OpenVPN で X509_V_ERR_CA_MD_TOO_WEAK

12.0-RELEASE にしたら /usr/src/crypto/openssl の openssl 1.0.2o -> 1.1.1a の影響を受けて
Signature Algorithm: md5WithRSAEncryption
の証明書がサーバー側で弾かれるようになった。

VERIFY ERROR: depth=0, error=CA signature digest algorithm too weak: CN=XX

サーバー側で対応したい。
参考。 https://github.com/fabio-d/openvpn-MD5-hack ありがとうございます。

サーバー側の設定ファイルに tls-cert-profile "legacy_md5" を足して

# cat /usr/ports/security/openvpn/files/patch-src_openvpn_ssl__openssl.c
--- src/openvpn/ssl_openssl.c.orig      2019-02-20 12:28:23 UTC
+++ src/openvpn/ssl_openssl.c
@@ -499,6 +499,10 @@ tls_ctx_set_cert_profile(struct tls_root_ctx *ctx, con
         SSL_CTX_set_security_level(ctx->ctx, 3);
         SSL_CTX_set_cipher_list(ctx->ctx, "SUITEB128");
     }
+    else if (0 == strcmp(profile, "legacy_md5"))
+    {
+        SSL_CTX_set_security_level(ctx->ctx, 0);
+    }
     else
     {
         msg(M_FATAL, "ERROR: Invalid cert profile: %s", profile);
もちろんクライアント側の証明書を配布しなおせればよいんですけど。

jailの作成から起動・終了まで19秒。

内訳は
base.txzを展開するだけのjailの作成に11秒。
perlと Plack を入れるのに5秒。
Catalyst を入れるのに2秒。(参考までに)
テストの200確認は一瞬。

base.txzとパッケージはダウンロード済みとしています。

--> tar xzf base.txz -C /usr/home/bokutin/code/try/jail_plack/jail/1563847834
ret:0 elapsed:10.945429s (00:00:10.945429)
--> mount_nullfs /var/cache/pkg /usr/home/bokutin/code/try/jail_plack/jail/1563847834/var/cache/pkg
ret:0 elapsed:10.947916s (00:00:10.947916)
--> jail -c name=1563847845 path=/usr/home/bokutin/code/try/jail_plack/jail/1563847834 ip4=inherit mount.devfs persist
ret:0 elapsed:10.949973s (00:00:10.949973)
--> cp -p /etc/pkg/MyPoudriere.conf /usr/home/bokutin/code/try/jail_plack/jail/1563847834/etc/pkg/FreeBSD.conf
ret:0 elapsed:10.951066s (00:00:10.951066)
--> pkg -j 1563847845 install -y p5-Plack
Updating MyPoudriere repository catalogue...
[] Fetching meta.txz: . done
[] Fetching packagesite.txz: .......... done
Processing entries: .......... done
MyPoudriere repository update completed. 2851 packages processed.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 27 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	p5-Plack: 1.0047
	p5-HTTP-Headers-Fast: 0.21
	p5-HTTP-Date: 6.02_1
	perl5: 5.28.2
	p5-HTTP-Entity-Parser: 0.21
	p5-WWW-Form-UrlEncoded: 0.26
	p5-HTTP-MultiPartParser: 0.02
	p5-Stream-Buffered: 0.03_1
	p5-Hash-MultiValue: 0.16
	p5-JSON-MaybeXS: 1.004000
	p5-Cpanel-JSON-XS: 4.12
	p5-HTTP-Body: 1.22
	p5-HTTP-Message: 6.18
	p5-LWP-MediaTypes: 6.04
	p5-URI: 1.76
	p5-IO-HTML: 1.001_1
	p5-Encode-Locale: 1.05
	p5-Cookie-Baker: 0.09
	p5-Apache-LogFormat-Compiler: 0.35
	p5-POSIX-strftime-Compiler: 0.41
	p5-Try-Tiny: 0.30
	p5-Path-Class: 0.37
	p5-Filesys-Notify-Simple: 0.12_1
	p5-File-ShareDir: 1.116
	p5-Class-Inspector: 1.34
	p5-Devel-StackTrace-AsHTML: 0.15
	p5-Devel-StackTrace: 2.04

