<PotentialUser-52>hmm... no dice setting XMONAD_CONFIG_HOME or XDG_CONFIG_HOME (to ~/.xmonad/ and ~/.config/, respectively... and I've copied xmonad.hs into both, in a new xmonad/ directory in ~/.config) <oriansj>PotentialUser-52: and when you manually compile the file? <oriansj>does it show any issues or errors or warnings? <PotentialUser-52>I'm not sure how to use strace... but I'd be happy to learn. possibly helpful: I was able to get it to run xmonad from my guix profile by installing it as my user, then creating an .xsession script with these contents: `exec xmonad 2>&1 >> xmonad.log`. which gave different output when I removed my user's xmonad <PotentialUser-52>I can't run `xmonad --compile` unless I install ghc/xmonad/ghc-xmonad-contrib into my user's profile (though I could probably if I added ghc to /etc/config.scm) <oriansj>PotentialUser-52: how do you expect xmonad to be able to compile your config without ghc? <PotentialUser-52>that's a good point. I guess I assumed it was sort of built in? will reconfigure as root <PotentialUser-52>my goal eventually is to have a very small system config, and most other stuff in user profiles <oriansj>xmonad is just a library, your config is actually the program running <oriansj>PotentialUser-52: do you mean in terms of number of lines of configuration in guix or in number of bytes required for the final system? <PotentialUser-52>I'm trying to keep the root configuration as minimal as possible (re # of packages/services/anything really), then do most as a user. faster to switch things (no sudo/su needed), can keep more stuff unprivileged (smaller attack surface) <oriansj>PotentialUser-52: then let me save you a few steps <PotentialUser-52>oriansj: thank you. mine is pretty similar (from the installer), with most of the services being provided by %base-services <NieDzejkob>Should file be in %base-packages? (it's not right now) <oriansj>PotentialUser-52: I stripped the base services down to reduce the binaries needed <str1ngs>NieDzejkob: it's subjective it can be added to profile and system packages field <NieDzejkob>oriansj: what happened to line 181? there must be some really strong sideways gravity over there <NieDzejkob>str1ngs: Well, it's a question of defaults. I'd argue things like file or man-pages can be considered an integral part of a UNIX system, and you can likewise subtract packages you find redundant <PotentialUser-52>eventually I'd like to run unprivileged X, but for now it's okay to have some of this stuff in there. after getting xmonad working (still reconfiguring) I just need to figure out a nitrokey <oriansj>PotentialUser-52: urandom is just a link to /dev/random because enthropy is cheap <oriansj>PotentialUser-52: never trust software when it comes to randomness ever <str1ngs>oriansj: special-files-service-type can be one service with multiple files. encase you are not aware <PotentialUser-52>I (having no experience w/this) heard /dev/random wasn't great, and would assume the service is helpful? <str1ngs>oriansj: also ("/bin/sh" ,(file-append bash "/bin/sh")) should work as well. i'm not sure what canonical-package does do you? <oriansj>str1ngs: I was not aware but then again I have been ass deep in the bootstrap for the last 3 years <oriansj>PotentialUser-52: /dev/random blocks when it runs out of enthropy, /dev/urandom doesn't <oriansj>str1ngs: it uses the bootstrap binary package if I remember correctly <PotentialUser-52>ohh interesting. so /dev/random is more theoretically secure? at any rate I'll probably stick with %base-packages for the time being, but appreciate seeing your config, to see how far it can get stripped down <str1ngs>oriansj: I'm just reading the doc string. seems to handle inheritance some how <str1ngs>oriansj: I like the minimal services. this has a nice what you see is what you get effect.. thanks <calher>Doesn't Guix break the design of suckless programs? <str1ngs>what do you mean by repackaging all the time? <nckx>calher: Not more than any other distribution that packages them. It should be trivial (by Guix user standards) to write your own customised version with inhert + your favourite #defines. <str1ngs>oh, but in this case it actually useful since it's repeatable across machines <str1ngs>though for dwm I always just used ~/src/dwm anyways :P <nckx>I agree (I think đ ) with str1ngs: Guix in fact *improves* suckless programmes. <calher>It would be weird to see a Suckless Guix System. <str1ngs>well suckless philosophy is everything sucks anyways. just this suckless so saying guix suck is still keeping suckless philosophy :P <calher>Is there such a thing as a guest user account in Guix like in Trisquel? <nckx>PotentialUser-52: No, that's just a common misunderstanding of entropy. The rule is: always use /dev/urandom, unless you think you need /dev/random, in which case use /dev/random anyway because you're wrong. (Not my rule, upstream's.) <PotentialUser-52>oriansj: do you know if I need gcc as well? now I'm getting "gcc: error trying to exec 'as': execvp: No such file or directory" <nckx>* âuse /dev/urandom anywayâ, sigh. <nckx>PotentialUser-52: If you do, install gcc-toolchain, âguix install gccâ won't work. <nckx>calher: I doubt it, but I'm not familiar with Trisquel. If it's anything magical: no. <str1ngs>oriansj: this hack made me lol echo -e "o\nn\np\n1\n\n\na\nw" | fdisk /dev/sda <calher>Perhaps I could try making a Suckless system on my Chromebook with Guix System. <PotentialUser-52>for the logs: the solution was to