IRC channel logs
2025-01-24.log
back to list of logs
<Guest93>Hello, just installed guix but “guix pull” returns error about savannah. I tried from browser and savannah looks working. Any idea? <coyotes4ys>i was burning the boot usb and it hanged at 21%, then i tapped on deeping boot maker's icon a few times and SKYPE opened up?? <Kolev>coyotes4ys, go to #guix and they can help you. <Kolev>Oh wait, we're in #guix. Sorry, everyone. <vagrantc>does guix do anything special to make python .pyc files reproducible? <vagrantc>e.g. they typically have timestamps embedded in them <vagrantc>oh, looks like I found it in guix/build/python-build-system.scm <meatus>what's the proper etiquette for if my patch hasn't been looked at for like, five weeks? <meatus>and if I have a new version after so long, should I just send it as a new patch series <Guest11>complete error is when I guix pull: "guix pull: error: Git error: failed to connect to git.savannah.gnu.org: Network is unreachable" <coyotes4ys>kolev or someone else hi, is there a guix live bootable environment i can try? this usb from the website doesn't seem to have it <coyotes4ys>hi, new to guix, kolev recommended it. i have used crunchbang and crunchbang++ with openbox before <coyotes4ys>is there a way to try guix without installing it? <coyotes4ys>is there a good video of the guix system showing deskttop and the performance of some ops <mange>You could try the QEMU image in a VM. <coyotes4ys>i hear you mange but i don't have a vm set up and maybe have never used one <mange>That uses qemu-system-x86_64. <mange>I don't actually know how you would get it going through virtualbox or whatever else. I don't think I've ever used the VM image. <mange>I've used "guix system vm" to make images, but that just writes a script to launch qemu for me, so I don't think about the details. <coyotes4ys>i am going to try trisquel again b4 delving here <coyotes4ys>godwilling i will do that and get a better boot than last time <coyotes4ys>i am definitely guiky though will i will likely come back to this <Kolev>coyotes4ys, since you use Openbox, I figured you're technical and can handle the difficulty of Guix. 😉 <coyotes4ys>yes i'm sure i can. i guess i am just used to having a test ride in a live <meatus>what's the proper etiquette for if my patch hasn't been looked at for like, five weeks? <mange>Guix is very cool, but it's also pretty rough around the edges. I wouldn't recommend it unless you're happy to deal with it being a pretty bumpy ride. <coyotes4ys>hmm, well i do like to use a daw to make music and i want to have it and a web browser open at the same time. mange does that work with guix <mange>meatus: I don't know about "proper", but my usual approach is to ping again on the issue, and try to ping in here during European working hours. If you have an updated version of the patches with a newer version I'd send them through, too. <mange>Guix does package environments where you can open two windows, and it does package DAWs and web browsers. :) That said, I don't make music so I have no idea what it takes to get them working well. <mange>But I'm fairly confident that getting things working with Guix will take more work than most other distributions. You get some nice things with that (declarative configuration, transactional updates and rollbacks, etc.), but whether that's worth the extra work is a matter of opinion at the moment. <ebrasca>How to screen share in sway with wayland in GuixSD? <ajarara>rust-cli/man hasn't been touched in 7 years, and it depends on roff 0.1.0 which depends on... nix-0.9. roff 0.2.0 (which is packaged already) has a bunch of API breaking changes. I'm going to sleep, maybe it'll be updated in the morning. <ebrasca>I tryed adding "exec /home/ebrasca/.guix-home/profile/libexec/xdg-desktop-portal-wlr; sleep 2; /home/ebrasca/.guix-home/profile/libexec/xdg-desktop-portal" <jaft_r>ebrasca: which app. are you trying to do screensharing with? <jaft_r>I'm assuming you're using Pipewire? <ebrasca>Audio works fine with pipewire just can't screen share <jaft_r>So one way that worked for me was doing ~LD_LIBRARY_PATH="$(guix build pipewire)/lib" <app-you-want-to-run>~. <jaft_r>I don't need to mess around with "xdg-desktop-portal" or "xdg-desktop-portal-wlr", generally. Just the previous command, in a terminal. <ebrasca>"zsh: no such file or directory: ~LD_LIBRARY_PATH=/gnu/store/g09xndn7hwfl4yi01jrb96fw8gwq71f6-pipewire-1.2.7/lib" <ebrasca>jaft_r: I guess I will try to make it work again later... Thank you for helping! <jaft_r>That was just to mark the command off to differentiate from the rest of the message. <jaft_r>LD_LIBRARY_PATH="$(guix build pipewire)/lib" <app-you-want-to-run> <jaft_r>That's all you want (you're setting the environment variable ~LD_LIBRARY_PATH~). <hapst3r>on a foreign distro, emacs --daemon cannot find packages installed via guix, but emacs as started from the command line can <gladfan>Hi, I have installed guix on the hurd. I can boot to the gnu.repl with a semi-working keyboard. If I press shift, characters