<baconicsynergy>is there a way to apply a label to a block device/filesystem after it has been made? <baconicsynergy>i labeled my root partition "my-root" but it is no longer there for some strange reason <lfam>baconicsynergy: The `e2label` program can re-label filesystems <lfam>I've never used this program, but btrfs-property looks like the right program for labelling btrfs filesystems <baconicsynergy>btrfs-property isn't available, even after installing via "sudo guix package -i btrfs-progs" <baconicsynergy>welp, i removed sudo to install it as a user package and everything worked? strange <lfam>baconicsynergy: `sudo btrfs foo` doesn't do what you think it does :) In short, you want `sudo --login` <lfam>I recommend always using `sudo --login` when you want to do something as root. If you want to do it as your normal user, but with root privileges, then you can omit the --login argument <baconicsynergy>performing "sudo --login btrfs filesystem label / my-root" doesn't relabel my filesystem <lfam>I would try using the device name instead of the mount point. The man page suggests they can both be used <lfam>Hm, I'm not sure. I don't have any experience labelling this type of FS <baconicsynergy>i'll try booting a parabola live usb and changing it from there :) <baconicsynergy>for future reference, where is the proper place to document these errors for guixsd? <soundtoxin>I want to create a new group called 'storage' and add my user to it. How do I do this? I added it to my supplementary-groups in my config and it said the group wasn't declared. Now when I run 'groups', I am only in users and the new group I made, not the other groups I was in before. <baconicsynergy>so, I loaded a live usb and manually applied the label "my-root" to my root filesystem, and it worked temporarily ***Piece_Maker is now known as Acou_Bass
<tatsumaru>Hey there, decided to give GuixSD, glad to become a productive member of the community. <tatsumaru>Ouch this sentence is so bad... I don't know why it came out so broken. <tatsumaru>I downloaded the qemu image and imported in KVM, but now I am in the bournish shell. How do I start the system from here? <tatsumaru>Right, ignore this, I didn't boot the image properly. <soundtoxin>Anyone else here have a separate / and /home? I gave / ~50GB and it keeps running out of space... This seems ridiculous to me, but maybe I just have the wrong perspective. I had an update fail just now from totally running out of space. I think guixsd should be able to run on a small hard drive if it has to, so I don't think I should be running into issues. <soundtoxin>I think I saw someone say here recently that it caches a bunch of stuff from git or something <soundtoxin>note: currently hard linking saves 18424.78 MiB │ <soundtoxin>I freed just over 3GB doing 'sudo guix gc'. I don't know how to reclaim any more space. <soundtoxin>I'll probably be able to update now, but I hate to think I'll be fighting with this issue again in the future. <catonano>soundtoxin: other distros haven't the store, so yes, the perspective on GuixSD is diffferent <catonano>soundtoxin: my root partition is about 100 Gb and my /home partition is about 130 Gb <soundtoxin>What do you suggest I do? Going by 'df -h', I have a 49G / and a 179G /home. Should I try to combine them? Can I do this without reinstalling? <catonano>soundtoxin: without reinstalling I'm afraid it's not possible <catonano>because, as far as I remember, lvm is not supported <catonano>so you can't resizze the partitions without losing the data <soundtoxin>that leaves me feeling conflicted. I'd feel better combining them, but after the many pains I've had with guixsd, it'd be tempting to try another distro if I'm already doing a fresh install <catonano>soundtoxin: I understand. I have been conflicted sometimes myself <catonano>soundtoxin: you could install Guix the package manager in a foreign distro thougg ! <soundtoxin>That is true... It never seemed as interesting to me to do that, though. I felt the same about nix/nixos. <catonano>soundtoxin: I have it installed in my Fedora desktop, GuixSD is only on the laptop <soundtoxin>There are a dozen or so things I wish were packaged on GuixSD, but I haven't figured out how to do that. I also still haven't figured out how to set up services like ssh and mpd. Lots of little stuff like this adds up to be a bit annoying. <soundtoxin>I know that GuixSD is really cool if I can just get it all figured out, but I don't always feel up to reading the documentation. <davidl>soundtoxin: If you delete previous system-generations I believe the gc command will probably free up more space. <catonano>soundtoxin: all of this stuff is documented in the manual. It takes some patience, though, that's true. It tookk me months <soundtoxin>It's especially annoying that ssh and mpd are some of my issues, because it's harder to be motivated when not listening to music, and if I want to work on it, I have to be physically at the machine since I don't have a working ssh server yet. <soundtoxin>davidl: I'm willing to do that. How do I go about it? <soundtoxin>I think when I used NixOS for a while I was periodically doing that. I never actually took advantage of the old cached stuff, so I just wiped it often. <davidl>soundtoxin: I don't remember 100% so I suggest checking man guix system <davidl>probably something like guix system list-generations <davidl>then