IRC channel logs
2022-11-15.log
back to list of logs
<nckx>What was your excuse, and why's it gone? <oriansj>well it wasn't my excuse so much as it was civodul's to why there was no guix build server signing key. Was the point of the signing key was more secure if only he could sign the releases but everyone should be able to reproduce his builds. <oriansj>aka the root of trust for Guix would be based on a single person who would do an offline key and take care when doing the signing of tarballs. <oriansj>but if now multiple people could be doing the signing, that no longer applies. <nckx>Best not to confuse this topic with build servers, which are irrelevant here. Let's leave them aside. <oriansj>nckx: as the number of parties that you need to increase grows; so does the odds of breach <oriansj>once you exceed 1 point of trust, multi-signatures for releases would then allow people to decide who they wish to trust <oriansj>rather than having to all to agree to trust the same group of people (which is a much bigger problem than agreeing to trust a single individual) <nckx>Well??? At least you're no longer arguing for a shared signing key passed around like a used crack pipe. <nckx>So, each release signed by all previous release managers (currently Ludo & Maxim)? <oriansj>nckx: or anyone who wishes to sign the release tarball <oriansj>that way people who trust nckx; can check to see if nckx signed the latest tarball to see if it is trusted. <nckx>I don't see anything preventing that. <nckx>I mean, no need for Guix to do that. <oriansj>why not? make it easy and more people will do it <nckx>�ACTION ??? ????????, have a good unpleasantly-bright-light-orb rotation period!� <nckx>cbaines, unmatched-paren: I just received a ???Delays in mail delivery by gnu.org mailing lists??? report that itself was sent 9h 40m ago :) <minima>does "./pre-inst-env" (as in "./pre-inst-env guix build hello") give any degree of isolation? e.g. should i build something that tries to access my filesystem? <podiki[m]>apteryx nckx: confirming on guix system: icecat with resistfingerprinting has wrong tz, without shows correctly, but I do have TZ set <oriansj>abhicherath[m]: and regular linux kernels boot? <abhicherath[m]>sends back JSON with `{ "error" : "Could not find the request build product."}` <lechner>Hi, are environment variables a good way to get package inputs in a Makefile when pkg-config is not available? <yasht>Does anyone know how to make Qt apps detect the breeze qt style? <abhicherath[m]>hmm for whatever reason guix is failing to configure ethernet with the guided install <abhicherath[m]>is there anyway to resume the guided install after setting up network? <abhicherath[m]>is there any good guide for figuring out UEFI? I'm a little confused as to what I have to mount <brendyn>abhicherath[m], i think you need a small fat32 filesystem and mount it to /boot/efi <brendyn>then you mount that in the guix os config with (device (uuid "..." 'fat32)) <ennoausberlin>Hi guix. Is it possible to resize the root partition of an sd card with guix on it? Do I have to run system reconfigure afterwards? <fps>ennoausberlin: should not be necessary. make a backup first ;) <ennoausberlin>fps: I'll give it a try. Resizing just the filesystem is working. I do this all the time, but as I tried it with a partition, the card was not bootable afterwards. But that might be caused by something else, then <nashdidan[m]>Hi there. I???m currently having a problem logging in with one of my accounts into gnome via gdm. The greeter throws me back out on one account, while with another account there???s no problem at all. Where should I look? <ennoausberlin>nashdidan[m]: You could try to remove the relevant dirs from /home/username/.cache <nashdidan[m]><ennoausberlin> "nashdidan: You could try to..." <- Thanks. .cache/gdm seems to only have log files??? how don???t see any actual problems reported there. <rekado>apteryx: the root user???s maintenenance checkout on berlin has unpushed commits. Will these be pushed to the repo later? <rekado>apteryx: never mind, I rebased the checkout and it???s all up-to-date <ennoausberlin>nashdidan[m]: Also have a look at .local/share/gnome-shell/ There might be problematic things inside <ennoausberlin>nashdidan[m]: I had this problem once, but don't know how I fixed it finally. It was .cache or .config related. shell extensions maybe <sneek>Welcome back civodul, you have 1 message! <sneek>civodul, rekado says: no idea what???s up with the two other aarch64 