***: ziyourenxiang has quit IRC (Quit: ziyourenxiang) phlux: ugh
9.0-REL problems
Trying to go to 9.2-REL and none of my configs will auto-resolve with freebsd-update brycec: Bummer phlux: I'm just going to try to go to STABLE from RELEASE
ugh
Maybe I'll just go 9.1-REL to 9.2-REL
Fetching 32621 files...
see you all next year brycec: @date Jan 1, 2015 BryceBot: 37 weeks, 13 hours, 31 minutes, 42 seconds to go. [Interpreted date: Thu, 01 Jan 2015 00:00:00 -0800] phlux: hmm
see you all in one year and six months brycec: @wa 32621 / 888 BryceBot: 32621/888;32621/888 (irreducible);36.73536036036036036036036036036036036036036036036036036036036...;36.735360^_ (period 3);36 653/888;36×888+653;2^(-3)×3^(-1)×37^(-1)×32621;[36; 1, 2, 1, 3, 1, 1, 12, 2];36 + 1/2+1/5+1/29+1/1140+1/2446440 brycec: @wa 32621 / 901
forgot the 13 hours... BryceBot: 32621/901;32621/901 (irreducible);36.20532741398446170921198668146503884572697003329633740288568...;36.20532741398446170921198668146503884572697003329633740288568..., (period 208);36 185/901;36×901+185;17^(-1)×53^(-1)×32621;[36; 4, 1, 6, 1, 2, 2, 3];36 + 1/5+1/188+1/120992+1/25618241120 brycec: Okay so that's 36ish files per hour
phlux: why up to 18mos? phlux: 2 years then
:|
wtf is freebsd-update fetching nearly 33,000 files for brycec: I think by then -11 will be stable :p
Lots of tiny man pages and shit phlux: I may just see if ol' up_the_irons will reprovision this machine for me
i've waited too long for 9-REL's EOL
it might be easier to just start new with 9.2-REL
I wish there was some verbose output
so I could know if I was on file # 30,000 yet or not
-_-
This has the potential to wreck my bandwidth for the month though -: phlux sighs brycec: 800GB in freebsd-update? Not likely.
phlux: FYI there is --debug
# Usage instructions. Options not listed:
# --debug -- don't filter output from utilities
Also setting VERBOSELEVEL in your freebsd-update.conf to stats, nostats, or debug phlux: Ah, good
That'll do
Thanks brycec: np RandalSchwartz: I'm upgrading machines to 8.4 just to get another year of life. :) jpalmer: phlux: the portal allows you to select the ISO now. you can reprovision your own machine
are you guys using pkgng yet? mike-burns: I'm using it on a fresh install, but I haven't migrated my other installs over. jpalmer: what is your take? like or dislike? brycec: jpalmer: I migrated a 9.2 system to it and it's awesome
Like it, and it's super fast jpalmer: I'm liking it. And working to submit a patch to puppetlabs to support it. was just trying to gauge how other people percieve it. mike-burns: Like: it works, it's fast, it's modern. Dislike: subcommands, hard to generate packages without using pkg-create. brycec: So for most users, it's great :p mike-burns: Right.
I prefer it over ports in many ways. jpalmer: I kinda like the subcommands. brycec: I'm still confused about some aspects, where it overlaps with ports. Is it meant to replace ports entirely, for instance RandalSchwartz: I'm using pkgng with poudiere to build packages to my specifications, then installing across multiple machines from my own repo mike-burns: I'm also confused about its relation to ports. I know ports are used to create the packages. But are we supposed to still use ports? brycec: Not to mention the migration from pkg_* to it wasn't exactly smooth for my system.