Number of packages to be installed: 27

The process will require 61 MiB more space.
[] [1/27] Installing perl5-5.28.2...
[] [1/27] Extracting perl5-5.28.2: .......... done
[] [2/27] Installing p5-HTTP-Date-6.02_1...
[] [2/27] Extracting p5-HTTP-Date-6.02_1: ....... done
[] [3/27] Installing p5-Cpanel-JSON-XS-4.12...
[] [3/27] Extracting p5-Cpanel-JSON-XS-4.12: .......... done
[] [4/27] Installing p5-LWP-MediaTypes-6.04...
[] [4/27] Extracting p5-LWP-MediaTypes-6.04: ........ done
[] [5/27] Installing p5-URI-1.76...
[] [5/27] Extracting p5-URI-1.76: .......... done
[] [6/27] Installing p5-IO-HTML-1.001_1...
[] [6/27] Extracting p5-IO-HTML-1.001_1: ....... done
[] [7/27] Installing p5-Encode-Locale-1.05...
[] [7/27] Extracting p5-Encode-Locale-1.05: ....... done
[] [8/27] Installing p5-WWW-Form-UrlEncoded-0.26...
[] [8/27] Extracting p5-WWW-Form-UrlEncoded-0.26: .......... done
[] [9/27] Installing p5-HTTP-MultiPartParser-0.02...
[] [9/27] Extracting p5-HTTP-MultiPartParser-0.02: ........ done
[] [10/27] Installing p5-Stream-Buffered-0.03_1...
[] [10/27] Extracting p5-Stream-Buffered-0.03_1: .......... done
[] [11/27] Installing p5-Hash-MultiValue-0.16...
[] [11/27] Extracting p5-Hash-MultiValue-0.16: ....... done
[] [12/27] Installing p5-JSON-MaybeXS-1.004000...
[] [12/27] Extracting p5-JSON-MaybeXS-1.004000: ....... done
[] [13/27] Installing p5-HTTP-Message-6.18...
[] [13/27] Extracting p5-HTTP-Message-6.18: .......... done
[] [14/27] Installing p5-POSIX-strftime-Compiler-0.41...
[] [14/27] Extracting p5-POSIX-strftime-Compiler-0.41: ....... done
[] [15/27] Installing p5-Class-Inspector-1.34...
[] [15/27] Extracting p5-Class-Inspector-1.34: ......... done
[] [16/27] Installing p5-Devel-StackTrace-2.04...
[] [16/27] Extracting p5-Devel-StackTrace-2.04: ........ done
[] [17/27] Installing p5-HTTP-Headers-Fast-0.21...
[] [17/27] Extracting p5-HTTP-Headers-Fast-0.21: ....... done
[] [18/27] Installing p5-HTTP-Entity-Parser-0.21...
[] [18/27] Extracting p5-HTTP-Entity-Parser-0.21: .......... done
[] [19/27] Installing p5-HTTP-Body-1.22...
[] [19/27] Extracting p5-HTTP-Body-1.22: .......... done
[] [20/27] Installing p5-Cookie-Baker-0.09...
[] [20/27] Extracting p5-Cookie-Baker-0.09: ....... done
[] [21/27] Installing p5-Apache-LogFormat-Compiler-0.35...
[] [21/27] Extracting p5-Apache-LogFormat-Compiler-0.35: ....... done
[] [22/27] Installing p5-Try-Tiny-0.30...
[] [22/27] Extracting p5-Try-Tiny-0.30: ...... done
[] [23/27] Installing p5-Path-Class-0.37...
[] [23/27] Extracting p5-Path-Class-0.37: .......... done
[] [24/27] Installing p5-Filesys-Notify-Simple-0.12_1...
[] [24/27] Extracting p5-Filesys-Notify-Simple-0.12_1: ....... done
[] [25/27] Installing p5-File-ShareDir-1.116...
[] [25/27] Extracting p5-File-ShareDir-1.116: .......... done
[] [26/27] Installing p5-Devel-StackTrace-AsHTML-0.15...
[] [26/27] Extracting p5-Devel-StackTrace-AsHTML-0.15: ....... done
[] [27/27] Installing p5-Plack-1.0047...
[] [27/27] Extracting p5-Plack-1.0047: .......... done
Message from perl5-5.28.2:

The /usr/bin/perl symlink has been removed starting with Perl 5.20.
For shebangs, you should either use:

#!/usr/local/bin/perl

or

#!/usr/bin/env perl

The first one will only work if you have a /usr/local/bin/perl,
the second will work as long as perl is in PATH.
ret:0 elapsed:16.399829s (00:00:16.399829)
--> pkg -j 1563847845 install -y p5-Catalyst-Runtime
Updating MyPoudriere repository catalogue...
MyPoudriere repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 76 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	p5-Catalyst-Runtime: 5.90124
	p5-libwww: 6.39
	p5-WWW-RobotRules: 6.02_1
	p5-HTTP-Negotiate: 6.01_1
	p5-HTTP-Daemon: 6.04
	p5-HTTP-Cookies: 6.04
	p5-HTML-Parser: 3.72
	p5-HTML-Tagset: 3.20_1
	p5-File-Listing: 6.04_1
	p5-Authen-NTLM: 1.09_1
	p5-Digest-HMAC: 1.03_1
	p5-Net-HTTP: 6.19
	p5-IO-Socket-SSL: 2.066
	p5-Mozilla-CA: 20180117
	p5-Net-SSLeay: 1.85
	p5-IO-Socket-INET6: 2.72_1
	p5-Socket6: 0.29
	p5-Plack-Test-ExternalServer: 0.02
	p5-Plack-Middleware-ReverseProxy: 0.15_1
	p5-Plack-Middleware-RemoveRedundantBody: 0.07_1
	p5-Plack-Middleware-MethodOverride: 0.20
	p5-Plack-Middleware-FixMissingBodyInRedirect: 0.12_1
	p5-CGI-Struct: 1.21_1
	p5-CGI-Simple: 1.210
	p5-Text-SimpleTable: 2.07
	p5-String-RewritePrefix: 0.007_1
	p5-URI-ws: 0.03
	p5-namespace-clean: 0.27
	p5-Package-Stash: 0.38
	p5-Package-Stash-XS: 0.29
	p5-Module-Implementation: 0.09_1
	p5-Module-Runtime: 0.016
	p5-Dist-CheckConflicts: 0.11_1
	p5-B-Hooks-EndOfScope: 0.24
	p5-Variable-Magic: 0.62
	p5-Sub-Exporter-Progressive: 0.001013
	p5-Sub-Exporter: 0.987_1
	p5-Sub-Install: 0.928_1
	p5-Params-Util: 1.07_2
	p5-Data-OptList: 0.110
	p5-Tree-Simple-VisitorFactory: 0.15
	p5-Tree-Simple: 1.33
	p5-Task-Weaken: 1.06
	p5-Safe-Isa: 1.000010
	p5-PerlIO-utf8_strict: 0.007
	p5-MooseX-MethodAttributes: 0.31
	p5-namespace-autoclean: 0.28
	p5-Sub-Identify: 0.14
	p5-MooseX-Types: 0.50
	p5-Sub-Name: 0.21,1
	p5-Sub-Exporter-ForMethods: 0.100052
	p5-Moose: 2.2011,1
	p5-Scalar-List-Utils: 1.50,1
	p5-Package-DeprecationManager: 0.17_1
	p5-Module-Runtime-Conflicts: 0.003_1
	p5-MRO-Compat: 0.13
	p5-Class-C3: 0.34
	p5-Algorithm-C3: 0.10_1
	p5-Eval-Closure: 0.14
	p5-Devel-OverloadInfo: 0.005
	p5-Devel-GlobalDestruction: 0.14
	p5-Class-Load-XS: 0.10
	p5-Class-Load: 0.25
	p5-Carp-Clan: 6.07
	p5-MooseX-Getopt: 0.74
	p5-MooseX-Role-Parameterized: 1.10
	p5-MooseX-ConfigFromFile: 0.14
	p5-MooseX-Types-Path-Tiny: 0.012
	p5-Path-Tiny: 0.108
	p5-MooseX-Types-Stringlike: 0.003_1
	p5-Getopt-Long-Descriptive: 0.104
	p5-Params-Validate: 1.29
	p5-MooseX-Emulate-Class-Accessor-Fast: 0.009032
	p5-Module-Pluggable: 5.2
	p5-Data-Dump: 1.23_1
	p5-Class-C3-Adopt-NEXT: 0.14

