--- Log opened Tue Oct 28 00:00:49 2025
00:07 -!- OnASnoopPhone [~OnASnoopP@user/OnASnoopPhone] has quit [Remote host closed the connection]
00:11 -!- mbuhl [~mbuhl@user/mbuhl] has quit [Remote host closed the connection]
00:13 -!- wnh [~Thunderbi@user/wnh] has quit [Quit: wnh]
00:14 -!- mbuhl [~mbuhl@user/mbuhl] has joined #openbsd
00:30 -!- kabluxi [~ublx@user/ublx] has quit [Ping timeout: 264 seconds]
00:33 -!- librecat [uid714233@id-714233.helmsley.irccloud.com] has quit [Quit: Connection closed for inactivity]
00:34 -!- senninha [~seninha@user/seninha] has quit [Quit: Leaving]
00:46 -!- fedaykin [~rusty@user/fedaykin] has quit [Quit: leaving]
00:48 -!- fedaykin [~rusty@user/fedaykin] has joined #openbsd
00:52 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection]
00:53 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd
00:58 -!- wnh [~Thunderbi@user/wnh] has joined #openbsd
00:59 -!- sdds [~sdds@user/sdds] has joined #openbsd
01:00 -!- sdds [~sdds@user/sdds] has quit [Remote host closed the connection]
01:01 -!- sdds [~sdds@user/sdds] has joined #openbsd
01:03 -!- wnh [~Thunderbi@user/wnh] has quit [Ping timeout: 256 seconds]
01:04 -!- wnh [~Thunderbi@user/wnh] has joined #openbsd
01:05 -!- sonne_ [~vmlinuz@user/sonne] has joined #openbsd
01:06 -!- sonne [~vmlinuz@user/sonne] has quit [Ping timeout: 264 seconds]
01:06 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection]
01:06 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd
01:07 -!- technoid_ [~Technoid@user/technoid/x-1284035] has joined #openbsd
01:07 -!- sdds [~sdds@user/sdds] has quit [Quit: sdds]
01:08 -!- x_x [~xx@user/xx] has quit [Ping timeout: 272 seconds]
01:10 -!- sdds [~sdds@user/sdds] has joined #openbsd
01:23 -!- dumbmonadicfunct is now known as dumbmf
01:23 -!- fedaykin [~rusty@user/fedaykin] has quit [Quit: leaving]
01:29 -!- drainer333 [~alice@user/Drainer333] has quit [Ping timeout: 255 seconds]
01:31 -!- drainer333 [~alice@user/Drainer333] has joined #openbsd
01:35 -!- drathir_tor [~drathir@wireguard/tunneler/drathir] has quit [Remote host closed the connection]
01:36 -!- sysfu [~sysfu@sysfu.net] has joined #openbsd
01:42 < CommonNickname> what advices you can give me on "logging traffic" and "block them" / "ban" : is useful to use fail2ban or the <tables> defined in pf.conf against abuse, are enought? 
01:42 -!- Hackerpcs_1 is now known as Hackerpcs
01:46 < CommonNickname> Another question is: is possible to reverse proxy based on Path? domain.a/path -> serve -> domain.a:2020
01:52 -!- sdds [~sdds@user/sdds] has quit [Ping timeout: 272 seconds]
01:55 < ssm_> CommonNickname: man pf.conf | col -b | awk '$1=="max-src-conn"{n++}/^$/{if(n>0)n++}{if(n>0&&n<7)print}'
01:55 -!- sdds [~sdds@user/sdds] has joined #openbsd
01:56 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection]
01:56 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd
01:57 < ssm_> second one I don't know
02:07 -!- elarks1 is now known as elarks
02:07 -!- byteskep1ical [~amnesia@user/byteskeptical] has quit [Remote host closed the connection]
02:09 < CommonNickname> O_o that was mindblowing! awesome! thank you! 
02:10 -!- jgh [~jgh@hellmouth.gulag.org.uk] has quit [Remote host closed the connection]
02:10 -!- gustik [~gusto@92-180-232-16.dynamic.orange.sk] has quit [Ping timeout: 264 seconds]
02:17 -!- gustik [~gusto@92-180-232-16.dynamic.orange.sk] has joined #openbsd
02:19 -!- fedaykin [~rusty@user/fedaykin] has joined #openbsd
02:19 -!- byteskeptical [~amnesia@user/byteskeptical] has joined #openbsd
02:22 < CommonNickname> ssm_: so in your opinion, using pf <tables> is better than installing new software to do the job. I am using similar rules
02:35 < thrig> base OS stuff probably has less security holes than fail2ban
02:39 < rnkn> running a webapp in a /var/www chroot means it can't listen on a socket in /var/run correct? so the socket needs to be in /var/www/var/run?
02:40 < rnkn> or neater, /var/www/run
02:47 < rtj> ssm_: That was a sick reply, love it! :)
02:49 -!- gh [~klug@user/gh] has joined #openbsd
02:49 -!- unwrapped_monad [~unwrapped@unwrapped.user.lecturify.net] has quit [Changing host]
02:49 -!- unwrapped_monad [~unwrapped@user/unwrapped-monad:02312] has joined #openbsd
03:00 < thrig> golfable with perl -00ne '/\smax-src-conn/&&do{print;$n=7};--$n>0&&print'
03:01 < thrig> maybe sed can do it even shorter with some on/off thingy
03:04 -!- itchy [~itchy@user/itchy] has quit [Ping timeout: 256 seconds]
03:06 -!- itchy [~itchy@user/itchy] has joined #openbsd
03:08 -!- jadi [~jadi@74.49.178.126] has quit [Ping timeout: 265 seconds]
03:21 < CommonNickname> what are package.core files? 
03:23 -!- zimmer [~zimmer@user/zimmer] has quit [Read error: Connection reset by peer]
03:29 < drainer333> I believe they're core dumps from when something crashes
03:32 -!- szilard- [~szilard@1F2EFA50.nat.pool.telekom.hu] has joined #openbsd
03:34 -!- szilard [~szilard@1F2EF961.nat.pool.telekom.hu] has quit [Ping timeout: 264 seconds]
03:34 -!- szilard- is now known as szilard
03:36 -!- qqe [~qqq@185.54.23.200] has joined #openbsd
03:48 < rnkn>  hmm.. is it unwise for me to build a webapp locally on Alpine Linux that will run on an OpenBSD server?
03:50 -!- nathanpc [~nathanpc@user/nathanpc] has quit [Ping timeout: 240 seconds]
03:53 -!- _zip100 [~zip100@185.209.196.230] has quit [Ping timeout: 244 seconds]
03:53 -!- nature [~nature@64.137.144.64] has quit [Ping timeout: 255 seconds]
04:00 -!- nature [~nature@64.137.144.64] has joined #openbsd
04:00 -!- jadi [~jadi@74.49.178.126] has joined #openbsd
04:01 < thrig> what does build mean?
04:01 < rnkn> write in Perl
04:02 < rnkn> try to mirror the production env as much as possible
04:06 -!- gh [~klug@user/gh] has quit [Quit: Konversation terminated!]
04:11 -!- sdds [~sdds@user/sdds] has quit [Ping timeout: 272 seconds]
04:12 -!- nathanpc [~nathanpc@user/nathanpc] has joined #openbsd
04:13 -!- sdds [~sdds@user/sdds] has joined #openbsd
04:13 -!- lavaball [~Melissa@31.204.155.215] has quit [Remote host closed the connection]
04:15 -!- daugaard [~daugaard@user/daugaard] has joined #openbsd
04:25 < thrig> should be fine
04:28 -!- zbcm [~mcbz@user/zbcm] has joined #openbsd
04:30 -!- dsff [~dsff@user/dsff] has quit [Remote host closed the connection]
04:35 -!- xv8 [~xv8@user/XV8] has quit [Ping timeout: 256 seconds]
04:35 -!- xv9 [~xv8@pool-173-71-196-158.clppva.fios.verizon.net] has joined #openbsd
04:37 -!- dsff [~dsff@user/dsff] has joined #openbsd
04:39 < dg> thrig: I feel like you didn't even try to golf that, how about: perl -00ne'($n=/\smax-src-conn/?6:--$n)>0&&print'
04:41 < dg> and the match can be more vague: perl -00ne'($n=/\sm[-\w]+-c/?6:--$n)>0&&print'
04:42 < thrig> nlE, say, should shave some more
04:42 < dg> deletes the blank lines though, not as readable
04:42 -!- luscious1 [~luscious@user/lusciouslover] has joined #openbsd
04:43 -!- lusciouslover [~luscious@user/lusciouslover] has quit [Read error: Connection reset by peer]
04:45 -!- fgidim [~lei@user/fgarcia] has quit [Read error: Connection reset by peer]
04:48 -!- fgarcia [~lei@user/fgarcia] has joined #openbsd
04:55 -!- uncleyear [~ian@178.66.159.209] has quit [Read error: Connection reset by peer]
04:55 -!- zbcm [~mcbz@user/zbcm] has quit [Ping timeout: 240 seconds]
04:55 -!- uncleyear [~ian@178.66.130.152] has joined #openbsd
05:06 -!- jadi [~jadi@74.49.178.126] has quit [Ping timeout: 246 seconds]
05:11 -!- fgarcia is now known as fgidim
05:12 -!- sonya [~nightwolf@gateway/tor-sasl/sonya] has joined #openbsd
05:16 -!- OnASnoopPhone [~OnASnoopP@user/OnASnoopPhone] has joined #openbsd
05:25 -!- szilard [~szilard@1F2EFA50.nat.pool.telekom.hu] has quit [Remote host closed the connection]
05:25 -!- bradd [~quassel@user/bradd] has quit [Remote host closed the connection]
05:27 -!- mexen [uid495612@user/mexen] has joined #openbsd
05:27 -!- nologin [~nightwolf@gateway/tor-sasl/sonya] has joined #openbsd
05:27 -!- bradd [~quassel@user/bradd] has joined #openbsd
05:27 -!- szilard [~szilard@1F2EFA50.nat.pool.telekom.hu] has joined #openbsd
05:28 -!- sonya [~nightwolf@gateway/tor-sasl/sonya] has quit [Remote host closed the connection]
05:37 -!- cp- [~cp-@b157153.ppp.asahi-net.or.jp] has quit [Ping timeout: 264 seconds]
05:38 -!- cp- [~cp-@b157153.ppp.asahi-net.or.jp] has joined #openbsd
05:42 -!- raj [uid72176@user/raj] has quit []
05:43 -!- librecat [uid714233@id-714233.helmsley.irccloud.com] has joined #openbsd
05:46 -!- km [~km@c978F5BC1.dhcp.as2116.net] has joined #openbsd
05:56 -!- qqe [~qqq@185.54.23.200] has quit [Quit: Lost terminal]
05:59 -!- sdds [~sdds@user/sdds] has quit [Remote host closed the connection]
06:04 -!- struchu [~struchu@staticline-31-183-133-251.toya.net.pl] has joined #openbsd
06:10 -!- Treibholz [~Treibholz@94.31.118.91] has quit [Quit: WeeChat 4.6.2]
