not disk 13:36:28 SarahMalik: seems like you would choose docker instead then :p 13:36:46 I rather have a complete base... than pick and choose components which were designed to all work together 13:38:22 respectfully, fuck docker 13:38:45 the analogy I prefer for docker is that it's a diaper 13:38:58 true 13:39:00 I agree 13:39:06 haha, I like that 13:39:19 but docker folks are the ones who moan about every MB of wasted disk space 13:39:26 that we as a people have not grown beyond infancy? 13:39:42 diapers solve many real problems, but the big problem I have is when people then go "well I have a really great diaper, I can just design my software to shit everywhere and it's fine!" 13:40:14 to have the *option* of using docker to build, deploy, and test software is great 13:40:21 every MB of disk space wasted by a compiler the size of the SS Great Britain is a megabyte I can't use for scientific calculation outputs, for instance (not that I have any need for scientific calculations) 13:40:39 SarahMalik: dont install comp then :p 13:40:47 to have that as a requirement for a piece of software is, like 99% of the time, a massive red flag that its design and architecture are an absolute horror-show 13:41:00 also a compiler is kinda a vital part of an OS 13:41:13 it is, that's why it should maybe be fractionally smaller 13:41:36 the *cross*-compiler maybe doesn't need to be shipped, POSIX doesn't specify that 13:41:46 hodapp: most big OSS services are now docker-only 13:41:51 well "officially" supported docker only 13:42:03 polarian: dunno about "most" 13:42:04 you still get unofficial ports to package repos, but they arent endorsed upstream 13:42:19 hodapp: name me one big OSS service which doesnt use docker as its official install method? 13:42:25 immich? nextcloud? 13:42:27 all of them do 13:42:42 I don't really know where the line for "big" is 13:42:51 most HTTPDs do not require you to containerize 13:42:51 hodapp: lets go with a decently sized webapp included within them 13:43:04 "decently sized" is also pretty hand-wavy 13:43:20 I think web-apps in se are a fallacy 13:43:29 se? 13:43:35 in se = in themselves 13:43:43 it's the same «se» as in «per se» 13:43:49 not sure how an application could itself be a fallacy 13:44:26 all our web browsers are basically now virtual machines with hardware forwarding and such; this did not need to happen 13:44:37 buuut we've gone súper offtopic 13:45:59 it's sorta the nature of most things that they are the way they evolved to be, not the way they were originally designed nor the way they might be designed if we have the option of a clean-slate redesign while taking only our own needs and desires into account 13:46:04 doesn't mean all things are fallacies 16:16:12 SarahMalik okay, same here. I did not notice that before. time to read the man page and/or source code I guess? 16:16:23 are any 15-Release user? I start to think about upgrade 14.3 to 15 but I am scare. From 5 to 14.3 I didn't have problems but now... 16:17:09 I just discovered env BSDINSTALL_CHROOT=/tmp/foo/ UNAME_R=15.0-RELEASE /usr/libexec/flua /usr/libexec/bsdinstall/pkgbase --jail which works amazingly well, but looks like I also need to add --noninteractive --components base,devel,lib32 as an optional flag. /cc kevans_ 16:17:10 ...and I will use freebsd-update 16:17:44 nsoci in case you are using FreeBSD update, you might wanna use freebsd-rustdate instead. that will make things faster, and don't forget to use boot environments. 16:18:48 -rustdate I never try. I think from 11 I start to use freebsd-update 16:21:08 how are packages for 15 latest? I am using WM 16:25:15 antranigv, manpage supports your initial interpretation 16:25:30 so it's source code time. onc ei coffee enough 16:31:10 hey, I have an odd bastille issue, for some reason linuxfses won't mount? Using the Debian13 bootstrap 16:31:22 if anyone has advice, I'm all ears 16:59:40 SarahMalik: it looks like there may have been a change to prevent MTU changes when the interface is a bridge member. line 2762 of sys/net/if.c , on my copy of the CURRENT source, which is slightly old 17:01:08 oh 17:01:10 blimey 17:12:33 spuos: there used to be a #bastillebsd channel where they may be able to provide more guidance 17:43:25 antranigv: What does that pkgbase command line do, update the jail's base? 20:16:39 i am being penalized for talking bsd @ #security 20:17:28 i have an idea of a bsd lockbox computer in my mind 20:17:41 i get threats of being banned from the network 20:20:03 this is a regime 20:22:28 talk about it in -social and show logs 20:23:21 in progress 21:42:36 SarahMalik what did you find out? 21:43:08 nothing, still not coffee enough 21:43:31 mns setup a jail using bsdinstall+pkgbase. works like a charm, but needs some improvements. 21:43:58 wsky #security is not about security, and never has been. 21:44:46 SarahMalik I just make 6 cups, I'd invite you over, but I'm guessing we're at least 3000KMs apart. alas no BSD users who like coffee in my area. Lonelyyyyy, I am so lonelyyyy, I have no Beastieeee, I'm a sysadmin on my owwwwwwwn 21:45:09 anyway i have an idea of a bsd based lockbox computer made by an organisation assembled in a knighthood order fashion 21:45:28 it is interesting 21:46:18 someone should get me out this nursing home and hire me :( 21:47:07 wsky I'd hire you, but I have no idea what you're talking about. 