nodes; I???m still sick but I hope I can visit the data centre some time later this week. <minima>mekeor[m] thanks for the tip re qmk via docker - i'll keep that in mind! <nckx>minima: Nope, no difference in isolation, or really operation. It still talks to a running build daemon (and will fail without one). ???Host??? code will be able to access local files just like regular guix would let it. <nckx>cbaines, unmatched-paren: ???Mailman was broken and is now fixed.??? <cbaines>I noticed this morning that the emails from yesterday have arrived <minima>hey, thanks for confirming that nckx <rekado>apteryx: I???m going to reconfigure 129 with the multipath changes <rekado>apteryx: I just noticed that 129 is already connected to the SAN <rekado>so we should be able to test at least some parts of this multipath thing <rekado>apteryx: I don???t seem to have permission to deploy or even SSH to node 129 <Zelphir>Hi! Did anyone set up Guix package manager on Raspberry OS? I tried 2 days ago, but then I ran into a problem with zlib and could not do any guix pull. *tries to find the error message* <Zelphir>The error was: "error inflating zlib stream". <Zelphir>And according to what I found, it should be fixed in libgit2 or something. <Zelphir>But what can I do for the Guix package manager installed on the RPi? Any fix? <Zelphir>(Perhaps I need to build guix package manager myself on the RPi, instead of using the installer script? That one ran without error though.) <jonsger>I think we have a property or something similar for a package to not get substituted/no substitutes built. How was that called? <Zelphir>Do you mean the --no-substitutes command line argument? <cbaines>jonsger, seems to be #:substitutable? in the package arguments <rekado>pankow was completely blank on the serial interface <rekado>grunewald just slowly printed garbage <ennoausberlin>Zelphir: I use Debian on the PI and guix as package manager. It works fine there. Of course many packages are not available as substitues (aarch64) and many fail during local compilation. I also booted an customized image from pantherx and it worked but needed more finetuning. So I went back to Debian <Zelphir>Was about to say: "nice Berlin references" :D <pkill9>ennoausberlin: which kinda packages don't build on aarch64? <ennoausberlin>sbcl has often difficulties. racket does not support aarch64. rust was not working for a long time (does now). For almost every python package you have to disable tests. I would like to support the aarch64 branch more, but good arm hardware is expensive and my Pinebook Pros or the pi just dont have enough power as build machine. <cbaines>ennoausberlin, substitute availability for aarch64 should be good <rekado>pankow has problems retrieving the kernel, and the previous generation fails to boot <ennoausberlin>cbaines: Maybe my packages in need differ. I now often check by guix weather before updating, because local builds in my machines make them unusable for a long time. One day I will set up my own substitute server (mostly for learning purposes) <rekado>my-root: ********** WAR[ 23.931379] sda: detected capacity change from 976773168 to 0 <rekado>on grunewald I can???t ping 10.0.0.1, but I *can* ping the same server through its local IP address <Zelphir>ennoausberlin: Hm OK. I was happy to read, that guix works on the RPi at all and thought: "Hey, I can have a great tool for installing stuff on it!" -- Well, I guess I have to go traditional ways to install things^^' <ennoausberlin>Zelphir: I guess, that you somehow build a cross compile workflow, but I am not experienced enough to do that. <cbaines>oriansj, if you try building that again, do you get the same error? <rekado>oriansj: which derivation is this? <rekado>I???m building /gnu/store/8lr365k3d4yjf45y03cwyi8fyh392qz2-bash-mesboot0-2.05b.drv on ci.guix.gnu.org right now, and I can get past the configure stage <rekado>that derivation built successfully on ci.guix.gnu.org <rekado>I???ll take pankow home for more diagnostic work <rekado>oriansj: I successfully built this derivation again on ci.guix.gnu.org. <rekado>building it on a different server without Guix System <civodul>rekado: what does "herd status wireguard-wg0" say? <rekado>on kreuzberg: endpoint: 141.80.167.131 <rekado>on grunewald: endpoint: 141.80.181.40 <rekado>it should use the local IP, not the public one <rekado>oriansj: I also successfully built this derivation on a different x86_64 server running RHEL <civodul>there's an entry for ci.guix.gnu.org in