06:29 -!- SiFuh_ [~SiFuh@user/sifuh] has quit [Remote host closed the connection]
06:29 -!- SiFuh_ [~SiFuh@user/sifuh] has joined #openbsd
06:30 -!- bradd [~quassel@user/bradd] has quit [Remote host closed the connection]
06:34 -!- ivdsangen [~ivo@83-84-59-127.cable.dynamic.v4.ziggo.nl] has joined #openbsd
06:34 -!- ewig [~ewig@user/ewig] has joined #openbsd
06:35 -!- shiranaihito_ [~shiranaih@2001:fb1:7c:7dfe:cc08:ab0a:8cfd:cff1] has joined #openbsd
06:36 -!- bradd [~quassel@user/bradd] has joined #openbsd
06:36 -!- Treibholz [~Treibholz@2a00:6020:adbb:3a00:fd26:4230:2eba:b4f5] has joined #openbsd
06:42 -!- sdds [~sdds@user/sdds] has joined #openbsd
06:47 -!- creek [~creek@user/creek] has joined #openbsd
06:50 -!- dsff [~dsff@user/dsff] has quit [Remote host closed the connection]
06:50 -!- nature [~nature@64.137.144.64] has quit [Ping timeout: 264 seconds]
06:53 -!- fart_cat [~fart_cat@user/fart-cat:36778] has joined #openbsd
06:53 -!- sdds [~sdds@user/sdds] has quit [Remote host closed the connection]
06:57 -!- vhns [~vhns@107.173.114.161] has joined #openbsd
07:11 < CosmicDJ> seems like server6 on openbsd.amsterdam has some troubles... https://status.openbsd.amsterdam
07:15 -!- memset_ [~memset@gateway/tor-sasl/memset] has joined #openbsd
07:16 -!- pardis [~znc@quark.paardenvla.nl] has quit [Remote host closed the connection]
07:18 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Ping timeout: 272 seconds]
07:22 -!- km [~km@c978F5BC1.dhcp.as2116.net] has quit []
07:22 -!- shiranaihito_ [~shiranaih@2001:fb1:7c:7dfe:cc08:ab0a:8cfd:cff1] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
07:30 -!- luscious1 is now known as lusciouslover
07:38 -!- adip [~adip@c145-48.icpnet.pl] has joined #openbsd
07:39 -!- apac [~alexander@user/apac] has joined #openbsd
07:42 -!- housemate [~housemate@146.70.154.70] has joined #openbsd
07:42 < CosmicDJ> oh man... I hope I didn't lose any mails :( "Oct 27 20:00:01 mail syslogd[49275]: restart; Oct 28 07:44:11 mail /bsd: Rebooting in response to request from vmmci0 host"
07:44 -!- shiranaihito_ [~shiranaih@ppp-171-96-204-114.revip8.asianet.co.th] has joined #openbsd
07:45 -!- apac [~alexander@user/apac] has quit [Ping timeout: 264 seconds]
07:50 < quinq> CosmicDJ, emails usually have a few days lifetime :)
07:56 -!- feriman [~feriman@user/feriman] has joined #openbsd
08:06 -!- mexen [uid495612@user/mexen] has quit [Quit: Connection closed for inactivity]
08:07 -!- daugaard [~daugaard@user/daugaard] has quit [Ping timeout: 264 seconds]
08:09 -!- fixou [~fixou@212.114.19.0] has quit [Quit: The Lounge - https://thelounge.chat]
08:15 -!- fixou [~fixou@212.114.19.0] has joined #openbsd
08:17 -!- jgh [~jgh@hellmouth.gulag.org.uk] has joined #openbsd
08:23 -!- CrimeWave [~Ebox-MTL@user/CrimeWave] has quit [Quit: Electronic Box Montréal - Textual IRC 7.2.6 OSX]
08:26 -!- SiFuh_ [~SiFuh@user/sifuh] has quit [Read error: Connection reset by peer]
08:27 -!- SiFuh_ [~SiFuh@user/sifuh] has joined #openbsd
08:29 -!- daugaard [~daugaard@user/daugaard] has joined #openbsd
08:30 < OnASnoopPhone> Hello, did one manage to run the pufferfish on a Le Potato/aml-s905x-cc (arm)? I tried miniroot78.img shows black screen after saying it couldnt find /etc/randomseed and does nothing, install78.img instead of showing black screen also said it cant open sd0a:/bsd: innapropriate file type or format, showed these errors once more before printing turning timeout off. green led didnt turn on on both
08:33 < OnASnoopPhone> (sd=uboot, usb=openbsd)
08:35 -!- b50d [~b50d@62.96.54.30] has joined #openbsd
08:40 -!- feriman [~feriman@user/feriman] has quit [Quit: leaving]
08:40 -!- djhankb931 [~djhankb@ip-208-113-164-68.nodes.dream.io] has quit [Remote host closed the connection]
08:41 -!- djhankb931 [~djhankb@ip-208-113-164-68.nodes.dream.io] has joined #openbsd
08:42 -!- feriman [~feriman@user/feriman] has joined #openbsd
08:45 -!- emmanuelux [~emmanuelu@user/emmanuelux] has quit [Remote host closed the connection]
08:51 -!- jab [~user@user/jab] has joined #openbsd
08:51 -!- accelerat0r [~user@user/accelerat0r] has joined #openbsd
08:53 -!- lavaball [~Melissa@31.204.155.215] has joined #openbsd
08:59 -!- baby_groot [~fart_cat@user/fart-cat:36778] has joined #openbsd
09:00 -!- fart_cat [~fart_cat@user/fart-cat:36778] has quit [Ping timeout: 246 seconds]
09:00 -!- lavaball [~Melissa@31.204.155.215] has quit [Quit: lavaball]
09:01 -!- baby_groot is now known as fart_cat
09:03 -!- jab [~user@user/jab] has quit [Ping timeout: 264 seconds]
09:13 -!- x_x [~xx@user/xx] has joined #openbsd
09:20 -!- jab [~user@user/jab] has joined #openbsd
09:37 -!- edgar-rft [~edgar-rft@p200301026f032c3a02f1f3fffe18e9fc.dip0.t-ipconnect.de] has joined #openbsd
09:39 -!- gh [~bob@user/gh] has joined #openbsd
09:40 -!- vezhlys__ [~Andrius@cl-78-158-15-148.fastlink.lt] has joined #openbsd
09:41 -!- vezhlys_ [~Andrius@cl-78-158-15-20.fastlink.lt] has quit [Ping timeout: 256 seconds]
09:42 -!- vezhlys__ [~Andrius@cl-78-158-15-148.fastlink.lt] has quit [Remote host closed the connection]
09:43 -!- vezhlys__ [~Andrius@cl-78-158-15-148.fastlink.lt] has joined #openbsd
09:48 -!- vezhlys_ [~Andrius@cl-78-158-15-148.fastlink.lt] has joined #openbsd
09:50 -!- vezhlys__ [~Andrius@cl-78-158-15-148.fastlink.lt] has quit [Ping timeout: 264 seconds]
09:54 -!- Stx [stx@libera/staff/stx] has joined #openbsd
10:01 < gh> morning, does Han still idle frequent?
10:03 < gh> by Han spec freenode
10:03 < gh> in any case =?
10:04 -!- bigato [~bigato@170.81.150.145] has joined #openbsd
10:04 -!- bigato [~bigato@170.81.150.145] has quit [Changing host]
10:04 -!- bigato [~bigato@user/bigato] has joined #openbsd
10:07 -!- sdds [~sdds@user/sdds] has joined #openbsd
10:15 -!- gh [~bob@user/gh] has quit [Quit: WeeChat 4.5.1]
10:18 -!- lil_lasagna [~Ivan@178.237.232.38] has quit [Ping timeout: 240 seconds]
10:21 -!- fart_cat [~fart_cat@user/fart-cat:36778] has quit [Quit: Leaving]
10:21 -!- sdds [~sdds@user/sdds] has quit [Ping timeout: 272 seconds]
10:34 -!- accelerat0r [~user@user/accelerat0r] has quit [Remote host closed the connection]
10:37 < mischief> OnASnoopPhone: i dont think there's ports to any librecomputer stuff.
10:42 -!- ixc [~ixc@user/ixc] has joined #openbsd
10:48 -!- kabluxi [~ublx@user/ublx] has joined #openbsd
10:54 -!- Pixi` [~Pixi@user/pixi] has joined #openbsd
10:58 -!- Pixi [~Pixi@user/pixi] has quit [Ping timeout: 264 seconds]
10:59 -!- housemate [~housemate@146.70.154.70] has quit [Ping timeout: 264 seconds]
11:01 -!- rc [~rc@user/rc] has quit [Quit: nyaa~]
11:04 -!- memset_ [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection]
11:04 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd
11:16 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection]
11:16 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd
11:18 -!- reset [~reset@user/reset] has quit [Ping timeout: 264 seconds]
11:30 -!- reset [~reset@user/reset] has joined #openbsd
11:34 -!- lolok [~lolok@user/lolok] has quit [Quit: lolok]
11:35 -!- blaa [~bla@91.234.125.131] has quit [Ping timeout: 244 seconds]
11:39 -!- bla [~bla@91.234.125.131] has joined #openbsd
11:40 -!- lusciouslover [~luscious@user/lusciouslover] has quit [Read error: Connection reset by peer]
11:40 -!- luscious1 [~luscious@user/lusciouslover] has joined #openbsd
11:42 -!- apac [~alexander@user/apac] has joined #openbsd
11:50 -!- lolok [~lolok@user/lolok] has joined #openbsd
11:52 -!- creek [~creek@user/creek] has quit [Ping timeout: 244 seconds]
12:00 -!- apac [~alexander@user/apac] has quit [Ping timeout: 240 seconds]
12:07 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection]
12:07 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd
12:11 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection]
12:12 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd
12:18 -!- huy_ is now known as huy
12:18 -!- luscious1 is now known as lusciouslover
12:19 -!- xkey [~xkey@user/xkey] has quit [Quit: WeeChat 4.7.1]
12:25 -!- brynet [~brynet@brynet.ca] has quit [Quit: leaving]
12:25 -!- apac [~alexander@user/apac] has joined #openbsd
12:30 -!- brynet [~brynet@brynet.ca] has joined #openbsd
12:31 -!- johnzlly [~johnzlly@user/johnzlly] has joined #openbsd
12:36 -!- jab [~user@user/jab] has quit [Ping timeout: 246 seconds]
12:37 -!- jedesa [~Thunderbi@user/jedesa] has joined #openbsd
12:43 -!- zip100 [~zip100@185.213.155.234] has joined #openbsd
12:44 -!- apac [~alexander@user/apac] has quit [Ping timeout: 255 seconds]
12:48 -!- _zip100 [~zip100@193.32.248.203] has joined #openbsd
12:49 -!- zip100 [~zip100@185.213.155.234] has quit [Ping timeout: 264 seconds]
12:51 < rnkn> can a process (webserver) inside a chroot call a script that can do things outside the chroot?
