<cehteh>so you want to replace sudo with some other sudo :D
<catern>what does file access have to do with it? we're talking about setuid binaries, which run with full root: the kernel won't block anything they do, so if they have a bug, you're screwed (and setuid is prone to bugs)
<cehteh>actually it might be a nice idea to have the sshd listen on a local socket too *thinking* ..
<catern>sudo/su look at fixed paths in the filesystem to determine who is privileged, which is rather problematic when those fixed paths can be changed to point at anything you want by unprivileged users
<catern>but the only reason it is dangerous that sudo/su look at fixed paths, is that sudo and su and other setuid binaries can actually give people greater than normal privileges
<cehteh>when a unprivileged user can change anything he should not change then its always problematic
<catern>anyway, the existence of setuid binaries is IMO *the* main thing holding us back from the ~glorious unprivileged namespaces future~
<catern>what did you mean, other historic reasons why chroot is not unpriv'd?
<CEHTEH>catern: i'd like the idea to have user defineable chroots and namespaces etc ... but one should think *very* carefully about its implications, i bet there are some people already found and thats the reason why it isnt *that* easy to do
<CEHTEH>me thinks some of this privileges should be non recursive, as soon a user chroots, he cant chroot again inside this chroot for example
<catern>I mean the main gotcha is the setuid issue, there's not much else
<CEHTEH>but starting something new where the principle isnt even well understood/defined might be far more worse
<catern>and at a fundamental level, "send an arbitrary message over IPC" is a far smaller attack surface than "run a process in an arbitrary environment you control" (which are the attack surfaces of sshd and sudo respectively)
<CEHTEH>what happens when a user can recursively chroot like a fork-bomb? how would you prevent that? should that be done in kernel (imo yes), userland policies should be only soft
<CEHTEH>(maybe guix should disallow any suid binary in user installable software, these have to be installed on the system stanza)
<cehteh>anyways, what you propose would be nice, but imo it needs some kernel facilities which are not there yet
<catern>please be more specific: are you talking about removing setuid binaries, or allowing unprivileged chroot?
<catern>(I have some ideas about the latter, but first we need to do the former, which shouldn't need kernel support)
<cehteh>i dont see much difference in a daemon handling the privileged tasks and a suid binary, attack vectors only shift
<cehteh>ideally a user should autenticate per facility (with groups or whatever) to get the requested privilege, and only that without a stopgap over a suid binary or anyting else
<cehteh>when you do some IPC daemon then you have all the problems about IPC handling, buffer overflows, illegal messages, wrong/tampered config files .. and whatever the daemon does is not under the users session/ssid, not conntected to the users terminal (you need some more turnarounds) etc
<catern>however, we already solve all of that with openssh...
<catern>and I already described the major difference between a setuid binary and a daemon: a setuid runs in an environment that the user controls, a daemon runs in a fixed environment and can only be communicated with by messaging
<sneek>taylan, janneke says: thanks i'll play a bit more and try to come with a concrete example of what i encounter. it's in this bit: "all it does is that the unsyntax'd form is evaluated normally rather than as literal syntax. this means that e.g. further (syntax ...) forms within it will just become syntax."
<sneek>taylan, janneke says: any later forms "further (syntax ..) just become syntax"...that's where it gets me recursing/confused
<apteryx>taylan: Ok. I saw I had to do some guix environment command to be able to launch it without a "load-thunk-from-memory "~A" error. Is it possible to configure the guile-emacs package so that it always launches in this environment?
<apteryx>Is this an error in the manual or am I reading wrong, in section 22.214.171.124 Guile and Build Options: `guix-use-substitutes' Has the same meaning as `--no-substitutes' option.
<apteryx>Or maybe it's true the meaning is shared, even one is the complement of the other...
<iyzsong>apteryx: yeah, I think the manual is wrong. "If non-nil, use substitutes for the Guix packages." is what the code (emacs/guix-base.el) says.
<apteryx>OK. Maybe it should say: "Has the opposite effect to `--no-substitute' option.
<apteryx>But by using GuixSD it is well integrated for you.
<reepca>orly_owl: I can switch to a completely new system and as long as I still have my config.scm and a list of packages my user has installed, I can use the system exactly as I did the old one. All it takes is a guix system init. One of the guixsd installs I had on a flash drives died in the line of duty. So I plugged it into my desktop, reformatted and re-ran guix system init, and got up and running again.
<apteryx>hawkwind: Oh, also there is some setup to do with crypttabs or something like that.
<apteryx>It was new to me. You have to provide the UUID of the disk in there else GRUB won't find it. It's like an equivalent of fstab for encrypted drives. Not sure of the details though.
<apteryx>Google /etc/crypttab or something like that.
<jmd>Where do I find the code which parses the /etc/config.scm file?
<reepca>jmd: when you say "parses", do you mean the code that *uses* it (as in guix system reconfigure, etc) or the code that actually looks through the text and assigns meaning to it? I'm not sure where the code that does the former is, but guile does the latter I'm pretty sure
<jmd>reepca: Is there any way to do any pre-processing/sanity checking on it?
<reepca>could you explain what you mean by that? Is guile not parsing it correctly, or not handling errors well?
<marusich>What is the issue? I joined partway through.
<jmd>marusich: I'm trying to catch errors in /etc/config.scm earlier.
<jmd>(and possibly do some pre-processing on the fields).