mike-burns: I'm glad to know I'm not alone :) jpalmer: I don't think it's meant to replace ports entirely, personally. because ports gives you the option to compile things with various flags, which i don't think pkgng can do.. unless they do like apt and yum, allowing custom repositories. mike-burns: Right, they don't do custom flags. RandalSchwartz: pkgng doesn't build anything
so yeah, still need ports
by default, pkgng points at central tinderbox, which compiles everything with default flags brycec: RandalSchwartz: distros like Debian break out those extra options into separate packages. Perhaps pkgng can/will do same RandalSchwartz: once you start customizing, you have to do your own building
there are a lot of options in every port :)
hard to imagine reducing that to a few repos brycec: Yep jpalmer: brycec: and more importanly, they let you host your own repos for custom-built stuff. RandalSchwartz: like I just said I was doing, yes jpalmer: I could see a few basic options being available. without x11, with SSL, etc. but yeah.. agreed. way too many options for each incantation to be a package. mike-burns: I'm most excited about the custom repos. It means I can distribute things to people without some weird dance involving patch.
I can even just give them a pkg. jpalmer: RandalSchwartz: I haven't looked into hosting your own. is it pretty straightforward? just setup an http server, and do some magic to have pkgng aware of it (haven't looked into it's configs much yet) mike-burns: (Approaching this from a software maintainer perspective and not as an admin.) brycec: Or another example, RPM spec files that are configured to compile everything, and each little .so gets packaged up in another rpm. apache-ssl, apach-worker, apache-whatever etc RandalSchwartz: yeah, that's pretty much it jpalmer: brycec: yeah, the more I use rpm/yum the more impressed I get with it. Long gone are the "rpm hell" days I used to dread. RandalSchwartz: pourdiere makes it even easier -: jpalmer googles for that RandalSchwartz: it's a port
and I keep mispelling it :)
google "custom package repo freebsd"
damn french word jpalmer: yeah, found it. looking into it now
danke RandalSchwartz: it creates a jail to build everything, so you can even build cross-compiled to older releases or even different architectures
pretty slick
and build things with different options from your installed ports jpalmer: looks.. daunting. RandalSchwartz: yeah - it's a bit overwhelming at first
the manpage walks through a typical setup cycle though jpalmer: I'll have to play, once I get pkgng support natively in puppet ;) RandalSchwartz: salt already works. :) jpalmer: that'd be awesome if I was a salt user :P sjackso: do either of you know how to ask pkgng what flags one of its binary packages was built with?
Or do you just have to check the default config in the ports? -: brycec has no idea, maybe pkg-info? RandalSchwartz: I think the options file is part of the package
it's like a zip file brycec: sjackso: pkg info shows me options for bash
There's a "Options" line/section
Example https://dl.dropboxusercontent.com/u/3167967/screenshot_2014-04-16_13-18-18.png RandalSchwartz: BSDPAN isn't updated for pkgng yet though sjackso: ah, forsooth RandalSchwartz: so there's a couple of Perl modules that are outliers sjackso: not sure how I missed that
I think maybe I was confused because some virtual packages (e.g. python) have no options brycec: makes sense sjackso: thanks brycec: np phlux: jpalmer: good to know.
does freebsd-update ignore /etc/mergemaster.rc? brycec: I don't see any mention of mergemaster in /usr/sbin/freebsd-update phlux: argh
I'm going to try this freebsd-update crap and just hope it works
if not oh well
Gonna make some backups first brycec: It appears to use merge(1) phlux: well
presumably things went well
Installing updates...
Kernel updates have been installed. Please reboot and run
"/usr/sbin/freebsd-update install" again to finish installing updates.
we'll see brycec: Cool
Knock on wood, but I've never had freebsd-update nuke a system, or cause any issues itself... phlux: Well
Here goes nothing I guess
God damn I'm sleep deprived RandalSchwartz: yeah, usually reasonably safe phlux: I just did 'reboot' and my own monitor flashed. I thought "Wow, that's crazy. Must've been a crazy window urgency notice."