Number of packages to be installed: 76

The process will require 8 MiB more space.
[] [1/76] Installing p5-Sub-Install-0.928_1...
[] [1/76] Extracting p5-Sub-Install-0.928_1: ....... done
[] [2/76] Installing p5-Params-Util-1.07_2...
[] [2/76] Extracting p5-Params-Util-1.07_2: ........ done
[] [3/76] Installing p5-Module-Runtime-0.016...
[] [3/76] Extracting p5-Module-Runtime-0.016: ....... done
[] [4/76] Installing p5-Data-OptList-0.110...
[] [4/76] Extracting p5-Data-OptList-0.110: ....... done
[] [5/76] Installing p5-Package-Stash-XS-0.29...
[] [5/76] Extracting p5-Package-Stash-XS-0.29: ........ done
[] [6/76] Installing p5-Module-Implementation-0.09_1...
[] [6/76] Extracting p5-Module-Implementation-0.09_1: ...... done
[] [7/76] Installing p5-Dist-CheckConflicts-0.11_1...
[] [7/76] Extracting p5-Dist-CheckConflicts-0.11_1: ....... done
[] [8/76] Installing p5-Sub-Exporter-0.987_1...
[] [8/76] Extracting p5-Sub-Exporter-0.987_1: .......... done
[] [9/76] Installing p5-Algorithm-C3-0.10_1...
[] [9/76] Extracting p5-Algorithm-C3-0.10_1: ....... done
[] [10/76] Installing p5-Package-Stash-0.38...
[] [10/76] Extracting p5-Package-Stash-0.38: .......... done
[] [11/76] Installing p5-Variable-Magic-0.62...
[] [11/76] Extracting p5-Variable-Magic-0.62: ........ done
[] [12/76] Installing p5-Sub-Exporter-Progressive-0.001013...
[] [12/76] Extracting p5-Sub-Exporter-Progressive-0.001013: ....... done
[] [13/76] Installing p5-Class-C3-0.34...
[] [13/76] Extracting p5-Class-C3-0.34: ......... done
[] [14/76] Installing p5-B-Hooks-EndOfScope-0.24...
[] [14/76] Extracting p5-B-Hooks-EndOfScope-0.24: .......... done
[] [15/76] Installing p5-Sub-Identify-0.14...
[] [15/76] Extracting p5-Sub-Identify-0.14: ........ done
[] [16/76] Installing p5-Sub-Name-0.21,1...
[] [16/76] Extracting p5-Sub-Name-0.21,1: ........ done
[] [17/76] Installing p5-MRO-Compat-0.13...
[] [17/76] Extracting p5-MRO-Compat-0.13: ....... done
[] [18/76] Installing p5-Class-Load-0.25...
[] [18/76] Extracting p5-Class-Load-0.25: ........ done
[] [19/76] Installing p5-namespace-clean-0.27...
[] [19/76] Extracting p5-namespace-clean-0.27: ........ done
[] [20/76] Installing p5-Scalar-List-Utils-1.50,1...
[] [20/76] Extracting p5-Scalar-List-Utils-1.50,1: .......... done
[] [21/76] Installing p5-Package-DeprecationManager-0.17_1...
[] [21/76] Extracting p5-Package-DeprecationManager-0.17_1: ...... done
[] [22/76] Installing p5-Module-Runtime-Conflicts-0.003_1...
[] [22/76] Extracting p5-Module-Runtime-Conflicts-0.003_1: ....... done
[] [23/76] Installing p5-Eval-Closure-0.14...
[] [23/76] Extracting p5-Eval-Closure-0.14: ....... done
[] [24/76] Installing p5-Devel-OverloadInfo-0.005...
[] [24/76] Extracting p5-Devel-OverloadInfo-0.005: ....... done
[] [25/76] Installing p5-Devel-GlobalDestruction-0.14...
[] [25/76] Extracting p5-Devel-GlobalDestruction-0.14: ....... done
[] [26/76] Installing p5-Class-Load-XS-0.10...
