#IPv6 rocks. Flawless physical migration with only a very minor downtime :-).
Thinking about networks as segregated network segments is just SO MUCH easier, this time around, I went #IPv6only and didn't even bother with setting up IPv4.
@goetz@feld afaik, yes. But I don't use DHCPv6 beyond as a client for prefix delegation from ISP, internally I use SLAAC with the privacy extensions disabled for machines.
This means I just assign and route the /64s I need, and apply changes to the DNS zones, which I manage with the prefixes as a variable.
Then, ofc, firewalls usually have to be checked a tad, but provisioning takes care of the pf macros :-) and of programs that need the IP addresses (like pg_hba to limit hosts).
Yes, in certain cases it can be an overhead, but it really is just layered security. Should sth be funky with my firewall, each database can still only be accessed by their allowed hosts, also using authentication.
Of course this depends on the nature of the service, but I'd argue most of the time, the list of hosts that need access to a given database is pretty static and short.
I do prefer adding effective layers of security for little overhead :-).
@subpop
TL;DR: probs no remote OpenSSH vuln in #BSD, but maybe things to be discovered along with Linux'
From what I gathered: it relies on glibc, and on OpenSSH-server being patched to depend on libsystemd0.
So, in theory, the #BSD s would not vulnerable to this instance of issues.
HOWEVER: xz 5.4.4 is included in e.g. #FreeBSD base, and it is posterior to the account being involved in xz, and a similar thing happens with libarchive.
I can imagine something similar happens with other #BSD
The last two things I loved watching were "Sense 8" and "She Ra" (this one following a recommendation here in the #fediverse!)
What would you recommend me to watch next based on the above?
Old stuff welcome, I likely haven't watched it - I want perhaps one episode every two weeks or so on average. Has to be available in some way in the Netherlands in English or German. Finished series preferred.
(Things I definitely dislike: romcoms and comedy.)
Now I remember why I started my book blog 😅 So that it would motivate me to read and so I wouldn't spend time on social media and YouTube lol 😆 Guess maybe I need to start it back up again. 🤔
I think I'm going to put #FreeBSD aside for a while as since the 14.0 update and believe me I have even done a fresh install. I cannot get any #Wayland compositor to run. I've read the handbook and even went back through the previous help I got from @evilham . I know seatd is working and I have XDG_RUNTIME_DIR set correct it's just that sway,river or hyprland just exit on signal 6 ( core dumped) the seat is running fine. I have my i915kms driver loaded according to kldstat. :void: #Linux is home
I'd need an actual computer to check, but you can also try getting the appropriate intel firmware pkg from the same link (pkg info | grep firmware should tell you the name of the package).
@feld I thought this was something related to our boot-loader, but no, it seems like it's grub2 itself which cannot boot from XFS and Debian will happily let one install things like that :-).
So I guess that if one doesn't want a journaling FS, the answer is to make sure there is an ext2 partition for grub2 and then the XFS partition for the rest.
Has anyone ever installed #FreeBSD on a ThinkPad P14s Gen 1 AMD Ryzen 7 pro 4750u with integrated AMD Renoir GPU and got the GPU working out of interest ???
Just wondering how I could test comparability without wiping what's already installed ? 🤔
I have to say that after a bit of a faff to get #Wayland window managers to run caused most probably by yours truly. I am finding #FreeBSD to be really better than expected. I can run the likes of Sway, River, Hyprland without issue and I'm really liking ZFS with encryption and OMG Geli doesn't half unlock the filesystem fast. It unlocks on this poor wee Celeron faster than my AMD Thinkpad P14s does with #VoidLinux luks and grub. Not saying I'm a convert just saying that's all. 😉 :freebsd:
FWIW: I just had one of those "OMG #FreeBSD keeps making my life easier" moments.
Turns out, routing tables are surprisingly easy to manage, I just had never had a need for that, but was able to figure a "complex" networking situation in a matter of a couple minutes by looking at tcpdumps and a couple manuals :-).
#FreeBSD folks I have an issue and I think I need to either change permissions or add my user to a group ? I have installed the following #Wayland#WM Sway, River and to see if it works Hyprland. I can run Sway no problem as my user justine but both River and Hyprland refuse as my user but I am able to run them up as root which I know is very wrong. So how do I fix this as cannot see anything in the FreeBSD manual ??
@JustineSmithies great, so your user doesn't have permissions there! (try with your user mkdir /tmp/test)
That's probably the issue, are you sure it's a temporary file system? (mount -l should say something like tmpfs)
The permissions should probably look like this: drwxrwxrwt
ooh, so, to figure out which FS is actually under /tmp (I'd bet on ZFS' tmp as IIRC that runs later) you can run: df -h /tmp
In any case, to isolate that, you can force yet another mount on the same dir (mount -t tmpfs tmpfs /tmp) and check / change the permissions, then try to run river :-D.
If it works we can make these changes permanent!
@JustineSmithies I'd think so! But I'd leave it, it doesn't matter really and in certain cases can be useful (e.g. you are booting in recovery and not all datasets are mounted)