won't echo on the screen until reboot. Is this a common issue for usb keyboards? <janneke>gladfan: are you saying you're running guix/hurd on real hardware? <gladfan>janneke: Hi, I have booted on real hardware from the qcow2 disk image. <rekado>Hi Guix, I have a Docker-related question. <rekado>I've built a Guix System Docker image, and I'm using this on AWS ECS <rekado>ECS defines environment variables that are supposedly passed through to the Docker container. <rekado>I have not been able to see these environment variables in processes that were launched as services in the Guix System. <rekado>do I need to somehow explicitly preserve those external variables? <janneke>gladfan: how you're running the hurd is still unclear to me. if you're using qemu, the physical keyboard that you use is of no consequence <sneek>Welcome back civodul, you have 1 message! <sneek>civodul, futurile says: Sent the second Guix survey post (#75471) - almost certainly fixed all the apostrophe's <gladfan>janneke: Sorry, I have booted baremetal as they say, currently I am typing from a Linux system on the same hardware. I downloaded the latest qemu qcow2 image, but converted to a raw image with qemu-img. Then I used 'dd' to copy onto a hard drive with gpt partitioning. Then I am using a usb with older msdos partitioning to load grub. This boots nicely to the login shell without keyboard function. <gladfan>When I enable the 'gnu.repl' kernel option, I have a working keyboard until pressing the shift key. <civodul>futurile: pushed, thanks a bunch! (i was traveling and didn’t see it before) <futurile>civodul: no worries - I figured everyone was at a conference or something as it's been quiet around here. Thanks for pushing it! <janneke>gladfan: i have no problems using an external usb keyboard with guix/hurd on my x60 <janneke>�ACTION didn't boot into gnu.repl buth that shouldn't make any difference?� <futurile>Currently going through the comments from contributors - there's some "passion" in some of the comments - which unfortunately makes them a bit unusable - "I've contributed to many projects & I have a lot of knowledge, but nothing is enough for the idiots that plague this world, who expect me to contribute a billion patches before I am even considered." - hard to get people you've just called "idiots" <futurile>onto your side in a discussion (though I get the point!) <futurile>I've resisted editing them - as that just seems out of order - but not sure what to do - as there's good points in some of the most "passionate" ones - argh <futurile>yeah totally - and it's always the hot button topics ofc <jakef>sorry, is this about publishing all the responses? and you're hesitant to publish the semi abusive ones? <janneke>gladfan: you can always ask in #hurd <gabber>is there a way to see all the services that need restarting? it is indicated with `herd status $some_service` but not in e.g. `herd status` <gladfan>janneke: Thanks, did you have to set drivers for the hurd console? <jakef>gabber: my services that have a replacement pending appear in bold font in $herd status <futurile>jakef: I've "published" all of them - so all the comments are in a markdown files that link from the blog posts. As there's so many comments, I've been extracting some into a "theme" and an illustative couple of comments. I've been trying not to edit the illustrative comment - but some of the best ones are also the most ranty <futurile>there's a couple of comments that are informative, but they're like 3 para's long - so for now I've just cut parts of them out - and then people can read the full comment in the linked file <gabber>futurile: this sounds like a very reasonable way to handle these <Agiel>the first one was very interesting <Agiel>the full guix love comments md is full of gems <janneke>gladfan: no; the only thing that's important is using the "noide" boot parameter and pointing ext2fs and root to the right (wd0?) drive and partition <Agiel>> It's what I wished Gentoo was like back in the day :) <Agiel>whoever posted this one is spot-on <csantosb>futurile: by the way, in first part of survey, table 8, percentages are not erroneous ? <janneke>but if you're already in boot guile i guess you should have that figured out <janneke>gladfan: just curious, what would you need to touch a shift key for? iwbn if it worked, i get that :) <mehrad>Hi folks, I get "hash mismatch" when trying to run "guix shell lynis". I wonder if this is something at my end or is actually a packaging issue <futurile>csantosb: it was a multiple choice question. The percentages are against the number of participants - so nonguix users is 622/943. Ideally, that question would have been split into two (but the survey was already too long). I figure if you don't use drivers on Guix, you also won't be using them on another Linux distro - so it seemed reasonable to do the percentages by participants <mehrad>Thanks. Do I need to report it via mailing list? or is it enough to mention it here <janneke>mehrad: no need to file a bug report now, i'm looking