IRC channel logs

2014-10-12.log

back to list of logs

<zacts>me
<jxself>Us.
<zacts>oops, I was trying to switch to #scheme
*davexunit finished watching civodul's presentation from GHM
<davexunit>despite the noisy audio, it was really cool to see.
<sneek>davexunit, you have 1 message.
<sneek>davexunit, civodul says: re "development deps": in "Installing Guix from Guix", we can't suggest running "guix environment guix", because the autotools would be missing
<davexunit>sneek: botsnack
<sneek>:)
<davexunit>ah, that's a damn good point....
<davexunit>my first practical use of 'guix environment': https://gitorious.org/guix-web/guix-web/source/dfac7ceab4eaf19d87ad6138af8048da59e986b8:package.scm
<davexunit>'guix environment -l package.scm --pure' yields an environment capable of running and building guix-web. :)
<mark_weaver>nice!
<mark_weaver>bavier: the libjpeg update might have been better saved for core-updates. it triggered over 450 builds
<mark_weaver>well, I see that civodul okayed it, so nevermind :)
<jxself>I wonder if he realized.
<mark_weaver>good question!
<mark_weaver>"guix refresh -l libjpeg" reports that 183 packages would be rebuilt. multiply that by 3 and you get roughly the right number.
<mark_weaver>the difference is probably because of dependency failures on MIPS.
<mark_weaver>damn, it's a real drag that upstream projects often don't bother to make new releases after CVEs on found for them :-(
<jxself>They incorporate the changes into the next scheduled release?
<mark_weaver>while investigating libarchive build failures on MIPS, I found that Debian had a fix for a CVE, but the last release by libarchive is from almost two years ago.
<mark_weaver>and now, while investigating the pulseaudio build failure on MIPS, I found the same thing again. a CVE fix in debian's patches, but no new upstream release.
<jxself>I guess the first question I'd wonder: Was it ever sent upstream to libarchive?
<jxself>Prior to blaming them. ;)
<mark_weaver>yes, in fact the patch was taken from upstream
<jxself>ok
<mark_weaver>it's been in their git repo for a long time
<mark_weaver>I wonder how many other security holes we have because of this lame-ass upstream attitude :-(
<jxself>Exactly 2,710.
<jxself>:)
<mark_weaver>:-P
<mark_weaver>tadni`: btw, we have something similar to "apt-get build-dep" now. it's "guix environment"
<mark_weaver>tadni`: see https://lists.gnu.org/archive/html/guix-devel/2014-10/msg00111.html
<mark_weaver>hmm, I wonder how long it will take for icecat-31 to show up in https://www.gnu.org/software/guix/package-list.html
<tadni`>mark_weaver: Wow, good memory -- I forgot I even brought this up.
<mark_weaver>tadni`: tbh, I had to look through my history to remember who asked.
<tadni`>This, by description doesn't seem similar to me ...
<tadni`>Maybe I'm just tired.
*tadni` has had a WEEEEEEEEEEEIIIIRD past 2-4 days or so.
<mark_weaver>it's not quite the same, but arguably better in some ways.
<tadni`>I mean, I guess building all it's inputs are close enough to "be the same".
<tadni`>:^P
<mark_weaver>what's been weird about your recent days?
<mark_weaver>(unless you don't want to talk about it, of course)
<tadni`>mark_weaver: Pm'd
<jmd>Build of libarchive seems to be broken.
<mark_weaver>jmd: it was totally broken on mips64el and had an unpatched security hole. I just fixed it, after a successful test build on one of my systems. can you tell me more details about what you're seeing?
<mark_weaver>(unfortunately I'm still waiting on hydra to rebuild it, because it's buried in the libjpeg update)
<jmd>mark_weaver: One of the tests is failing.
<jmd>on amd64
<mark_weaver>bah, the one system I didn't test on :-(
<mark_weaver>there were a few other debian patches I didn't pick up, maybe one of them was relevant :-(
<mark_weaver>damn
<jmd>I'll rebuild to see what the test was.
<mark_weaver>jmd: if you already tried, you'll have the log there
<mark_weaver>run "guix build --log-file libarchive"
<mark_weaver>(but if you restart the same build, it will immediately replace that log file with the new one)
<mark_weaver>(if it really is the same build, i.e. same hash)
<jmd>Then its too late. I've already started.
