For me, personally, the main consideration when picking OPNSense was the behaviour of pfSense towards the fork. “Distasteful” is rather the understatement, I feel.
See, i don’t care about politics so much. I’m more concerned about whether something works or not and whether i am legally entitled to use it.
I went into the pfsense vs. opnsense comparison from a technical standpoint and opnsense just simply doesn’t hold up in my opinion.
It’s less feature complete and it’s flaky (i’ve experienced first hand within a month). There’s NO WAY i would run it in my production environment based on experience so far. Maybe i had a bad run, but i’ve run pfsense for years and never had an issue (and i’m only now considering running it in “important” roles at work as a result).
I’d also suggest (having looked into it since) that the opnsense guys spread a bunch of FUD about pfsense and started the shit flinging. not to excuse further shit slinging, but if you’re going to start spreading shit about somebody’s work you have to expect blow-back. Which they got.
So… gnome.
Wtf does “adjust for TV” do in gnome display settings.
I’ve looked at help.gnome.org here:
https://help.gnome.org/users/gnome-help/stable/look-resolution.html.en
and it is not mentioned.
It is not documented in the UI
There’s no tool tip.
what is it supposed to do? tried turning it on and it just made things look… worse? Surely, a mouse-over explanation would be … useful?
Surely for someone to add this “feature” there must be a reason? But for all my googling and reading gnome docs, i can’t find it?
I mean…
were you looking to post that in “small linux problem thread” ?
I don’t go in that thread. But yeah maybe not strictly sysadmin stuff. Like about 30-50% of this thread 
FUUUUU … Today a juniper core just went haywire … faild to reboot, won’t reply to anything but flooded the interco in the ring … all front was down. I had to drive to the DC in order to unplug it … I want managed PDU so bad :’(
1 Like
Mother fuck hell yeah bitches.
Did I say ten minutes? LOL THAT SHIT TOOK SIXTY MOTHER FUCKING SECONDS.
Granted, performing the backups, archiving, making the database changes, and clicking “Create Release” added about nine minutes to that, but still 
The job was a success, but we ended up having to roll back. We have out dated testing material which generated some confusion as to whether or not the deployment was causing outages/404s. Once we had correct test data, we found inconsistencies with valid links. A database change had been missed and a table was skipped being updated. We also faced permission issues on two of the four servers behind the load balancers. Two of the servers lacked write permissions and were set to read only.
Database changes are being integrated into the CI/CD platform, making our process more resilient to human error and oversight. We have modified our documentation to include the correct permissions, which are being implemented on persistent servers and added to our CI/CD pipeline where necessary.
Practicing the post-mortem
6 Likes
Guess I’ll find out, given how both sides spread loads of FUD about the other it’s hard to know what’s what just by searching (which is a sad situation in itself). Based on what I’ve been reading on STH both are doing pretty well nowadays though.
To briefly touch on the fud topic again though. Hijacking a domain (OPNSense had to sue to get the opnsense.org domain from pfSense) and putting a rather distasteful site on it is going a bit beyond just fud (it’s still on the wayback machine, if you care, just be aware that it’s very much nsfw under the archive.org banner).
Should OPNSense turn out to be a trainwreck I’ll proably switch to pfSense (or look into other options) as I don’t exactly have a horse in this race, but I very much do let principles be a factor in my decision making, as long as the other options are just as good (I’ll take minor inconveniences/higher learning curve, but not less stability)
Probably fixes overscan
2 Likes
Just ping it.
approximately 200 seconds if you are saturating the full 10G, otherwise the speed is only as fast as the processor and disk can handle.
Out of curiosity, is this an actual enterprise network or a lab?
1 Like
@freqlabs, how would you replicate hostname -i in FreeBSD? Tools like host and dig ignore the hosts file.
How about
host `hostname` 2>/dev/null || getent hosts `hostname`
host ignores hosts file
how about now
I think I’d switch the order, but yes, that’s great, thank you!
Also, change to to getent ahosts, otherwise I just get ::1
1 Like
How do people feel about a condensed sed function like this?
# replace or append line of config in a file
# usage: replace_or_append param delim val file
function replace_or_append {
sed -i '/^#*'"${1}${2}"'.*$/ { c'"${1}${2}${3}"'; :rpl; n; b rpl }
$a'"${1}${2}${3}" \
"${4}"
return $?
}
# configure dnf
sudo replace_or_append "installonly_limit" "=" "10" "/etc/dnf/dnf.conf"
sudo replace_or_append "deltarpm" "=" "1" "/etc/dnf/dnf.conf"
sudo replace_or_append "repo_gpgcheck" "=" "1" "/etc/dnf/dnf.conf"
sudo replace_or_append "localpkg_gpgcheck" "=" "1" "/etc/dnf/dnf.conf"
vs spreading the sed out, declaring variables, etc:
# replace or append line of config in a file
# usage: replace_or_append param delim val file
function replace_or_append () {
declare local param="$1"
declare local delim="$2"
declare local val="$3"
declare local file="$4"
sed -i '/^#*\('"${param}${delim}"'\).*$/ {
s//\1'"${val}"'
:noappend
n
b noappend
q
}
$a'"${param}${delim}${val}" \
"${file}"
return $?
}
Yeah, i saw that. Not condoning it, but the opnsense guys started spreading FUD about a product that involves somebody’s livelihood (it is commercially supported and products including it are sold to put food on table) so again, expect blow-black.
Based purely on technical merit… opnsense offers me nothing (it is IMHO several steps backwards). pfsense has commercial support available. Which also makes it a far easier sell to management.
Maybe? Who knows. Typical “state of open-source documentation” or “state of linux desktop development” shit.
Somebody can jump through the hoops to push a feature that isn’t even clear what it does, but can’t even provide a description in the UI for what it is even supposed to do
I mean even just labelling it “fix overscan” would be far better than “Adjust for TV”. Adjust what?
/pet rant
That wouldn’t work for a config like MySQL… Certain parameters have to be under certain sections( when the line isn’t defined so it could be replaced)
1 Like
I don’t mean it to be a completely universal function for configuring anything. I just do a lot of sed to replace x = y or x [whitespace] y. The functionality is exactly what I want. I’m just wondering about the style.
Also, trying to implement conditional system restarting in cron, but systemd won’t let me. What’s the right way to do this?
# schedule reboot in 24 hours if necessary and email notification to root
needs-restarting -r >/dev/null ||
printf "Subject: $(hostname -f) - Reboot Scheduled
$(needs-restarting -r)
$(shutdown -r +1440)" |
sendmail -F "updates@$(hostname -f)" root
systemd says:
Failed to set wall message, ignoring: Interactive authentication required.
Failed to call ScheduleShutdown in logind, proceeding with immediate shutdown: Interactive authentication required.
Essentially it only wants to schedule a reboot if the command is coming from an active user session.
Do it as root
2 Likes