[] [26/76] Extracting p5-Class-Load-XS-0.10: ....... done
[] [27/76] Installing p5-Socket6-0.29...
[] [27/76] Extracting p5-Socket6-0.29: ....... done
[] [28/76] Installing p5-namespace-autoclean-0.28...
[] [28/76] Extracting p5-namespace-autoclean-0.28: ....... done
[] [29/76] Installing p5-Sub-Exporter-ForMethods-0.100052...
[] [29/76] Extracting p5-Sub-Exporter-ForMethods-0.100052: ....... done
[] [30/76] Installing p5-Moose-2.2011,1...
[] [30/76] Extracting p5-Moose-2.2011,1: .......... done
[] [31/76] Installing p5-Carp-Clan-6.07...
[] [31/76] Extracting p5-Carp-Clan-6.07: ....... done
[] [32/76] Installing p5-Mozilla-CA-20180117...
[] [32/76] Extracting p5-Mozilla-CA-20180117: ........ done
[] [33/76] Installing p5-Net-SSLeay-1.85...
[] [33/76] Extracting p5-Net-SSLeay-1.85: .......... done
[] [34/76] Installing p5-IO-Socket-INET6-2.72_1...
[] [34/76] Extracting p5-IO-Socket-INET6-2.72_1: ....... done
[] [35/76] Installing p5-MooseX-Types-0.50...
[] [35/76] Extracting p5-MooseX-Types-0.50: .......... done
[] [36/76] Installing p5-HTML-Tagset-3.20_1...
[] [36/76] Extracting p5-HTML-Tagset-3.20_1: ....... done
[] [37/76] Installing p5-Digest-HMAC-1.03_1...
[] [37/76] Extracting p5-Digest-HMAC-1.03_1: .......... done
[] [38/76] Installing p5-IO-Socket-SSL-2.066...
[] [38/76] Extracting p5-IO-Socket-SSL-2.066: .......... done
[] [39/76] Installing p5-Path-Tiny-0.108...
[] [39/76] Extracting p5-Path-Tiny-0.108: ...... done
[] [40/76] Installing p5-MooseX-Types-Stringlike-0.003_1...
[] [40/76] Extracting p5-MooseX-Types-Stringlike-0.003_1: ...... done
[] [41/76] Installing p5-WWW-RobotRules-6.02_1...
[] [41/76] Extracting p5-WWW-RobotRules-6.02_1: ......... done
[] [42/76] Installing p5-HTTP-Negotiate-6.01_1...
[] [42/76] Extracting p5-HTTP-Negotiate-6.01_1: ....... done
[] [43/76] Installing p5-HTTP-Daemon-6.04...
[] [43/76] Extracting p5-HTTP-Daemon-6.04: ....... done
[] [44/76] Installing p5-HTTP-Cookies-6.04...
[] [44/76] Extracting p5-HTTP-Cookies-6.04: .......... done
[] [45/76] Installing p5-HTML-Parser-3.72...
[] [45/76] Extracting p5-HTML-Parser-3.72: .......... done
[] [46/76] Installing p5-File-Listing-6.04_1...
[] [46/76] Extracting p5-File-Listing-6.04_1: ....... done
[] [47/76] Installing p5-Authen-NTLM-1.09_1...
[] [47/76] Extracting p5-Authen-NTLM-1.09_1: ......... done
[] [48/76] Installing p5-Net-HTTP-6.19...
[] [48/76] Extracting p5-Net-HTTP-6.19: .......... done
[] [49/76] Installing p5-MooseX-Types-Path-Tiny-0.012...
[] [49/76] Extracting p5-MooseX-Types-Path-Tiny-0.012: ...... done
[] [50/76] Installing p5-Params-Validate-1.29...
[] [50/76] Extracting p5-Params-Validate-1.29: .......... done
[] [51/76] Installing p5-libwww-6.39...
[] [51/76] Extracting p5-libwww-6.39: .......... done
[] [52/76] Installing p5-Tree-Simple-1.33...
[] [52/76] Extracting p5-Tree-Simple-1.33: ......... done
[] [53/76] Installing p5-MooseX-Role-Parameterized-1.10...