into it, thanks <mirai>The "not enough GNU" comment is strange <mirai>nonguix is unrelated to guix (other than having its name included) <janneke>mehrad: also, i'm looking to apply #70422 <gabber>civodul: is it possible to have fork+exec-command route it's output to stdout instead of /var/log/messages? <mehrad>janneke: thanks. The patch looks good to me. Hopefully will be merged soon <janneke>mehrad: the patch had a couple of minor problems but that probably made it uninteresting to pick up <mehrad>janneke: I'm still learning, but other than wrong hash and `(commit version)`, what else was wrong? <janneke>mehrad: that's no problem we all need to learn some time, i've sent my review comments to the issue's link above <janneke>(it may take a minute or so to update) <mehrad>janneke: I haven't packaged this software, but based on your patch, the only issue that I probably wouldn't have caught was the `(commit version)` part. I'm still getting used to guix packaging and getting my eyes familiar to the format :)) long long way ahead it seems <mehrad>thanks for your time for answering me and the patch <janneke>mehrad: yw, the (commit version) is not critical, i just didn't like it <mehrad>janneke: hmmm, seems this weekend I need to dive into the documentations one more time :D <Deltafire>"It may be reflecting that users who are using Guix must have solved their driver problems, so it's slightly less important if your machine works!" i guess the people who didn't solder their driver problems might no longer be using guix <janneke>Deltafire: also, i don't see any sensible task for Guix---other than advocating freedom respecting hardware---in working on the driver problem? we're just packaging the software and we're not buying or building any hardware <dariqq>is there as way to figure out the reason (i.e. shortest path) why a package is not supported on a specific system? <Deltafire>janneke: i think the documentation should be a bit more helpful about getting non-free drivers for wifi etc, it's a huge stumbling block for first time users <Deltafire>i wanted to get a freedom respecting wifi card, but they were expensive and using really old standards <Deltafire>dariqq: look at the source? (guix edit <package>) <janneke>Deltafire: the survey results seem to agree with you <janneke>Deltafire: i've bought several atheros wifi cards and dongles for EUR 25-50 <janneke>when i suggested spending $50 on an inferior wifi card to a friend who wanted to run guix on their laptop, got a bit upset <dariqq>Deltafire: the problem is that (often) this is caused by a transitive dependency somewhere and trying to find out .e.g. how exactly something depends on rust is difficult by just looking at the package definition <janneke>the next day he came back to me with the perspective: hmm, $50 to "buy my freedom" doesn't seem to be too high a price for me; so it depends on your situation, your needs, and your perspective i guess <Deltafire>probably don't want a dongle permanently attached to a laptop either <janneke>�ACTION understands that $50 can be _a lot_ of money for people� <janneke>right, some people would _love_ to have a dongle attached if that gave them freedom, others don't really care all that much <hapst3r>Hej, as of recent, emacs server doesn't start saying it can't find guix-installed packages, but emacs started by itself (from the command line) works fine. Any idea what could be the reason for this? <janneke>and possibly there are quite some people who haven't really given this a hard thought? <Franciman>janneke: buying one own's freedom is just an appearence. Those atheros wifi cards it's true, they don't load firmware, but just because the firmware is already stuck in the hardware <Deltafire>it's just a barrier to entry - either find/purchase a supported card, or discover the means of using the non-free one built into your laptop <Deltafire>just looking at the QCNFA222, seems it doesn't support anything later than 802.11n <Deltafire>and if you follow that line of thought, the hardware itself is still closed <Franciman>Deltafire: also look for very recent intel wifi cards <Franciman>that's what usually people mean with "free" hardware <Franciman>whether they are actually free, is a whole another subject <civodul>gabber: fork+exec-command routes its output to stdout, but then stdout is captured in /var/log/messages by default <civodul>it cannot go to the shepherd’s stdout, which usually doesn’t exist <gabber>for context: i write shepherd actions which should just print to stdout - using fork+exec routes the output to the log file <janneke>civodul: you want to (sign off on and) add #73660 to core-packages-team? <rubujeto>I put Guix on USB, lauch my computer, and GRUB show me a lune with Guix <rubujeto>Then a terminal interface appears (guile-user) <rubujeto>I typed ",q" to continue and the system blocks <gabber>rubujeto: did you flash your USB drive with a Guix System or the Guix installer? <janneke>Franciman, Deltafire: at least in the case of Atheros that doesn't seem to be the case. The