<pkill9_>as in, automatically adding the "replacement" field to a package <usney>ArneBab I didn't think it would be because ubuntu decided to drop 32bit support so that means trisquel will soon too. <ArneBab>oh, it’s still 32 bit … then you might be right, yes. <pkill9_>i think it would be reasonable possible considering package-input-rewriting is a think <ArneBab>usney: then it would be a good fit for the laptop. I’m especially fond of the ability to actually shut down at almost any time without messing up my system, because guix updates are atomic. <ArneBab>for a laptop that should be pretty handy. <ArneBab>I mean that the update first finishes, and then guix only sets one symlink to switch my system to the new state. <ArneBab>when I shutdown while the update is halfway through, my system will be just as it was before the update <raingloom>hiya! if something doesn't have tagged releases, what should i write in the version field? <usney>or is it not compatible with gnu fsf license guidelines? <pkill9_>that's a huge reason i like guix system - you can cancel the system upgrade without breaking your system <lfam>raingloom: And for an example, the package definition of asignify <lfam>If they've never made a tag, use "0.0.0" in the place where you see "1.1" in the asignify package definition <minall>I'm unable to connect to gnu.org, but I have internet... <lfam>minall: Did you do anything unusual, such as use nmap on gnu.org? <lfam>I've noticed they will ban your IP if you do that <pkill9_>why don't they just block nmap usage on gnu.org? <minall>Mh, I didn't know the command nmap, so that's a no <minall>The OCSP response is not yet valid? <vagrantc>nmap is a port scanner ... not sure you can trivially fingerprint it <vagrantc>enough to distinguish from legitimate traffic <vagrantc>it would require stateful packet inspection or something, which is a fair amount of hassle <pkill9_>my router sucks, keep getting (DUP!) with ping, i restarted it which fixed that temporarily, seems to just be with wireless <quiliro>Ĉu oni povas instali Guix-on kun Guix-o? <quiliro>Mi havas diskon en kio mi volas instali Guix-on. Mi volas konekti ĝin al mia komputilo kun Guix-o kaj instali Guix-on en tio. Tio disko eniras al alia komputilo. <civodul>vi povas uzi "guix system init /mnt", kie /mnt estas via disko <quiliro>Do...Ĉu mi povas uzi la manualon kiel se mi havis malŝalti kun la instala medio? <quiliro>if i use emacs-guix, will i be able to reconfigure? <quiliro>in other words: is it possible to reconfigure by way of emacs-guix? <PotentialUser-92>I tried guix at 1.0.0 and did the install running into the major bug straight away. Good to hear that was fixed. <nly>have you tried the shell installer script? <nly>1 sec, trying the gpg key download <nckx>PotentialUser-92: Unfortunately, those key servers are basically dead. <nckx>It's not really a DoS. They're just broken in a way that can't be fixed. <PotentialUser-92>My over all point is there should be more than one official way to validate the downloads. <nckx>The reddit error above doesn't look related. <nckx>PotentialUser-92: What do you mean? *nckx updates the manual. <PotentialUser-92>importing the gpg key above and repeating the 'gpg --verify' looks more successful, thanks <nckx>PotentialUser-92: Could you paste the full command & output (pastebin in channel topic)? <PotentialUser-92>I even had to type that in because all paste operations want to go to that <nckx>That's outside of our control. Just use paste.debian.net; it works. <nckx>Thank you! I'll send civodul a message that their key has expired. <nckx>*their key on Savannah, they probably already uploaded it to a keyserver like a good citizen. <nckx>PotentialUser-92: If the site is compromised (in order to upload malicious tarballs), then so are any checksums on it. The attacker would simply change them too. The key server thing is unfortunate, but this can be solved by updating the manual (it was simply an oversight) and Ludo' uploading the refreshed key. <PotentialUser-92>He may have uploaded his refreshed key but that doesn't get it to a key server that doesn't work. <nckx>It does when I update the manual… <PotentialUser-92>Re your point above: If the site is compromised (in order to upload malicious tarballs), then so are any checksums on it. <nckx>Just compromise both hosts. <nckx>If there's a distro out there that touts checksums as a security measure (which they can't provide) because the checksums ‘are hosted on a different host’, run. <nckx>They are either misinformed or deliberately misinforming. Being a cynical bastard, I'd go for #2. *nckx has no idea when the gnu.org copy will be updated but the wget command is in master now. <PotentialUser-92>"Just comprimise both hosts", I hope your private keys are more in order than your public keys. <zacts>PotentialUser-68: I think that