[] [53/76] Extracting p5-MooseX-Role-Parameterized-1.10: .......... done
[] [54/76] Installing p5-MooseX-ConfigFromFile-0.14...
[] [54/76] Extracting p5-MooseX-ConfigFromFile-0.14: ....... done
[] [55/76] Installing p5-Getopt-Long-Descriptive-0.104...
[] [55/76] Extracting p5-Getopt-Long-Descriptive-0.104: .......... done
[] [56/76] Installing p5-Plack-Test-ExternalServer-0.02...
[] [56/76] Extracting p5-Plack-Test-ExternalServer-0.02: ....... done
[] [57/76] Installing p5-Plack-Middleware-ReverseProxy-0.15_1...
[] [57/76] Extracting p5-Plack-Middleware-ReverseProxy-0.15_1: ....... done
[] [58/76] Installing p5-Plack-Middleware-RemoveRedundantBody-0.07_1...
[] [58/76] Extracting p5-Plack-Middleware-RemoveRedundantBody-0.07_1: ....... done
[] [59/76] Installing p5-Plack-Middleware-MethodOverride-0.20...
[] [59/76] Extracting p5-Plack-Middleware-MethodOverride-0.20: ....... done
[] [60/76] Installing p5-Plack-Middleware-FixMissingBodyInRedirect-0.12_1...
[] [60/76] Extracting p5-Plack-Middleware-FixMissingBodyInRedirect-0.12_1: ....... done
[] [61/76] Installing p5-CGI-Struct-1.21_1...
[] [61/76] Extracting p5-CGI-Struct-1.21_1: ...... done
[] [62/76] Installing p5-CGI-Simple-1.210...
[] [62/76] Extracting p5-CGI-Simple-1.210: .......... done
[] [63/76] Installing p5-Text-SimpleTable-2.07...
[] [63/76] Extracting p5-Text-SimpleTable-2.07: ...... done
[] [64/76] Installing p5-String-RewritePrefix-0.007_1...
[] [64/76] Extracting p5-String-RewritePrefix-0.007_1: ....... done
[] [65/76] Installing p5-URI-ws-0.03...
[] [65/76] Extracting p5-URI-ws-0.03: ......... done
[] [66/76] Installing p5-Tree-Simple-VisitorFactory-0.15...
[] [66/76] Extracting p5-Tree-Simple-VisitorFactory-0.15: .......... done
[] [67/76] Installing p5-Task-Weaken-1.06...
[] [67/76] Extracting p5-Task-Weaken-1.06: ....... done
[] [68/76] Installing p5-Safe-Isa-1.000010...
[] [68/76] Extracting p5-Safe-Isa-1.000010: ....... done
[] [69/76] Installing p5-PerlIO-utf8_strict-0.007...
[] [69/76] Extracting p5-PerlIO-utf8_strict-0.007: ........ done
[] [70/76] Installing p5-MooseX-MethodAttributes-0.31...
[] [70/76] Extracting p5-MooseX-MethodAttributes-0.31: .......... done
[] [71/76] Installing p5-MooseX-Getopt-0.74...
[] [71/76] Extracting p5-MooseX-Getopt-0.74: .......... done
[] [72/76] Installing p5-MooseX-Emulate-Class-Accessor-Fast-0.009032...
[] [72/76] Extracting p5-MooseX-Emulate-Class-Accessor-Fast-0.009032: .......... done
[] [73/76] Installing p5-Module-Pluggable-5.2...
[] [73/76] Extracting p5-Module-Pluggable-5.2: .......... done
[] [74/76] Installing p5-Data-Dump-1.23_1...
[] [74/76] Extracting p5-Data-Dump-1.23_1: .......... done
[] [75/76] Installing p5-Class-C3-Adopt-NEXT-0.14...
[] [75/76] Extracting p5-Class-C3-Adopt-NEXT-0.14: ....... done
[] [76/76] Installing p5-Catalyst-Runtime-5.90124...
[] [76/76] Extracting p5-Catalyst-Runtime-5.90124: .......... done
Message from p5-Moose-2.2011,1:

Note that this release of p5-Moose is incompatible with
older versions of the following modules:

       Catalyst                        <= 5.80017
       Devel::REPL                     <= 1.003008
       Fey::ORM                        <= 0.23
       File::ChangeNotify              <= 0.15
       KiokuDB                         <= 0.41
       MooseX::Aliases                 <= 0.07
       MooseX::AttributeHelpers        <= 0.22
       MooseX::AttributeInflate        <= 0.02
       MooseX::Attribute::Prototype    <= 0.10
       MooseX::ClassAttribute          <= 0.13
       MooseX::FollowPBP               <= 0.02
       MooseX::HasDefaults             <= 0.02
       MooseX::InstanceTracking        <= 0.04
       MooseX::LazyRequire             <= 0.05
       MooseX::MethodAttributes        <= 0.22
       MooseX::NonMoose                <= 0.13
       MooseX::Params::Validate        <= 0.05
       MooseX::Role::Cmd               <= 0.06
       MooseX::Role::WithOverloading   <= 0.07
       MooseX::SemiAffordanceAccessor  <= 0.05
       MooseX::Singleton               <= 0.22
       MooseX::StrictConstructor       <= 0.08
       MooseX::Types                   <= 0.19
       MooseX::UndefTolerant           <= 0.04
       namespace::autoclean            <= 0.08
       Pod::Elemental                  <= 0.093280

They will need to be updated.
Message from p5-Catalyst-Runtime-5.90124:

------------------------------------------------------------------------
NOTE!

The Apache engines have been moved to a separate package: Please install
www/p5-Catalyst-Engine-Apache if you need Apache/mod_perl support.

The parts necessary to do development with Catalyst have been moved to
a separate package: Please install www/p5-Catalyst-Devel, if you need
to develop Catalyst-apps, as opposed to simply running them.

The majority of the documentation has been moved to a separate package as
well: Install www/p5-Catalyst-Manual for the tutorially goodness.
------------------------------------------------------------------------
ret:0 elapsed:18.567568s (00:00:18.567568)
--> jexec 1563847845 daemon plackup -D -p 12869 -e 'sub { [200, [], ["200 ok\n"]] }'
ret:0 elapsed:18.570165s (00:00:18.570165)
--> lwp-request -E http://127.0.0.1:12869
HTTP::Server::PSGI: Accepting connections at http://0:12869/
127.0.0.1 - - [23/Jul/2019:02:10:53 +0000] "GET / HTTP/1.1" 200 7 "-" "lwp-request/6.39 libwww-perl/6.39"
GET http://127.0.0.1:12869
User-Agent: lwp-request/6.39 libwww-perl/6.39

200 OK
Date: Tue, 23 Jul 2019 02:10:53 GMT
Server: HTTP::Server::PSGI
Content-Length: 7
Client-Date: Tue, 23 Jul 2019 02:10:53 GMT
Client-Peer: 127.0.0.1:12869
Client-Response-Num: 1

200 ok
ret:0 elapsed:18.642556s (00:00:18.642556)
--> jail -r 1563847845
ret:0 elapsed:18.645106s (00:00:18.645106)
--> umount /usr/home/bokutin/code/try/jail_plack/jail/1563847834/var/cache/pkg
ret:0 elapsed:18.646434s (00:00:18.646434)
コード
#!/usr/local/bin/perl

use Modern::Perl;
use base qw(App::Cmd::Simple);

use Cwd qw(realpath);
use File::Basename qw(basename);
use File::Path qw(make_path);
use File::Spec::Functions;
use FindBin;
use IO::All;
use Net::EmptyPort qw(empty_port);
use String::ShellQuote;
use Term::ANSIColor;
use Timer::Simple;

sub opt_spec {
    (
        [ "reuse_jail", "" ],
    );
}

sub execute {
    my ($self, $opt, $args) = @_;

    my $t = Timer::Simple->new;
    my sub _cmd {
        my @cmd = @_;
        say colored "--> @{[ shell_quote @cmd ]}", "blue";
        my $ret = system @cmd;
        say colored "ret:$ret elapsed:$t", ($ret == 0 ? "green" : "magenta");
    }

    my $app_home  = realpath catdir $FindBin::Bin, "..";
    my $jail_base;

    if ($opt->reuse_jail) {
        $jail_base = (glob "$app_home/jail/*")[-1] or die;
    }
    else {
        $jail_base = catdir $app_home, "jail", time;
        -d or make_path($_) or die $! for $jail_base;
        # https://download.freebsd.org/ftp/releases/amd64/12.0-RELEASE/base.txz
        _cmd qw(tar xzf base.txz -C), $jail_base;
    }

    my $jail_name  = time;
    my $plack_port = empty_port;