so
I issued reboot on the wrong terminal RandalSchwartz: ouch phlux: I guess it's not really a huge deal
I needed to reboot the laptop anyways
Just upgraded the kernel
hmm
I can ping the VPS
but I can't SSH
not a good sign RandalSchwartz: go to the console :) phlux: yeah
bout to do that brycec: Maybe SSH hasn't started yet? phlux: maybe brycec: (Still best to pull up the VNC console and check) phlux: meh, I need a good VNC client
Any suggestions? RandalSchwartz: what platform? phlux: RandalSchwartz: Linux brycec: I use gvncviewer
(gtk-vnc) phlux: there we go, I'll give that a shot
yay no new deps brycec: (Supports OSX username/password auth too) phlux: How do you specify the port?
gvncviewer --help-all didn't show me much brycec: gnvcviewer host:prot
eg gvncviewer kvr07.arpnetworks.com:67 -: RandalSchwartz doesn't run linux in any significant way except as demanded by his clients phlux: phew
SSH came up
:P
Ok, good..sitting on 9.1-REL
I wonder what 9.1's EOL is.. m0unds: huh, why'd it take so long? just performing the update and stuff? RandalSchwartz: probably didn't have enough entropy to create the initial host key phlux: I have no idea mercutio: that heartbleed thing effects openvpn too hmm RandalSchwartz: look at "dmesg"
see what it was saying brycec: s/ef/af/ BryceBot: <mercutio> that heartbleed thing affects openvpn too hmm brycec: Yes, yes it does mercutio mercutio: heh i screw that up too often phlux: I am pleasantly surprised that freebsd-update worked.
Upgrading back in the 4.x days wasn't so simple mercutio: io think there weren't as many updates?
for some reason i think freebsd was just at vresion 2.8 (wrongly so) phlux: Not sure tbh RandalSchwartz: that's back when binary was only 0, not 0 and 1 phlux: :(
Hopefully I'm not showing my age too much there mercutio: i've always found openbsd updating reasonably easy phlux: I remember running Corel Linux locally back then
what a POS that was mercutio: even going back 10 years RandalSchwartz: "I'm not dating myself... I'm carbon dating myself" mercutio: i tried that linux too phlux
it was icky RandalSchwartz: My first invocation of "ls" was in 1977. mercutio: debian was icky too phlux: Oh man mercutio: dselect didn't scale, and apt wasn't around yet phlux: RandalSchwartz: You've got me beat by quite a bit then. I wasn't born until 88. RandalSchwartz: heh phlux: We were a DOS household when I was younger
My Dad didn't think Windows would catch on mercutio: heh phlux: Called it a "fad" mercutio: did you use desqview phlux RandalSchwartz: A friend of mine gave me just a few things... a phone number, the username "sarch", null password, and "cd /usr/games" and "ls"
that's it
from there, I figured out unix
at 300 baud mercutio: did anyone else notice how much more unreliable things got when people stopped using DOS commercially? phlux: mercutio: I honestly don't remember doing much except playing hangman back then
Around 1998 my Mom brought a computer with Windows on it mercutio: although dos had issues, it didn't tend to have random issues
like you didn't haev enough conventional ram -- and things woiuldn't run phlux: My Dad was kind of taken back like "Wow...this is pretty great" mercutio: but if you fixed the ram issue, and they ran, they'd keep running m0unds: dos is still used in some niche stuff
6.22 mercutio: well like point of sale equipment
when it stopped running on dos, got much slower and more unreliable m0unds: there are still industrial applications that use dos, a couple mfgrs use dos for surveillance c&c computers mercutio: it's a pita to do internet on dos though
because it uses up conventional ram.. phlux: We were the first in our neighborhood to get DVDs, I remember
We had some music video DVD that came with a Gateway computer mercutio: it was even worse doing internet+desqview phlux: I went to school telling people "Yeah, we're going to watch movies on CDs soon. I've got a player at home." and no one believed me m0unds: hahaha mercutio: i kind of missed the boat on dvd's phlux: Even one of my teachers was like "No you just have a CD with video files on it" mercutio: i got sopme dvd player when tehy were cheap, i can't imagine that was early m0unds: we had an IBM Express that ran DOS, and my dad upgraded to a gateway 2000 80486dx-33 running wfw 3.11 so he could use the new version of ACT
it had a double-speed mitsumi cd-rom drive in it. the disk interface was built into the ISA soundcard mercutio: like svcd's?
