<jmd>marusich: commit your changes to the guix master? <marusich>rekado, I submitted a patch to make MTP more painless. ***modula is now known as defaultxr
<Apteryx>Hi Guix! Any idea of which package to install to get japanese characters support in IceCat? Am I simply missing some japanese fonts? <Apteryx>Nevermind; covered in the manual at section 6.2.3. ***Piece_Maker is now known as Acou_Bass
***erdic_ is now known as erdic
<jmd>What is the purpose of the System Install docs recommending the use of cow-store ? <jmd>So far as I can see, the only thing which is shared between the installation-os and the installed-os is /etc/config.scm - which is tiny. Cow-store just seems like an added confusion with very little gain. <davexunit>it's needed to deal with stores that are bigger than what can fit in ram disk <jmd>davexunit: But the store is on the target disk isn't it? <davexunit>I mean, yes, but you're missing something important. <jmd>So the stores are shared. I see. <davexunit>which has its own store, and for 'guix system' to do its job it needs to download or build a ton of stuff <jmd>Does that not mean that the installed OS ends up with "a ton of stuff" in its store, that it doesn't need? <davexunit>it does need it, to create the system that will be installed on the target disk <jmd>Right. But after it has been installed, it is no longer required. ***MinceR_ is now known as MinceR
<Shduhfhdjsj>If anyone can, run clamscan over their store and see if clamscan menions something about a ttojan. I'm not sure if it is just me or not, but I feel like someone ahould xhexk <Shduhfhdjsj>Damn webclient a phone. Anyways, it might just be me, but yeah... <jmd>If seems that neither "C" nor "POSIX" are acceptable locales to guix system init. Why this restriction? <jmd>guix system just gives an error. <jmd>"POSIX" is not a valid locale name - or something. <jmd>I didn't make a note of the exact wording. <lfam>Hm, I've never had to set the locale manually at that stage so I haven't experimented <lfam>Seems worth a bug report, at least <lfam>Yes, although I wonder if a zombie chicken is really "alive" or not ;) <ZombieChicken>lfam: If you have icecat installed, and clamAV, please run clamscan over ~/.mozilla/ and /gnu/store/*icecat* <lfam>I saw your message about that. Do we have clamAV in Guix? <ZombieChicken>lfam: I ran into number of cases of a trojan popping up with anything related to Firefox, and since I can't be sure if it's just me, if it's a false positive, or something more serious I think someone else needs to check <ZombieChicken>guix package -A clam doesn't provide anything, so I'll assume no <lfam>In any case, can you reply to your original message about this subject with more detail? Specifically, which command you ran to start clamav, and the full output of the command? <lfam>This is good bug reporting practice :) <lfam>Oh, are you not the reporter? <ZombieChicken>I mentioned it in a very typo-heavy message from a phone a while back <ZombieChicken>if you are refering to something on a mailing list, then no, I didn't <lfam>You're right, sorry for lazily misremembering. I saw it in the IRC log <ZombieChicken>Yeah, it was in IRC a few hours ago. I've been scrubbing my system since <lfam>In general, I'm extremely skeptical of antivirus tools. I'm reluctant to use them on my workstation. I could try the scan on a "throwaway" installation in a few days, when I have access to a second machine <lfam>Did you try doing a web search for the names of the files that clamav described as malicious? <ZombieChicken>lfam: Yeah. Hard to find good info on viruses online imo. What I did see was that it was added to clamAV database yesterday <lfam>They definitely have their place, and I'm ignorant about clamav. I'm certainly not trying to denigrate that project <lfam>sneek: later tell mark_weaver: Are you able to look into this report of malicious files being distributed with Firefox and Icecat? See the preceding lines in the IRC log for some more detail. <ZombieChicken>The virus named was "Win.Trojan.Toa-5370166-0" in my instance, just fyi <ZombieChicken>I just ran a pull and I'm running clamscan over /gnu/ again to see what it sees <lfam>`guix pull` won't update the packages in /gnu/store <lfam>It only updates Guix itself. To update the packages, you'd need to run `guix package -u .` afterwards <ZombieChicken>yeah, but I rm'ed most of the related files that clamscan said were infected, so I'm doing that more for sanity than anything <ZombieChicken>I'm not 100% sure what is and isn't needed by guix, so I'm just operating on the safe side <lfam>You used `rm` on files in /gnu/store? <ZombieChicken>This is a Gentoo box with Guix installed on it, so I knew it wouldn't entirely hose my system <lfam>In general, you should never do write to /gnu/store. I understand wanting to remove a malicious file in an emergency, but it will break your Guix installation. <lfam>Only the guix-daemon can write to /gnu/store <lfam>But your store is still useful for research purposes :) <ZombieChicken>Well yeah. Like I said, gentoo box with Guix installed atop it. Breaking something wasn't a real concern <lfam>Do you have access to email? <lfam>I'm sorry I'm not able to investigate directly right now, but I only have one machine, and I can't trust virtualization tools to contain malicious code <ZombieChicken>I understand. I'm on a network with a known infected Windows box, so the chance of this being just my system is entirely possible <lfam>You might get very fast service on Mozilla's IRC channels, although I've never tried it <ZombieChicken>But I'd rather cause a slight panic and be proven