<reepca>the code that should be giving errors if the kernel doesn't accept the settings should be in switch-to-system, I would think
<marusich>Ah, I see. Yes, that would be nice. Perhaps you already know, but just in case you don't: the <operating-system> record type is defined using the define-record-type* syntax, which itself is defined in (guix records). Perhaps you can play with that and figure out a way to add validation?
<marusich>jmd, many record types in Guix are defined using that syntax, so if you could figure out a way to add validation into it, you could probably take advantage of it anywhere we define records.
<jmd>Right. I'm wondering if this "thunked" attribute could be used for that purpose.
<marusich>I don't know a lot about the syntax, but I imagine that maybe you could make it so that you could add a validation procedure or something for the record being defined, and then for each record, if you wanted, you could add that to do validation
<marusich>Additionally, if there is something you can catch at macro-expansion time, you could use syntax-error as described in (guile) Syntax Rules
<marusich>It would be nice to have better error messages, for sure. I find Guile's error messages and stack traces to be rather cryptic.
<reepca>Some additional grepping leads me to believe that the actual setting of the system's hostname is done by the guix daemon, which I think currently uses nix's implementation. In which case it's not properly communicating to the client that something failed. I could be wrong about that, though.
<GNUtoo-irssi>Hopefully this time I will get it working again, I'm struggling to make it work since months, but given how exiting guix is, I don't give up that easily
<amz3>where should I put link-grammar (LG) software in the package repository. «LG is a syntactic parser of English. Given a sentence, the system assigns to it a syntactic structure, which consists of a set of labelled links connecting pairs of words»
<amz3>it's a natural language processing (NLP) software written in C
<efraim>ng0: I'm working on applying the psyclpc, but the hash from git-download changes each time I tell it to build
<marusich>efraim, so, most of the time a few of them fail and I suppose I could investigate. I'm just curious to know if anyone has ever seen all the tests pass.\\
<efraim>i've only ever run make test on my aarch64 board which has other issues with the guix repo, so i've never actually seen them all pass
<efraim>although I assume they must pass, we run the tests when building guix
<marusich>efraim, most recently, however, I get an error about a hash mismatch during substitution: "@ substituter-failed /gnu/store/281c08mmhjx3ijf84yga8sll3iqzsc38-module-import-compiled 0 hash mismatch in downloaded path `/gnu/store/281c08mmhjx3ijf84yga8sll3iqzsc38-module-import-compiled': expected 6bdd1e15d6c70607b65a897ddc4cc0184922ab0065abc68f745d8dfcc35168e4, got 89d7db7656788f125d79c81aeb4466a12581f713607e6d1e2e77e8c130aa95b5"
<marusich>I don't recall this happening before. I have gone from previously being able to pass some tests (but not all), to not even being able to run check-system at all.
<marusich>But never have I seen all the tests pass.
<marusich>So, I was just curious to know if anyone has ever seen them all pass.
<ng0>thanks for merging the vim-full :) and regarding vim for guix, i think a guix vimscript might be the better idea, maintained outside of guix source so that other distributions can install it system-wide.
<efraim>ng0: I cloned the repo twice, got a different hash for psyclpc and psyclpc2
<marusich>I launch my VMs with a command like the following, and it works well enough as far as I can tell: "sudo qemu-system-x86_64 -smp cpus=2 -net user -net nic,model=virtio -enable-kvm -m 4096 /path/to/disk/image"
<marusich>I'm sure there are a million other ways to do it.
<marusich>It's a bit confusing with all the options; you kind of have to read the manual closely to figure out what to do.
<ng0>i'm giving this now a first run to see wether i'll move my mobile guixsd installations into a qemu untill i have everything i want
<marusich>Strange. Here's a random thought: perhaps your BIOS cares about whether or not the boot flag is set for the partition on the USB drive. Maybe if you set it with a tool like GNU parted, your BIOS will let you boot from it?
<marusich>I'm not sure if the image has that flag set or not by default.
<ng0>fuse: bad mount point '/.rw-store": No such file or directory
<firt-try-unable->I've downloaded the file again, checked its signature. I'm putting it on my USB drive, then I'll check the boot flag and try a reboot. I let you know whether my problem is solved. Thanks for your help :-)
<ng0>apteryx: if you use weechat, there is a setting which asks you before pasting more than 1 line
<ng0>"do you really want to paste 4000 lines? Y / N"
<apteryx>ng0: I guess I'll have to look into it! Thanks for the suggestion!
<apteryx>Or there might just be an option in irssi I'm not aware of.
<Petter>By the way, Random Agent Spoofer has a setting "Disable canvas support". Checking this made a huge difference with panopticlick. Hash of canvas fingerprint (undetermined) is now 1 in 32.9 browsers.
<apteryx>Petter: Wow, that's great! Canvas fingerprint was the biggest in the list.
<apteryx>What is the use of the canvas? Is it impacting your web-surfing experience so far?
<Petter>No impact so far. My brief web search suggests it's for drawing in the browser.
<first-try-unable>hi back! I've been trying to create a bootable guixsd USB drive but despite of some tries it jsut doesn't show up in the boot menu
<apteryx>It could be just an unamed entry in your boot menu: like 3:
<first-try-unable>I'm currently using USB drive with Ubuntu 16.10. I've tried several USB drives for guixsd, including some I booted Ubuntu with, so in my humble opinion it's not hardware but I'm missing something obvious in the software part.
<suitsmeveryfine>Hi! Earlier today I discovered that I had just 4 MB free space on my root partition. I then ran the garbage collection command which freed ca 10 GiB. Now, for some reason, guile is not to be found and I'm unable to run guix package anything.
<ng0>hm.. this could be related to the grafting bug..?