12:52 < sibiria> no, because there's nothing above / in the file system tree
12:52 < sibiria> if the process has super user privs it can break out of the jail, and then access things outside
12:52 -!- stuart [~stuart@2001:4091:a247:82f7:141d:2108:c251:82ab] has joined #openbsd
12:53 -!- jab [~user@user/jab] has joined #openbsd
12:53 < sibiria> if you want the web server to run things that need access outside the jail you will need to delegate the access to something else, over network or unix socket, as is typical with for example running PHP-FPM
12:54 < rnkn> what about if I give the script a special doas permission for its one action?
12:56 < sibiria> you'd have to give it permission to break out of the jail and *then* access the parts outside
12:56 < sibiria> at this point there's no reason at all to jail it in the first place
12:56 < sibiria> prisoner with door key in hand
12:57 < TommyC> Just so we're clear, sibiria is still referring to chroots when they say "jail". As a FreeBSD user I also like to differentiate between FreeBSD's jails and "regular" chroots.
12:57 < sibiria> correct
12:59 < rnkn> seems like a socket is the best approach
12:59 < sibiria> or networking. the socket would have to be inside the jail, too. sometimes that gets complicated
12:59 < TommyC> Maybe we can provide an alternative solution if we know the specifics of what you're trying to do? Why do you need to leave the chroot briefly?
13:00 < mischief> several programs in base use unveil + sockets
13:01 < mischief> see for example frontend() setup function in https://cvsweb.openbsd.org/src/sbin/dhcpleased/frontend.c?rev=1.46&content-type=text/x-cvsweb-markup
13:03 < rnkn> I have a chroot'd web app that can edit text files on disk. one such file is the user's ssh public key/s. after editing this file, I want to somehow add those keys to the user's ~/.ssh/authorized_keys. obviously in the safest manner
13:03 -!- jab [~user@user/jab] has quit [Remote host closed the connection]
13:03 < rnkn> the public key/s file is world readable but only editable by the user ofc
13:04 -!- jab [~user@user/jab] has joined #openbsd
13:04 < sibiria> mischief: i don't think that's a UNIX socket
13:04 < sibiria> bpf or bsd socket (for IP traffic)
13:05 -!- rootnode_ [~rootnode@softbank126206228003.bbtec.net] has quit [Quit: ZNC 1.10.0 - https://znc.in]
13:05 < IcePic> rnkn: sounds like each user should run some kind of cronjob that pulls content from the edited place in the web tree and add it to the end of their auth_keys file or so
13:05 < sibiria> i would also do what IcePic suggests
13:06 < IcePic> sounds like a great idea to bork your auth file, but still..
13:06 < sibiria> better to let something external reach into the jail, than something in the jail reaching out
13:07 < rnkn> it can be root's cronjob right? every minute?
13:07 < IcePic> yes, but since it doesn't strictly need root to do it, I would not make root do it
13:08 < rnkn> editing a user's authorized_keys doesn't need root?
13:08 < IcePic> not if the user itself does it
13:08 < sibiria> it needs the user's permission
13:08 < sibiria> it's entirely a case of altering the contents of the file, nothing else
13:09 < rnkn> the user is only interacting via the web at this stage
13:09 -!- johnzlly [~johnzlly@user/johnzlly] has quit [Remote host closed the connection]
13:09 < rnkn> they need to be able to add their pub key via editing this file, which then gets appended to authorized_keys, thus allowing them shell access
13:10 < rnkn> ideally there would be some kind of watching of all these user files...
13:11 < sibiria> if you have some database backing for this, you could run a worker outside to regularly reflect the contents onto each user's authorized keys
13:11 < sibiria> presuming you sanitize and verify username associations etc.
13:12 < sibiria> sounds like all of that is in place already since users seem to have credentials stored somewhere for logging in
13:12 < rnkn> yeah there's a db for username/password/2FA
13:13 < rnkn> I just really like the user being able to edit a txt file
13:13 < rnkn> especially for multiple pub keys
13:13 < sibiria> the drawback of that would be that something directly connected to the web application needs access at least as high up as /home
13:15 < rnkn> what about if when the web app edits once of these pub key file it appends the username to a file (or maybe a fifo?) then a watcher outside the chroot sees the new name, copies the pub key file over to /home/$user/.ssh/authorized_keys.. could that work?
13:15 -!- seninha [~seninha@user/seninha] has joined #openbsd
13:16 < TommyC> Sure.
13:16 < sibiria> sure. personally i'd store each user's desired keys in the database and render from there
13:16 < TommyC> Since it's a public key file you could also just put it up on a pastebin site like termbin.com and then give the URL to the listener.
13:16 < TommyC> Not a great solution (imo) but it works.
13:17 < rnkn> yeah naaaah
13:18 < rnkn> I may end up just using the db, but there's still the requirement for a listener
13:18 < rnkn> or a one-minute cronjob
13:18 < thrig> ... someone on termbin.com sees this and adds their own key along for the ride
13:18 < TommyC> lol
13:19 < rnkn> would a fifo work?
13:19 < rnkn> I don't know why I wanna use a fifo
13:19 < rnkn> instead of a socket
13:19 < TommyC> The user's whose authorized_keys file you're going to modify is outside of the chroot. Is it not possible to give them access to the chroot's directory tree to grab the file?
13:19 < thrig> authorized_keys files can be iirc put in some other dir besides home, see sshd_config maybe
13:20 -!- johnzlly [~johnzlly@KD118158186024.ppp-bb.dion.ne.jp] has joined #openbsd
13:20 -!- johnzlly [~johnzlly@KD118158186024.ppp-bb.dion.ne.jp] has quit [Changing host]
13:20 -!- johnzlly [~johnzlly@user/johnzlly] has joined #openbsd
13:20 -!- Maylay [~maylay@104-0-22-170.lightspeed.miamfl.sbcglobal.net] has quit [Ping timeout: 256 seconds]
13:21 < rnkn> TommyC: sorry I'm confused, they're using the web app, the web app is inside the chroot, their $HOME is outside the chroot
13:22 < TommyC> When you say "user" are you referring to a local user on the system or one that's been registered via the web app (like you register on a site)?
13:23 < sibiria> yeah they get to log in on the webpage to set their ssh pubkeys for sshing to the host
13:23 < thrig> or you could have a program that spits out the keys for the user, AuthorizedKeysCommand
13:25 -!- johnzlly [~johnzlly@user/johnzlly] has quit [Ping timeout: 256 seconds]
13:25 < thrig> or AuthorizedKeysFile /var/somewhere/%u
13:25 < rnkn> when a user creates an account on the web this will trigger creating a system user too. the web user then edits their public keys txt file on the web, and this propagates to their ~/.ssh/authorized_keys file. from then they can ssh in too.
13:26 < TommyC> Ok, but the authorized_keys file that gets generated within the chroot you want installed on the host?
13:26 < rnkn> > AuthorizedKeysCommand
13:26 < rnkn> that is interesting!
13:26 < rnkn> TommyC: yes
13:27 < IcePic> spitting out the keys would be as simple as "cat /home/user/.ssh/authorized_keys ; cat /var/www/something/user/auth_key.txt" 
13:28 < rnkn> that is quite brilliant
13:29 < rnkn> or maybe I just make ~/.ssh/authorized_keys a symlink to this other keys file within the chroot
13:29 < rnkn> so that when the user is logged in an edits this file it does what they expect
13:30 < rnkn> logged into the shell*
13:30 < thrig> another way is the web stuff touches a flag file and something else notices that and rebuilds things
13:31 < rnkn> that's where I was thinking maybe a fifo
13:31 < thrig> entr(1) is another way to notice a file change
13:32 < rnkn> also a possibility
13:38 < IcePic> the authkeycommand thing is nice because it doesn't do any work at all until someone logs in, and you could of course have these webusers in some group or so for sshd_config Match <group>.. which then would have a config that runs this command to print out a default key from home account and also whatever text they have in the web chroot 
13:40 -!- Hackerpcs [~user@user/hackerpcs] has quit [Ping timeout: 256 seconds]
13:46 -!- byteskeptical [~amnesia@user/byteskeptical] has quit [Quit: Lost terminal]
13:49 -!- Kruppt [~Kruppt@user/Kruppt] has joined #openbsd
13:51 < jab> hello, I'm trying to dual boot OpenBSD on a blackbird. My current linux partition scheme is GPT like so:   
13:51 < jab> | /dev/sda1 | chimera | ffs   |       |
13:51 -!- polarian [~polarian@znc.polarian.dev] has quit [Quit: Polarian has disappeared]
13:51 < jab> | /dev/sda2 | alpine  | xfs   | 300GB |
13:51 < jab> | /dev/sda3 | fedora  | ext4  | 1GB   |
13:51 < jab> | /dev/sda4 | fedora  | btrfs | 150GB |
13:52 < jab> I guess that I need to create an MBR boot OpenBSD partition on /dev/sda5 and a OpenBSD partition at /dev/sda6 to hold all of the OpenBSD disklabels.
13:53 -!- johnzlly [~johnzlly@user/johnzlly] has joined #openbsd
13:53 -!- polarian [~polarian@znc.polarian.dev] has joined #openbsd
13:53 < jab> I'm a little stuck at the installer.
13:53 < jab> I am reading fdisk, watching youtube videos, bouncing back on the faq page...
13:53 < jab> https://www.openbsd.org/faq/faq14.html 
13:53 -!- apac [~alexander@user/apac] has joined #openbsd
13:54 < sibiria> you don't need an "openbsd boot partition". if it's EFI you have an ESP already. just create an extended partition and put openbsd in there
13:54 -!- user71 [~user71@2001:1530:1052:7fa5:b757:2450:f49:8464] has joined #openbsd
13:55 < jab> ok! good to know!
13:55 < sibiria> you may want to make a copy of the BOOT efi application first. just in case openbsd overwrites it, like so many linux dists are prone to do
13:57 < jab> sibiria: I'm not certain how to do that...  