Atheros' firmware is actually free software, is part of %base-firmware and is downloaded onto the card <rubujeto>gabber: Yes. I did it with "sudo dd if=guix-system-install-1.4.0.x86_64-linux.iso of=/dev/sdb1 status=progress" <gabber>rubujeto: there shouldn't be a terminal appearinng, but rather a ncurses user interface <gabber>rubujeto: a "wizard" that guides you through the steps of installation <civodul>janneke: re gexp/Unicode, the 3 patches LGTM so yes, feel free to apply them! <rubujeto>gabber: I think something wrong happens during the installation on USB <gabber>rubujeto: i am rather sure that if there were a problem with this specific installer we would have noticed (quite some time ago). but maybe something went wrong with flashing the USB drive - or maybe the drive itself is faulty? <rubujeto>gabber: I try again... maybe don't enough space on USB <gabber>i'd try re-flashing the drive and - if the problem persists - trying another drive <gabber>rubujeto: you'd get an error if dd couldn't flash the whole image <rubujeto>gabber: That's what happened when I lauch "dd" command. So I format my USB <gabber>rubujeto: dd gave you an error about not enough disk space? <gabber>i don't think formatting the drive will help - you usually flash to the whole drive, not just a partition <rubujeto>I just flashed the whole drive. I now try to install Guix again. See you soon <civodul>janneke: BTW, i saw the glibc folks published a 2.40 fix for a CVE a couple of days ago <civodul>we should add it to ‘core-packages-team’… <Kabouik>Anyone using pass-tomb? It doesn't work anymore for me since my last system reconfigure and guix package -u. <Kabouik>It does run, but fails to open my pass tomb, which is quite problematic on a day to day basis. <gabber>when cloning the guix-consensus-docuements git repo i get "warning: remote HEAD refers to nonexistent ref, unable to checkout" <janneke>civodul: right. i've applied gexp/Unicode but am rebasing right now to get the most of the world rebuild <Kabouik>Hum. My pass tomb issue could be related to gpg agent not working: herd status gnupg returns "herd: error: /run/user/1000/shepherd/socket: No such file or directory" <civodul>Kabouik: that means that shepherd itself is not running, or that its socket was deleted <civodul>you can check with “pgrep -fa shepherd” <civodul>if it’s still there, you can “kill PID” with its PID <Kabouik>Actually I should have run it as sudo, my bad. But gpg and gnupg services are not found. Sheperd works because I have ssh-daemon running fine. <civodul>i thought you were talking about the gpg-agent service from Guix Home <Kabouik>There should be a gnupg (or gpg, not sure what it's called) service, right? <Kabouik>Okay. I'm trying to understand what breaks my pass tomb. Not having access to my password manager is quite blocking. <dariqq>wow, fold-packages is amazing. Fairly easy to find all the root packages causing something to not be available on an architecture. Now Id just need to find the shorted path between a given package and all the roots <Kabouik>So my pass tomb issue seems to exist in other systems too and to have been triggered by an update. Someone found a workaround for Distrobox Ubuntu but that does not work for Guix. I'm not Guix fluent enough to understand what could be the Guix peculiarity that makes the workaround fail, and whether something similar could be used: https://github.com/roddhjav/pass-tomb/issues/46 <dcunit3d>you could try a prior version/build of passtomb. also, i think Guix recently upgraded gnupg to 2.4, so that may have something to do with it <futurile>Kabouik: I don't use pass - but the GPG thing - you should check that you can use gnupg - if you added that like to .bashrc make sure you logged out and in again - so the env setting is definitely there <Kabouik>How can I check when was a package updated? 1.3 seems to be an old pass-tomb version so probably the issue comes from gnupg indeed. <z572>civodul: Can you take a look at #75051, I'd like to merge it if that's OK <Kabouik>futurile: I can run gpg commands in terminal, but I don't quite understand how the agent works. I don't think I have anything in my bashrc (or my config.fish actually as a Fish user), but same as before when it used to work. <civodul>z572: i’ll take a look; and hi! to the 6 (six) other people Cc’d on the patch set <dcunit3d>Kabouik: i responded to your gh issue. i recommended using strace, but i don't know much about it. also, if the problem is with how the gpg-agent is responding over the socket, then strace may not help (that's a different process). <dcunit3d>and, here, since it involves crypto/secrets, strace should be a last resort <Kabouik>I saw that, thanks for contributing (and making the issue more visible to the dev by the way!). I'm trying what you recommended but the syntax does not seem to work in my shell. Are these backticks specific to another shell maybe? <Kabouik>My problem is all of this seems to depend on gpg-agent but I really don't know how gpg-agent works and how it should be started. All