delete one of those. Or start emacs and M-x guix-<TAB> to see some options. <davidl>anyone who has an example on how to define the certbot service? I can't figure it out from the manual. <efraim>I think the hosts field should be ((list "example.com" "foobar.com")) but I didn't see an example in the maintenance repo <davidl>efraim: I got it to reconfigure when I left out the hosts field, but then I couldn't find any certificates created anywhere. <snape>davidl: the manual on the web isn't up to date <snape>(I've no idea why by the way, is the web manual updated only every release?) <snape>efraim: I don't think the maintenance repo uses the certbot service <soundtoxin>Wow. My generations go all the way back to December 31st 2017. I can definitely delete most of these. I'm in the middle of updates. Do I have to wait for them to finish to delete some of these, or can I do that at the same time? <snape>davidl: reconfiguring won't create the certificates, you need to run /var/lib/certbot/renew-certificates to create it the first time <snape>or wait for the cron job to do the job (twice a day) <soundtoxin>I don't see how to delete a generation in 'man guix system', just how to rollback. Can anyone point me in the right direction? <efraim>To delete a system generation you have to manually do it with 'rm' <soundtoxin>my current generation is 89 and I want to delete all the older ones <soundtoxin>Do I actually go find a file or directory and remove it? <efraim>'rm /var/guix/profiles/system-1-...' <davidl>snape: thanks, that almost worked. <davidl>snape: yeah xD OpenSSL.SSL.Error <davidl>when I ran /var/lib/certbot/renew-certificates <snape>hmm. Weird, could you share more details? <davidl>yeah. Ill paste it somewhere. 1 min <thomassgn>soundtoxin: for the future, if you had a package and now it fails it's update, you can always run it directly from the store. I sometimes 'cd /gnu/store/' and then 'ls | ag mpv | ag /' (ag (the-silver-searcher)is a just a different kind of grep, use grep if that's what you have) go into the any of the folders you get back and run the binary in bin eg './bin/mpv' It's quite hacky, but it works in a pinch. <thomassgn>I just realized that there would have to be other reasons for it not to have the old program in path/profile... <snape>davidl: I'm not sure why this happens. But two questions: 1. did you run the command as root? 2. was the NGINX service running before you did 'guix system reconfigure'? <thomassgn>haha, trying to build opencv and I get 3519 failed tests... :) <davidl>snape: 1. I just ran it right after guix system reconfigure command which I ran as root. 2. yes. <davidl>snape: running as unprivileged user didn't help though. <davidl>snape: I suspect my config isn't right with regards to webroot path or something. <snape>davidl: you answer to 1. was good, and to 2. was wrong :-) I'll explain <snape>the certbot service depends on the Nginx service, which needs to be changed <snape>so that it can serve Cerbot files <snape>but if it's already running, it won't be updated <snape>it's a security. GuixSD is conservative. It won't try to update services if they are running <snape>so you need to stop the nginx service before doing "guix system reconfigure" <snape>so that it will be updated and restarted <snape>you can check if the nginx service is good by looking at its configuration file (ps auxww | grep nginx, and 'cat' of the configuration file that appears there) <snape>if there is a part dedicated to certbot, then it's probably good, otherwise, you need to update it <davidl>snape: actually, I already checked the nginx.conf file and it had the .acme folder things there. <snape>hm then nevermind what I said :p <davidl>snape: but Ill try again, just did herd stop nginx and reconfigure. <davidl>snape: what permissions should the /srv/http folder have? <snape>davidl: certbot should be able to put files in there <snape>so /srv/http/certbot should at least be 755 I gues <roptat>I'm having some troubles with opensmtpd after a recent system reconfigure :/ <snape>roptat: what kind of trouble? <roptat>I can still get mail and see them via dovecot, but I can't send them <roptat>I always get authentication failed <roptat>although I'm certain the user and password are correct since I use the same credentials with dovecot <snape>so it's the client to server authentication that doesn't work right? <snape>roptat: I use this command to debug opensmtpd: /gnu/store/...-opensmtpd-6.0.3p1/sbin/smtpd -f /gnu/store/...-smtpd.conf -dv -Tlookup <snape>you spawn it instead of using the service, and it's quite verbose <roptat>I tried to authenticate, but I don't see any lookup line in the output <snape>did you try to reboot your server first? <roptat>yes I did reboot it just after reconfigure <roptat>I've used -f /etc/smtpd.conf (since that's the file that's in my configuration) <davidl>snape, roptat: any of you who have a working config for certbot that I can use as reference? <roptat>I don't have a guixsd config for certbot <davidl>snape: that is an amazing config. <roptat>how does auth <passwd> work? does it mean you share the same password with all your users? <roptat>in case you find something wrong <snape>roptat: 'table passwd file:/etc/mail/passwd' refers to a file that could contain something like: <snape>so each user has their own password <roptat>but I don't really need it, right? <snape>well, I'm not