3 cd's for one movie phlux: lol
Did anyone play Unreal Tournament 2k4? mercutio: not i phlux: I remember buying it and not seeing that there was a DVD version (if there even was one) mercutio: i played doom2? :) phlux: it was like 15 CDs mercutio: haha
phlux: yhou should have seen os/2 :)
30+ floppies phlux: Oh I remember the floppies mercutio: and for some reason the installer was slow too phlux: OH MAN staticsafe: what are y'all old people talking about phlux: Remember the green screen macs!? mercutio: like it had bad floppy loading code or something phlux: ugh
here comes staticsafe
he's like
11 or something mercutio: phlux: nope, but i remember terminals
that used to often operate at like 2400 bps etc staticsafe: phlux: heh that would be hazardous m0unds: staticsafe: oh no you di'nt mercutio: my library had dialup access to their catalague
catalogue phlux: I like to think I'm not too old mercutio: and terminals at the library m0unds: phlux: what's an internet? mercutio: and it was faster dialing up from home phlux: I've turned 21 5 times mercutio: and more convenient phlux: so mercutio: i think they had 14.4k dialup
but i tried using the catalogue years later
and it's got this horrible web ui staticsafe: my first pc was a 833Mhz P3 running Windows ME on 56k dialup brycec: Well if you're carbon dating yourself, then you're at least announcing you're over 64 on account of "Before Present" :P 16:45:15 < RandalSchwartz> "I'm not dating myself... I'm carbon dating myself" mercutio: and of course it's slower than it was
then i tried using a different library system to compare, and it had overlapping text etc
and the site was hardly usable brycec: I use it every day! And write for it, batch scripts primarily 16:47:27 < m0unds> dos is still used in some niche stuff mercutio: bryce: what do you do with it?
damnit i want to play with os/2 again some time
but not for long :) brycec: mercutio: It's used in BIOS flashing, serialisation, and inventory management. m0unds: brycec: fun brycec: (We build servers... so, gotta flash the serial number, asset tag, etc in to the smbios. not to mention flashing the BIOS with custom images. And more!)
Oh the things I've done under "And more!"...
Nothing quite like curl in DOS phlux: k so this isn't good
[phlux@kevin-thompson ~]$ sudo freebsd-update install
Installing updates...
pwd_mkdb: corrupted entry
pwd_mkdb: at line #1
pwd_mkdb: /etc/master.passwd: Inappropriate file type or format
done.
rut roh
I can't run vi either RandalSchwartz: so much for "transparent upgrade".
Hopefully you have a relevant bootable disk mounted on your virtual DVD tray phlux: well
I have backups
(of the imporant things)
important, even
nbd
I'll just start it fresh
hmm
Do we not use dhcp? RandalSchwartz: I think not m0unds: nosir RandalSchwartz: I've had to put hardwired addresses always
otherwise, someone has to have a DB of MACADDR to needed IPs
seems silly m0unds: you can find your ip assignment in the portal brycec: Correct, no DHCP
Poor up_the_irons would have a DHCP server listening on over 4000 interfaces
insanity
Especially for tiny lil /29's staticsafe: heh yeah brycec: No slaac either phlux: hmm
Evidently, I have no idea what I'm doing as far as setting up the network, heh
There we go
IPv4 is up anyway RandalSchwartz: "One Ping Only!" phlux: and ipv6 is up
w00t mercutio: brycec: well it could show as one interafce
not that i want dhcp :) brycec: mercutio: What, as one untagged ethX?Still would require a separate network{} section for every single customer, with MAC-address lock-ins. (If we're speaking ISC DHCP) mercutio: i'm sure mac is already hardcoded
and one untagged port yes
static is fine by me though brycec: (Which would then pollute all the networks with DHCPDISCOVER responses) mercutio: true
i didn't think of that brycec: ha it was the first thing I thought of :P mercutio: have you tcpdumped on huge bridged networks?