weechat runs on guix. if it does, it's what I like. I'm not yet on guix though <nckx>I don't have any private keys. <nckx>And I'm glad I don't know how Ludo' manages theirs. I don't see how the two are related. <zacts>PotentialUser-68: are you familiar with the command line well though? <zacts>maybe a GUI client might work better <zacts>weechat is reliable, but it takes a lot to get setup for a beginner <nckx>zacts, PotentialUser-68: Guix has [at least]: ircii, weechat, sic, irssi, epic5, on the CLI; bitlbee, hexchat, and quassel in pixelland. I don't know how solidly they are packaged. <nckx>I only use weechat & hexchat; both are eminently usable on Guix. <erudition>You can also use Riot if you want something modern. <nckx>PotentialUser-68: We also have emacs IRC clients emacs-circe and presumably erc! <nckx>PotentialUser-68: I can't really compare Hexchat and weechat. One is very GUI, the other is not. I use both, I probably wouldn't if I thought one was ‘better’. <PotentialUser-68>It's ok, I'll test both then, thank you. About of IRC clients emacs, I prefer independent applications <Tazy>is there a list of which pkg have been build for x packages? <Tazy>can't tell if i failed to setup binary pkg or just aarm64 is...rather void of prebuild pkg <apteryx1>hi! i'm trying to mount a btrfs partition using the the Guix live installer, but there is no btrfs support builtin the kernel :/ <rekado_>the installer script no longer fetches the GPG key from the SKS server pool. <rekado_>so that problem would only happen with an installer script older than one or two weeks. <rekado_>ugh, just read the rest of that exchange… <PotentialUser-57>I am trying execute a script on boot on Guix but /usr/bin/env doesn't work. Any idea? <roptat>PotentialUser-57: I'm not om a computer, but I think you need to extend an activation-service-type in your configuration <roptat>Something like (simple-service activation-service-type something) <roptat>But I don't remember exactly what that something should be ^^" <roptat>It certainly contains a script as a gexp at some point, so you create a guile script, or anything and call programs by their guile variable name <rekado_>PotentialUser-57: no, you don’t have to write your scripts in Guile. <rekado_>PotentialUser-57: to make /usr/bin/env available look up “/usr/bin/env” in the index of the Guix manual. <rekado_>It directs you to section 8.8.1 “Base Services” <rekado_>There it describes how to use “special-files-service-type” to make /usr/bin/env available. <apteryx>is anyone using Guix System on a Btrfs subvolume root? I have to manually prepend my subvolume name to the initrd and bzImage paths in the generated Grub entries so that it boots. <apteryx>(e.g., instead sy a /gnu/store/... path, I must write /rootfs/gnu/store/...) <apteryx>where rootfs is the subvolume name of my "/" tree <SidharthArya>Hi, i am able to boot into guix sd installation disk. It says unable to mount root fs. <rekado_>SidharthArya: are you sure that the installation medium is not corrupted? <SidharthArya>rekado_: I am not. So first i should write zeros then disk image ? <rekado_>SidharthArya: no. Have you checked the integrity of the download? <rekado_>we recommend checking the signature. <pkill9_>im reading guix/build-system/gnu.scm but i don't understand how the build systems work nowhere does it seem to invoke a command <rekado_>pkill9_: try guix/build/gnu-build-system.scm <rekado_>guix/build is for code run in the builder. <pkill9_>is that like, the public api for the build system? <rekado_>pkill9_: there are two stages when building packages. <rekado_>there’s code that’s used “outside” and code that’s used “inside” a build environment. <rekado_>we say that the “outside” part is run on the “host side” <rekado_>PotentialUser-18: if you want software to be installed system-wide is either has to be done in the operating-system configuration or for read-only access a single user can install software to a globally accessible location with “guix install -p /the/location …” <PotentialUser-18>I'm used to apt-get/yum install gawk which provides it to the whole system. Is the OS config /etc/config.scm in this case? <roptat>there is a packages field in the os-configuration <roptat>that's where you put globally-visible packages <PotentialUser-18>what's the best was to kick it off once modified? I'm doing this: sudo guix system reconfigure /etc/config.scm <PotentialUser-18>but it's in a VM from an image so it looks like it's downloading the entire system <rekado_>PotentialUser-18: Guix will only download what’s not in the store yet. A change of the version of Guix used to build a system will likely result in differences that require a download. <PotentialUser-18>'hello' made it in so I tried another 'xeyes' (just trying for small packages) it says <PotentialUser-18>I would recommend a section in the