13:58 < sibiria> go into the ESP and "cp -rp BOOT BOOT_COPY"
13:58 -!- Bradipo [~Bradipo@50.77.44.29] has joined #openbsd
13:58 < sibiria> there will be a top directory named EFI, and the EFI applications live in there
13:59 < sibiria> the ESP will be the fat32/vfat partition on your disk
13:59 < sibiria> usually (but not always) the first partition
14:00 -!- johnzlly [~johnzlly@user/johnzlly] has quit [Ping timeout: 264 seconds]
14:00 < mischief> sibiria: dhcpleased does use pipes and unix domain sockets
14:00 < mischief> (through libimsg)
14:00 < jab> will do. 
14:03 -!- wnh [~Thunderbi@user/wnh] has quit [Remote host closed the connection]
14:05 -!- jkm_ [~jkm@91.217.198.129] has quit [Ping timeout: 252 seconds]
14:06 -!- angues [~snakes@user/Snakes] has joined #openbsd
14:07 -!- jkm [~jkm@user/jkm] has joined #openbsd
14:11 -!- wnh [~Thunderbi@user/wnh] has joined #openbsd
14:18 -!- Maylay [~maylay@2600:1702:537b:97f:7ed3:aff:fe1a:45ae] has joined #openbsd
14:21 -!- gman999 [~GMan999@user/gman999] has quit [Quit: WeeChat 4.5.2]
14:23 -!- zbcm [~mcbz@user/zbcm] has joined #openbsd
14:43 -!- pardis [~znc@quark.paardenvla.nl] has joined #openbsd
14:43 -!- gustik [~gusto@92-180-232-16.dynamic.orange.sk] has quit [Quit: leaving]
14:45 -!- craigbro` [~user@163.252.128.212] has quit [Ping timeout: 252 seconds]
14:45 -!- craigbro` [~user@163.252.128.212] has joined #openbsd
14:51 -!- gknux [~gknux@user/galaxy-knuckles/x-3015990] has quit [Quit: ....and i am outta here....]
14:53 -!- kabluxi [~ublx@user/ublx] has quit [Quit: kabluxi]
14:53 -!- gknux [~gknux@user/galaxy-knuckles/x-3015990] has joined #openbsd
14:53 -!- MelodyOwO [~MelodyOwO@dhcp46-187-164-95.eaw.com.pl] has joined #openbsd
15:00 -!- wnh [~Thunderbi@user/wnh] has quit [Ping timeout: 264 seconds]
15:10 < remiliascarlet> Does anybody know how to solve this problem? doas: failed to set user context for target
15:11 < remiliascarlet> I tried to log in as root directly in TTY, but it says "Login: Failed to retreive default class".
15:11 < remiliascarlet> Happened right after upgrading to OpenBSD 7.8, and doing a `sysmerge`.
15:12 -!- runxiyu [runxiyu@lindenii/maintainer/runxiyu] has quit [Read error: Connection reset by peer]
15:12 < ivdsangen> maybe something wrong with login.conf
15:13 < remiliascarlet> Probably, I pressed "i" when prompted whether I should replace or delete the temporary ./etc/login.conf file.
15:16 -!- zbcm [~mcbz@user/zbcm] has quit [Quit: leaving]
15:19 -!- wnh [~Thunderbi@user/wnh] has joined #openbsd
15:20 -!- gman999 [~GMan999@user/gman999] has joined #openbsd
15:21 < jab> I wish fish would re-direct errors to /dev/null . I keep typing in commands, and fish outputs "error: ignoring corrupted history entry around offset 7584" 
15:27 -!- lotsen_ [~lotsen@user/Lotsen] has joined #openbsd
15:29 -!- Lotsen [~lotsen@user/Lotsen] has quit [Ping timeout: 256 seconds]
15:31 < sibiria> mischief: right, it uses some unconventional location for the control plane
15:32 -!- lotsen__ [~lotsen@user/Lotsen] has joined #openbsd
15:35 -!- lotsen_ [~lotsen@user/Lotsen] has quit [Ping timeout: 256 seconds]
15:35 -!- daugaard [~daugaard@user/daugaard] has quit [Ping timeout: 256 seconds]
15:35 -!- byteskeptical [~amnesia@user/byteskeptical] has joined #openbsd
15:36 -!- lotsen__ is now known as Lotsen
15:36 -!- lavaball [~Melissa@31.204.155.215] has joined #openbsd
15:36 -!- memset_ [~memset@gateway/tor-sasl/memset] has joined #openbsd
15:37 -!- SiFuh [~SiFuh@user/sifuh] has joined #openbsd
15:37 < remiliascarlet> Anybody who knows how to fix this problem?
15:38 -!- Hackerpcs [~user@user/hackerpcs] has joined #openbsd
15:38 < remiliascarlet> I already logged into single user mode, and partially fixed the login.conf file by re-writing whatever is written on another server, but it seems like that was not eenough.
15:40 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Ping timeout: 272 seconds]
15:41 < remiliascarlet> I fixed it now. Had to run `cap_mkdb`.
15:42 < thrig> or you could unbork the shell history?
15:44 < remiliascarlet> It wasn't a shell issue.
15:45 < remiliascarlet> For the next server I just defaulted to deleting temporary files. I don't trust OpenBSD's capabilities of properly replacing files anymore.
15:46 -!- struchu [~struchu@staticline-31-183-133-251.toya.net.pl] has quit [Quit: WeeChat 4.7.1]
15:49 < Bradipo> properly replacing files?
15:49 < ivdsangen> but then you might miss important changes as you upgrade, sometimes defaults are changed
15:49 < remiliascarlet> Using sysmerge.
15:49 < Bradipo> I've never had a problem with sysmerge... by the way, it's not recommended that you use cap_mkdb unless you know what you're doing. :-)
15:50 < pardis> if you have chosen to tweak your system by using /etc/login.conf.db, it seems reasonable that you'd be the one maintaining that, not sysmerge
15:51 < Bradipo> The man page mentions it only for very large /etc/login.conf... I'm not sure what constitutes a "very large /etc/login.conf".
15:51 < pardis> probably a case of "if you have to ask, it's not yours"
15:55 < remiliascarlet> OK, the next problem: "syspatch: Read-only filesystem, aborting"
15:55 < byteskeptical> ah yes the remount
15:56 -!- warden [~warden@vsp02.maildefense.it] has left #openbsd []
15:57 < pardis> mount your filesystem read-write? the error tells you exactly what is wrong
15:57 < remiliascarlet> I tried that already.
15:59 -!- gman999 [~GMan999@user/gman999] has quit [Quit: WeeChat 4.5.2]
16:00 -!- gman999 [~GMan999@user/gman999] has joined #openbsd
16:01 < byteskeptical> doas mount -uw /usr
16:01 < mischief> sibiria: yes, the control sockets are in /dev of all places :-)
16:01 < remiliascarlet> Yes. Except I did it on the entire / partition, since that's the only partition I have.
16:02 < byteskeptical> o sorry that is a bit different
16:02 -!- beca [uid516755@id-516755.tinside.irccloud.com] has joined #openbsd
16:02 < pardis> maybe if we ask 50 more questions we'll find out all of the relevant information
16:03 < thrig> or it's a tan-like function that approaches enough information
16:04 < remiliascarlet> Another problem is that relayd now gives "Bad Gateway". Could this be related to the "Read-only filesystem" error?
16:04 < remiliascarlet> `pkg_add` worked just fine though.
16:04 < thrig> https://xkcd.com/979/ etc
16:05 -!- polarian_ [~polarian@znc.polarian.dev] has joined #openbsd
16:06 < byteskeptical> remiliascarlet: fair place to start
16:06 < shtrophic> Four errate on 7.8 already, and there are no binary patches for my arch
16:06 -!- polarian [~polarian@znc.polarian.dev] has quit [Ping timeout: 265 seconds]
16:06 -!- polarian_ is now known as polarian
16:07 < shtrophic> What are people supposed to do in this situation? Compile from source?
16:07 < remiliascarlet> Any solutions? Or are we just going to be assholes about this?
16:09 < pardis> shtrophic: there are normally instructions on how to build just the relevant components from source in the errata patches
16:09 < cgnarne> shtrophic: yes, depending on how much you care
16:10 < oldlaptop> There was a time before syspatch, during which everyone built from source.
16:10 < shtrophic> Kind of difficult on octeon
16:11 < oldlaptop> If you don't want to apply the patches and rebuild the affected components, the other option is to build the entire system from -stable CVS. (Much more of the computer's time, rather less of yours.)
16:11 -!- daugaard [~daugaard@user/daugaard] has joined #openbsd
16:11 -!- b50d [~b50d@62.96.54.30] has quit [Read error: Connection reset by peer]
16:11 < shtrophic> I only have 2G of disk, and comp78 is not installed
16:11 < shtrophic> Ahhhh!
16:11 < oldlaptop> One option in such a situation could be to build entire -stable *releases* on another machine
16:12 < oldlaptop> (You could then upgrade to that as if it were a snapshot or something.)
16:12 < pardis> and "another machine" may be qemu on something much beefier
16:12 < oldlaptop> Of course that means another octeon machine is necessary...
16:12 < cgnarne> shtrophic: do you use unbound or X11 on your octeon?
16:12 < shtrophic> Oh, so cross-compiling is an option...
16:12 < shtrophic> Hmm
16:12 < shtrophic> unbound, yes
16:13 < oldlaptop> True cross-compiling isn't really an option, so far as I know.
16:13 < shtrophic> I thought OpenBSD isn't meant to be cross-compiled
16:13 < shtrophic> Right
16:13 < pardis> no, cross-compiling isn't supported, hence the need for qemu (if it supports octeon, which I'm not sure of)
16:13 -!- jadi [~jadi@74.49.178.126] has joined #openbsd
16:13 < shtrophic> Or mips64
16:13 < shtrophic> Is there any difference actually?
16:14 < oldlaptop> Maybe not for ports. The base system may be a different issue.
16:15 -!- runxiyu [runxiyu@lindenii/maintainer/runxiyu] has joined #openbsd
16:15 < shtrophic> Hmmm
16:16 < oldlaptop> My preference would just be to find a slightly larger disk and build patches on the machine.
16:17 -!- gman999 [~GMan999@user/gman999] has quit [Quit: WeeChat 4.5.2]
16:17 < oldlaptop> (It seems to me it'd be hard to find a disk that *small* these days. You'd have to fight some weirdo like me for my obsolete computer junk.)
16:17 < byteskeptical> remiliascarlet: to the read only issue, you might have to go single user again, try it from the ramdisk. Then come back to the relayd issue.
16:17 < byteskeptical> oldlaptop: the good ole days
16:17 < remiliascarlet> So reboot again to single user mode, and what is next?