honeycomb.scm <rekado>grunewald is now building stuff again <rekado>I???ll pop in a spare SSD at home and see what happens <mirai>I'm worried that (define-maybe string (prefix foo-)) might mess up existing service definitions that have different serialization procedures <apteryx>rekado: you should have already had access to node 129; it's basically a (customized) build-machine per build-machines.scm, for which you are registered as sysadmin <nckx>sneek: later tell mothacehe: For symmetry, I've added you (with same password) to guix-ppc64le.sjd.se and verified that you're able to sudo. <mekeor[m]>sharlatan: i am trying to use geiser in emacs, yes <apteryx>should our linux-libre package ship a 12 MiB .info.gz info manual in its output? otherwise if I put everything in a doc output along HTML, it weighs 200 MiB. <apteryx>the kernel documentation as an info manual <civodul>i mean, when did Linux start having documentation? :-) <apteryx>it's authored in Sphinx, which can target texinfo <civodul>oh that's the files under Documentation/ that were "translated" to .rst i guess? <civodul>i think it's be useful to have as Info <civodul>(not HTML, i think the convention is to provide HTML if and only if it's the only option) <apteryx>I like to have HTML in "doc" output, when it's the main doc of the project <apteryx>civodul: I'll send the patch shortly, If I manage to submit my trivial patch adding infodocs target upstream <apteryx>and I'll include the .info.gz in the main output, it's easy to do <apteryx>at least now I can read the contributing process doc conveniently offline ;-) <civodul>i keep a Linux checkout around but the Documentation/ directory rarely answers my questions <apteryx>hmm, actually I'll leave the info in "doc" because otherwise I need to inconditionnaly add python-sphinx and friends as native-inputs <apteryx>'graphviz, python, python-sphinx, texinfo & which' are the required dependencies to generate info doc, I think <apteryx>anyway, I guess we can discuss it on the review tracker <mekeor[m]>hello. i use emacs with geiser and corfu.el to edit a system.scm. it offers completion-suggestions based on some default guile modules, i guess. but it does not offer them based on the guix modules. e.g. it does not suggest "operating-system" when i complete "(ope". is that normal? do i expect too much from geiser? <gnucode>mekeor[m]: if you get something like that to work, please let me know. :) <gnucode>I think company mode for me is completing words that are already present in the buffer, which is nice, but I don't think it would complete works not in the buffer... <mekeor[m]>corfu can use multiple completion functions. it already attempts to complete "words that are already present in the buffer" for me, too, namely via dabbrev. also it offers completions based on quite some guile modules. but it does not offer variable-identifiers from guix-code... <gnucode>mekeor[m]: have you compiled guix source code yourself and pointed geiser at it? <gnucode>mekeor[m]: probably. I think geiser works best, when you point it at the guix source code.... <gnucode>mekeor[m]: (add-hook 'geiser-repl-mode-hook 'visual-line-mode) <gnucode>those are the other things that I have added to my config...I also got tired of maintaining my config, so I just set up doom emacs. :) <gnucode>mekeor[m]: I don't think that you need to compile the source code, but it might help. :) <gnucode>it's pretty easy to do. clone the guix source code. <gnucode>also I use doom emacs. It's the best config I've been able to find. <pkill9>does anyone know of a parser for .desktop files? <pkill9>i know there's make-desktop-entry-file in guix/utils <pkill9>it's probably not difficult to make, it's just separating them into the [headings] <pkill9>everythingelse is just string-split with the = sign <pkill9>patching .desktop files for wrappers <pkill9>also for adding custom desktop actions <pkill9>I actually can't entirely remember other than that <pkill9>the first usecase sounds like I could just patch the Exec= lines, but <pkill9>I swear there was a reason I wanted to parse the .desktop files, other than adding desktop file actions <rekado>pkill9: this file format is TOML, isn???t it? <pkill9>TOML looks like init format with data structures <pkill9>hmm I suppose my main reason for doing so I could indeed just patch the Exec= lines <apteryx>should we alias our 'cp' to 'cp --reflink=auto' on Guix System? <pkill9>heh, I already even patch them anyway <apteryx>that way, a copy doesn't take more space when