manual covering system wide package installation. It's the most basic of operations on the distros others are coming from so it should be made much more clear. <rekado_>PotentialUser-18: it’s already in the manual <rekado_>I also disagree with the assertion that this is the most basic of operations. On Guix it is not. <PotentialUser-18>" It's the most basic of operations on the distros others are coming from" <rekado_>Guix is a per-user package manager, so installing packages globally is much less important when using Guix. <rekado_>there’s a section named “Globally-Visible Packages” in the manual <roptat>nicely named "globally-visible packages" :D <roptat>mh... I think if you use specification->package, you don't need to import any module <roptat>what does your first attempt look like? <roptat>you do only if you refer to packages by using their variable <roptat>the second example shows how to use specification->package: "To avoid that, one can use the specification->package procedure" <roptat>that procedure takes a list of strings, instead of variables ***ChanServ sets mode: +o civodul
***civodul changes topic to 'GNU Guix | 1.0.1 is out! get it at https://guix.gnu.org | videos: https://guix.gnu.org/blog/tags/talks/ | bugs and patches: https://issues.guix.gnu.org | paste: https://paste.debian.net | Guix in high-performance computing: https://hpc.guix.info | This channel is logged: http://logs.guix.gnu.org/'
***lx0 is now known as lxo
<quiliro>Mi havas problemon kun gdm-on. Ĝi ne montras la priskibon de la uzanto, nur la nomon. <quiliro>mi uzis sudo -E guix system reconfigure config.scm <civodul>quiliro: ĉu estas priskribo en /etc/passwd? <quiliro>ĉu eble estas la priskribo tro longa? "Ana Lucia Barahona Escalante" <djaska>hi, is it possible to print out the scheme configuration of a working guix system? <vagrantc>i've heard it transforms it into a guix system ... but you might have some manual cleanup left to do <vagrantc>usually i've just made a new chroot so i have the debian system as a recovery system <vagrantc>i've done the install debian, binary guix install to new partition dance for a handful of armhf and aarch64 systems since there isn't really a guix installer for those platforms <Dynamicmetaflow>I'm using Qubes and I've managed to install guix on top of debian and been trying to figure out a way to only have guix in a templatevm <vagrantc>maybe someday i'll be "brave" and just go directly to guix system reconfigure :) <Dynamicmetaflow>If the guix system reconfigure works like you say it does, it saves me time from trying to create a templatevm from the tools that qubes provides <vagrantc>just to be clear, i haven't actually tried it myself! <Dynamicmetaflow>Yesterday was able to in a qubesvm to install emacs using guix, had to manipulate some of the shortcuts but works <nly>i have tried that before <nly>guix system reconfigure on nixos <nly>running the same guix system even now <nly>that was at the time of 0.16 <nly>but granted removal of Nixos might be easier than a standard distro <Dynamicmetaflow>I would be deligthed if I could use Qubes VM and have the VM's be based on guix <Dynamicmetaflow>Anyone know of a vanilal system-config that I could wget easily to test this out <quiliro>djaska: that would be great...i do not know if it is possible....the most i have been able to do is use emacs-guix to see in an easier way which does what <quiliro>civodul: ĉu vi pensas ke la priskribo estas tro longa? <quiliro>Dynamicmetaflow: si especificas en tu archivo de reconfiguración al otro sistema con grub-configuration y tomas en cuenta la definición correcta de las particiones, teoricamente no perderías tu otro sistema <quiliro>Dynamicmetaflow: pero se me ocurre que puedes ejecutar qubeos en ua máquina virtual dentro de guix! <quiliro>qubes -> vm debian -> guix ? o: qubes -> vm debian -> vm guix system? <Dynamicmetaflow>al momento es qubes -> vm debian -> debian + guix package manger(instalado ensima) y lo que quero hacer es qubes -> vm debian -> vm guix <Dynamicmetaflow>testing out guix system reconfigure from a qubes debian vm installation <djaska`>I installed guix on trisquel and with it i installed emacs. now is possible to call emacs just from command line, not from gui, do you have any ideas about this behavior? <mbakke>rekado: Berlins clock seem to be 7 minutes off. <Dynamicmetaflow>djasja I would check the shortcut that was created in the gui and make sure it's pointing to the emacs path somewhere in /gnu/store if I am correct <djaska`>I've created an alias in bashrc so the shortcut should refer to the correct path. <djaska`>no that was the state before the question. Look like that from gui `emacs` means something and from terminal something else. <djaska`>i don't write the absolute path because i guess that the version of emacs changes the absolute path changes too. <nly>the