so much crap brycec: mercutio: you mean like my home cable connection? ;) Yes, yes I have. PISSES ME OFF staticsafe: DHCP doesn't make sense for ARP's network architecture brycec: Same with the office cable connection mercutio: haha m0unds: haha, how about the tons of IGMP messages on cable networks? mercutio: i never saw those, but it was years ago i looked
it was mostly arp overload brycec: I get more IGMP messages from my internal network than outside.
I've started getting RIP advertisements on my office cable connection though staticsafe: o_o m0unds: huh. i was averaging a few thousand an hour mercutio: m0unds: so like 1/50th of the number of arp requests? :) m0unds: rip advertisements? seriously? mercutio: (i expect it varies a lot by provider)
i scanned cable network for http when i was on cable years back m0unds: it was traffic being denied by my firewall, so it was filling my logs with 100-200x the number of normal denied requests mercutio: well just the adjacent /24s etc m0unds: so i noticed mercutio: and i found someone i knew's personal web server brycec: 00:00:05.313490 rule 3/0(match): block in on em1: (tos 0x0, ttl 127, id 25141, offset 0, flags [none], proto UDP (17), length 92) 173.43.214.210.520 > 224.0.0.9.520: RIPv2, Response, length: 64, routes: 3 mercutio: m0unds: maybe your firewall should ignore traffic not directed towards it? brycec: What's odd is that it's *my* subnet, but the next-hop is unknown to me. m0unds: mercutio: or i could just filter it from being logged and not care ever again
which is what i did
brycec: huh. brycec: Also, my *office* cable modem burps out UPNP announcements :( m0unds: gross
one of those "business" CPEs/gwys? brycec: Not sure how to interpret that... But it's some Moto Surfboard thing
Provided on a business account m0unds: well, they have awful CPE devices that also serve as a NAT gwy
rather than just a modem with no added functionality brycec: I remember the "good ol' days" of cable internet, when your whole block was on one subnet, nothing was filtered and you could browse others' CIFS shares staticsafe: now I'm curious what kind of stuff I get on my ether1-gateway interface brycec: m0unds: Ah. This just acts like a modem, fortunately. m0unds: i wish comcast would let me have my block and a regular 'ol modem brycec: No doubt it can do more - It has built-in wifi for cripe's sake - but it doesn't do anything else. m0unds: they make me use a silly SMC 8xxx series modem + NAT wunderbox brycec: (fortunately, the wifi is not enabled) m0unds: haha brycec: BUmmer m0unds: my neighborhood is filled with centurylink modems w/wifi enabled + the customer's own router's wifi mercutio: m0unds: that's what i meant phlux: er..
why is there an 'openssl' binary in /usr/bin and /usr/local/bin..? mercutio: wow this server is lagging heaps suddenly
a local install? phlux: the /usr/bin gives me 0.9.8y, /usr/local/bin gives me 1.0.1e mercutio: did you compile from source to update? phlux: yep mercutio: well it probably had prefix of =/usr/local
where normal is /usr
if you do configure --prefix=/usr it might be sort of ok phlux: Well, I mean, I compiled it from ports mercutio: but there may be other paths it utilises too
like debian has lots of strange paths
does freebsd bundle openssl?
you were freebsd right :) phlux: aye mercutio: so yeah should update the normal freebsd instead of the port normally m0unds: bundled + built from ports mercutio: or compile from /usr/src/usr.bin/openssl or whatever
i have no idea how to switch from bundled to port version
but i think if you restart things it should default that way
becusae usually things look in /usr/local/lib and /usr/local/bin first brycec: If you had 0.9.8y, why did you install from ports?