install ghc/ghc-xmonad-contrib (because my config uses it)/gcc-toolchain. I don't think the XDG_/XMONAD_ vars were needed <nckx>PotentialUser-52: Thanks for testing that. <NieDzejkob>is there a less mouthful alternative to readlink $(which SOME_BINARY)? <NieDzejkob>I mean, I could make an alias, but I feel like what-is-the-store-path-of-this-package would be a common task <NieDzejkob>similarly, "what files does this package provide" <nckx>NieDzejkob: find `guix build package` will tell you that. <pkill9>i like to do `ranger $(guix build package)` to look through the package <nckx>Yeah, the nice thing about it is you can s/find/ncdu/ or whatever you prefer, I'd (personally) rather *not* see such trivial Unix-101 things hidden behind a guix command that's as long if not longer. <nckx>And completely breaks this model. <NieDzejkob>I didn't realize guix build outputs the path (and only the path) to stdout :D <nckx>As much as I'm weary of Unix and those who espouse its âphilosophyâ, when it does work, it's glorious đ <nckx>NieDzejkob: Your mails have arrived! \o/ <nckx>Possible, I just opened my box. <NieDzejkob>(I have a vague feeling that might not be very grammar of me. Either way, good night) <ngz>Hello. I'm trying to define a function (i.e., with `define' keyword), within the `begin' statement from the trivial build system, but Guix won't let me do that (syntax error). What is the correct way to define a local helper function in this case? <NieDzejkob>describing how you wrote the code is utterly unhelpful. Paste the code you actually tried to use (hastebin or similar service if more than a few lines) <ngz>The problematic part is the define near the beginning of the begin statement. <NieDzejkob>what's the error, exactly? I think I recall something about (use-modules) not being allowed in this position, but I might be wrong <NieDzejkob>yeah, I think that's what #:modules is for instead <ngz>I think it is really related to the define part: without it, there is no syntax error. <ngz>At least the beginning. <NieDzejkob>Remove the use-modules anyway. IIRC define in a begin has to go before everything else <ngz>Same error without the use-modules. <ngz>So, what would be a proper way to write that? <leoprikler>Quick question, why would you even want to write code that way? <leoprikler>The inner define could either be let-bound on that level or you could use letrec, both of which are cleaner. <ngz>Well, This is exactly what I am asking: how to do without the `define'. <ngz>So, (let ((helper (lambda (x) ....))) ...) would do? <ngz>The lambda and the indentation are not as nice, so I thought this was frowned upon. <leoprikler>(let ((test (let ((helper 1+)) (helper 41)))) test) <leoprikler>and yes, usually you'd try not to nest your lets too deep <leoprikler>but doing (begin ...) inside a let has the same effect and would be frowned upon in a similar manner even if it was legal (which it is not) <ngz>OK. Thank you. I'll see what I can do with my `let's. <leoprikler>The letrec* paper also has some nice opinions on this. <leoprikler>As far as your specific error in guix is concerned, would it not be better to use g-expressions? <ngz>I don't understand what is a g-expression, or more precisely, I haven't considered yet it could be of any use to me, so I didn't bother. <leoprikler>Basically, what you could do instead of generating the executable and desktop file through a procedure⌠<leoprikler>your indentation game is weak, but otherwise it should be okay <ngz>You mean, the desktop file? <leoprikler>also, just as a question, what is the benefit of having one package with every version of lure vs. multiple versions each with one language? <nckx>leoprikler: What's wrong with the .desktop file? <leoprikler>there will be extra whitespace at the start of the lines <nckx>leoprikler: No, that's what ~@ is for. <ngz>Unless I don't understand the "~@" <nckx>This style is very common in Guix (if not the norm). <ngz>About the one output per language instead of one package per language, well, no strong reason, but since there is a single game, there should be a single package⌠<leoprikler>I think it would greatly simplify the build if you had a 1:1 ratio, because then you could write a (lambda (language) (package ...)) <leoprikler>you can still tie them together into one big package as done by sdl-union afterwards <ngz>That's probably out of my league for the time being (also sdl-union is very brokenâŚ) <KE0VVT>I just booted Guix System installer on my Samsung Chromebook 3. The keyboard does not work. <nckx>Does using multiple outputs like this drastically cut down build time & storage required? I'm too tired to find out, but it could be a valid reason. If all the outputs are the same size, I'm with leoprikler: separate packages would be easier to read. <nckx>KE0VVT: Still, that's not a bad start. <leoprikler>reading the recipe it appears to be different language versions of the same game <ngz>All outputs are exactly the same size <leoprikler>ngz: alternatively to sdl-union, you could make a meta-package with propagated inputs <KE0VVT>nckx: I don't know how to try to progress any further with the install. I don't have an ext. keyboard and my sole USB ports are plugged up with the installer USB and a Wi-Fi adapter. <nckx>That was my impression from reading it: complete stand-alone games, just with different strings in them. That's not output material I'm afraid. <ngz>I think that's an unusual, yet appropriate way to use outputs :) <ngz>leoprikler: A