16:18 < cgnarne> or maybe use some other dns software in place of unbound. might be easier
16:18 < byteskeptical> mount your installation as rw and then chroot into it
16:18 < byteskeptical> try running syspatch from in there
16:18 < oldlaptop> You'll need to patch that other DNS software too. (Over the long run, probably significantly more often than unbound.)
16:19 < shtrophic> I am using the eMMC on the router. Which is why it only has 2G
16:19 < oldlaptop> Unless for some reason you find it easier to build packages for the thing than releases, I don't see that as an improvement
16:19 < thrig> some of those virts don't come with much disk space
16:20 < oldlaptop> shtrophic: I guess I'm not up on octeon hardware - last I knew you had to have USB storage or something.
16:20 < cgnarne> oldlaptop: every software will need patching at some point...
16:20 < remiliascarlet> Running syspatch in single user mode gives me: "syspatch: cdn.openbsd.org: no address associated with name"
16:20 < shtrophic> Well, ports are updated on CVEs (right?)
16:20 < CommonNickname> sharing a article about OpenBSD as part of my own process to learn how to use it. The configurations I am using can be improved? Maybe there is a "openbsd-discussion channel for this stuff and this one is not appropriate? Hopefully is not wrong. Let me know about it, ok? 
16:20 < CommonNickname> https://blog.odicforcesounds.com/openSecurity.html
16:20 < oldlaptop> shtrophic: You still need to get binary packages, somehow.
16:21 < Bradipo> CommonNickname: There is #openbsd-social I think.
16:21 < oldlaptop> I would not expect binary -stable packages for an arch without binary syspatches.
16:21 < shtrophic> Having a USB drive is not required for octeon. eMMC works as well
16:21 < shtrophic> oldlaptop: Is that the case?
16:21 < CommonNickname> ok, Bradipo thank you, I will check it.
16:21 < nologin> remiliascarlet, sorry, but did you looked at http://www.openbsd.org/errata78.html  (solves syspatch issue)
16:21 < Bradipo> remiliascarlet: Do you rely on a self-hosted DNS resolver in /etc/resolv.conf that is not currently running because you're in single-user-mode ?
16:22 -!- nologin is now known as sonya
16:22 < oldlaptop> If you have room for compXX.tgz, it shouldn't be that impractical to put /usr/[src,obj] and friends on a USB disk, perhaps not connected full-time.
16:22 -!- apac [~alexander@user/apac] has quit [Ping timeout: 264 seconds]
16:22 < oldlaptop> Especially if you don't need full release builds.
16:22 < Bradipo> remiliascarlet: e.g. if you have "nameserver 127.0.0.1" in /etc/resolv.conf and you are in single-user mode, obviously that's not going to work.
16:24 < remiliascarlet> nologin: I'll give that a try. And no, I kept /etc/resolv.conf the default.
16:25 -!- apac [~alexander@user/apac] has joined #openbsd
16:25 < shtrophic> oldlaptop thst is probably true
16:25 < remiliascarlet> OK, it seems like the manual syspatch steps worked, and the tool is working again.
16:26 < oldlaptop> CommonNickname: If you're talking about OpenBSD, I don't see any reason it couldn't be in here.
16:27 < Bradipo> CommonNickname: Good point, if the discussion is OpenBSD then it's on-topic.  #openbsd-social is more for off-topic discussions.
16:28 < oldlaptop> If you're talking about your favorite motorcycle chain lubricants, Star Trek episodes, or politicians, then that probably goes somewhere else.
16:28 < remiliascarlet> Relayd has also been fixed, I had to start Wireguard for this one.
16:28 -!- apac [~alexander@user/apac] has quit [Client Quit]
16:29 < byteskeptical> noice
16:30 < remiliascarlet> And the final problem is with starting PostgreSQL, again.
16:30 < remiliascarlet> Because of course it'll break!
16:30 < Bradipo> I think there was a major upgrade for PostgreSQL... which means dump.
16:31 < byteskeptical> back that dump up
16:31 < Bradipo> Not OpenBSD's dump(8) mind you.
16:31 < Bradipo> Well, maybe not.
16:32 < Bradipo> I don't see anything mentioned about it here: https://www.openbsd.org/faq/upgrade78.html
16:32 < remiliascarlet> It's still PostgreSQL 17 from what I can see.
16:32 < Bradipo> Oh, the upgraded occurred 7.6->7.7
16:33 < Bradipo> Wow, has it already been that long...
16:33 < remiliascarlet> Yes, but this time it's 7.7→7.8, and it broke again.
16:33 < CommonNickname> oldlaptop: Is about my experience sharing my configurations, while in the publication I suggest to share with me, any improvements I may need and telling me what more I need to learn. 
16:33 -!- vezhlys_ is now known as vezhlys
16:33 < eea> i was gonna say, not seen during 7.7->7.8 upgrades here, two pgsql hosts were upgraded with 0 hand holding drama
16:34 < eea> unlike the 7.6->7.7 path
16:34 -!- dsff [~dsff@user/dsff] has joined #openbsd
16:35 < Bradipo> Right, I was thinking of 7.6->7.7 (as previously mentioned).
16:36 < eea> ooo just now remembered. this host i am on now will need this upgrade too
16:36 < eea> oops
16:36 < eea> i bought my 7.7 and 7.8 tshirts tho
16:36 < eea> good arts
16:37 < eea> oddly, getting excited about 8.0
16:38 -!- ClaudioM_ [claudiom@tilde.institute] has quit [Quit: leaving]
16:38 -!- ClaudioM [claudiom@tilde.institute] has joined #openbsd
16:39 < avemestr> I think it's a recurring theme, that postgresql upgrades coincide with new OpenBSD releases... Postgresql has released new major versions in September/October for the last 9 years. IIRC Theo once wrote "The only winning move is not to play" when somebody asked if locking should await their new release.
16:41 < remiliascarlet> I fixed this now. I had to increase the "kern.seminfo.semmni", "kern.seminfo.semmns", and "kern.seminfo.semmnu" values, so it was a different issue this time.
16:41 -!- jadi [~jadi@74.49.178.126] has quit [Ping timeout: 264 seconds]
16:42 < remiliascarlet> So no problems left.
16:45 < avemestr> Also, per Jeremy Evans OpenBSD normally wait for the .1 release to include postgresql in tree: https://marc.info/?l=openbsd-ports&m=175884728311764&w=2
16:48 -!- jedesa [~Thunderbi@user/jedesa] has quit [Remote host closed the connection]
16:48 -!- jadi [~jadi@74.49.178.126] has joined #openbsd
16:49 -!- vampiredamewood [~vdamewood@fedora/vdamewood] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
16:51 -!- nature [~nature@64.137.144.64] has joined #openbsd
16:51 -!- vortexx [~nothing@user/vortexx] has quit [Quit: Lost terminal]
16:52 -!- seninha [~seninha@user/seninha] has quit [Ping timeout: 240 seconds]
16:53 -!- naoki [~Thunderbi@240f:10b:7440:1:27fe:5767:aa00:b0ec] has quit [Quit: naoki]
16:54 -!- visl [~visl@user/visl] has quit [Remote host closed the connection]
16:55 -!- visl [~visl@user/visl] has joined #openbsd
16:57 -!- gce108 [~gce@user/gce108] has joined #openbsd
16:59 -!- apac [~alexander@user/apac] has joined #openbsd
17:00 -!- gman999 [~GMan999@user/gman999] has joined #openbsd
17:01 -!- vortexx [~nothing@casper.nineinchnetworks.ch] has joined #openbsd
17:01 -!- vortexx [~nothing@casper.nineinchnetworks.ch] has quit [Changing host]
17:01 -!- vortexx [~nothing@user/vortexx] has joined #openbsd
17:03 -!- housemate [~housemate@146.70.154.70] has joined #openbsd
17:05 -!- jadi [~jadi@74.49.178.126] has quit [Ping timeout: 260 seconds]
17:08 -!- FirefoxDeHuk [~FirefoxDe@109.108.69.106] has joined #openbsd
17:12 -!- sjg [~sjg@user/sjg] has quit [Ping timeout: 264 seconds]
17:13 -!- sjg [~sjg@user/sjg] has joined #openbsd
17:19 -!- apac [~alexander@user/apac] has quit [Ping timeout: 244 seconds]
17:21 -!- uzuri [~x@user/uzuri] has joined #openbsd
17:21 < uzuri> hii
17:22 < uzuri> i kinda have a problem to which i couldnt find a solution yet
17:22 < uzuri> i need unix-independent file encryption
17:23 < pardis> openssl(1) enc
17:23 < uzuri> linux has luks (dm-crypt wrapper), openbsd has bioctl and freebsd has something that starts with g..
17:24 < uzuri> pardis: i thought about that too but let me be a bit more percise
17:24 < uzuri> i need to create encrypted partitions on flash drives
17:25 < uzuri> encrypting each and every file itself would be tedious and also bad in terms of metadata
17:25 < vxla> cfs, but I don't think its around anymoe.
17:26 -!- jadi [~jadi@74.49.178.126] has joined #openbsd
17:26 < uzuri> vxla: yea discontinued in 2007 according to wikipedia :/
17:26 < pardis> veracrypt (available as a package) might do what you want, but I have no experience with it
17:27 < uzuri> there is a luks port called libluksde on openbsd ports, but its only a library and it only supports luks1 read only and luks2 not at all -_-
17:27 -!- CrimeWave [~Ebox-MTL@user/CrimeWave] has joined #openbsd
17:28 -!- nanach1 [~narehate@user/nanach1] has quit [Quit: Another internet outage?]
17:29 < uzuri> pardis: i was about to mention the veracrypt port, i checked it out and removed it again a couple minutes later
17:29 -!- bigato [~bigato@user/bigato] has quit [Ping timeout: 240 seconds]
17:30 < uzuri> you get a bunch of warnings when launching and its also unusable because its hard-dependent on sudo
17:31 < uzuri> i had troubles with veracrypt on artix linux aswell, luckily cryptsetup(8) can unlock veracrypt volumes aswell, which would let me use veracrypt volumes without veracrypt ^^
17:33 < uzuri> surely im not the first to stumple upon this problem
17:34 -!- apac [~alexander@user/apac] has joined #openbsd
17:34 < pardis> it's hard enough finding a filesystem that works well across different OSes, let alone an encryption layer
17:34 < uzuri> theres no luks on openbsd, but maybe theres bioctl on linux?