latest emacs should be linked to .guix-profile/bin/emacs, the path may not be 100% accurate <nly>find .guix-profile in $home <djaska`>ohhh yes... i totally forgot .guix-profile directory. Thank you! <Tazy>has rust been build for aarm64? <mbakke>Also, evolution-data-server is the only remaining dependency of GNOME that is failing on core-updates. Hint, hint :P <samplet>Coincidentally, that is what I was working on before you pinged me! :) <samplet>mbakke: I’m leaning towards populating “/etc/timezone”, but that’s because reading the symlink seems really bad (even if it’s common). I imagine that the symlink approach would make us a little more like other major distros, which might mean avoiding issues in the future. What do you think? <samplet>IIRC, there is a reason it is not a symlink already, too. <samplet>I don’t recall correctly. It looks like “/etc/localtime” has been copied since forever. <mbakke>/etc/localtime being a symlink could lead to issues in some container configurations, or in an initrd without access to /gnu/store. <mbakke>*perhaps, I don't know of any discussions about it. <mbakke>Populating /etc/timezone seems like a reasonable workaround. <samplet>It’s also a one-liner, so that’s nice. <samplet>I’ll test it as part of the testing I’m doing today. <dongcarl>What does the process of merging core-updates into master look like? <samplet>dongcarl: Usually quite a bit of manual testing in addition to fixing problems reported by the build farm. After a while, when the build farm has substitutes for most packages, we merge the changes into master, making them available to everyone by default. <dongcarl>samplet: Understood! How long is the freeze-to-master period usually? <samplet>I’m not too sure. I imagine that this one will be a week or two yet, since it has a lot of really big changes in it. I haven’t looked at the CI results, though. <mbakke>dongcarl: I guess at least 2-3 weeks from now, mostly from waiting for armhf to build the universe. <mbakke>If you have any spare ARM hosts laying around, we'd love to hear about it :) <dongcarl>mbakke: Haha I've got SBCs, so probably not the best for builds... <dongcarl>But are you guys looking for build farm power? Or? <mbakke>We are well covered on x86_64 (and by extension i686), but could use many more aarc64 and armv7 machines. <MH026>dongcarl: the ODROID N2 does have some horsepower tho ;) <MH026>sadly the second these things hit Europe there's like 20 euro mark up, even the Rock64's are double the price T_T <dongcarl>Cool. If we retire any arm machines, I’ll grab them. <dongcarl>MH026: huh... I should look into the Odroid. <Dynamicmetaflow>Greetings, so I'm trying to run guix system reconfigure inside of a vm in qubes, and I get the file system with label 'my-root' not found <Dynamicmetaflow>I'm not sure how to find and or set the label, any pointers would be appreciated <mbakke>MIPS64 and POWER machines would be nice too :-) <mbakke>MH026: We used to have a MIPS64 port, but it was discontinued because of a hardware failure on a build machine IIRC and a lack of interest in replacing it. <mbakke>I think people still use Guix on MIPS64, though. <mbakke>Dynamicmetaflow: What does the file system section of your OS configuration look like? <mbakke>Did you label the file system "my-root" when you created it? <dongcarl>mbakke: There's no support for power9 yet, right? <mbakke>Dynamicmetaflow: You'll need to adjust the "device" section to be either a device like "/dev/vda1" or some other identifier like a label. <dongcarl>mbakke: Lots of Bitcoin Core developers use Talos POWER9, and they've been bugging me to get it on Guix... <dongcarl>Maybe I'll get one of them to donate a machine <dongcarl>Are hardware donations able to be written off for tax purposes? <mbakke>dongcarl: You're making me jealous. <dongcarl>mbakke: Haha yeah, we've got quite a few RISCV64 and POWER9 advocates in our ranks... *dongcarl wishes he could afford riscv64 and power9 machines <MH026>riscv64 gonna run you like 1k right *dongcarl is a qemu riscv pleb <MH026>aarch64 tinkering is hipster enough 8) <lfam_>dongcarl: I'm not sure (not an accountant or tax lawyer) but I think it would depend on who you donate it to. I'd guess it would have to be a US entity <lfam_>mbakke: Should we use it somehow? <mbakke>Perhaps we should recommend that instead of "hard-coding" civodul? <lfam_>For the release signing key? <nckx>Heh, ‘somehow’, I was just going to ask how 🙂 <dongcarl>Huh, what about donations to the Guix project? <lfam_>dongcarl: At this point you'd better ask on the mailing list but I think it could be given to FSF under our care. The main "Guix" org from a legal perspective is Guix Europe which is obviously not USA <lfam_>mbakke, nckx: Not a bad idea, although considering the frequency of releases I don't know if we would gain anything <mbakke>It's a