meta package of what? You probably don't want to install the game more than once. <nckx>Disagreement? On the Internet? I think now we must fight to the death or say something rude about our mothers or something. <nckx>But I'm too tired for that & bid you all good night đ <ngz>Besides, I have another strong point: I don't know how to do anything else <KE0VVT>I guess I'm at a dead end. I'll post the results to the list. <leoprikler>Not knowing better is hardly a good reason; people in the mailing list will ask you to clean up your code regardless. <nckx>KE0VVT: I had some luck adding atkbd to initrd-modules but I think that was with a custom kernel. <ngz>leoprikler: well, to be fair, it _is_ clean. <nckx>ngz: Hehe. I don't think the output style will make it through review but you're welcome to try. Posting âthis is the best I can do, please commentâ patches to guix-patches is *absolutely fine* by the way. People seem to forget this. <nckx>KE0VVT: bug-guix@gnu.org. <nckx>leoprikler: They will do it for you if ask nicely though. <ngz>Fine. Let's play. I'm going to submit it on the ML :) <ngz>In the worst case, I'll learn something anyway. ***catonano_ is now known as catonano
<ngz>3 am: time to sleep⌠<dctrud>Hello all. Has anyone gotten LUKS on top of an MD RAID array working for an additional non-root fs? <dctrud>I can manually mdadm assemble, cryptsetup luksOpen, mount okay - but trying to define in my config.scm it will fail telling me there isn't a LUKS device <Gooberpatrol66>is there documentation somewhere of all the guix modules and what they do? <bandali>besides the manual, and possibly comments in each module, not sure <Gooberpatrol66>does the manual acutally list all the modules? I can't find anything <str1ngs>oh, I just discovered M-x: guix-set-emacs-environment <janneke>str1ngs: i had been using a much hackier version of that until i finally cleaned it up and contributed it :) <ngz>Hello. When trying to package sdl-pango, I get the following compilation warning: http://paste.debian.net/1123136/ It isn't fatal, but shared libraries are not created, which is not what I want. I tried to add "glib", "gtk" to the inputs, I even tried to use glib-or-gtk-build-system to no avail. Do you have any idea about what is wrong here? <dadinn>I have just noticed something in the docs about the system-config file data format. <dadinn>it says at https://guix.gnu.org/manual/en/html_node/File-Systems.html#File-Systems that I quote: "When the source of a file system is a mapped device (see Mapped Devices), its device field must refer to the mapped device nameâe.g., "/dev/mapper/root-partition". This is required so that the system knows that mounting the file system depends on having the corresponding device mapping established." <dadinn>As I understand, a few lines below it explains that there is a supported "dependencies" field, which can have "mapped-devices" as option, therefore I think the above quoted paragraph is unnecessary and incorrect <dadinn>I was actually worried that such dependencies are checked based on string paths for device name, but happily noticed that the dependencies field gives a more explicit way to record it instead <NieDzejkob>dctrud: Have you tried defining the mapped devices in the order they would need to be mounted in? <ngz>When trying to package sdl-pango, I get the following compilation warning: http://paste.debian.net/1123136/ It isn't fatal, but shared libraries are not created, which is not what I want. I tried to add "glib", "gtk" to the inputs, I even tried to use glib-or-gtk-build-system to no avail. Do you have any idea about what is wrong here? <janneke>ngz: hard to tell; iwbn to see the linker warnings. i do notice that you include (-I) harfbuzz but have no library path set, and libtool gets the -no-undefined flag <ngz>janneke: Do you mean 1) I should add harfbuzz to the inputs, and 2) provide the full compilation output? <janneke>ngz: 1: you could try; 2: possibly, i mean to say that i think libtool hides the link command output upon which it decides not to build the shared library. once you see the symbols that are missing (or any other linking error), you don't need to guess what's wrong anymore; you know. <ngz>janneke: Adding Harfbuzz doesn't help. About 2), I don't know what to do with your information, because my knowledge about libtool is too limited. I see that in ltmain.sh, which is 6k Bash locs long, there is the check responsible for displaying the message about the "-no-undefined" stuff. I also see in src/Makefile.am, libSDL_Pango_la_LDFLAGS = -no-undefined. <janneke>ngz: yes, i can never remember how to debug this. it would be so nice if libtool would simply produce/print the compile/link commands instead of executing them. anyway, you could maybe try running the `gcc ...' command that it prints and look at the warnings <janneke>raghav-gururajan: did you want guix environment --pure --ad-hoc guix; or possibly guix environment --pure guix --ad-hoc guix? <raghav-gururajan>janneke I want to use guix tools in pure env, such that, existing packages/dependencies are not available inside the created env. <janneke>raghav-gururajan: care to share with us what went wrong or what your solution was? <dadinn>I would like to install the `nfs-kernel-server` package, but it seems there is only `nfs-utils` :/ <NieDzejkob>You're missing the experience necessary to realize that different distros do different things ;) <NieDzejkob>AFAIU it's just a part of the nfs-utils package on Guix <dadinn>NieDzejkob: it is a Debian package indeed, but the nfs-utils package doesn't seem to contain the server... at least it is not clear from its description" <dadinn>NieDzejkob: also, I have been using nfs-kernel-server on Debian for ages, but not sure what really the "kernel" means in the name... is it from some different source compared to the one in guix? <NieDzejkob>I just read this bug: https://issues.guix.info/issue/22883. Did I understand correctly that this means a trivial HTTP MitM results in RCE? If so, shouldn't there be a more prominent warning to not use guix pull on untrusted networks? Also, the documentation seems to describe guix pull as *the* way to update a system, which would make the recommendations to "not use guix pull" hard to carry out. <brettgilio>janneke: I get mail from raghav-gururajan all the time :) <brettgilio>raghav-gururajan: protip on writing descriptions. Sometimes you can just straight up hijack the ones provided by Debian <efraim>and their first line can be used as a synopsis *raghav-gururajan is trying to finish up things before new years eve. New work schedule after that. *brettgilio is laying in bed being lazy enjoying time off from work <janneke>well, there is always a next new years eve <brettgilio>If the linter doesn't report trailing white space, then you are probably fine. <raghav-gururajan>brettgilio I did not use linter on this patch, as I used skeleton from one of my previous commits. <brettgilio>raghav-gururajan: it's good practice to always use the linter. <brettgilio>You never know what might get mangled, even in reuse. <janneke>nano can report or show trailing whitespace, so the interwebs tell me <brettgilio>Even when I'm doing a simple package upgrade i run the linter for good measure. No telling if there are artifacts of a past commit that got through :) raghav-gururajan <brettgilio>Even when I'm making new friends, I run the linter to determine their friend fitness. Jk <preciouscookie>Hi guys! I was trying to run some shell scripts by (system "foo bar") in system's config.scm. But guix shows an error that operating system is not being returned by the program. Was it is a right approach to run some extra scripts inside of config.scm file by guix? <brettgilio>preciouscookie: pastebin config. Takes away the guess work <brettgilio>No telling what you mean by "run some shell scripts" unless we can see your config <raghav-gururajan>brettgilio You are right. It should be used all the time. I cut corners to save time. I should stop doing that. <brettgilio>raghav-gururajan: shit happens man. :) We all live and learn and make mistakes <brettgilio>You think I haven't cut corners in my time? I do it every day <janneke>preciouscookie: Welcome! Using a more inclusive greeting is appreciated here, like guys and gals, folk or hello Guix! <dadinn>i am trying to add tmux to my system config, but i am possibly missing the module for it... is there a way to find which module to add? <brettgilio>Or `guix edit tmux` will open it in your editor of choice. <dadinn>brettgilio: it does show it, but it doesn't tell me which module to load <brettgilio>preciouscookie: I'd wrap it in a function and call it by invoke. However, I personally let my window manager call such scripts <dadinn>brettgilio: the version number i see is 2.9 <brettgilio>dadinn: the guix search tmux should tell you the exact module to load by it's path. Something like ./gnu/packages/terminals.scm or something which would be (gnu packages terminals) to load. Just an example idk where tmux lives precisely <raghav-gururajan>How do I use `guix lint` on dedicated scm file containing package definition starting as (use modules.. and (package ... <alextee[m]>how do you cross compile for windows on guix? in arch you had a mingw compiler but the mingw-64-x86_64 package doesn't seem to have any compiler <preciouscookie>brettgilio Mostly XMonad. Thanks for your advice. But probably I miss something. To invoke in Guile means to call? <brettgilio>I am not at my computer rn so I can't give a good example preciouscookie <brettgilio>However. preciouscookie you might check our mcron service to run at startup. This seems like a potentially better idea so your invocation isn't just called on reconfigure. <brettgilio>If you want it called on startup I'd just mcron or let your wm handle it <brettgilio>I might not perfectly understand what you are trying to achieve. <preciouscookie>I wanted to do it it by su. As Guix system is called under sudo. By thanks againg! Guix community is super friendly and cool <brettgilio>preciouscookie: right. But /when/ are you trying to have it run? On reconfigure? On startup? <brettgilio>Because how you have it written will run only on reconfigure <dadinn>brettgilio: thx, i got it now, it was (gnu package tmux) <preciouscookie>brettgilio I had an issue with fonts. Those which installed by config.scm are not available to some programs until I run fc-cache manualy. Btw when I install fonts to my user profile everything is fine. <brettgilio>preciouscookie: doesn't really answer my question :) <str1ngs>janneke: it's pretty helpful thank you. I can go back to using my M-x: recompile workflow now <janneke>str1ngs: yw, yeah i wonder how to make it nicer, with a stack maybe of buffer-local ... having one global settings is sometimes not so great <str1ngs>janneke: could it also be assumed that the profile is <root>/etc/profile. might make switching profiles easier <janneke>M-x guix-set-emacs-environment RET ~/.config/guix/blah