    -d or make_path($_) or die $! for "$jail_base/var/cache/pkg";
    _cmd qw(mount_nullfs /var/cache/pkg), "$jail_base/var/cache/pkg";
    _cmd qw(jail -c), "name=$jail_name", "path=$jail_base", "ip4=inherit", "mount.devfs", "persist";
    _cmd qw(cp -p), "/etc/pkg/MyPoudriere.conf", "$jail_base/etc/pkg/FreeBSD.conf";
    _cmd qw(pkg -j), $jail_name, qw(install -y p5-Plack);
    _cmd qw(pkg -j), $jail_name, qw(install -y p5-Catalyst-Runtime);
    _cmd qw(jexec), $jail_name, qw(daemon plackup -D -p), $plack_port, "-e", 'sub { [200, [], ["200 ok\n"]] }';
    _cmd qw(lwp-request -E), "http://127.0.0.1:$plack_port";
    _cmd qw(jail -r), $jail_name;
    _cmd qw(umount), "$jail_base/var/cache/pkg";
}

__PACKAGE__->import->run;

リモートで reboot 後、起動してこない。
画面は上。
こちらが詳しい。感謝です。
http://www.oceanochemistry.org/publications/TRIOC/PDF/trioc_2015_28_82.pdf

FreeBSD-11.2-RELEASE-amd64-memstick.img で起動して
Shell
mount /dev/ada0p2 /mnt
mv /mnt/boot /mnt/boot.old
cp -Rp /boot /mnt/boot
reboot でSSDから起動できた。

freebsd-update rollback で元通り。
FreeBSDのアップグレードのステップに助けれられたか。。。(userlandまでゴッチャになる前に戻れた)

マザー H97-PRO だけど、BIOSの設定でなんとかなったかも。
復旧優先だったので試せず。

FreeBSD syslogd の -O オプション

rfc5424 に対応したようで microsecond も取れるし、structured_data のパースもできるようだ。
11.3-RELEASE 12.0-RELEASE から追加されたらしい。
https://www.freebsd.org/cgi/man.cgi?query=syslogd&sektion=8
https://github.com/freebsd/freebsd/commits/d178bf09596e0c1c811d30257ec76c55993256ed/usr.sbin/syslogd/syslogd.c

ログ収集を pull 型に

長いこと使ってきた rsyslog だけど、ここにきて収集側のサーバーが止まると送信側も影響を受けるように。。。
溢れたり、imuxsock 分がハングしたり、収集側復旧時に再開されなかったりする。。。
オフィシャルや RainerScript も結構読んだんだけどな。。。udp tcp relp も試したんだけど。。。

古い環境や yum.repo 先が様々で、バージョンやOSも違うし、辛いか。。。

今は良いものいっぱいあるだろうにと思いながら
rrdtools 元さんも https://github.com/oetiker/LogSenderhttps://github.com/oetiker/LogFetcher を書いていたなと思い出して
自分でも pull 型を書いてみることに。

Net::OpenSSH Proclet Parallel::Prefork Log::Unrotate が強力で、思いのほか簡単に書けた。。。ちゃんと動いてる。
tail -c +$resume_pos が強力。あとは alarm システムコールを仕込むぐらい。

収集される側は rsyslog の利用は継続していて /var/log/all.log-YYYY-mm-dd あたりに jsonl で吐くのにつかってる。
あとは imuxsock 分。jail 内のソケットも受け付ける。

収集される側と収集する側のログの md5 が一致してきた。

収集後は、kqueue watcher で増分を処理に掛けるのと、手動で fgrep | ack | recs-totable したり。
荒く絞るのに fgrep は、断トツで速い。

FTP resume, HTTP Range のようだなー。送信側でロスを気にしてあれこれする必要も無くなるし。。。

perl adv
perl adv