I know is my pass tomb used to work and I didn't change anything gpg- or pass-related lately. <dcunit3d>you should run `gpgconf --listdirs` and look over the values. those are the file paths to sockets/directories that GPG is using. only a few of them should matter, particularly agent-socket, agent-ssh-socket and homedir <dcunit3d>do `pgrep -fa gpg` and see if it's running <dcunit3d>sometimes GPG_TTY can mess up the interaction between `gpg` and `gpg-agent` <dcunit3d>because it's supposed to be used when you want to lock requests to a particular vty <ieure>Kabouik, gpg agent is a daemon that caches key passphrases/card pins in memory, so you don't have to type them every time; it can also act as a SSH agent, which exist to do the same thing, but with password-protected SSH keys. GPG communicates with it over a UNIX domain socket, which is usually $HOME/.gnupg/S-gpg-agent. <ieure>If you keep your SSH key on a hardware token, gpg-agent also handles letting you log into remote machines using it. <dcunit3d>so, also, if you are running `GPG_TTY=$(tty)` from the console in your windows manager, then it's probably responding with the tty that corresponds to that terminal window <dcunit3d>ok so iirc that means the agent is running and talking on the socket <ieure>Kabouik, You can control the gpg-agent that gpg (and SSH) talk to with environment variables that point them to the UNIX socket. <Kabouik>ieure: I think I use gpg to manage my ssh keys but somehow some of them work out of the box (I run a command that needs a ssh key for authentication, and boum, it asks my for its passphrase and works), some don't (git interaction with sourcehut somehow *needs* me to run `ssh-agent -s && ssh-add ~/.ssh/mysshkey` prior to pushing). <Kabouik>I guess that means some of my ssh keys are not automatically loaded by the agent, while some are. <ieure>Kabouik, If you're using gpg-agent as your SSH agent, you shouldn't need to ever mess with ssh-agent. <dcunit3d>well `ssh` will try to connect to an agent at `SSH_AUTH_SOCK` and if that variable's set to point to the `gpg-agent` socket, then `gpg-agent` knows how to speak to `ssh` <ieure>Kabouik, I think the issue here is that ssh-agent will pick up keys you have in ~/.ssh, and gpg-agent will pick up keys in your GPG keyring, but you have keys split between the two places. <Kabouik>ieure: I never understood why I needed to do that for sourcehut, to be frank. <ieure>Kabouik, Because you're using the GPG agent as a SSH agent (ssh connects to gpg-agent, not ssh-agent), and gpg-agent doesn't know anything about keys in ~/.ssh <Kabouik>I'm happy to do things in a better way and ditch one of those agents if it's only adding complexity to something that should work nicely out of the box, but the more I read what you two posted above, the more my brain cells cry in hypoxia. <ieure>Kabouik, I think you can add lines to ~/.ssh/config that point ssh to the files in ~/.ssh based on the host you're connecting to, which may fix your problem. If not, you'll need to put `ssh-add ~/.ssh/mysshkey' lines in your shell dotfiles for any key in ~/.ssh tnat you want to use with gpg-agent. <dcunit3d>it can be confusing. it may be that your ~/.ssh/config for sourcehut isn't resolving properly. you can test with `ssh -T git@git.sr.ht`, etc <dcunit3d>and if you do `ssh -vvvT git@git.sr.ht` then you'll see how the agent (which should be gpg-agent) is selecting the key to use <dcunit3d>however, for the the pass-tomb issue, if it can't talk to gpg as normal, then it won't be able to decrypt the tomb. <dcunit3d>is pass-tomb the only thing you updated? <Kabouik>So I have host-specific config blocks in ~/.ssh/config already ieure, but I think what could cause an issue is I have two distinct sourcehut accounts (same hostname, different username) and only one is being picked up by the agent, while the other is ignored. But while this is probably the right direction to dig for my Sourcehut/SSH problem, I'm afraid this will only distract me from the most urgent issue of my pass tomb (which I don't really <Kabouik>understand so far even though I really appreciate your explanations) <dcunit3d>you could try `oldversion=1.23 guix shell pass-tomb@$oldversion` to try with the olderversion <dcunit3d>i'm not sure what the package names/versions are <dcunit3d>for ssh-config, try `man ssh-config` sometime later, but TLDR, the "Host" specifies an alias for systems you connect to, where the "HostName" is the dns/ip. <dcunit3d>also, if you updated `pass-tomb`, do you know if `pass` was also updated? <Kabouik>Yes, I have different Hosts for my two sourcehut accounts: sr.ht-matf and sr.ht-myrealname, each with the same hostname (git.sr.ht) and different ssh keys <ieure>Kabouik, Not sure about your situation, the problem in the pass-tomb issue you linked seems to be that user's pinentry being messed up. pinentry is a program gpg-agent spawns to interactively prompt for a key password or card PIN. I'm not sure if that's your problem or not. <Kabouik>I actually am not sure if pass-tomb was updated