RET? <str1ngs>for me I need to drill down to the etc/profile file. maybe I'm doing something wrong. or because I used -r <janneke>that could be, i don't use that; tried it once and its guessing drove me mad <str1ngs>I'm surprised I mainly use ivy for flex filtering *janneke just waits it out for emacs defaults to get saner <str1ngs>I wish readline supported flex filtering with C-r <str1ngs>one emacs default I think should be added is which-key or something like it <str1ngs>janneke: or some ideas can be added to emacsy instead :) <str1ngs>with nomad I use a gtksourceview for the minibuffer instead of the label hacking used in the emacsy examples. it acts surprising more like emacs <janneke>yes, gtk-label hacking was non-informed gtk use i guess <str1ngs>I think it was partly used to add cheap cursor suppport <janneke>i hope to get back at some guimax/emacsy hacking in a couple of months <str1ngs>one thing I need to figure out in terms emacsy is how to convert *minibuffer* and *messages* into graphical controls in a more sane way. currently I use something like this (text-buffer->nomad-text-buffer! buffer) which uses (change-class buffer <nomad-text-buffer>) and that breaks in guile 3.0 <str1ngs>using change-class is probably bad design on my part I think <str1ngs>janneke: also I think buffer local variables are not that great. they are more emacsy like. but with goop slots they are kinda redundant WDYT? <str1ngs>just some musings in regards to emacsy <raghav-gururajan>Folks! What is the default keybinding on emacs to autoindent scheme code? <str1ngs>it's easier to use paredit with M-q I think <brettgilio>Or M-x indent-region. Which is what real legends use. Jk <ngz>Otherwise, you select a region, then C-= <ngz>More than one way to skin a cat... <nckx>brettgilio: <got to keepâŚ> Hey! I resemble that remark. <ngz>Or space until it get properly aligned... <efraim>in vim you go to the beginning of the parenthesis and do =% <ngz>Tuxmath is surprisingly difficult to package⌠:( <brettgilio>PU-184: did you ask gnome web nicely to please play the video? <nckx>⌠& what did it say in response? Anything? <PU-184>When I visit the page of any video, it says that the video could not be loaded because of the server, the network or because the format is not supported. <ngz>Half of the packages requiring SDL uses #include "SDL_wathever.h", and the other half #include "SDL/SDL_whatever.h" <nckx>Really covering their bases there. <PU-184>But I guess it is not the server, nor the network, because I can watch the videos using another OS. <str1ngs>PU-184: what is GNOME web? epiphany? <nckx>'Error: something whoopsed.â <PU-184>nckx: Yes. The error message is very helpful. <brettgilio>GNOME Web: uwu baka sumting bwoke. Uwuwuwuw. Halp *nckx is installing epiphany but don't hold your breath. *brettgilio holds breath anyways, cus nckx told me not to <nckx>brettgilio was killed by a profile hook. <nckx>Why would you even hold your breath. Who does that. Who needed that warning. <janneke>str1ngs: yes, something does not feel right in that area; but i cannot see/express what's wrong or how it should be fixed yet <str1ngs>janneke: I think for guile 3.0 it's possible we could use the meta class <redefinable-class> like so. (define-class <text-buffer> () #:metaclass <redefinable-class>). though I'm kinda in the same boat as you were I need a better grasp on the issue <nckx>s/run/run and try to play a vidya/ *raghav-gururajan accidentally poured their vanilla latte on their keyboard <PU-184>YouTube videos don't work either. They say that my browser does not support any of the available formats. But then I click on the FAQ link about HTML5 video and YouTube says my browser is perfect. <nckx>raghav-gururajan: I've been there âš <nckx>New laptop's much better anyway. *raghav-gururajan says "If it weren't for qwerty, I'd be completely empty". *raghav-gururajan hopes someone will recognizes the reference. ;-) <PU-184>nckx: When I run epiphany from a terminal, the browser is started without any messages and the epiphany commands exits immediately, although the launched browser keeps working. <nckx>PU-184: Oh, you have to close all running instances or it just asks the running epiphany to open a new window. <nckx>raghav-gururajan: Happy to hear it's âjustâ a keyboard. Unless it's some custom Cherry MX thing, although those things are probably bomb-proof anyway. *raghav-gururajan worries about their latte than their keyboard. <nckx>A man after my own heart. *raghav-gururajan orders latte again at McD's via uber-eats. *raghav-gururajan goes back to work on gnome-menus <nckx>May the rest of your day be dull & uneventful & not involve the need for hair dryers. ***ng0_ is now known as ng0