done atop Btrfs. On non-btrfs, cp --reflink=auto proceeds as usual (a full copy). <nckx>apteryx: Does Guix System ship default aliases like that? <nckx>I don't think it does, and I think that's good. In this case, it definintely shouldn't. Having different behaviour depending on a matrix of Guix age + coreutils age (+ possibly installation age, if this is done through skeletons) is beyond confusing. <nckx>Especially just for a few weeks. <nckx>(Me being optimistic about c-u there, but I can't see it taking longer ????) <gnucode>nckx: just got your gpg email. :) hahaha. <nckx>Didn't you [used to] go by ???jab??? here? <nckx>gnucode: As for your objection (my condelences :) ??? a failing file system and/or drive is just as likely as losing your key, so keeping it unencrypted isn't ???safer???. Keep back-ups. <nckx>�ACTION would have said ???far more likely???, but you do you.� <abhicherath[m]>hello! I'm not able to use my fido key with guix system (I added pcsd to my os config already), what could be the possible causes? and is there a better way to debug than running ssh-keygen -t ed25519-sk <gnucode>nckx: I go back and forth. at home I am gnucode. At work, I use a web client. there I am usually jab. i should probably try to be more consistent. :) <gnucode>nckx: would you put your .authinfo.gpg in a git repo? or no? <podiki[m]>abhicherath: you may need udev rules, perhaps from the libfido2 package <podiki[m]>a properly (appropriate key length) encrypted file should be fine publicly, but personally I don't <podiki[m]>e.g. passwords stored with pass I keep locally/backed up between machines <nckx>gnucode: I, personally, would not, for entirely feeling-based non-reasons. Like podiki[m] said, rationally, if you did everything correctly, there is no reason not to. <podiki[m]>gnucode: just my opinion as a non-expert though <podiki[m]>abhicherath: I don't think so, perhaps it should be though... <gnucode>podiki[m] if you are trying to be secure, you might as well go all the way. :) <nckx>I guess there being an ???if??? in that sentence at all is one reason not to. <podiki[m]>gnucode: right, all this is about figuring what your risk tolerance/threat model is. or convenience and what you like playing around with <mirai>starting from #:environment-variables, if I put in explicitly (list "VAR=VAL") it works <mirai>but with the ungexp procedure it just "hangs" shepherd <mirai>am I unquoting at the wrong place? <nckx>abhicherath[m]: That installs them to the store, but that's strictly separate from adding them to your OS configuration. <nckx>You'd use udev-rules-service for that. <podiki[m]>e.g. something like (udev-rules-service 'fido2-rules libfido2) may need to have a group too <podiki[m]>I've used (udev-rules-service 'u2f libu2f-host #:groups '("plugdev")) but need to update to the libfido2 package instead <nckx>Hmm, the manual's ???sudo herd rules udev??? suggestion doesn't actually work. <podiki[m]>a reconfigure should use the new rules automatically at least, without reboot I believe (was fixed somewhat recently) <podiki[m]>yes, I think I saw that bug and forgot to formally report it outside of here <abhicherath[m]>so I append this (udev-rules-service 'fido2-rules libfido2) to my services list in operating-system? <podiki[m]>yup! again, not sure if you need the #:groups '("plugdev") in there or not <podiki[m]>and also, guessing that is what you need....seems like a fair idea though <abhicherath[m]>hmm libfido2 is unbound, but its in the security-token service module right? can I refer to it using something like security-token->libfido2 <unmatched-paren>abhicherath[m]: nope, you use #:use-module (gnu packages security-token) <unmatched-paren>or (use-modules (gnu packages security-token)) if you aren't in a module file <podiki[m]>right, you need the module that defines that package, as unmatched-paren wrote <podiki[m]>often guix will suggest the missing module (at least when trying to build a package, not sure for system config, but check the output) <abhicherath[m]>o would i have to put "plugdev" into my users supplemental groups too? <abhicherath[m]>how come this works without me putting "plugdev" into my users groups? <podiki[m]>yes I realized I'm not in plugdev group either, but I forget what that was needed (at least in u2fhost, haven't switched to libfido2) <podiki[m]>might be worth a bug report to say libfido2 udev should be part of the pscd service, though not sure if that is expected (always needed?) or not <abhicherath[m]><abhicherath[m]> "`sudo