that it's either a false positive or that it's just my machine than let something malicious propigate through a package manager <lfam>If the virus did jump from your Windows box into /gnu/store, I'd be very interested to know how it got into /gnu/store <lfam>I'm using Debian's Firefox, so let me know if there is some file I should be looking for on my machine <ZombieChicken>iirc they were mostly zipped files. I think one was related to uBlock Origin, but the others escape me <lfam>As you saw, the root user can write anywhere. <lfam>If the browser has root privileges, things are bad <lfam>Unfortunately, browsers are so insanely complex that bugs like that will occur <lfam>Beyond this answer, I don't know all the design decisions behind access control and /gnu/store. I'm sure there is discussion in the mailing list archives <ZombieChicken>/gnu/store/.links/18g1immjqx3mqr0d4wsfjp26z7zjqdis0q22bq6imgvk053h7652: Win.Trojan.Toa-5370166-0 FOUND <ZombieChicken>going to doublecheck my firewall in a sec to see if there is some weird rule in there somewhere <lfam>Okay, I'll build icecat from the Guix master branch HEAD and look into it. That file is a hard link to something, btw. Can you check what the "root" of the link is? <ZombieChicken>and clamscan is still going. I'm sure something more useful will pop up in a bit <lfam>It's a hard link. I'll have to do a little reading to learn how to figure out how to proceed <ZombieChicken>Well, we can just wait for the scan to hit the related files <rekado>ZombieChicken: could you give me the sha1sum of that file? <rekado>sha1sum /gnu/store/.links/18g1immjqx3mqr0d4wsfjp26z7zjqdis0q22bq6imgvk053h7652 <rekado>mine is a0798a225f833c5fc495b7d34f842f6895430c05 <lfam>a0798a225f833c5fc495b7d34f842f6895430c05 <rekado>when you do “ls -i” on the file it tells you the inode. <rekado>then you can do find /gnu/store/ -inum 685585 <rekado>this shows me that the name in the store is: /gnu/store/sc9igiq8f2g2dgv7y405mfkra4dilzcb-icecat-45.3.0-gnu1-beta/lib/icecat-45.3.0/browser/extensions/html5-video-everywhere@lejenome.me.xpi <lfam>That's an older version of icecat <rekado>lfam: that’s okay. The file is identical. <jmd>It takes me 20 minutes to build a disk image. How does that compare with others' experience? <lfam>So, what is 'Win.Trojan.Toa-5370166-0'? Is that the name of a file? Or a label given to something by the AV people? <lfam>jmd: It's really I/O intensive, so it's a huge pain for me on spinning rust <lfam>Is it a big disk-image with lots of packages? Is there other I/O happening on a spinning disk? <lfam>I got my 4-core machine to report a load of >30 once when my auto-backups started while doing disk-image or vm-image operations once <lfam>I'm going AFK. Let's continue this investigation later <ng0>new awesome wm version has been release, I try to package this and send it in this night or tomorrow morning <ng0>that's more time than I have now, sorry :) <ZombieChicken>Well, if you remember some other time then. Just wanting to see if anyone else has a matching set of checksums to more clearly see if it's a personal issue or a tree issue <ng0>the shasums are in the guix packages, I haven't read that bug report yet.. can you summarize the problem? <ng0>hydra mirror could be behind? <ZombieChicken>I get the feeling it's a false positive, but I'd rather bring it up and find out it's a false positive than ignore it <ng0>works for me on all systems <ng0>I'll read the bug report now before getting to the awesome update <ng0>I'm very sure those are false positives <ZombieChicken>Well, like I said, I'd rather bring it up than ignore a possible problem <ng0>Maybe someone will comment with more exposure to clam. Last time I used it professionally was at least 6 years ago <ZombieChicken>Yeah. I know it isn't the best AV out there, but unless you want to pay for an enterprise license for a closed-source AV, it's the only option out there <ZombieChicken>Also, ClamAV is owned by Cisco now, incase that is worth anything (which I doubt) <ng0>that's not what I mean.. AV in general is not that good <ng0>parts of the new awesome page are behind gfocf... nice -.- <ng0>well at least the download worked <ng0>great firewall of cloudflare <ng0>or at least "some stupid captcha" for the changelog page <ng0>Awesome 4.0 is the first release of the v4 API level, breaking the proven <ng0>v3.5 API level after 4 years. This requires to port the existing user <ng0>configuration and extensions to the new API. <ng0>but the rest of the changes read good <ng0>do they always use song or album titles for the releases of awesome? up to 3.4 I did not package it myself ***atw` is now known as atw
<ng0>build succeded... last time I tried to configure my system with that it produced strange results though <ng0>that would require testing on the other computer and I don't want to leave the room, and ssh'ing into it would not proof that a graphical application works :D <ZombieChicken>atw: You lost networking because the All Stable Debian borked an upgrade and removed your networking software? <atw>ZombieChicken: admittedly from testing, not stable, but yes. I mean, I only have myself to blame for using testing and not carefully reading the list of changes but still...surprising. <buenouanq>Debian/Systemd byorked me over one too many times. <ZombieChicken>I need to test somethings before I'll install GuixSD on my desktop <ZombieChicken>but I'm fairly sure it will replace Gentoo for me in the fairly near future <buenouanq>That said, we basically own everything to Debian and they used to be pretty great. I used it very happily for many years. <ng0>awesome-4.0 works for me