21:47:29 maybe read the logs 21:47:51 wsky you're lucky I run a ZNC. 21:47:57 :D 21:47:58 cool 21:49:09 wsky cool idea, what you're calling a lockbox used to be called a "computer" back in the 90s and 2000s. 21:49:22 antranigv, i misread "mns" as "mi ne scias" i.e. green star "i don't know" 21:49:29 lockbox because it's security focused 21:49:40 in multiple ways 21:49:44 #security is exactly about security 21:49:49 wsky have you had a look at Gerwsin Desktop? because no matter how you focus on Security you also need to focus on user friendliness. 21:49:57 yeah they didn't treat me too well over there 21:50:24 antranigv: well i know some gui would have to be done 21:50:50 wsky but first thing first, I suggest you make a design document, like what this thing is, how it works, and what problems is it solving. people might join you in making that. 21:50:53 but coding zfs interface, vpn interface, wifi interface, jail interface is few months of work at most 21:51:24 i'd need to get hired somewhere, no other way for me 21:51:28 all i hjave is this idea 21:51:43 i'm locked in a nursing home :( 21:52:03 you are in no place to actually even start to execute on this idea 21:52:12 you are mentally sick, and possibly physically as well 21:52:19 which is why you're in the nursing home 21:52:26 i am thinking quite straight 21:52:29 incorrect 21:52:35 you need a healthy mind and a healthy body. get well, first, the rest will be easy. no worries. 21:52:56 bit flippant, he's in an environment inconducive to getting well 21:53:01 so i'm done for 21:53:07 SarahMalik: that's prejudice 21:53:08 wsky for now, go to -social, and lets talk about your zfs interface 21:53:08 US nursing homes are run by profit seekers in general 21:53:18 wow, i forgot we were in main, what the fark 21:54:10 SarahMalik: i am in a nursing home cuz i jumped outta 2nd story high on ritalin and broke my arm if you must know, i am 39 21:54:19 oh 22:06:43 man what did I walk into 22:08:46 specialbomb you walked into a specialbomb 22:09:01 Ritalin is the drug from the Exorcism movie. 22:09:28 * Exorcist 22:09:30 :D 22:24:55 :E 22:50:52 how to remaster mfsBSD? 23:01:38 https://github.com/mmatuska/mfsbsd/blob/master/BUILD.md#Examples 23:03:36 are there any companies that do freebsd virtual servers? 23:03:43 all i ever see is windows and linux 23:08:41 GoSox Vultr 23:08:57 GoSox also, https://antranigv.am/posts/2024/05/freebsd-vultr-ipxe-root-on-zfs/ 23:11:37 GoSox: I run ramnode, im satisfied 23:15:44 rwp: I want to remaster the mfsBSD I am running whith all modifications 23:26:15 i can’t figure out what my best option is. ive been collocating for years. do i want to keep doing that, or do a vps, or runa. server at home through a public facing VPN 23:30:01 It's a problem we have all wrestled with. I do a combination of all of the above. 23:32:52 GoSox: why not go bare metal? 23:34:19 i don’t feel great about running a freebsd server at a datacenter. I’m a life long mac guy and i’m trying to learn bsd but i’m inherently not a command line guy. And if something goes wrong I’m going to have no idea how to fix it 23:34:48 ipmi at a datacenter is as good as a screen at home 23:34:59 i like hosting at home, but i don't bother with a vpn 23:36:24 When I am forced to use GUI only I feel very limited. 23:36:36 i’d want the VPN because as fast as my home connection is, it is technically a dynamic IP that is on many blaklists because of that 23:36:48 GoSox: you can learn freebsd with running it in a VM at your mac too 23:36:53 with a VPN i could have a static IP with reverse DNS and nobody would know it just tunnels back to a server running at home 23:37:08 i’m learning it just running it natively on an old mac mini i have 23:37:10 its just slow going 23:37:22 If you have a solid home connection then that's a reasonable thing to do. Maybe the best thing for you. 23:37:39 the other benefit of the VPN solution is that if theres a power outage, i could just bring the computer to someone elses house until power comes back on. connect to the VPN from anywhere and your server is up 23:38:30 Do you usually have power outages that last that long where relocating a server machine is viable? 23:39:20 power outages are very rare at my home. but anything can happen, and if i did an at home server, it would be something between the size of a mac mini and a small tower so having the option is a nice extra beenfit 23:39:23 benefit 23:42:41 renting VPSs here is cheaper than hosting at home :S 23:43:06 on top of that, every night my internet goes out a couple times per night (3-4 times a 10 mins) 23:53:40 GoSox: i probably wouldnt bother with mail 23:54:06 rrahl0: it wouldnt be with 74tb of storage 23:54:51 rtprio: yeah, that's way outside of my use case :). and tbf, I still selfhost some stuff at home. but I am slowly moving small services onto the "cloud"