herd rules udev`" <- Also is this supposed to work? I might try and work on it <unmatched-paren>i have 50 commits now, so i'm going to try to apply for commit access. is there anyone who could vouch for me? :) <nckx>You seem vaguely trustworthy. Sure. <podiki[m]>abhicherath: I believe it must have worked before, so maybe seeing changes to that service code in the past year or so? <podiki[m]>unmatched-paren is only half an sexp, the chaos! <podiki[m]>unmatched-paren: you've been very active, I was expecting to see you join the guix collective soon (I'm also in the process) <podiki[m]>you need an alter ego "leftover-paren" or something <tricon>unmatched-paren: your alter ego should be: syntax-error <cehteh>one should make some esoteric programming language where strings are quoted like (this( <cehteh>nah, that would be almost consistent <nckx>podiki[m]: Thanks for debugging the Firefox/RDD mess. Adapting the IceCat phase has fixed my inability to play most video at all (not just accelerate it). <podiki[m]>nckx: oh nice! though I'm not sure why vaapi doesn't want to show up for me in icecat, I've left that for the backburner <nckx>I haven't even checked if vaapi works, I'm so hap. <nckx>I used (before this change) to add libva to LD_LIBRARY_PATH, so that's a bit weird. <podiki[m]>though I could start using more "free" heat from increased cpu usage these days, i suppose I can just go and compile a browser for that <nckx>But then FF churns so hard old fixes often no longer fix. <podiki[m]>the firefox I use does have libva in LD_LIBRARY_PATH; the sandboxing stuff is relatively new though; icecat does not have libva in LD_LIBRARY_PATH it seems? <nckx>I have too many tabs open to test right now. <lechner>Hi, what's a good way to test speeds to ci.guix.gnu.org, please? my isp told me they might look into peering issues. I think I'm getting about three times the speed from Comcast than from a small local provider. <nckx>Otherwise, I guess ???mtr??? is the classic first step ???? <acrow>Is there any programmatic way to distinguish between core and non-core packages? <oriansj>acrow: possibly all of the packages that are in the dependency chain for guix? <nckx>So they are all context-specific and come with caveats. <nckx>So just decide what you consider a ???core package???, and test for that property. <acrow>The distinction is referenced in the manual but I didn't see any concrete definition. <lechner>nckx / thanks! much better than using traceroute and ping separately <nckx>acrow: That's the former. <lechner>Hi, is there a way to disable the internal pager on Guix commands like 'package --search', for use with Eshell? <nckx>For Guix only: GUIX_PAGER= (from memory, but I think that's right). <unmatched-paren>nckx: should i post my vouch request on help-guix, as it's probably going to get buried here? <nckx>unmatched-paren: guix-devel@ seems more appropriate, but might instill the same fear? <nckx>If that would happen, try again, or approach individual contributors. <podiki[m]>unmatched-paren: speaking only for what I just did, I emailed people directly that I know from here and package reviews/pushes <podiki[m]>I think that would be better to discuss directly with people that know your work <unmatched-paren>podiki[m]: i was worried that would seem a little too desperate, but if you did it, okay :) <nckx>And this is purely my own opinion: I'd try non-maintainers first. <nckx>unmatched-paren: No, it's normal. <lechner>unmatched-paren / also, i would be happy to write that email on your behalf. it's nicer to be nominated by someone else, i think <podiki[m]>I looked through the committer list and git log for my patches, though I roughly knew from who I usually interact with here <nckx>I can't well articulate why, but it feels a bit cleaner if those vouching & those reviewing the application are not entirely the same set. <podiki[m]>yeah, otherwise they are writing to themselves sort of <nckx>It's not a rule though, not even unwritten, just my own preference. Do what you like! <lechner>unmatched-paren / yes! i will sing your praises. any exaggerations are mine, not yours <podiki[m]>perhaps we should have a rule/suggestion that at least some of the vouchers should come from non-maintainers, I think that keeps up a better appearance of the process now that you mention it <nckx>Anyway, what I said to podiki[m] once applies here too: in the extremely unlikely event that you can't find 3 other vouchers, I'd still be happy to. <nckx>I think we've outgrown that