<jmd>Failing tests:
<jmd> 232: test_sparse_basic (2 failures)
<jmd>
<jmd>Details for failing tests: /tmp/nix-build-libarchive-3.1.2.drv-0/libarchive_test.2014-10-12T17.02.52-000
<jmd>
<jmd>FAIL: libarchive_test
<jmd>
<jmd>If tests fail or crash, details will be in:
<jmd> /tmp/nix-build-libarchive-3.1.2.drv-0/bsdtar_test.2014-10-12T17.04.41-000
<jmd>./pre-inst-env guix build --log-file libarchive
<jmd>guix build: error: no build log for '/gnu/store/zd8b2bny8ql8qiv6c6z3110bicfk5wlx-libarchive-3.1.2.drv'
<mark_weaver>jmd: would you be willing to try some more debian packages to find out which one fixes the problem? I don't have a guix amd64 machine handy right now.
<mark_weaver>Here's a file with the patches: http://ftp.de.debian.org/debian/pool/main/liba/libarchive/libarchive_3.1.2-9.debian.tar.xz
<mark_weaver>(beware, that unpacks into just a 'debian' directory)
<jmd>mark_weaver: So what do you want me to do with it?
<mark_weaver>in debian/patches, I have two top guesses: Fix-test_archive_write_add_filter_by_name_lrzip-test.patch and Initialize-buff-to-all-zeroes.patch
<mark_weaver>you could just copy one or both of those to gnu/packages/patches (but rename them; they should begin with "libarchive-" and probably be a bit shorter than that first one)
<mark_weaver>and obviously update gnu-system.am and the libarchive def'n in gnu/packages/backup.scm
<jmd>I'll see what I can do.
<mark_weaver>thanks!
<jmd>(no promises)
<jmd>mark_weaver: That package is stupid anyway. They have assert statements containing function calls with side effects.
<mark_weaver>I didn't care about libarchive until it was added as an input to cmake and suddenly a lot of the software I used stopped building on mips.
<jmd>I'd never heard of it before.
<mark_weaver>nor I
<DusXMT>I heared of it once when I needed to unpack a rar v3 file
<DusXMT>But I think unar (only one r) can do that as well
<jmd>mark_weaver: Neither of those two patches changed anything :(
<elzair>Good day, everyone. I am trying to install the guix distribution and am wondering how you create groups in the config file.
<jxself> https://gnu.org/software/guix/manual/html_node/System-Installation.html#Proceeding-with-the-Installation
<jxself>That example has groups.
<elzair>Also, would you specify multiple filesystems like the following? (file-systems (cons (file-system 1) (cons (file-system 2) %base-file-systems)))
<jxself>Maybe it'll help?
<elzair>As far as I can tell, it specifies how to add a user to a group (or supplementary-group) but not how to create a group. Is that correct?
<jxself>Not how to make an empty one but I assume you want someone to be in there? :)
<jxself>Perhaps someone else can comment on how to make an empty group.
<elzair>Yeah, I am currently running Trisquel and want to install guix alongside it.
<elzair>I would like to share my /home between systems.
<elzair>Currently, my user and group is elzair:elzair, and my uuid and gid are 1000:1000
<elzair>I wanted that to be the same between systems.
<elzair>Is that feasible?
<elzair>Well, when I tried to build a disk-image I got the following error: guix system: error: build failed: builder does not have write permission to `/gnu/store'; try `chgrp 1001 /gnu/store; chmod 1775 /gnu/store'
<elzair>Nevermind, I fixed it.
<civodul>Hello Guix!
<jxself>Ahoy there good sir.
<jxself>elzair: It might be good to re-ask your question now that the amazing civodul has returned. :)
<civodul>:-)
<elzair>civodul, do you know how to create a blank group in the guix operating-system config file?
<civodul>oops, too late
<civodul>sneek: later tell elzair what do you mean by "blank group"?
<sneek>Got it.
<civodul>low bandwidth, high latency :-)
<DusXMT>civodul: I think they meant a group with a GID and a nabe, but with no members
<DusXMT>*name
<civodul>aah, ok
<civodul>just declare a 'user-group', and add no members to it?
<mark_weaver>jmd: hydra successfully built libarchive on x86_64. not sure why it's failing for you.
<jmd>Hmm.
<mark_weaver>jxself: btw, a nicer way to add multiple things to the front of another list is to use 'cons*', e.g. (cons* file-system-1 file-system-2 %base-file-systems)
<mark_weaver>cons* takes any number of arguments
<mark_weaver>well, any positive number
<elzair>Hello again #guix.