17:35 < pardis> no, not as far as I know
17:35 < pardis> in the past I have shared an encrypted disk between OpenBSD and Linux by NFS-mounting from an OpenBSD VM when on Linux
17:35 < uzuri> pardis: this insane to me tbh
17:35 < pardis> why? there's no particular reason why different OSes should support each other's storage, it's a lot of work for a niche use case
17:36 < pardis> the fact that ext2 is quite well supported between free Unix-likes is a happy accident caused by Linux being extremely popular compared to all others
17:36 < ssm_> ufs works on *BSD an linux (experimental in linux last I checked). freebsd ufs will mount rw on openbsd, but you need to disable journaling or it won't mount again on the freebsd side
17:36 < uzuri> sure, i can get that windows and unix dont get along in that sense, but unix-like systems between each others after many decades? cmon..
17:36 < ssm_> ext2fs work rw on at least openbsd and linux, don't know about other bsds
17:36 < Bradipo> Perhaps something like Tcl's VFS and Encryption could suffice? https://www.tcl-lang.org/community/tcl2015/assets/talk7/UsingTclVFSforEncryption.pdf
17:37 < Bradipo> Tcl runs on many platforms.
17:37 < uzuri> thanks guys ill look into that!!
17:37 < uzuri> anything network-related is not viable though..
17:37 -!- stuart [~stuart@2001:4091:a247:82f7:141d:2108:c251:82ab] has quit [Remote host closed the connection]
17:38 < Bradipo> Understood.  You're looking for a way to have a physically attached encrypted volume that works on OpenBSD, Windows, Linux, etc...
17:38 < uzuri> exactly
17:39 -!- FirefoxDeHuk [~FirefoxDe@109.108.69.106] has quit [Quit: Client closed]
17:39 < pardis> there was a patch some years back to have bioctl be able to attach LUKS volumes, but I don't think it ever went anywhere
17:39 < ssm_> would ssh to an encrypted box be a solution?
17:40 < ssm_> nfs too
17:40 < Bradipo> He said network-related not viable.
17:40 < uzuri> Bradipo: this tclVFS thing seems viable, hows the support though? paper is 10 years old
17:40 < ssm_> nfs can be mounted locally
17:40 < Bradipo> uzuri: I don't know if it's a "finished product".
17:40 < ssm_> nfs is jank though, even with local mounts
17:41 < ssm_> learned that the hard way
17:41 < uzuri> ssm_: no, ssh is not viable, storage needs to be permanent on a flashdrive
17:42 < uzuri> Bradipo: ohhh, dang
17:42 -!- swaggboi [~kvirc@slackware.uk/supporter/swaggboi] has quit [Quit: KVIrc 5.0.0 Aria http://www.kvirc.net/]
17:42 < uzuri> pardis: that would be amazing, sadly not a mention of luks in the bioctl manpage
17:43 < pardis> yes, as I said I don't think it even got to the point of being properly tested, let alone merged
17:43 < pardis> one problem is that LUKS has way more options than bioctl, so adding support would either be restricted to a subset of LUKS or introduce a lot more complexity
17:43 < Bradipo> What's wrong with veracrypt?
17:44 -!- kabluxi [~ublx@user/ublx] has joined #openbsd
17:44 < uzuri> pardis: i dont need many options i would be more than happy if i got serpent512 :sob:
17:45 < uzuri> Bradipo: see above messages, sudo is hardcoded
17:45 < Bradipo> So just make a sudo wrapper that calls doas.
17:45 -!- swaggboi [~kvirc@slackware.uk/supporter/swaggboi] has joined #openbsd
17:46 < Bradipo> Seems odd to me that veracrypt would require sudo.
17:46 -!- drathir_tor [~drathir@wireguard/tunneler/drathir] has joined #openbsd
17:48 < uzuri> Bradipo: how
17:48 < uzuri> sudo codebase is a mess
17:48 -!- chorc [~chorc@user/chorc] has quit [Quit: ZNC 1.9.1 - https://znc.in]
17:48 < cgnarne> uzuri: not exactly what you're looking for, but take a look at encfs
17:48 < uzuri> and no, alias sudo=doas wont work :p
17:49 -!- chorc [~chorc@user/chorc] has joined #openbsd
17:49 < uzuri> reading cryptsetup(8) manpage rn and its wild that it supports luks, veracrypt, macOS's fvault2, and even BITLOCKER natively 
17:49 < uzuri> cgnarne: ill check it out
17:50 < Bradipo> uzuri: I didn't say alias, I said wrapper. :-)
17:50 -!- MelodyOwO [~MelodyOwO@dhcp46-187-164-95.eaw.com.pl] has quit [Quit: Leaving.]
17:50 < uzuri> Bradipo: why is veracrypt even in ports when its shipped without said wrapper?
17:50 < Bradipo> You write the wrapper.
17:51 < uzuri> how complicated is that
17:51 < Bradipo> Or figure out how to make veracrypt not use sudo.
17:51 < uzuri> sudo has a lof of features that dont translate well
17:51 < Bradipo> I don't know how complicated it is, but I imagine that veracrypt isn't doing much more than "sudo veracrypt xyz".
17:51 < uzuri> eh
17:51 < pardis> veracrypt has likely been in ports since before sudo was removed
17:52 -!- willyg [~willyg_co@user/willyg-cos/x-4994202] has joined #openbsd
17:52 < Bradipo> But I don't know why that even matters.
17:52 < Bradipo> doas veracrypt xyz should basically allow veracrypt to run as root...
17:52 < Bradipo> You think that veracrypt will then internally try to also call sudo?
17:54 -!- stuart [~stuart@2001:4091:a247:82f7:2d39:6e01:d4c:8919] has joined #openbsd
17:54 -!- bigato [~bigato@170.81.150.145] has joined #openbsd
17:54 -!- bigato [~bigato@170.81.150.145] has quit [Changing host]
17:54 -!- bigato [~bigato@user/bigato] has joined #openbsd
17:56 -!- uzuri [~x@user/uzuri] has quit [Ping timeout: 264 seconds]
17:57 -!- uzuri [~x@user/uzuri] has joined #openbsd
17:58 -!- ikarso [uid475540@id-475540.tinside.irccloud.com] has quit [Quit: Connection closed for inactivity]
17:58 -!- stuart [~stuart@2001:4091:a247:82f7:2d39:6e01:d4c:8919] has quit [Remote host closed the connection]
17:58 -!- stuart [~stuart@2001:4091:a247:82f7:2d39:6e01:d4c:8919] has joined #openbsd
17:59 -!- stuart_ [~stuart@2001:4091:a247:82f7:c0f6:d453:f337:66c1] has joined #openbsd
18:00 -!- tertullian [~sonne@ip-095-222-113-247.um34.pools.vodafone-ip.de] has quit [Ping timeout: 250 seconds]
18:01 -!- ikarso [uid475540@id-475540.tinside.irccloud.com] has joined #openbsd
18:01 < uzuri> cgnarne: encfs seems interesting, i dont have much knowledge on how FUSE affects security but also the project has been discontinued more than a year ago
18:01 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd
18:02 < cgnarne> doesn't the crypto isn't sound
18:02 -!- tertullian [~sonne@ip-095-222-113-247.um34.pools.vodafone-ip.de] has joined #openbsd
18:03 -!- stuart [~stuart@2001:4091:a247:82f7:2d39:6e01:d4c:8919] has quit [Ping timeout: 255 seconds]
18:03 < uzuri> another solution i can think of is running debian under vmm(4) and accessing/creating luks volumes like that?
18:03 < uzuri> man page states no hardware passthrough though..
18:04 < uzuri> is there no way to access a usb stick through a linux vm in vmm(4)?
18:04 < uzuri> with access i mean format 
18:06 -!- memset_ [~memset@gateway/tor-sasl/memset] has quit [Ping timeout: 272 seconds]
18:06 < uzuri> sidenote how can i query the entire mailing list archive?
18:07 < uzuri> manually looking at all subjects of each month isnt really viable..
18:07 < sibiria> no
18:07 < sibiria> marc.info
18:08 < uzuri> sibiria: how can i search for keywords on there is my question
18:09 < sibiria> the search dialog is right there in the top
18:10 < uzuri> oh wait yeah ur right 
18:10 < uzuri> doesnt appear for me on mobile
18:10 < uzuri> weird
18:11 -!- fro [fro@humpty.dance] has joined #openbsd
18:11 -!- seninha [~seninha@user/seninha] has joined #openbsd
18:12 -!- beca [uid516755@id-516755.tinside.irccloud.com] has quit [Quit: Connection closed for inactivity]
18:12 -!- km [~km@c978F5BC1.dhcp.as2116.net] has joined #openbsd
18:14 -!- tertullian [~sonne@ip-095-222-113-247.um34.pools.vodafone-ip.de] has quit [Ping timeout: 264 seconds]
18:15 -!- uzuri [~x@user/uzuri] has quit [Ping timeout: 264 seconds]
18:16 -!- jadi [~jadi@74.49.178.126] has quit [Ping timeout: 264 seconds]
18:16 -!- uzuri [~x@user/uzuri] has joined #openbsd
18:17 -!- mjl- [~mjl-@paprika.axillis.nl] has joined #openbsd
18:19 -!- stuart [~stuart@2001:4091:a247:82f7:112a:e057:37b2:a4df] has joined #openbsd
18:19 -!- housemate [~housemate@146.70.154.70] has quit [Quit: If there was nothing to see, there. It is BECAUSE I WASN'T THERE, MAN..!]
18:20 -!- jadi [~jadi@74.49.178.126] has joined #openbsd
18:21 -!- qqe [~qqq@185.54.23.200] has joined #openbsd
18:22 -!- stuart_ [~stuart@2001:4091:a247:82f7:c0f6:d453:f337:66c1] has quit [Ping timeout: 255 seconds]
18:25 -!- memset_ [~memset@gateway/tor-sasl/memset] has joined #openbsd
18:26 -!- tertullian [~sonne@ip-095-222-113-247.um34.pools.vodafone-ip.de] has joined #openbsd
18:27 -!- ewig [~ewig@user/ewig] has quit [Remote host closed the connection]
18:28 < jab> well I have OpenBSD installed on my talos II...
18:28 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Ping timeout: 272 seconds]
18:35 < jab> but at the moment it makes me log in via the serial console...