dcunit3d, I don't know how to access to guix package history. But I think you might be right with the gnupg 2.4 upgrade potentially being another cause. <Kabouik>I use pinentry too to keep everything in the terminal. The way I set this up, hopefully not in a wrong way (but at least it used to work) was to add `pinentry-program /home/mat/.guix-profile/bin/pinentry-curses` in ~/.gnupg/gpg-agent.conf <janneke>civodul: rebased core-packages-team, added gexp/Unicode and CVE-2025-0 <ieure>Kabouik, Does pinentry work for stuff other than pass-tomb? <ieure>If so -- you have a different problem. <Kabouik>Hum. Could be a pinentry issue. I have a Borg script that used to prompt me for a password in pinentry too, and it fails too with pinentry prompt not showing up. But how can I know if it's pinentry failing, or pinentry failing to find the gpg key that it should use? <dcunit3d>Kabouik: well troubleshooting pinentry is not always so easy <dcunit3d>you kinda just want to know what it looks like when that's the issue. <dcunit3d>you can run gpg-agent in a debug mode or even the pinentry process, but that requires a bit of setup and there should be a simpler way to diagnose this <dcunit3d>did you add `GPG_TTY=$(tty)` to your .bashrc? <Kabouik>No, I just tried it in my shell after I saw that Github issue at the pass-tomb repo. <dcunit3d>also, what window manager are you running? <dcunit3d>do you have a command you can run to output a notification via swaymsg or something? <dcunit3d>because it will allow you to see how the `sway` process has the `GPG_TTY` variable set <Kabouik>But since pass-tomb runs in the terminal, can't I just simplify the issue with having GPG_TTY set in the shell of that terminal? <dcunit3d>k, but you have to execute the command so the sway process runs the command. so you can add a hotkey to your sway config or you can use something like the dmenu command runner (i think) <dcunit3d>yes, but there are a few things that can cause problems, like whether `gpg-agent` has pinentry configured to be locked to a particular tty <dcunit3d>you can typically only set that when you start gpg-agent <dcunit3d>the sway notification thing helps if you need to look at what the window manager thinks GPG_TTY has set... which you probably don't want to lock it to a TTY (that was a huge mistake i made which overcomplicated everything i was doing) <dcunit3d>sorry if i'm not being direct, but i haven't messed with gpg in awhile <Kabouik>Your help is VERY appreciated, please don't apologize. <Kabouik>So I set a Sway binding to `notify-send "echo $GPG_TTY"` and the notification I got suggests the var is empty <dcunit3d>so, can you sign something with `gpg -r $gpgid -bs $file` to see if your pinentry will sign a file <dcunit3d>or rather whether gpg and pinentry are talking <dcunit3d>if you look in ~/.gnupg/gpg-agent.conf, do you see "keep-tty"? that should probably be off <dcunit3d>also, what other "pinentry" lines do you see in that file? <dcunit3d>well your pinentry set to `pinentry-curses`, which needs to run in a tty (i think) <Kabouik>The first paste seems to indicate gpg-agent is plain and simply failing, no? <dcunit3d>do you normally type the pin into a popup? <Kabouik>No I set that to pinentry-curses so that my password is asked in a terminal (since the programs I run that need passphrase unlocking are usually in a terminal, like my Borg script or pass-tomb). <dcunit3d>yeh, but `gpg` <=(socket)=> `gpg-agent` =(spawn process, listen to output)=> pinentry-xyz <dcunit3d>the pinentry program may use a socket (i can't remember) <Kabouik>I didn't change any of those configs lately, just to disambiguate that <dcunit3d>however, the way it works is that the pinentry program is launched so that it intercepts all keyboard input, iirc <dcunit3d>so it doesn't really matter if it gets launched in the window manager. in fact, it's better if you have it set up to use pinentry-qt5 or something like that. if you're typing it into a non-console terminal (in a window), then the application has to read keyboard input, which is passed through the terminal's tty and then to gpg-agent <dcunit3d>so, in a new terminal just do `echo $(tty)` and then open another one and run the same command <dcunit3d>well `gpg-connect-agent` can't connect to the agent (neither can `gpg`) <Kabouik>To your previous message, both terminals return different values: /dev/pts/8 and /dev/pts/10 <Agiel>Why is there an alias parameter for Bash Home but not Zsh? <dcunit3d>right, so you can in theory use `socat` to write to one of those devices and keyboard input should appear in the terminal. but you have to set it up correctly <dcunit3d>anyways, it's just interesting to undestand how that keyboard input is being processed because (to me) it was non-obvious <dcunit3d>and pinentry allows you to securely enter your pin, if it's set up correctly <Kabouik>But are you not assuming that I'm prompted for a password by pinentry and it fails to read it there? I'm not prompted at all (I used to) <Kabouik>Yes, 13669 gpg-agent --homedir /home/mat/.gnupg --use-standard-socket --daemon <dcunit3d>ok, so it is running, but the shell spawned in your terminal can't connect to it <Kabouik>(Unfortunately I'll have to leave soon, I'm carpooling) <dcunit3d>can you spawn a new terminal and try to connect to it? <dcunit3d>just with the same gpg signing command that you ran. <Kabouik>I don't get it. I did `mv ~/.gnupg ~/.gnupg.bak`, then run `gpg -r myid -bs somefile`, it created a new ~/.gnupg. But that did not solve the issue. I deleted ~/gnupg and restored my old ~/.gnupg.bak instead. And now I get a GTK pinentry prompt when I use `gpg -r myid -bs somefile`. <Kabouik>Despite my old ~/.gnupg I just restored being set to use pinentry-curses. <dcunit3d>Kabouik: yeh, it can be really confusing, since it's hard to track what started the gpg-agent process and whether it's configuration was modified <dcunit3d>did you change the pinentry to the gtk version? <Kabouik>Plus I tried to kill and restart the agent quite a few times now. <Kabouik>No. I just tried to comment the line first, then did thw whole folder renaming to start clean. <dcunit3d>there are some configuration options that the gpg agent will refuse to change once it starts. this includes most of the pinentry & tty options IIRC <Kabouik>Note that pass open -v still does not prompt me for a password, just gpg -r myid -bs somefile. <Kabouik>This is so confusing. I didn't change anything and am no longer getting that gtk prompt when trying on another file. <Kabouik>I have to go sadly. I'm sorry it took so much of your time dcunit3d, but really thank you for all the help. I hope I can resume that later and finally find the fix. <dcunit3d>okay, well i'm just not sure how much detail to send you. <dcunit3d>i avoid GPG_TTY because it can require restarting the window manager <dcunit3d>idk if that's 100% a correct take on pinentry/tty (like whether to lock it to a tty or not). i was probably mincing a lot of the details there <z572>civodul: I send v2 patchset to #75051, please see it. <Kabouik>I don't know dcunit3d. What is weird to me is I didn't change my gpg/ssh config in years and I know it was totally imperfect (like this ssh/sourcehut issue I mentioned), but nothing was totally broken and I did get the pinentry-curses prompt in the terminal after running a command that would require it. Now, nothing, and the command just fails pretending I didn't enter a valid password (as if I was asked to enter one); no time-out. <Kabouik>Since I ran a guix package -u and system reconfigure less than 2 days ago, and did not use pinentry since then, this kinda pointed at the upgrade itself, and probably gnupg 2.4 as you mentioned. <dcunit3d>well, figure out how gpg-agent is being started. it /can/ sometimes sorta start itself when `gpg` has been run. for my Arch system, systemd starts it. <dcunit3d>figuring that out will clarify the rest of the details. you need to know what the output of `env` would be in the environment where it's being started <dariqq>is there a way I can silence the warnings from (guix ui) ? <Kabouik>I thought it was not even started properly from the pastebins I posted above <dcunit3d>regardless, Kabouik you should be able to `kill` the gpg-agent and start a new one. but you'll need to use multiple terminals. to keep things simple, avoid GPG_TTY (for now at least) and set pinentry-qt5 or gtk. <dcunit3d>open one terminal, start the agent, open another, get `gpg` commands working. <dcunit3d>then try pass commands. you'll probably get the same result <dcunit3d>if nothing else, you can start a VM or run an ISO and get the passwords you need through that <dariqq>yay, managed to write a little guix extension that uses guix graph --path to find the path from the input package to all root packages that dont support a given architecture all in 30 LOC <bjc>civodul: how would you feel about leaving a helper running as root, which guix-daemon can poke to remount /gnu/store? <bjc>i'd hate to lose read-ony on the store <dariqq>well the heavy lifting is done by guix-graph and fold-packages (to find packages whose supported-systems does not contain the system) and just shuffles the results around . But pretty cool that this is something one can do (more or less) easily <eikcaz>bjc: from my perspective the whole point is so I don't need root to run guix on a machine, though I haven't read the patch in detail <bjc>do you need root now if you're running a foreign distro? i thought that already worked <Agiel>a wise decision to drop root <Agiel>would it still be possible to remount /gnu/store read-only on Guix System? <eikcaz>by run I meant install/setup guix. <eikcaz>For one, as mentioned in civodul's patch, guix daemon requires root at the moment <bjc>i might be misremembering; it's been a long time since i used a foreign distro install, but can't you install guix as a regular user and run it? <bjc>nm. docs make it clear you need to be root <civodul>Agiel: /gnu/store *is* remounted read-only (on Guix System and elsewhere) <Agiel>> Agiel: /gnu/store *is* remounted read-only (on Guix System and