***fr33domlover_ is now known as fr33domlover
<Jon_>At the command prompt, how do I suspend (terminate) the ssh service process? <Jon_>Guix pull hangs trying to patch ssh. How do I stop ssh (from the command prompt) so that it can patch? ***fr33domlover_ is now known as fr33domlover
<Jon_>Found it: Herd stop ssh-daemon <rekado>there’s a hash mismatch for linux-libre 4.13.1 <CharlieBrown>I'm not sure if I should use librepup or Guix to keep my whole setup in version control. I have severe storage space constraints, because I can't afford to implement the 3-2-1 rule. <lfam>CharlieBrown: Currently, Guix / GuixSD aren't great if you have severe storage constraints, in my opinion. It's helpful to keep those last few GuixSD generations on disk, but it can add up to a lot more storage than a regular GNU / Linux distro, let alone something like Puppy / librepup <lfam>Probably my perspective is a little skewed, since I also develop Guix. It would be interesting to do an informal survey of Guix disk usage on personal machines <lfam>happy_gnu[m]: How much space do you need to use for it? <happy_gnu[m]>I thought it was because it needed a lot of dependencies <lfam>Unless you remove the old generations, they will stay there and keep taking up space <lfam>For example, you could remove generations older than one month, and then delete them from the disk <lfam>`guix package --delete-generations=1m && guix gc` <lfam>Also with weeks and days, I'm not sure what else <clacke[m]>lfam: have you tried putting the store on dedup zfs? <clacke[m]>I'm doing that now, and gained maybe 30% in the process, on a store that didn't have much cruft lying around <clacke[m]>I will see if I will ever have to make a gc again :-) <clacke[m]>putting both nix and gnu stores on there saved me 50% space, they have a huge overlapping base and then I just use a few leaf packages from each <clacke[m]>Cal: appease your urge by trying them all out in docker <ng0>on my Intel I350 question yesterday… if it works in Debian without adding non-free parts of it, it must work in GuixSD. ***fr33domlover_ is now known as fr33domlover
<sneek>Welcome back civodul, you have 1 message. <sneek>civodul, amz3` says: kudos for fixing rekado issue with the very big machine :) <rekado_>just installed GuixSD on a new server … and forgot to add the RAID controller’s module to the initrd :-/ <rekado_>I’ll have to boot over PXE, run lsmod, and then find a way to replace the initrd <civodul>'guix system' could diagnose that, with a bit of work <rekado_>about “guix [system] deploy”: I’m writing a Guile script to help me manage the build farm. <rekado_>Currently, it builds systems for each of the servers and then pushes them to the remote <rekado_>but the final step to reconfigure the remote to use the new system requires remote root access. <rekado_>ansible allows for different ways to get root access on the remote <rekado_>1) root SSH keys, 2) SSH keys of an admin user who can sudo su to root, 3) …other things I’ve forgotten <rekado_>can we escalate permissions on the remote with Guile SSH? E.g. by starting a guile sessionwith “sudo” and then forwarding s-expressions to that session instead of executing it in the admin user’s guile process? <ng0>Which part of the manual do I find the fancy way to add packages in again, instead of declaring every module to use package definitions from? <civodul>rekado_: what about using method #1 and logging in as root over SSH? <rekado_>civodul: well, that would be too easy! <rekado_>I guess it’s fine to do this in isolated VLANs <ng0>oops, too little information. I meant to an operating system configuration <ng0>so there was a way to pass it differently than (use-package-modules foo schnickens bar) if you need package definitions in the OS from 'foo' 'schnickens' or bar <civodul>rekado_: i don't see how #2 would work actually <rekado_>civodul: it might work to start a guile ssh session *on the remote* to ssh from admin@localhost to root@localhost <rekado_>but that’s hardly better than using SSH to connect as root@remote <rekado_>I’m a bit uncomfortable with root SSH. I’d be happier if only grub-install and the system switching happened as root, while everything else ran as an unprivileged user talking to the daemon <ng0>roptat: do you have an example I could look at how this would be used in a config.scm ? <roptat>there's an example in the manual <rekado_>but if we assume that the remote system has a guix-daemon that runs as root, then maybe we could let the daemon spawn a command to switch to the new system. <civodul>rekado_: that's what would happen: only the side effects (grub-install, activation, etc.) need to run as root <roptat>ng0: quoting the manual: (packages (append (map specification->package '("tcpdump" "htop" "gnupg@@2.0")) %base-packages)) <ng0>there is? then I have been reading an old manual version. thanks <rekado_>civodul: I just saw your email about the memory corruption bug. Exciting! <rekado_>civodul: I’ll try this on the big machines tomorrow, as I’m a bit short on time today. <rekado_>thanks so much for investigating this! <civodul>rekado_: cool, let's see whether it works! <civodul>64 "guix offload" processes on berlin :-) <Apteryx>I get a gnu-tls error on my side, only for bayfront. <Apteryx>The error is: ERROR: Throw to key `gnutls-error' with args `(#<gnutls-error-enum An unimplemented or disabled feature has been requested.> peer-certificate-status)'. <efraim>gcc-5.5.0 doesn't have a .tar.bz2 image, suggestions between .tar.gz or .tar.xz? <efraim>6 and 7 use .tar.xz it looks like <mb[m]2>Oops, looks like the xorg-server-1.19.3 unhiding caused a lot of rebuilds, not sure how I didn't notice before now. I reverted it, hopefully users will notice :/ <mb[m]2>civodul: is it okay to start an evaluation? I see the queue is stopped. <mb[m]2>Oh wait, new xorg-server with lots of security fixes.