***rvgn4 is now known as rvgn
<rvgn>rekado Not pressuring or anything, is there any update on Evolution packaging? <rekado>rvgn: I did not volunteer to package this for you. I only asked for details. <rekado>however, I *did* in fact already package it <rvgn>rekado Ah I see! I would have misinterpreted. Sorry, my bad. <bendersteed>hello everyone, does anyone else has problems updating icecat? I get that the derivation of of rust 1.1.9.0 couldn't be built <rvgn>bendersteed Do "guix package --delete-generations" --> "guix gc" --> "guix pull" --> Then "guix package -u". <rvgn>That solved the issue for me. But no idea why and how. <rvgn>rekado Should I search for "evolution" or "gnome-evolution" or "evolution-mail-client"? Thanks! <bendersteed>when defining a package can we define that it needs a certain version of an input? <roptat>not exactly, but you can create a variant with that version and use it <bendersteed>so, if I understand correctly, this means a derivation? <roptat>an example of this is guile-for-guile-emacs <roptat>it's a bit more than just a specific version, it has different inputs too <roptat>our guile package would not work with guile-emacs, so we have a specific recipe for the guile we need <roptat>that creates a different derivation (even though it has the same name) that is then used when building guile-emacs <bendersteed>but it seems a little too much work for what I wanted to do <roptat>if you can already use a guix package, just use it, and maybe add a comment that says that your package needs a specific version? <bendersteed>I think I need to research a bit more, I'm pretty new in guix <roptat>don't hesitate to ask if you need help with that btw ;) <bendersteed>indeed, my setup works right now and I've already starting deploying rails apps with it <bendersteed>but I just need to put my head around it a bit better ***buffet- is now known as buffet
<nckx>sneek: later tell rvgn: Just search (guix package -s) for ‘evolution’. That's what ‘search’ is for ;-) <nckx>sneek_: later tell rvgn: Just search (guix package -s) for ‘evolution’. That's what ‘search’ is for ;-) <bendersteed>after cleaning generations and gc i still can't get rust-1.19.0.drv to build <nckx>C Compiler failed to execute (system returned -1) | system: Cannot allocate memory <nckx>bendersteed: Cleaning generations and GC'ing won't give you more RAM, I'm afraid. <nckx>bendersteed: How many RAMs have you? Passing -{M,c}1 to the daemon might help if yours is currently configured to run multiple jobs in parallel. That and swap. Both will make this long build take even longer. <nckx>bendersteed: Also add -{M,c}1 to the command line just to be sure. <nckx>8GiB seems like it should suffice. Weird. <roptat>just wanted to say that a build of rust 1.19 failed on my machine with 8GB of ram yesterday too, but running it again worked (I left it running and this morning icecat was built) <roptat>I think the only difference between the two attempts was that I closed my current icecat to get some ram back :) <roptat>oh and installing guixsd on the ssd instead of the sd card was the right thing to do, no filesystem corruption after my guix pull :) ***rvgn is now known as Guest24165
***rvgn-net is now known as rvgn
*nckx no longer cares how premium they claim to be; SD cards are teh suk. <roptat>now the only issue is that a lot of builds are missing for armv7 on the build farms :/ <OriansJ>nckx: flash memory went to shit the day they went from single layer to probablistic packing. <efraim>I fixed bennu-game-development for armhf and aarch64 <nckx>OriansJ: I like that term. <OriansJ>nckx: no, actually the current industry standard for the behavior of FLASH memory; as one bits are actually stored and the logic is used to determine the probability of the set of bits that are stored in the cell with a given probability of being guessed correctly <nckx>OriansJ: Sure, but I've never heard MLC &c. called ‘probabilistic’ storage. That I like. <nckx>Then again, I haven't heard it called much at all since I don't tend to have many moonlight conversations about flash memory. <OriansJ>nckx: it was recently discussed inside the State of Michigan security offices involving Nexus Intruder attack hiding in modern FLASH and possible mitigations to allow detection. <OriansJ>Short version: even an electron microscope wouldn't be able to spot selective tampering logic in modern FLASH as the quantum interference patterns of the cells are quite proprietary. <nckx>OriansJ: Would FDE side-step that, tho'? (Not that seeing another core component vanish entirely behind the veil of suck doesn't, well, suck.) <nckx>^ interesting by the way; did not know. <OriansJ>nckx: well Full Disk Encryption would help prevent targeted pattern manipulation attacks on storage only partitions; but ultimately running binaries need to be stored some where unecrypted (even if it is only grub and the rest is loaded from encrypted storage) <nckx>OriansJ: Libreboot + human-inspectable (P)ROM, but point taken. <OriansJ>So even if the FLASH