<ngz>How is it possible for configure script to have "checking for SDL_PANGO... no" and yet "checking for SDLPango_Init in -lSDL_Pango... yes"? <ngz>I thought computer science was all about binary stuff⌠<lekzikon>And nothing is printed when trying to load the videos. <nckx>raghav-gururajan: Ooh đ I should catch up. I'm years behind. <raghav-gururajan>nckx I see. The series has ended. Series finale was released two weeks ago. :-) <nckx>I wish I could say more than âit works here and I don't know whyâ. When I try to run epiphany with âenv -i; source stuff; set stuff; epifâ it just barfs: No protocol specified. <str1ngs>is it possible epiphany needs gstreamer codecs installed? *str1ngs whistles a spaghetti western <nckx>str1ngs: That's very possible. $ echo $GST_PLUGIN_PATH â /home/nckx/.guix-profile/lib/gstreamer-1.0 <nckx>If I unset that, lo: âThe media could not be loaded, either because the server or network failed or because the format is not supported.â đ <nckx>I. Have. So. Much. Crap. Installed. *nckx goes back to debugging things they like, like kernels. <nckx>str1ngs: Ditto, I want to know if it would work for me in practice. <nckx>str1ngs: BTW, if my âworkflowâ above sounded off, it's because I don't actually have a working Guix. Database's destroyed. I unpack guix packs to my rw-mounted store like a monster. <NieDzejkob>O_o If that happened to me, I'd reinstall in a heartbeat <str1ngs>nckx: that's understandable. I'm in the same boat. but I thought of splitting my profile up into logical tasks. or maybe start by having a devel profile for testing beyond the typical guix environment <str1ngs>also side note if anyone has ideas to disable the manual-database profile hook that would be pretty handy. <str1ngs>nckx: when you say database do you mean /var/guix ? <nckx>NieDzejkob: Sure, just not on the road. It's actually been fun. Desert island Guix. <nckx>(Desert island with wi-fi; I'm not an animal.) <nckx>I can repair myself some sqlite but it was beyond hope. <str1ngs>nckx: maybe this is recoverable using guix system init config.scm /mnt/guix-root . from booted guix installer or foreign distro <str1ngs>though that might leave orphans in the store, and use redundant disk space <nckx>str1ngs: I've never liked that feeling, I always reinstall đ <str1ngs>I agree though it mighe be handy if you have large variable data on that partition <nckx>Reinstalling's not a problem, I can do that blindfolded with chopsticks up my nose, it's just not worth the risk at this particular moment. <str1ngs>I assumed you had a reason for the packing state. <str1ngs>personally I use a VM as a publish server to cache substitutes for expedited installs <nckx>A perverse pleasure in seeing how far I can push Guix & my knowledge of its innards, mostly, and the fact that this laptop == my job at this time. <nckx>str1ngs: A VM you start on the same host? That's an interesting approach. <nckx>I just use a boring physical sub server. <str1ngs>nckx: yes the vm starts either on guix system or foreign distro <str1ngs>physical as on in on the same lan? if so that would work too <str1ngs>I use the VM because I prefer the 12 threads my workstation provides. <pkill9>guix needs a way to rebuild the database <pkill9>i had the issue that i couldn't garbage collect because there was an sqlite error <pkill9>so i reinstalled guix to fix that <str1ngs>I'm still trying to drum out a workflow where all my system builds are cached on my VM publish server <nckx>pkill9: I had a reproducibly issue (when setting up the aarch64 build boxes) where the store & database were out of sync. Guix will then promptly proceed to eat and destroy itself. This is why I won't re-init the database & try my luck on this machine. I've been there. <nckx>Wipe & guix init is the way. <nckx>str1ngs: There have been discussions (years) in the past about not using a DB, my memory's predictably hazy on the counter-arguments but âperformanceâ was a big one. And let's be honest: we can't afford to regress further on that front. <str1ngs>nckx: I assumed it was being used for performance myself. alternatively having a backup and recover might help instead <kirisime>When will we get `guix make' so I won't need to interact with actual build systems anymore? <lekzikon>str1ngs, nckx: I installed gst-plugins-base, good, bad, and ugly, but no luck, I still can't watch most videos on the Web (the browser plays Webm videos). <efraim>there was a helpful hint on guix-help about webgl <efraim>my kids said it fixed youtube for them <mjw>grin, using your kids to debug guix :) <lekzikon>efraim: I'm using GNOME Web (epiphany), though... <efraim>I actually don't have speakers hooked up to my machine <nckx>lekzikon: Have you tried restarting your machine? If so, what does âecho $GST_PLUGIN_{,SYSTEM_}PATHâ print? <lispmacs>hi, i was wondering about manager user software updates on multi-user systems. Should I just put the most commonly used apps in /etc/config.scm, or what other ideas are there? <lispmacs>like, my wife has an account on our guix desktop PC, but I'm pretty sure she has zero interest in learning how to use guix command line tools <nckx>alextee[m]: (guess) sudo herd restart xorg-server-vt1? (1 is my choice, may differ for you.) <kirisime>My package expects to find a python3 binary named python in $PATH, but guix calls it python3. Can I set up aliases in the build environment or is there something else I should do? <nckx>kirisime: Bad package :-) You can add python3-wrapper instead of python as input. <nckx>kirisime: Sorry: python-wrapper. <nckx>("python" ,python-wrapper) <kirisime>Is the only difference between that and plain python that the binary has a different name? <alextee[m]>Oh i dont get to keep my apps open, this is like restarting <lekzikon>nckx: I did restart the system, but that didn't change anything. echo $GST_PLUGIN_{,SYSTEM_}PATH prints: /home/lekzikon/.guix-profile/lib/gstreamer-1.0 /home/lekzikon/.guix-profile/lib/gstreamer-1.0:/run/current-system/profile/lib/gstreamer-1.0 <efraim>lispmacs: I manage my kids' account on their machine. I 'guix pull' myself and then 'guix pull' them to the same commit and upgrade their software <efraim>easier than when it wants to build kodi and icecat when reconfiguring <lispmacs>efraim: do you do a `sudo su -l` or something, or