better experience for end users if they should ever want to verify git signatures :) <lfam_>mbakke, nckx: It would be nice if it offered a path to verifying commit signatures but I don't see a future for PGP in Git... I don't know if anyone involved in Git development is thinking about the future of PGP but it seems rather bleak <mbakke>OTOH, anyone could theoretically "forge" a tarball archive, so maybe not. <lfam_>It seems impossible they could remove the feature but they might add something simpler <lfam_>I think if someone is motivated to work on the Guix side of it, we should encourage them, though <nckx>Speaking only of release tarballs/isos etc.: I'm a bit hesitant to replace civodul's key with a full keyring. Is that worth a ‘stable’ URL? <lfam_>It seems like the PGP community is ditching the web of trust. In that case, it doesn't offer much beyond signify for the purposes of signing things <nckx>Interesting that your analysis confirms my gut feeling for a while now. <mbakke>nckx: Dunno, it's probably not worth the effort considering the uncertain future of GPG. <lfam_>It's a very amateur analysis :) Trust your own gut too <dongcarl>signify seems simple and works pretty well 😊 *nckx wishes they could stay & chat but were actually just behind the keyboard to download a film. I'm definitely interested in discussing this further, since ‘trustable Guix pull’ has been on the to-do list for far too long. o/ <mbakke>It would be neat to have more cryptographic libraries available for Guile. <civodul>mbakke, lfam_: i agree that hard-coding my key is not great, though maybe it's ok if it's just for releases <civodul>the real thing being authenticating checkouts <civodul>and i fully agree that OpenPGP is a sledgehammer and not really the right tool here <civodul>unfortunately Git doesn't support anything else out of the box <lfam_>The way forward is unclear... *lfam_ overwhelmed by golang dependency hell <Dynamicmetaflow>Was using Qubes found it cool, realized Qubes is Xen + other tools for working with VM's <Dynamicmetaflow>Was wondering what a setup would look like using Guix and Xen together <str1ngs>Dynamicmetaflow: guix can build qemu images, not sure if you are aware of this? <str1ngs>also guix can build containers if you are looking for process isolation <Dynamicmetaflow>I'm trying to wrap my brain around xen and how qubes uses it and also realized that guix has a xen package, so trying to imagine if it would be possible to create a qubes like setup with guix <str1ngs>I would try the guix way , before trying to adapt something to work with guix first. <str1ngs>guix has containers and VM's try those primitives first see what the millage is first IMHO <MH026>qemu gets stuck on booting on hard disk every time, no matter the system or image... could that be because I need to supply UEFI firmware? <ng0>Dynamicmetaflow: back then I worked a bit on an initial xen package, but no usable endresult <ng0>if you want to get your hands real dirty, it's out there. but presumable requires further porting once it builds <Dynamicmetaflow>When searching guix packages, I found a xen package, pardon my ignorance but would I need additional packages or is there something I'm not seeing here, I'm new to xen etc, always heard of it but never tried it out https://hpc.guix.info/package/xen <ng0>ah, interesting. then hpc guix worked on it too <mbakke>lfam_: Speaking of golang, it would be neat to get rid of the GCC6 input on 'core-updates' :-) <ng0>i haven't checked in guix for a long time, so it might as well be in guix master.. no idea. <lfam_>mbakke: Is GCC6 the new default? <ng0>still planning to get some of my patches rebased and send at some point again.. like I'm not particularly happy if Nim is still in the state i found it in <Dynamicmetaflow>or if you would be so kinda could you maybe illustrate an example of how xen and guix packages/features could work together <ng0>Dynamicmetaflow: no idea <ng0>like I said, I barely got it packaged, outside of guix <ng0>my comment back then said: ;; FIXME: Early stages: It builds, but you can't use it to build a functional Xen system. <ng0>since a lot of time went into this keeping the authors (dvn, and myself) would be appropriate. <ng0>before I dropped this prototype, I was basically working on a third form of the nim buildsystem and might've included notes somewhere on the good and bad parts <mbakke>civodul: In related news, I'm afraid the glibc upgrade broke cross-building for Hurd. <mbakke>That looks like a good starting point for a proper Guix System port though. <civodul>mbakke: what makes you feel afraid? :-) <mbakke>civodul: Lol. I'm afraid I'll have to fix it myself :P <mbakke>civodul: I think we are ready for the full core-updates rebuild on Berlin. <lfam_>No, they are tested and built on their on core-updates branch before being merged into master