an Opensmtpd expert, but I don't know how you would do without it, to authenticate <roptat>the config used to work, so I guess it looks for system users <snape>but I'm sure there are other ways <roptat>oh, it worked with a passwd table! <snape>I find it easier to maintain than real Unix users <nckx>Reconfigure sez: /etc/guix/system.scm:251:3: error: device 'debugfs' not found: No such file or directory — repeated for hugetlbfs and securityfs. Of course I'm about to get on a bus. <amz3>did some pick the org-mode task for haunt or not? <civodul>the FS types are "hugetlbfs" and "debugfs", right? <roptat>civodul: what did you mean by "withhold"? online translations give "refuser", "cacher", "retenir", "différer" so I'm confused <civodul>roptat: i meant: let's put the thing on the TP <civodul>maybe i'm using the wrong term, indeed <roptat>I've sent two patches to make it easier to put them on the TP, can you review them quickly? <nckx>civodul: Thanks for the tip :-) Going offline now, will debug (if necessary) further tonite. <roptat>also the pot files for guix and guix-packages will be updated in the distribution tarball, so I think we need to give the TP a new version number <civodul>roptat: true, so maybe send a single message mentioning all 3 domains <roptat>civodul: 4 domains : guix, guix-packages, guix-doc and guix-contributing-doc <civodul>roptat: BTW, do we really want to have two separate domains for the manual? i'd say "guix-doc" (or "guix-manual"?) is enough <roptat>that's because we have two separate .texi files <roptat>it's not easy to create just one file with po4a <civodul>in the future we could have one file per chapter for instnace <roptat>civodul: then we will need one pot file per chapter :/ <roptat>except if you know how to merge two pot files into one? <civodul>but it'd be better to have a single domain and be free to move text across files <roptat>so we generate one temporarry pot file per chapter, then we merge them all together and we get only one pot file <roptat>which means one po file, and we can move text across files <roptat>although that means we need to keep track of English texi files to generate the pot files correctly <roptat>anyone else has troubles reaching gnu.org on IPv6? <roptat>civodul: I'll do that instead of my two patches then <pacoon>pkill9: Debian/Hurd is a good place to learn <roptat>civodul: msgmerge comments strings that are not present in the first file <pkill9>i need to learn qemu, i've always used virtualbox but it's not in the Guix repos <pkill9>random question, anyone who uses freebsd, how does guixsd compare to freebsd? <snape>roptat: 'dig gnu.org AAAA' doesn't show anything <snape>so it doesn't look like it supports ipv6 <snape>roptat: then it works on my machine <roptat>and running a test on the atlas network: Tests: 110 successful tests (78.6 %), 0 errors (0.0 %), 30 timeouts (21.4 %), average RTT: 100 ms <roptat>so I'm not the only one, but it mostly works <snape>davidl: your log looks like it's not complete (it ends with xxx:) <civodul>roptat: actually, we could just concatenate the two po files no? <snape>davidl: maybe you can log as nginx (sudo -u nginx -s) and try to go to /srv/http/localhost, you should be able to read files there <roptat>civodul: they have a header so cat will not work <roptat>but there's msgcat which does it properly <davidl>snape: I tried sudo -u nginx -s; /var/lib/certbot/renew-certificates ; but not sure that's what you meant. I got [Errno 13] Permission denied: '/var/log/letsencrypt/.certbot.lock' from renewing like that. <roptat>if you download it you will see I have only one pot file named guix-manual.pot, one po file guix-manual.fr.po. it still creates as many texi files in French than in English <roptat>do you agree with the version string, or do we ask Benno to keep 0.14.0? <efraim>what's the nss package we have to install for guix on foreign distros? <efraim>the one that has to do with nss compat <civodul>roptat: awesome! you can send it, yes <civodul>the version string is fine (it doesn't matter anyway) <civodul>maybe "0.15.0tp" would be more appropriate now that i think about it :-) <civodul>because it represents what will go into 0.15.0, roughly <snape>davidl: no, I wanted you to try to go to the nginx directory (/srv/http/localhost if I understand well your log file) to see if you have the right permissions <snape>it looks like a permissions issue <davidl>snape: whoami shows nginx, and echo str > /srv/http/localhost/file shows permission denied. <davidl>snape: nginx user can read the contents. <davidl>snape: i.e. can cd to the directory and cat contents. <snape>davidl: with that nginx user, can you go to /etc/letsencrypt? <snape>I'm not sure about what I say. I don't actually undersand why it would need access to /etc/letsencrypt anyway <snape>davidl: could you paste, somewhere, the content of /var/lib/certbot/renew-certificates and the one of your nginx configuration file? <snape>That would help understanding what's going on <grafoo>is there a way to use musl libc in an environment? <grafoo>e.g. `guix environment --pure musl` pulls in glibc files <civodul>grafoo: currently you have to fiddle with various things to do this <civodul>because the gcc package is strongly tied with glibc <grafoo>civodul: would it be sufficient to use a spec file like musl-gcc does? <civodul>our 'gcc' package works by modifying the default spec file