suppressing motd on FreeBSD 13.0+

On one recent FreeBSD 13 host, I noticed a lack of motd. The MOTD (Message Of The Day) appears when you login. Typically, it looks like this: [dan@rose:~] $ r720 Last login: Mon Aug 2 00:30:13 2021 from air01.startpoint.vpn.unixathome.org FreeBSD 13.0-RELEASE-p3 (GENERIC) #0: Tue Jun 29 19:46:20 UTC 2021 Welcome to FreeBSD! Release Notes, Errata: https://www.FreeBSD.org/releases/ Security Advisories: https://www.FreeBSD.org/security/ FreeBSD Handbook: https://www.FreeBSD.org/handbook/ FreeBSD FAQ: https://www.FreeBSD.org/faq/ Questions List: https://lists.FreeBSD.org/mailman/listinfo/freebsd-questions/ FreeBSD Forums: https://forums.FreeBSD.org/ Documents installed […]

suppressing motd on FreeBSD 13.0+ Read More »

Trouble with vnet and pf

In the past, I have tried vnet jails with pf, and hit trouble. I was never able to get pf to allow the vnet traffic when having a default ‘block log all’ rule. More recently, I encountered the same problem when using byhve. This time, I moved byhve to another host, which is not using pf and I am writing this post to document the issue. This post is based on two gists

Trouble with vnet and pf Read More »

Tips for running an online conference

NOTE: This post was composed in June 2020. I think I got started running conferences in 2002 when I helped with Open Source Weekend 2003. The next year, I started BSDCan. Three years later, PGCon start. All up, I think I’ve run at least 32 conferences, two of which have been online: BSDCan 2020 and PGCon 2020. This article was planned before the conferences were held. There have been requests to share what

Tips for running an online conference Read More »

Accessing a Dell iDRAC 7 via Nginx reverse proxy

HEADS UP: this is still under review. Until this notice is removed, I recommend not using this. I have a Dell R720 at an ISP. The iDRAC connection is filtered, by the ISP, and is accessible only from a small number of IP addresses. Sure, this talks about a web proxy. It works. So does the ssh forwarding shown at the bottom of this post. NOTE: I should start monitoring that IP addr

Accessing a Dell iDRAC 7 via Nginx reverse proxy Read More »

Ignore files in a subversion working copy

To ignore files in your subversion working directory, try this. [dan@dev-ingress01:~/scripts]: $ svn st M . ? helper_scripts ? show-config.sh ? test-categories.pl ? test-new-xml-code-single.sh ? test-new-xml-code-starting-from.sh I want to ignore all those files, so: $ svn st > .IgnoreThese Then I edit the file, so only the file names are shown. Something like this: Then tell subversion to ignore that list of files. $ svn propset svn:ignore -F .ignoreThese . property ‘svn:ignore’ set

Ignore files in a subversion working copy Read More »

Fixing vulns in poudriere jails

This post was originally a few tweets. It’s not really about upgrading vulnerabilities in poudriere jails either. Read this as if each paragraph was a tweet. When a FreeBSD security alert comes out, or a package is marked as vulnerable, I try to get that fixed as soon as I can. Even if not using the feature. Sometimes a vuln can be leverages against something you are using. Patch it. When it comes

Fixing vulns in poudriere jails Read More »

cron is running all jobs twice – solved

This started earlier today and I solved it only just now. It took me a while to find out it was duplicate cron jobs, and even longer to find out why. It started with lockf notifications (if you’ve never heard of lockf before, please read this Twitter thread for examples). In short, one of those emails said: lockf: /var/run/periodic.hourly.lock: already locked I looked to see if there were any long-running jobs which might

cron is running all jobs twice – solved Read More »

OpenVPN: unsupported certificate purpose

See also SSL client vs server certificates and bacula-fd. I use OpenVPN since at least 2008 – now going on 13 years. I find it to be reliable and stable. A few days ago, I added another client to a VPN. I run this particular network with self-signed certificates which I create using ssl-admin – I find it particularly useful for this purpose. The problem Away I went, creating a new certicate, bundled

OpenVPN: unsupported certificate purpose Read More »

Langille shortlisted for ‘Top Most Promising Motherboard Websites For 2021’

This spam arrived today: Date: Mon, 14 Jun 2021 03:05:03 -0700 (PDT) X-Google-Original-Date: 14 Jun 2021 15:35:02 +0530 MIME-Version: 1.0 From: sona@glamyseoservice.com Greetings! This is Sona from LI Creative Technologies, We are very happy to inform you that Langille has been shortlisted by our editorial board which will be included and honored as “Top Most Promising Motherboard Sites For 2021”. This article with one page profile of selected bloggers will be included to

Langille shortlisted for ‘Top Most Promising Motherboard Websites For 2021’ Read More »

Are all installed packages available for reinstall?

When you install a package, you want to know it’s still around to reinstall. You’ve probably never given this much thought. Neither had I, until I read this post on Reddit. In my case, I run my own poudriere server which allows me to run my own package server. Why run your own package server? build ports with non-default configuration settings: Want databases/mantis build for PostgreSQL, not MySQL? (and who wouldn’t?) – You

Are all installed packages available for reinstall? Read More »