though. Plenty of committers to choose from now. <nckx>podiki[m]: Yeah??? probably. <yasht>How does Guix handle Qt Styles? <yasht>I've been trying to package Kvantum but none of the Qt applications seem to be detecting it <yasht>I've also noticed this with the Breeze style which is already packaged in the repos. <pkill9>im guessing you gotta dk it manually cos there is no kde desktopenvironment <pkill9>tho there is some old qt environments i think <yasht>If I use the LXQt desktop environment, I can select the Breeze theme there but it only works for LXQt applications <yasht>Not for any other Qt application, KDE or otherwise <yasht>All Qt applications can only seem to detect 2 Qt Styles - Windows & Fusion <mirai>can I get an interactive shell within a failing test to debug it? <rekado>lechner: from a random AWS instance in Frankfurt I???m getting between 50 and 90MB/s <rekado>oriansj: I also can???t reproduce this. Ran ???guix build --check /gnu/store/hifim0h1p7nw81mg6rl00g9q0m6vr0qw-bzip2-mesboot-1.0.8.drv??? on my x86_64 laptop and it built to completion. <florhizome[m]>yasht pkill9 I once installed lxqt and also tried to get Kvantum and qt5ct, it seems that qtplugins are not found. Same for qtwayland. I tried adding search paths to those packages, which helped, but idk if it???s the right way. <lechner>rekado / how did you measure, please? <apteryx>nckx: re 'cp --reflink=auto', my reasoning is that why would someone not want to not use it on CoW file systems? From the user's point of view, the behavior is unchanged: the file is copied. It's just implemented in a way more efficient way when available, and if not, no big deal. <apteryx>we could check what opensuse does (they use btrfs by default, I think) <nckx>I would not call it more efficient. <lechner>nckx / rekado / with the "big file" test above, i am getting 700kB with an ETA of over 20 minutes <nckx>The cost is just deferred. <nckx>I really don't understand why this is so vital to backport. <yasht>florhizome[m] I guess I'll check out how NixOS does it, where Qt Styles seem to work fine. <nckx>apteryx: Do we have distro aliases for anything else? (I really don't know.) <nckx>apteryx: What worries me more about this is the implication that c-u won't be merged soon. <podiki[m]>recent commits just now added new rust versions, but doesn't look like the CI is building them? <mirai>any way to extract logs from a test suite before it unsuccessfully terminates? <nckx>podiki[m]: I don't see any new public packages. <nckx>Maybe they are not used (yet). <mirai>shepherd now launches the service without problems but I suspect its exiting soon after launch <nckx>If they're not exported and not used? No. <gnucode>nckx: I figured out how to set my nickname @ work! #consistency! <nckx>The mind of superior hobgoblins. <mirai>nckx: -K? how do you use it with 'make check-system TESTS=mytest' <nckx>I don't. I didn't know you were talking about Guix system tests :) <nckx>Phew. In practice? I add some ???dump logs/poke around/test some assumption??? code to the test's bash script and run it again??? <mirai>my bad, should have clarified it <nckx>I have, but on a special magical computer that deprecates setuid-programs. <nckx>lechner: Does sudo not work? <mirai>the guix system tests unfortunately also hide stdout so there's almost no way to extract any useful info from it <nckx>Hmm. No, I don't think they do. Not in my experience anyway. <gnucode>mirai: if you ever figure out how to to 'make check-system TEST=mytest' let me know <lechner>nckx / alas, sudo does not work because of my encrypted FUSE home <nckx>I guess, copy mtr to /tmp/ or whatever, run it there???? <lechner>nckx / wow, i never realized that 'ping' is setuid root <lechner>nckx / please say that again in different words <nckx>Your new (to me) ???nick / message??? format is unlike one I've ever seen. <lechner>nckx / yes, i went all in with Emacs and this is circe. I changed the completion-suffix to accommodate more than one recipient more easily. Some folks use commas, but that conflicted with my style of saying Hi. Upon reflection, I also find the colon to forward for me, as it prompts the recipient. I am now experimenting with the slash. <rekado>lechner: from where are you trying to download? <lechner>sorry, i'm being facetious. Fremont, Calif. <apteryx>nckx: I haven't check what we have/can do, I'm just making a suggestion for now :-) <apteryx>if we had something it'd go to the ~/.bashrc skeleton we provide on Guix System installs, I guess <apteryx>I