18:36 < jab> I guess I need to enable X to start at boot.  Maybe then I'll be able to log in via my hdmi display
18:37 < byteskeptical> jab: ᕙ(⇀‸↼‶)ᕗ
18:44 -!- qqe [~qqq@185.54.23.200] has quit [Ping timeout: 240 seconds]
18:46 -!- qqe [~qqq@185.54.23.200] has joined #openbsd
18:47 < jab> byteskeptical: yup.  :/
18:47 < jab> I ran doas rcctl enable xenodm && doas reboot
18:47 < jab> but the hdmi is not showing the X login screen
18:49 -!- at_work [~at_work@user/at-work/x-5282331] has quit [Quit: not at_work]
18:51 -!- Steeve [~steve@user/steeve] has joined #openbsd
18:53 -!- bombuzal [~int16h@user/bombuzal] has quit [Quit: b0rk]
18:53 -!- at_work [~at_work@user/at-work/x-5282331] has joined #openbsd
18:54 -!- wnh [~Thunderbi@user/wnh] has quit [Ping timeout: 255 seconds]
18:55 -!- wnh [~Thunderbi@user/wnh] has joined #openbsd
18:57 -!- seninha [~seninha@user/seninha] has quit [Remote host closed the connection]
18:58 < byteskeptical> jab: <cntrl> + <alt> + F2
19:01 < jab> byteskeptical: good guess, but that didn't work.  :(  
19:01 < jab> all on see on my HDMI screen is "SIGTERM received, booting..."
19:01 < jab> I can interact with the openBSD system, but only on the console.
19:01 < jab> com port.
19:01 < Bradipo> Did you change boot.conf ?
19:01 < jab> I did not.
19:02 < Bradipo> Well, that's odd then.  Does the talos do some kind of automatic redirection to the serial console?
19:02 < Bradipo> How else are you getting it to boot from serial and login on serial if you didn't modify boot.conf and also /etc/ttys ?
19:02 < jab> it might...
19:02 < Bradipo> Do you have /etc/boot.conf ?  And what's in /etc/ttys ?
19:03 < jab> I did not touch boot.conf (assuming boot.conf is a file on OpenBSD's /etc/boot.conf .
19:03 < Bradipo> Do you have /etc/boot.conf ?
19:03 < Bradipo> It's not there by default.
19:03 < jab> I do not have a /etc/boot.conf 
19:03 < Bradipo> Interesting.
19:04 < jab> cat /etc/ttys  -> outputs a TON of text.
19:04 < IcePic> Bradipo: perhaps the talos is like sparc and other non-x86 platforms that sort of default to serial console unless a framebuffer takes over
19:04 < Bradipo> Perhaps, yes.
19:06 < jab> I'll ask in ppc@openbsd.org 
19:08 -!- qqe [~qqq@185.54.23.200] has quit [Ping timeout: 240 seconds]
19:11 -!- qqe [~qqq@185.54.23.200] has joined #openbsd
19:11 < rkta> Running egdb via termdebug in vim, I can't interrupt the process in the gdb window. Pressing ^C just prints it. How do I get this to work?
19:11 < deimosBSD> I never ran openbsd on my talos, but it did get X in linuxes fwiw
19:13 < mjl-> question: is there an easy way to run a command in an rdomain with a custom /etc/resolv.conf? or should i combine the command (route) with chroot?
19:13 < jab> I'm actually running openbsd on the blackbird at the moment.  Sorry.
19:14 < deimosBSD> jab: indeed, dmesg probably tells you which gpu it thinks is there, maybe llvmpipe
19:15 < jab> gotach
19:17 -!- user71 [~user71@2001:1530:1052:7fa5:b757:2450:f49:8464] has quit [Quit: user71]
19:20 -!- bombuzal [~int16h@user/bombuzal] has joined #openbsd
19:31 -!- chaseleif [~chaseleif@user/chaseleif] has quit [Quit: tschuessi]
19:31 -!- jadi [~jadi@74.49.178.126] has quit [Ping timeout: 256 seconds]
19:31 -!- zippy [~quassel@188.27.44.161] has quit [Quit: https://quassel-irc.org - Chat comfortably. Anywhere.]
19:33 -!- zippy [~quassel@188.27.44.161] has joined #openbsd
19:35 -!- jadi [~jadi@74.49.178.126] has joined #openbsd
19:36 -!- Steeve [~steve@user/steeve] has quit [Quit: WeeChat 4.1.1]
19:36 -!- qqe [~qqq@185.54.23.200] has quit [Quit: Lost terminal]
19:40 -!- jadi [~jadi@74.49.178.126] has quit [Ping timeout: 240 seconds]
19:42 -!- jmcunx [jmccue@user/zjmc] has left #openbsd []
19:43 -!- fro [fro@humpty.dance] has quit [Ping timeout: 252 seconds]
19:44 -!- sjg [~sjg@user/sjg] has quit [Ping timeout: 264 seconds]
19:46 -!- sjg [~sjg@user/sjg] has joined #openbsd
19:46 -!- ivdsangen [~ivo@83-84-59-127.cable.dynamic.v4.ziggo.nl] has quit [Quit: leaving]
19:49 -!- jadi [~jadi@74.49.178.126] has joined #openbsd
19:52 < jab> perhaps openbsd can't yet display X on the blackbird.  https://marc.info/?l=openbsd-ppc&m=168186341118092&w=2  
19:57 -!- dsff [~dsff@user/dsff] has quit [Remote host closed the connection]
19:59 -!- dsff [~dsff@user/dsff] has joined #openbsd
20:00 < jab> dmesg | grep ast 
20:00 < jab> astfb0 at pci12 dev 0 function 0 "ASPEED Technology AST2000" rev 0x41: can't map framebuffer
20:00 < thrig> ast. very dangerous. you go first.
20:01 < jab> https://www.talospace.com/2021/04/openbsd-69.html  -> that's where I got the idea.
20:02 -!- avemestr [~avemestr@static.44.149.98.91.clients.your-server.de] has quit [Quit: WeeChat 4.7.1]
20:02 < jab> maybe with "artic tern" you can drive a display...🤥  
20:02 < jab> I really don't know.
20:03 < jab> artic tern is supposed be raptor's replacement for the propritary BMC
20:03 -!- uncleyear [~ian@178.66.130.152] has quit [Read error: Connection reset by peer]
20:03 -!- uncleyear [~ian@178.66.156.169] has joined #openbsd
20:05 -!- sonya [~nightwolf@gateway/tor-sasl/sonya] has quit [Quit: Leaving]
20:05 -!- deepesttoaster [~deepestto@user/deepesttoaster] has quit [Read error: Connection reset by peer]
20:05 < jab> also, I wish OpenBSD had a default web gui like the torris omni router.  The torris is SOOO easy to use.
20:06 -!- seninha [~seninha@user/seninha] has joined #openbsd
20:09 < ssm_> we a have a default gui called wscons(4) that lets you configure everything through /etc with vi(1)
20:09 -!- deepesttoaster [~deepestto@user/deepesttoaster] has joined #openbsd
20:10 -!- housemate [~housemate@146.70.154.69] has joined #openbsd
20:10 -!- WalterWeizen [~quassel@user/WalterWeizen] has joined #openbsd
20:15 -!- avemestr [~avemestr@big.boomer.dk] has joined #openbsd
20:15 < Bradipo> In my experience, "easy to use" and "does what I want" never seem to coincide.
20:16 < thrig> ... and then folks are posting 8GB videos to the wiki of how to configure the router...
20:16 < jab> ssm_: what you are saying is that ... I am currently limited to logging in to my OpenBSD via ssh and a com port...but I may be able to see/use a login prompt on the hdmi display ?
20:18 < byteskeptical> jab: have you tried ssh x forwarding?
20:24 -!- oldfolio [~mm@217.180.201.144] has joined #openbsd
20:25 -!- Hackerpcs [~user@user/hackerpcs] has quit [Ping timeout: 264 seconds]
20:25 < jab> I've never actually ever ever tried that ever anywhere. haha that sounds like fun though!
20:25 -!- ixc [~ixc@user/ixc] has quit [Ping timeout: 246 seconds]
20:27 -!- shiranaihito_ [~shiranaih@ppp-171-96-204-114.revip8.asianet.co.th] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
20:29 -!- artmdl [~art5456@d173-183-34-71.bchsia.telus.net] has joined #openbsd
20:31 -!- Xe_ [~Xe@perl/impostor/xe] has joined #openbsd
20:32 -!- user71 [~user71@2001:1530:1052:7fa5:f6ec:ba6a:e81:4c37] has joined #openbsd
20:33 -!- Xe [~Xe@perl/impostor/xe] has quit [Ping timeout: 264 seconds]
20:38 -!- housemate_ [~housemate@146.70.154.70] has joined #openbsd
20:39 -!- daugaard [~daugaard@user/daugaard] has quit [Ping timeout: 240 seconds]
20:41 -!- housemate [~housemate@146.70.154.69] has quit [Ping timeout: 256 seconds]
20:45 -!- housemate_ [~housemate@146.70.154.70] has quit [Ping timeout: 256 seconds]
20:45 < deimosBSD> jab: you could probably get a cheap gpu and it will work
20:46 -!- LainIwakura [~LainIwaku@user/LainIwakura] has joined #openbsd
20:48 -!- LainIwakura85 [~LainIwaku@user/LainIwakura] has joined #openbsd
20:48 -!- uzuri [~x@user/uzuri] has quit [Quit: leaving]
20:50 -!- zelest [~zelest@vortex.ifconfig.se] has quit [Quit: "It is dangerous to be right when the government is wrong" -- François-Marie Arouet]
20:51 -!- zelest [~zelest@vortex.ifconfig.se] has joined #openbsd
20:51 -!- byteskeptical [~amnesia@user/byteskeptical] has quit [Quit: Lost terminal]
20:52 -!- lagrange [~john@user/lagrange] has quit [Quit: leaving]
20:54 -!- LainIwakura [~LainIwaku@user/LainIwakura] has quit [Ping timeout: 250 seconds]
20:57 -!- gman999 [~GMan999@user/gman999] has quit [Quit: WeeChat 4.5.2]
20:59 -!- oldfolio [~mm@217.180.201.144] has left #openbsd []
21:01 -!- lolok [~lolok@user/lolok] has quit [Quit: lolok]
21:02 < jab> I'll try that.
21:03 -!- jab [~user@user/jab] has quit [Remote host closed the connection]
21:07 -!- mjl- [~mjl-@paprika.axillis.nl] has quit [Ping timeout: 256 seconds]
21:07 < vortexx> deimosBSD: that didn't usually work on macppc, it needed a specific rom. Dunno on ppc64
21:08 < vortexx> you may have to go hunting for secondhand ibm gpu cards
21:09 < thrig> hopefully ones that haven't been burnt out chasing silly coins
21:11 < deimosBSD> https://wiki.raptorcs.com/wiki/Blackbird/Hardware_Compatibility_List#Graphic_card
21:12 < oldlaptop> Even on macppc, isn't here a difference between "the firmware will do early boot with it" and "an OS can do display output"?
21:12 < deimosBSD> if it's a blackbird, the problem is space. I thought GPUs were arch agnostic, so long as everyone talks the same PCIe protocols.
21:13 < oldlaptop> deimosBSD: They are and they aren't.