have to get them to log in first? <lispmacs>err, whatever that command is suppose to be <efraim>i'm in the wheel group, so I go straight for 'su kids' <efraim>I'd have them track my profile but I wanted them to only have whatever's default in guix <nckx>I do the same over SSH for my mother's laptop. <nckx>kirisime: Yes. It's exactly what you want, python 3 + a âpythonâ command. <kirisime>What does the validate-runpath phase do? I encountered a package whose build fails in the phase. <nckx>kirisime: It validates that executables can actually find their libraries at run time (https://en.wikipedia.org/wiki/Rpath). Its failure can sometimes be harmless, but usually indicate a real problem. <efraim>ok, time to process ~260 rust patches for ripgrep <NieDzejkob>If a package needs a suid binary, should it also provide a service? If so, should the service be in gnu/packages, next to the package, or in gnu/services? <nckx>kirisime: RPATHs on Guix and Nix look quite different than on FHS distributions: long lists of /gnu/store/foo/lib:/gnu/store/bar/lib:âŚ, unique to each package, instead of just (say) /lib:/usr/lib for the entire system. As always, this breaks assumptions that should never have been made. <nckx>NieDzejkob: Services always go in gnu/services, but setuid binaries should just go in (setuid-programs âŚ). It's an admin decision, packages can't say âhere install this setuidâ, by design. <NieDzejkob>Ok, though note that the path is non-obvious: #~(string-append #$xsecurelock "/libexec/xsecurelock/authproto_pam") <NieDzejkob>(if so, where? also I guess I should've nckx: highlighted you :D) <nckx>NieDzejkob: You're aware that will create a setuid copy (sic) of that binary as /run/setuid-programs/authproto_pam, it won't set the setuid bit on /gnu/store/âŚ/libexec/xsecurelock/authproto_pam, right? If anything relies on the latter being setuid it still won't work. <NieDzejkob>I currently pass the /run/setuid path as a configure parameter, but it's also possible to set it as an env var <nckx>NieDzejkob: I obviously lack the big picture to help you decide how this should be implemented and/or documented. <nckx>NieDzejkob: Ah, so it will only work on Guix System, but maybe that's inevitable anyway. <NieDzejkob>nckx: ok, but is there a standard place for documenting package-specific caveats? <NieDzejkob>How do foreign distros deal with setuid, anyway? <nckx>I think i3lock suffer{s,ed} from the same problem. <NieDzejkob>it's a screen locker, so I'm not too keen on it working on foreign distros, but still <NieDzejkob>Is it reasonable to put the system configuration snippets necessary to make this work in the package description? <nckx>NieDzejkob: Have you read the âScreen lockers & co.â section in (gnu services xorg)? That *seems* relevant, even if I don't know if it would work with your libexec helper as-is. <nckx>NieDzejkob: I personally wouldn't mind, anyone complaining that it's not the right place then automatically volunteers to show you the right place so win-win. *raghav-gururajan is now working on packaging gnome-color-manager <NieDzejkob>nckx: Yes, I've seen Screen lockers & co. Now that you pointed it out, though - should the default PAM service be "login", which already exists, or "xsecurelock", which would be created by such a service? <nckx>NieDzejkob: Having looked at (gnu services xorg) some more, I'm not surprised that (xorg-configuration (screen-locker-service xsecurelock "xsecurelock")) or whatever you tried didn't work. It assumes your screen locker is <xsecurelock>/bin/securelock, not /sbin or anything else (which may be true for you but still), and also that *that* and only that is what needs to be setuid. I'd rather see the problem fixed there but I'm not sure how. <nckx>NieDzejkob: Not familiar enough with screen lockers to say, sorry, don't actually use one myself. <nckx>Merely a Dvorak layout + i3 is 100% uncrackable security in my circles. <kirisime>The failing package is amule, by the way. <nckx>There's a blast from the past. <NieDzejkob>nckx: The thing is that the main xsecurelock binary *doesn't* need setuid - the setuid-needing bit is extracted out into a self-contained helper binary <nckx>Yeah, I guessed as much. <nckx>kirisime: If you grep -i gnu/packages/*.scm for rpath or runpath you'll find many different ways to fix various different problems. That's all I can say with what I know. <nckx>Adding "-Wl,-rpath=" to LDFLAGS is probably my most-used trick. <NieDzejkob>oh, I missed the "not" in "I'm not surprised that it didn't work" and got *so* confused <nckx>kirisime: Wait, are you actually working on this or was this just a bug report? đ <nckx>I didn't realise amule was already in Guix. Next up: LimeWire & WinMX. <str1ngs>nckx: with i3 I just C-M-F1 for my lock screen :P <nckx>str1ngs: Also nice. Getty or no getty? ***Server sets mode: +cnt