elsewhere) <Agiel>i meant, if this moves to Guix System, will the unprivileged daemon (still) be able to remount /gnu/store read-only <ajarara>hi #guix, I'm trying to upstream age-plugin-yubikey. if I have to choose between preserving development inputs or not adding old versions of libraries to the package set, should I choose to avoid old versions? age-plugin-yubikey depends on rust-man-0.3 which depends on an ancient version of roff, 0.1.0. The fallout isn't enormous, I think 10 packages would be removed if I excised rust-man. Basically, how old is too old for the ru <jaadu>I am running on a foreign distro, what is the best way of utilising the unit files placed in ~/.guix-profile/lib/systemd/user ? <jmes>I need a function to be available inside a gexp, e.g. (let ((my-fn (lambda ...))) #~(begin (my-fn) ...)), but my-fn is unbound in the gexp's context. I also can't ungexp the function because it relies on a binary that may not be there until the derivation pulls it in. How should I proceed? <Agiel>jmes, do you have a minimal working example? <jmes>Agiel: I can simplify my code and share but I may be in the process of solving it. I think I can define the function somewhere else and use with-imported-modules or I can inline the function <jmes>I will come back with a minimal example if I fail... just on a train of thought for a sec, thanks though! <coyotes4ys>ok, i've installed guix for the first time! i am used to apt and openbox and tint2. i am trying to install something but my wifi dongle, **which worked automatically in the usb installer**, seems to not be working. when i do install geany, it <jakef>I've got a package that installs python bindings into its lib/ dir instead of /lib/python3.xx/site-packages. is there a preferred workaround? <wakyct>jakef are you asking if you should modify where it installs files? <jakef>yeah writing the package defn <coyotes4ys>how do i test if my dongle is working? it automatically worked during installation <wakyct>coyotes4ys what isn't working? what does ip addr give you? <podiki>jakef: you can write a custom phase to move it to the expected path <jakef>hi podiki, so if i put it in the normal path, it will just work? <podiki>what will work? put what where? i meant if by default the package build puts files not where they need to go, you can add a build phase to move the files <jakef>by work i mean: user installs this package, then they run python and import this package and it finds it? <podiki>no, probably not if it isn't in the expected python site-packages directory <lfam>coyotes4ys: Which wifi dongle are you using? <jakef>podiki: so there is some python module MOD, and it currently goes to lib/MOD. if i move it to /lib/python3.10/site-package/MOD, that should work then? <coyotes4ys>but it didn't install geany. lots of "couldn't be built" type stuff <podiki>yes, if one installs that package plus python in the same profile, the correct env variable is set so python knows where to find packages <jakef>alright thanks, i'll give it a try. sorry, it's all a bit of magic to me <coyotes4ys>wait maybe it's not working? how do i just ping somebody <podiki>note that in your phase you will want something like #$(version-major+minor (package-version python)) to get the write version part of the string <podiki>jakef: the magic here is through search-paths, so that if a package that needs to look for something an env variable is set to tell it where (since it won't be in some global /lib/... directory in guix), in this case GUIX_PYTHONPATH will be set to the profile's lib/python3.10/site-packages <lfam>coyotes4ys: CTRL+C is used to stop <coyotes4ys>i logged out in ooenbox but the login screen shutdown didn't work. i forced it with pwr button <Deltafire>is it possible for guix shell to make the manpages accessible? <podiki>Deltafire: yes, you should just need to include the package...mandoc maybe? <podiki>ah that's the one. i always try "mandb" and fail:( <podiki>i've been thinking about going back to the FHS shell to add multilib support (include all/some packages as i686-linux as well, for instance) <podiki>i'm not sure if there is much use for it outside of what i'm thinking of like wine/older (nonfree) stuff <civodul>if it’s useful and not too complex, why not? <podiki>probably the more important thing is to handle manifests first, for the adding/replacing glibc as I don't think that works right now? <podiki>i think it would be relatively simple, though famous last words <podiki>i need to read these survey result posts, very interesting stuff i've seen so far! <podiki>i'm curious how the number of respondents compares to say unique downloads of say nss-certs (i don't remember if we keep track of unique downloads on berlin, maybe not) <coyotes4ys>restarted lfam. now it's "download failed" after trying and "name or service not known" <coyotes4ys>ip addr has 4: wlp0s20f0u3: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN... <wakyct>coyotes4ys what desktop environment are you using? <wakyct>and you might want to pastebin your system config