think that's how it's handled on traditional distributions such as Debian <nckx>Then I'm back to my ???weird matrix??? (or whatever) comment above. That obsolete alias will then live forever for users who installed this month, will be missing for others, ??? it just sounds very messy & confusing for me. <nckx>The opposite of deterministic. <nckx>Even if it technically is, and yes, it's a flaw in having skeletons at all, not in adding an alias to one. <nckx>But this alias is so short lived and such a niche setting that it deserves extra scrutiny IMO. <apteryx>the way we navigate the mess is document our useful default skeleton template <nckx>A more Guixy way would be to create a coreutils-next package that's installed into the system profile by default. <lechner>rekado / the speed on the big file actually went up to 7 MB/sec after a few minutes before settling at around 4 MB/sec. my issue are the many small downloads on pull/reconfigure/deploy <apteryx>nckx: ah, I just got your point; such default is configurable at build time for coreutils? <nckx>You're backporting coreutils 9.x behavirour to our 8.x. <nckx>How did anything I said make any sense without that context. <apteryx>I see. Then we can put the issue at rest and let time do its magic <apteryx>not sure, but I'm a terrible listener so I'm used to patch in half the context from /dev/random <nckx>And probably not the same half I added, so there's the problem. <apteryx>:-) apologies if all that was clearly written out above and I missed it <nckx>I doubt I've ever clearly written anything. <nckx>It is not one of my several strengths. <apteryx>�ACTION has seen very well articulated texts from nckx� <nckx>Please continue to report such likely forgeries. <nckx>�ACTION PM'd you about something rather more serious.� <ss2>gnucode: hello, can I ask you about an libGLESv2 issue you had quite a while ago? How did you solve it then? <ss2>I've got a system, where certain gnome applications will fail to start, and I just can't find out why I can't solve it. <gnucode>ss2: I think you are referring to gnome-calendar, which stopped working for me. <gnucode>my solution was to stop using gnome-calendar. :) <ss2>gnome-calendar fails for a different reason. Have you tried launching gnome-text-editor? <gnucode>ss2: I have not tried. And I am at work now and can't. (don't have access to guix at the moment). remind me earlier in the day and I'll check for you. <ss2>okay, will ask earlier tomorrow then. <ss2>This issue is really odd. I've only managed to replicate this on a similar laptop (they have similar profiles), but not in a VM (using said similar profile). My workstation hasn't got this problem either.. <gnucode>hmmm. is the vm using X? and the real system using wayland? <ss2>Wayland is enabled in GDM. Have tested both in X and wayland. Will disable wayland and see. <ss2>Wayland is enabled in the VM too. <gnucode>ss2: how do you enable wayland in the vm? are you using guix system vm? <ss2>okay, that solved it actually. Starting gnome with xorg is fine. <ss2>though the mouse isn't usable there. Just tested it again: Gnome with wayland in the VM doesn't present itself with this problem. <tricon>ss2: what are your user's groups? <euandreh>I just installed guix on a fresh server, and I'm impressed on how far the GUI installer has come <euandreh>the partitioning step is particularly well don <ss2>tricon: users kvm cdrom lp netdev audio video input dialout wheel sambashare wireshark <ss2>though it also happens with a vanilla user that is only a member of groups. <gnucode>ss2: I had the issue with the mouse being un-useable on gnome wayland. that's why I switched to sway. No such problems anymore. <ss2>while virtualising wayland? very true. I've only been testing it there. <Kolev>Guix doesn't sandbox like Flatpak, does it? My music player shouldn't have access to my SSH keys. <ss2>So it could also be that the graphics driver is too old for certain wayland applications to launch? <ss2>I just pulled my workstation to the newest checkout. This problem still isn't showing up there. <minima>Kolev: i don't think things get sandboxed by default but some level of isolation can be achieved by a small number of very useful commands and options such as "guix shell --container" - at least this is my understanding <Kolev>minima: Good to know! Sadly this isn't something I could use at work. I'll stick with industry standard tools on my main machine. <minima>Kolev: sure - but if i may suggest, you can try and ask here in the channel