21:13 -!- dsff [~dsff@user/dsff] has quit [Remote host closed the connection]
21:14 -!- dsff [~dsff@user/dsff] has joined #openbsd
21:14 < oldlaptop> The special legacy cruft around graphics cards for amd64 goes back decades (as acronyms like "VGA" might suggest)
21:14 -!- housemate [~housemate@146.70.154.69] has joined #openbsd
21:15 < deimosBSD> computers were a mistake.
21:15 < deimosBSD> ;)
21:16 < vortexx> yeah believing cards are arch agnostic has long been a mistake
21:17 < vortexx> people porting linux and netbsd to amiga found that out the hard way, and to other archs too
21:21 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd
21:25 -!- memset_ [~memset@gateway/tor-sasl/memset] has quit [Ping timeout: 272 seconds]
21:29 -!- apac [~alexander@user/apac] has quit [Quit: Konversation terminated!]
21:29 -!- apac [~alexander@user/apac] has joined #openbsd
21:31 < vortexx> plus the good old days of adding PCI > Zorro3 adapters
21:32 < vortexx> but mac people in the PPC era often tried x86 AGP cards only to find they didn't work
21:32 < vortexx> mainly because they needed a rom reflash
21:39 < vortexx> for uzuri's encryption question, I believe I managed to use vnconfig to decrypt a LUKS PBKDF2 encrypted drive using FFS (since FFS is on linux)
21:39 < vortexx> I'd need to try that again
21:40 < vortexx> encrypted filesystems interoperability is even worse than filesystem interoperability, I've been looking at this on and off over the years
21:40 < thrig> very secure if nothing can decrypt it
21:42 -!- sirphat0n_ [~sp@fixed-187-191-39-243.totalplay.net] has joined #openbsd
21:43 -!- sirphat0n [~sp@user/sirphat0n] has quit [Ping timeout: 256 seconds]
21:43 < vortexx> probably the best way is as sugggested above, local nfs from $VM_OS to $HOST with the drive in usb-passthrough to $VM_OS
21:44 < vortexx> or cifs
21:45 < vortexx> which of course feeds the question... has anyone tried win10 or win11 in qemu on OpenBSD on recent hw?
21:48 -!- mjl- [~mjl-@paprika.axillis.nl] has joined #openbsd
21:50 < ssm_> considering how "great" alpine runs, I'd wager it'd take a year to boot into win 10++
21:50 < vortexx> windows core might boot over a month?
21:50 -!- fro [fro@humpty.dance] has joined #openbsd
21:50 < vortexx> I've had great success using windows server core in bhyve
21:51 < vortexx> although I didn't try usb passthrough
21:51 < vortexx> (and yes bhyve is a lot more effective than vmm)
21:52 < vortexx> (or qemu on openbsd)
21:55 -!- fart_cat [~fart_cat@user/fart-cat:36778] has joined #openbsd
21:55 < ssm_> my flags for alpine are qemu-system-x86_64 -M pc -smp $(sysctl -n hw.ncpuonline) -drive file=/somedisk,format=raw -usb -device virtio-net,netdev=net -netdev tap,id=net,ifname=tap0,script=no,downscript=no -nographic 
21:56 < ssm_> performance is calculator
21:57 < ssm_> doing basically anything maxes out all threads
21:58 -!- padeksist [~padeksist@2001:16e0:207:de00:a8dd:9e16:b813:fc4b] has joined #openbsd
22:00 < vortexx> I suppose this is just to test vs alpine on vmm?
22:00 < ssm_> no, I needed to flash a phone with postmarketOS
22:01 < ssm_> vmm doesn't have usb passthrough to my knowledge so I used qemu
22:01 -!- memset_ [~memset@gateway/tor-sasl/memset] has joined #openbsd
22:01 -!- mjl- [~mjl-@paprika.axillis.nl] has quit [Read error: Connection reset by peer]
22:01 < vortexx> qemu-sparc64 on my Dell XPS 9310 running ubunt doesn't give fantastic perf but I was able to recompile the kernel (in bsd.rd at that) to check why some releases didn't boot
22:02 < vortexx> ah yes, vmm and passthrough
22:02 < vortexx> s/ubunt/ubuntu
22:04 -!- Lotsen [~lotsen@user/Lotsen] has quit [Ping timeout: 264 seconds]
22:05 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Ping timeout: 272 seconds]
22:08 < vortexx> ssm_: if you had acccess to logs from the freenode days, qemu perf has been commented on as calculator level for probably two decades :)
22:09 -!- apac [~alexander@user/apac] has quit [Ping timeout: 264 seconds]
22:14 -!- lotsen [~lotsen@user/Lotsen] has joined #openbsd
22:16 < sibiria> depending on what backend is used with it
22:16 < sibiria> its CPU emulation is about as fast as such gets, but obviously incomparable to using one of its hypervisor backends
22:18 -!- vezhlys [~Andrius@cl-78-158-15-148.fastlink.lt] has quit [Remote host closed the connection]
22:19 -!- vezhlys [~Andrius@cl-78-158-15-148.fastlink.lt] has joined #openbsd
22:21 -!- lolok [~lolok@user/lolok] has joined #openbsd
22:21 -!- Hackerpcs [~user@user/hackerpcs] has joined #openbsd
22:24 -!- gman999 [~GMan999@user/gman999] has joined #openbsd
22:25 -!- lavaball [~Melissa@31.204.155.215] has quit [Ping timeout: 264 seconds]
22:26 -!- mlarkin [~mlarkin@syn-076-081-194-027.biz.spectrum.com] has quit [Ping timeout: 264 seconds]
22:26 -!- Ocaml_user55 [~Ocaml_use@2600:4040:2678:9600:b1c4:ced3:242d:1252] has joined #openbsd
22:27 -!- LainIwakura85 [~LainIwaku@user/LainIwakura] has quit [Quit: Client closed]
22:27 -!- mlarkin [~mlarkin@syn-076-081-194-027.biz.spectrum.com] has joined #openbsd
22:38 -!- rc [~rc@user/rc] has joined #openbsd
22:40 -!- user71 [~user71@2001:1530:1052:7fa5:f6ec:ba6a:e81:4c37] has quit [Quit: user71]
22:43 -!- tvtoon [~The_cUnix@user/tvtoon] has joined #openbsd
22:43 -!- naoki [~Thunderbi@240f:10b:7440:1:7dcf:d79:f46a:f106] has joined #openbsd
22:46 -!- padeksist [~padeksist@2001:16e0:207:de00:a8dd:9e16:b813:fc4b] has quit [Quit: WeeChat 4.7.1]
22:47 -!- byteskeptical [~amnesia@user/byteskeptical] has joined #openbsd
22:47 -!- Xe_ [~Xe@perl/impostor/xe] has quit [Quit: ZNC 1.10.1 - https://znc.in]
22:49 -!- Xe [~Xe@perl/impostor/xe] has joined #openbsd
22:50 -!- drainer31 [~alice@user/Drainer333] has joined #openbsd
22:51 -!- drainer333 [~alice@user/Drainer333] has quit [Ping timeout: 264 seconds]
23:03 -!- vampiredamewood [~vdamewood@fedora/vdamewood] has joined #openbsd
23:03 -!- bigato [~bigato@user/bigato] has quit [Ping timeout: 244 seconds]
23:03 -!- stuart [~stuart@2001:4091:a247:82f7:112a:e057:37b2:a4df] has quit [Remote host closed the connection]
23:04 -!- emmanuelux [~emmanuelu@user/emmanuelux] has joined #openbsd
23:06 -!- feriman [~feriman@user/feriman] has quit [Ping timeout: 244 seconds]
23:07 -!- lavaball [~Melissa@31.204.155.215] has joined #openbsd
23:09 -!- km [~km@c978F5BC1.dhcp.as2116.net] has quit [Remote host closed the connection]
23:09 -!- housemate [~housemate@146.70.154.69] has quit [Quit: If there was nothing to see, there. It is BECAUSE I WASN'T THERE, MAN..!]
23:13 -!- WalterWeizen [~quassel@user/WalterWeizen] has quit [Ping timeout: 264 seconds]
23:15 < CommonNickname> how "stupid" is, to rcctl disable dhcpd/dhcpleased since we are using static ip addrs for all machines? 
23:17 -!- housemate [~housemate@146.70.154.70] has joined #openbsd
23:17 < CommonNickname> I remember about reading that we shouldn'Ât disable dhcpd service, even if using static ips. So, I wish to understand why.
23:17 < pardis> dhcpd is disabled by default
23:18 < pardis> and shouldn't be enabled unless you plan to use it
23:18 < pardis> dhcpleased can probably be disabled if you don't need it, but it's not like you'll gain much from doing so, it's not a resource hog
23:19 -!- stuart [~stuart@195.52.190.242] has joined #openbsd
23:20 -!- wnh [~Thunderbi@user/wnh] has quit [Ping timeout: 260 seconds]
23:24 -!- stuart [~stuart@195.52.190.242] has quit [Ping timeout: 264 seconds]
23:28 < thrig> servers with static configs may benefit from daemons not screwing around with IP addresses or configuration files
23:32 -!- LainIwakura [~LainIwaku@user/LainIwakura] has joined #openbsd
23:34 -!- mjl- [~mjl-@paprika.axillis.nl] has joined #openbsd
23:35 < ssm_> I disable dhcpleased on my crappy 512M vps. I need every byte I can get
23:36 < ssm_> dhcpleased has 3 processes that in total use ~5MB res, which isn't nothing I guess
23:36 -!- seninha [~seninha@user/seninha] has quit [Quit: Leaving]
23:37 < CommonNickname> more details to understand: pf will block packages that target services that are no in use? I guess it doesn't, because the internal host get the requests feedback. I open pftop in the dedicated machine that is serving http. Shouldn't the firewall (block those packages before they get the internal host) ? 
23:40 < thrig> the firewall does what you told it to by way of the rules
23:40 -!- Xe [~Xe@perl/impostor/xe] has quit [Quit: ZNC 1.10.1 - https://znc.in]
23:40 < CommonNickname> "the way".. the sequence maters? 
23:41 < CommonNickname> for pf, the man pages suggest to block first and pass in the end
23:43 -!- Xe [~Xe@perl/impostor/xe] has joined #openbsd
23:44 -!- gtlwuc [uid621242@user/gtlwuc] has joined #openbsd
23:48 < thrig> not understanding your rules would be a good way to get surprising results
23:49 -!- jgh [~jgh@hellmouth.gulag.org.uk] has quit [Remote host closed the connection]
23:49 -!- adip [~adip@c145-48.icpnet.pl] has quit [Ping timeout: 244 seconds]
23:53 -!- librecat [uid714233@id-714233.helmsley.irccloud.com] has quit [Quit: Connection closed for inactivity]
--- Log closed Wed Oct 29 00:00:51 2025