***Server sets mode: +cnt
<ngz>nckx: OOC, what problem "-Wl,-rpath" trick solves? <NieDzejkob>I had to set IceCat's security.sandbox.content.read_path_whitelist to /gnu/store/ (in about:config) to make some video codecs work. Any chance of making that the default with some build-time patch? <NieDzejkob>(I might send a patch for this myself but it's 7th on my TODO list and someone here probably knows how to do it) <dadinn>i am trying to install netcat using `guix package -i netcat` but it doesn't work... any advice? <ngz>What "doesn't work"? <dadinn>ngz: it says error: cannot link '/gnu/store/.links/0v9fzzinnn48nw3g1qhn3f3nyqrhfvpsv000m8zyz0p2b4sfq201' to '/gnu/store/48dr9v1 <roelj>When you âgit cloneâ the Guix repository, modify a recipe, what do y'all do to build/install/test the modified recipe? <nckx>NieDzejkob: Could you report this to IceCat upstream instead? <nckx>roelj: After bootstrapping, configuring, & making: ./pre-inst-env guix build the-thing. <roelj>nckx: Do you do that in a âguix environment guixâ? <nckx>./pre-inst-env brings its own environment (hence the name), no point in running it in another. <roelj>And do you pass anything special in the ./configure step? (--localstatedir perhaps?) <nckx>If it fails outside it will fail outside, and you should just rebuild to make sure everything's up to date. <nckx>roelj: You got it đ --localstatedir=/var. <nckx>roelj: guix environment --pure guix -- sh -c './bootstrap && ./configure --sysconfdir=/etc --localstatedir=/var && make -j`nproc`' should do it. <roelj>nckx: I seem to need to do: guix environment --pure guix --ad-hoc autoconf automake pkg-config libtool gettext. What am I doing wrong? <NieDzejkob>nckx: is icecat upstream concerned with guix-specific things? <nckx>roelj: I don't know. Does bootstrap fail otherwise? Is your guix up to date? <roelj>nckx: I get a lot of "Unbound variable: git-fetch" messages after running ./pre-inst-env guix build the-thing <roelj>nckx: My Guix version is a9650f113527a1f7175ce0ae1026941ece13352e <lispmacs>I think Guix was eventually planning to adopt something like stable branches, right? But in the meantime I was wondering if Guix would consider adopting something like a [SECURITY] tag for use on the guix-patch list. <lispmacs>Users could maintain their own stable branches, but you'd have to spend quite a few hours reading guix-patch posts to figure out which ones were security patches <nckx>roelj: No. I don't know why only --pure guix works for me & not for you. <lispmacs>or something like Debian's security-accounce list would be a great, instead <nckx>NieDzejkob: Oh, no, I missed that bit. But please CC mhw at netris.org, he cares. <nckx>lispmacs: Almost no security fixes are submitted as patches first (that would slow them down). <nckx>All security commits have [fixes CVEâŚ] or [security fixes] in line 1 of the commit message. <lispmacs>nckx: oh, okay, so I need to be watching the git log, not the patches list <nckx>lispmacs: If you don't mind receiving a mail for each commit, you can subscribe to guix-commits at gnu.org. I do. Many do. <nckx>From there it's pretty easy to set up a local mail filter that will catch almost all security updates. <nckx>A âstableâ branch that only receives security updates on top of the last release is possible but means extra work rebasing fixes. <lispmacs>nckx: I'll do tht if it has the digest option <dadinn>I am trying to install netcat, and i am getting this error:cannot link '/gnu/store/.links/0v9fzzinnn48nw3g1qhn3f3nyqrhfvpsv000m8zyz0p2b4sfq201' to '/gnu/store/48dr9v1 <dadinn>I am trying to install netcat, and i am getting this error: cannot link '/gnu/store/.links/0v9fzzinnn48nw3g1qhn3f3nyqrhfvpsv000m8zyz0p2b4sfq201' to '/gnu/store/48dr9v1...-info-dir-builder': No such file or directory <nckx>Does the second file really not exist? I'd run âguix gc --verify=contents,repairâ first to make sure you're store's not (too) damaged. This will take a while. <civodul>dadinn: weird, did you manually add/remove/modify files in /gnu/store? <nckx>Or have any recent file system trouble/errors? <dadinn>running the verification... actually, what does that command supposed to do? <dadinn>nckx: error: executing SQLite statement: FOREIGN KEY constraint failed <dadinn>nckx: that is the error from `guix gc` <pkill9>dadinn: that's the error i got a while back, i had to reinstall guix because I didn't know any other solution <pkill9>i don't know of a solution now either <nckx>dadinn: Welcome to my world âš <dadinn>pkill9: I would need a way to back up the config.scm... that's why i needed netcat, so I can send it off to termbin... any recomendation for alternatives? :/ <nckx>dadinn: Your database is corrupted. You can try to repair/export the remains using the sqlite command-line tool, or you can reinstall like pkill9 and me. <str1ngs>is there a possible trend of sqlite corruption? <dadinn>no clipboard sharing unfortunately :/ <nckx>str1ngs: Odd coincidence, isn't it. <nckx>dadinn: Could you explain your situation a bit? Your config.scm is all you care about, and it's trapped in a VM? <nckx>I'm sure the sqlite team are wonderful people but their database has a reputation for this. <kirisime>I have a test that attempts to create files in /homeless-shelter, how do I point it to somewhere it can use? <nckx>kirisime: (setenv "HOME" "/tmp") <kirisime>nckx: Thanks, I guess I'll need to add that as a new phase before 'test? <dadinn>nckx: 0x0 looks like exactly what I needed, thx! <chipb>nckx: that's funny, I was under the impression the sqlite folk had famously good test coverage. <chipb>was there a recent sqlite upgrade? <nckx>chipb: Not that I know of. <dadinn>nckx: what does guix have to do with sqlite? <nckx>dadinn: /var/guix/db/db.sqlite. <nckx>Without it: time to reinstall Guix. <dadinn>nckx: ok, i see the files... is there some more explanation about the reansons behind this? <dadinn>nckx: eg. what data is stored there, and under what schema? <kirisime>Mypaint has built successfully. Now to see if it runs... <valignatev>Hey civodul, thanks for a fix for crates recursive importer! Looks like it respects versions now! Yay! <bandali>probably âguix edit packagenameâ