if you have specific scenarios in mind, guixers more knowledgeable than me may be able to indicate solutions <ss2>gnucode: thanks for the hint. I've found more error reports with wayland now. <unmatched-paren>hmm, do i need to make a savannah account before i can become a committer? seems like i missed that part when i skimmed "Commit Access" :) <lilyp>unmatched-paren: yes, you do <lilyp>you also need a gpg key to sign your commits with and all that stuff <unmatched-paren>I just created an account. (That was... surprisingly easy :)) I do have a GPG key already. <char[m]>Hello Guix! Does anyone know why sbcl-package->cl-source-package strips out package-arguments like #:asd-systems? <lilyp>then you only need to upload your keys (gpg & ssh) to savannah and you ought to be good to go from that perspective <Kolev>minima: I'm in the habit of Fedora Silverblue workflow, where every program and service is containerized. <fps>oops, wrong channel. sorry <pkill9>Kolev: ive been slowly developing a wrapper that runs guix packages sandboxed <pkill9>it uses bubblewrap, using the bwrap command <pkill9>Kolev: what does fedora silverblue use for contaonerising programs? <Kolev>pkill9: Flatpak (Bubblewrap) and Podman. <pkill9>sometimes i think it would be worth using fedora as I would assume they have polished sandboxing <Kolev>pkill9: I use Fedora with linux-libre and no third party repos. <pkill9>but my wrapper works well enough, and i think i would miss the ability to configure the system the way i do with giix syste. <Kolev>Ironically, paradoxically, i like both Guix and Silverblue. <Kolev>Containers are fun. I can get Ubuntu for apps that need it. <Kolev>My IRC client/service, The Lounge, is Ubuntu only, so it has to be run in a container. <pkill9>i feel like losing the benefits of guix by switching to fedora would have me lose out on some adaptability <Kolev>I should try to reproduce my setup on guix <Kolev>pkill9: Guix's OnionShare doesn't work for me. <rekado>re music player having access to SSH keys: SELinux! <Kolev>rekado: Guix causes SELinux issues on foreign distros BTW. <nckx>Aside from Guix System SELinux support not being a thing yet, cross-distro SELinux is not, AFAIK, a thing at all. <rekado>I think you???ve got object and subject confused <rekado>it???s not Guix causing the issues??? :) <apteryx>�ACTION already made use of 'guix shell --symlink=/usr/bin/perl=bin/perl' as a limited version of '--emulate-fhs'� <podiki[m]>nice, definitely have wanted easy symlink support before <podiki[m]>pkill9: what does your wrapper do that guix container can't or isn't easy? <pkill9>not sure, my original reason was thatit'sfaster to load, and has more development on it as a security aolution, therefore can be trsuted more to keep your data safe <pkill9>looks likethe only one guix doesnt have is--new-session <podiki[m]>a nice script for a "set up the usual desktop stuff so an application will work, but not sharing home and so on" around guix container would be handy <minima>what's the recommendation when it comes to packaging and git tags? there's this project that i'm looking at which is packaged already but the latest tag dates back to 2016, the project has moved on since then although no further tag has been released <minima>the project is microscheme by the way <pkill9>basically theres a serious privilage escalation security hole where the programs running inside the container cna inject characters into the controlling terminal to break out of the sandbox <pkill9>theres also a discission on github <podiki[m]>minima: I don't know of a recommendation, but there are some packages that use a more recent commit for that reason, if I remember <podiki[m]>maybe search for "last release" or something in guix code <minima>podiki[m]: oh wonderful, therefore if i updated microscheme out of the current master (or a recent-ish commit), that might be kept in consideration... the alternative was to try and contact the upstream author/maintainer <podiki[m]>minima: yeah, you can make a patch for a recent commit (with a comment about why) and also see if a new tag/release will be made by upstream <podiki[m]>looked like "last release" will find some comments in gnu/packages/*.scm to look at <minima>super, thanks podiki[m] - i'll first try a gentle nudge to the upstream author <lechner>Hi, is there a way to get 'guix shell' going inside Emacs, so I end up in an Eshell? <podiki[m]>not sure what you mean? if you are in an eshell, running a "guix shell" command should be okay?