<sneek>elzair, you have 1 message.
<sneek>elzair, civodul says: what do you mean by "blank group"?
<DusXMT>20:46 <civodul> just declare a 'user-group', and add no members to it?
<mark_weaver>elzair: regarding wanting elzair:elzair to be 1000:1000 (I do the same), put (uid 1000) and (group "elzair") in your 'user-account' in 'users', and also add this to 'groups': (user-group (name "ezlair") (id 1000))
<elzair>Building a guix image has reminded me of installing Gentoo.
<elzair>I used to use it back in 2004-2005, and I always appreciated the stability and customization of Gentoo.
<elzair>I sometimes would wonder why I switched to binary distros. Now I remember why.
<mark_weaver>heh :)
<DusXMT>There are binary 'substitutes' available for guix, if you trust the build farm you can enable them
<mark_weaver>well, we have at least one advantage over more traditional bleeding-edge source-based distros like gentoo: you can always roll back, so guix is much more dependable.
<elzair>Cool, I assume I am most of the way through now. It has been several hours.
<mark_weaver>and yes, of course, things are very fast if you enable substitutes.
<mark_weaver>(I build everything from source on one of my machines, and use substitutes on another one)
<DusXMT>There is no gain from compiling things on your system, since Guix strives for reproducibility and the results are very impressive in that regard. But of course, there's the issue of trust
<elzair>I understand. I was rebuilding things mostly just to use a custom gnu/system/os-config.tmpl
<elzair>I tried editing the image I had dd'ed to my USB thumb drive, but it deleted everything in the /etc directory.
<elzair>Specifically the /etc/configuration-template.scm
<mark_weaver>using a custom os-config shouldn't require rebuilding any software, but sometimes you have to build things if our build farm hasn't yet rebuilt everything after a recent update, as is the case right now.
<mark_weaver>DusXMT: eventually, we'll have bit-for-bit reproducible builds, and a convenient means for users to verify the builds on hydra.gnu.org. in the meantime, we are still putting our faith in the security of the build farm.
<elzair>Ah. so running "guix system disk-image gnu/system/install.scm" does not always rebuild everything? Cool.
<mark_weaver>so I don't think it's quite correct to say that there is "no gain" to compiling things on our own system.
<DusXMT>You're right
<mark_weaver>elzair: it will have to rebuild the configuration files, the profile (symlink farm), and of course the disk image itself, but if hydra.gnu.org is up-to-date then you shouldn't have to rebuild any software.
<elzair>Awesome!
<mark_weaver>(unless you've have local modifications to some packages, of course)
<mark_weaver>s/have/made/
<DusXMT>guix will gladny re-use anything it can in /gnu/store; unless you delete the things with guix gc of course
<DusXMT>*gladly
<mark_weaver>yesterday we updated libjpeg on the master branch, triggering over 450 rebuilds. that was probably a mistake. normally we do such updates on a separate branch and wait for hydra to build that branch before merging it into master.
<DusXMT>Oh, so that was why there was a somewhat lig update a couple days ago... I thought it was another CVE or something
<DusXMT>*big
<elzair>Funny, the build just failed with the following error: http://pastebin.com/mw4UUEJH
<elzair>I made sure the kvm kernel module was loaded and qmeu-kvm was installed.
<elzair>Alright, I decided to just use the premade install image for now and am re-copying it onto my thumbdrive.
<elzair>Is there a safe way to put my custom config file onto the thumb drive?
<elzair>Last time I tried to edit /etc/os-template.scm, it erased the entire /etc directory.
<elzair>I am currently using the latest version of Trisquel, and I believe the USB image is formatted as ext4.
<elzair>Well, I got the build working again. All I had to do was allow read and write permissions on /dev/kvm: sudo chmod a+rw /dev/kvm
<civodul>elzair: did you see my reply, BTW?
<elzair>I did, but I think I lost it during my os reboot.
<elzair>It was something about creating user-groups.
<elzair>Sorry.
<civodul>elzair: right, so just declare a 'user-group', and that's it
<civodul>if there are now 'user-account' referring to it, it will be an empty group
<civodul>(if i understood the question correctly)
<elzair>So will I list this under (operating-system) or (users)?
<elzair>*add this
<civodul>elzair: under 'groups'
<civodul>something like (groups (cons (user-group (name "the-empty-group")) %base-groups))
<elzair>Cool. Thanks.