itself is entirely good and non-malicious; one also has to worry about the 32bit processor with ROM and RAM that is one the SD/SSD can tamper in remotely triggerable ways *nckx is probab(heh)ly going to order their first Librebooted laptop. <OriansJ>In the end, only libresilicon is going to solve the Nexus Intruder class of problems but they are still about 10 years out from being viable for Server environments <nckx>OriansJ: Are you (/your employer) involved in such development at all? *nckx considers this borderline on-topic but is open to loving correction. <OriansJ>nckx: I work for the State of Michigan as a Computer Security and Reliability Engineer. So we do not make hardware but we do care about the hardware we buy. <nckx>OriansJ: So financial support in the we'll-buy-it-when-it-exists sense. <OriansJ>nckx: lets just say although the technical workers are quite tech savy, the management is generally a different story. For example: we reported to management (all the way up to the CTO too) that Windows 10 does not comply with HIPAA and should not be used in environments where HIPAA data exists and the CTO ordered all Agencies and Departments to migrate to Windows 10 immediately (Including those covered under HIPAA). So we have people <OriansJ>who are explicitly told what they are doing is a volation of Federal law and then proceed to do it anyway because "metrics". <OriansJ>Then again the regulating agencies don't read technical analysis and don't realize that Windows 10's Telemetry violates HIPAA, despite there is a very trivial vulnerability in it that allows an attacker to literally grab any file off the Windows 10 machine they desire at any time without any restrictions. <OriansJ>Or my absolute favorite Governer's Initiative to eliminate a SOM datacenter by renting space from a company (that they personally held an interest in) in a building that we gave the company for free and then they never bothered to do a fire inspection on (because it wasn't up to code and would have cost money to fix the issues) and the team pointing out that the lack of Fire Inspection prior to moving servers to that building was the <OriansJ>ones that got in trouble (because you know shoot the messengers) <nckx>Didn't ‘guix gc -d’ use to print how much G was C'd? <nckx>OriansJ: (Re: Windows 10) I… how… what? <OriansJ>nckx: The How is still under Embargo with Microsoft (600+ days and counting) and the What is Telemetry is a service that can't be disabled on Windows 10 that is designed for retrevial of files off of systems by Microsoft for the purpose of getting test data for fixing bugs in their product; it bypasses all Windows firewall rules and routinely punches holes in your network firewalls to allow Microsoft to directly command your Windows 10 <nckx>I really want to type something but I actually just can't. <nckx>No, I mean, I'm speechless. <nckx>I know I live a sheltered life but crikey on a stick. <OriansJ>Why do you think Michigan has the reputation of having the best Security team in the country but also is known EPIC disasters where whole teams of contractors who still don't know what the problem with unecrypted passwords being sent over the network? *nckx does their best to resist the tempting defeatist answers that won't help solve the problem. <OriansJ>When promotions are based upon dollars in budget and meeting checkbox deadlines; what sort of people do you expect to be running the place? Those with technical talent or those who keep the revolving door of outsource contracts flowing? <OriansJ>For example, last year I single handedly replaced a $24M system that costs $6M per year to keep running with a better engineered solution that cost $22k and only $2K per year to keep running. For that success, my manager missed out on their bonus and guess who didn't get high performing on their performance review? <OriansJ>But all this isn't on topic; so if you wish to continue this, feel free to hop on #bootstrappable <nckx>OriansJ: Sorry, I'm too distracted to carry on a conversation right now but thank you for that sobering glimpse into the abyss. I can only hope they pay you well. <OriansJ>nckx: The technical work environment is amazing; it is the political environment that leaves much to be desired and one can easily ignore the political if one doesn't mind watching another train wreak. <OriansJ>ng0: well it is one of those things about my job; I generally either work with the people who are well organized and know what they are doing but are just making sure they didn't miss anything or those that are dumpster fires that are desperately hoping that I can save them from years of bad decisions. Those inbetween generally don't reach out to a Security and Reliability Engineer and thus I never see those projects. <OriansJ>I don't know of any other work place where one can rack up 1K+ RCE vulnerabilities with a single vendor, get a S&D from that vendor and management just shrugs and gently suggests moving on to another project. *nckx fascinates morbidly. <OriansJ>nckx: it also comes with the highest's amount of paid time off in the State (*waits for someone who knows what that means from europe to laugh*) <ng0>Nice :) It's probably lower than our ridiculous high amount of holidays in Germany. <nckx>OriansJ: *Both* Thanksgiving and the Superbowl? Wow. *nckx just typed ‘git stash poop’ and should probably shut up & concentrate. <OriansJ>ng0: (4 weeks but there are sometimes 90+ hour weeks towards the end of Audit season) <ng0>actually that's more time off paid than you get here in average jobs <ng0>of course those don't include the odd 90hour weeks <ng0>"at leastr 24 work days, which is fullfiled given a 5 day week with 20 workdays (= 4 weeks) <OriansJ>ng0: and the only reason that it never gets worse than 90 hours per week is the hourly rate schedule that departments are billed for our time (1x for 0-40, 1.5x for 40-80, 10x for 80+) <nckx>10x sounds downright unamerican. ***jonsger1 is now known as jonsger
<OriansJ>nckx: tell me that after being at work for the last 36 hours straight <nckx>OriansJ: That wasn't negative. <OriansJ>nckx: sorry still recovering from the end of audit season <ArneBab>OriansJ: 90 hours per week sounds horrifying. You should charge 10x at 60+ and 100x at 80+. <OriansJ>ArneBab: well it is one of those things where there is only so much staff and if the Audit work isn't done by hard deadlines; approximately 1M people don't get their welfare benefits (like foodstamps, housing or heating) <ArneBab>so they learn to hire more staff, even if that means having some people paid for just being available <ArneBab>I wish I could just make those rules … <OriansJ>ArneBab: we don't even get the State to pay for a $5 cake for a Christmas office party; extra staff only gets given to the dumpster fire departments. <vagrantc>using GNU Guix today to do something other than work on packaging for guix... watching libreplanet videos :) <OriansJ>ArneBab: For an extra fun twist, managers can't make us work past 40 hours but they can offer overtime pay. <OriansJ>Well Michigan pays generally above scale for everything but technical positions where they pay below market rate. <OriansJ>So private sector fresh out of college Computer programmer $100K/year is common; for State of Michigan, pay is usually $50-70K/year for new hires depending which step on the pay scale they start on. <ArneBab>That’s 50-70k€/year is around what a typical new college programmer gets in Germany <OriansJ>Overtime is generally 1.5x; except during holidays where it is 2.5x and all technical staff is paid hourly <OriansJ>(Think $24-150 per hour depending on level) <OriansJ>America has this weird culture about not talking about how much one is making but position levels are public information (p11 or p12) but that only gives you a range of possible pays sense there are multiple steps inside each pay level <atw>OriansJ, didn't know you were US-based, hello! <atw>let me know if you're ever in Chicago! <efraim>I see shepherd doesn't have any mailling lists and I know it uses #guix for IRC, i assume guix's mailing lists are the correct ones for bugs? <ebrasca>I get this error "make: pdflatex: Command not found" <ebrasca>What package come with pdflatex in GuixSD? <kmicu>Hi ebrasca: I assume texlive-bin. <kmicu>Hi efraim “The guix-devel mailing list is used to discuss most aspects of the Shepherd, including development and enhancement requests. Please report bugs to the bug-guix mailing list, which has an associated issue tracker.” <th-end>hi im trying to install icecat but its taking multiple hours to build and still incomplete--is there a faster i.e. binary solution? <atw>mbakke: I was unable to repro with recent icecat, both with and without grafts. That could be because either I didn't trigger the behavior or icecat no longer exhibits the behavior. I suspect the latter; I have not triggered this behavior in recent icecats since January, iirc <atw>th-end: funny you should mention, I just an icecat build, took about 12 hr I guess <th-end>hour 5, albeit on a core 2 duo x200 thinkpad <atw>oof, let me try to check substitute availability. Bear with me, I don't do this regularly <atw> https://hydra.gnu.org/build/3412318 If I'm reading this correctly, then there should be a substitute available for a two-week old commit of guix, and that that is the newest available icecat substitute. Can somebody check me on that? <rekado>efraim: you use @quot in perl6-json-class, but this is not supported by texinfo.scm <rekado>we get this error when trying to display this package: Throw to key `parser-error' with args `(#f "Unknown command" quot)'. <rekado>atw: consider using ci.guix.info instead of relying on hydra.gnu.org. <rekado>70k per year for an entry level job? *rekado weeps quitely from the public sector <vagrantc>it's a simple commandline utility to manage the screen brightness and maybe keyboard led brightness <rekado>I refered to ArneBab’s comment about Germany <OriansJ>rekado: well Germany also has considerably cheaper healthcare costs than that in the USA