<ryanprior>I guess that's nice to know that Guix will hum along without much problem even if you don't update the daemon, like, ever? But maybe there have been drawbacks?
<nckx>I've always edited /etc/systemd/system/guix-daemon.service to run my user's guix-daemon and left root's to rot, since all my foreign distro's were single-user machines. If your user has sudo, I don't see any security risk.
<nckx>ryanprior: The daemon is quite stable but there have been changes in the past.
<ryanprior>Okay yeah I'm also on a single user machine so maybe it hasn't been a problem then so far.
<anadon>Did `guile-next` get renamed `guile-3` or am I making things up?
<romulas>Put the latest iso onto a usb thumbdrive it doesn't work on UEFI, bug?
<wdkrnls>But many of those don't show up in the guix data service.
<wdkrnls>I was think you could use a hack whereby you picked the last revision from yesterday and then updated every day with the revision from yesterday.
<wdkrnls>Not elegant, but unless you want to be continuously upgrading there will always be some period of time where you are potentially behind on security updates.
<wdkrnls>ice-9/boot-9.scm:1669:16: In procedure raise-exception: error: help-string: unbound variable
<wdkrnls>I'm getting that error every time I try and tab complete guix commands from Emacs.
<ryanprior>If I want an old version of a package that used to be in Guix but isn't anymore, I know I can use time-machine to zoom back and grab it. But if I want to mix that with some newer packages, do I have to do something hacky like guix time-machine <hash> -- environment --ad-hoc pkg -- guix environment --ad-hoc otherpkg
<wdkrnls>I'm no expert, but isn't that what inferiors are for?
<ryanprior>Okay, I'd heard of inferiors but thought it was an internal feature, I didn't realize it was intended for end-users. This does look less hacky than what I suggested :)
<apteryx>ryanprior: yes, I've never done so, but you're supposed to be able to use inferiors in a manifest to pin packages to older Guix revisions.
<ryanprior>This kinda looks like it's waiting for a better syntax, and it doesn't seem like it would be usable with the JSON manifest syntax which is too bad, but it at least seems better than the chain-'o-guix-commands hack.
<jackhill>I factored out some of the boilerplate there since I'm doing it twice in the same manifest.
<badair_>Any idea what causes this? I changed the interpreter on a blob with patchelf, ldd looks fine now, but I get this: "symbol lookup error: /gnu/store/XXX/bin/myblob: undefined symbol: , version GLIBC_2.0". Apologies if this is the wrong place to ask.
<jackhill>ryanprior: so in that manifest, I'll always get nss-certs and glibc-locales from the current guix, but blender and dcmtk come from the pinned commit
***wxie1 is now known as wxie
<ryanprior>jackhill: that makes sense, took me about 4 minutes to read it and figure out what you were going for. Wish it were even clearer, though. Seems like something that could be just plain data and not require writing code.
<apteryx>ryanprior: you could probably come up with macro :-)
<apteryx>then contribute it so that we don't repeat ourselves
<ryanprior>It does in theory, but I have had no luck with writing Guile macros yet. The syntax seems obtuse because I don't get it yet, despite reading a bunch of examples and trying things for a few hours. X.X
<ryanprior>I haven't tried writing this specific macro yet & I eventually will, so third tim'.
<apteryx>ryanprior: try syntax-rules at first; they're more straightforward. If you already know 'match', you're not far from knowing syntax-rules.
<nckx>badair_: My guess is the binary was built against a different version of glibc than the one you're now using. You can install binutils and run ‘readelf -s /run/current-system/profile/lib/libc.so.6 | grep <the symbol>’ to see if that sounds plausible, i.e. there's a <symbol>@GLIBC_<something else>.
<ryanprior>I've tried syntax-rules in the past and then when I ask for help it's invariably "oh you can't do that with syntax-rules, you need syntx-case"
<ryanprior>But I beat my head against the wall with syntax-case, I just don't get what it wants from me.
<ryanprior>I'm not bad at writing macros in Clojure, elisp, or Racket, but it seems like Guile is on some other shit. I'm sure it's just because I don't understand it yet but I'm reading examples like "wtfff"
<apteryx>eh, I'm not very confident in my syntax-case abilities yet myself :-). syntax-rules can do a lot of things still (such as recursion).
<badair_>nckx: Thanks. The libc version is compatible -- when I leave patchelf alone and just symlink to the expected paths printed by ldd on a throwaway system, the program works. I'm not sure why the error message is "undefined symbol: , " -- I don't recall seeing this "space comma space" thing in the past.
<nckx>Oh, that's a literal? WTF. I thought you were paraphrasing.
<badair_>The myblob path is a paraphrase but everything else is not. Thanks anyway!
<jackhill>ryanprior, apteryx: yeah, definitely. I assume that as people use it more, we'll figure out ways to make it nicer to do. Having looked at it again today, I see some things that could be cleaned up.
<jackhill>but I don't yet have a good sense about what Guix should provide. I'd haven't written this type of manifest enough to have any ideas.
<nckx>badair_: Definitely weird. No idea what it could mean, other than ‘patching binaries is fraught and all bets are off’.
<ryanprior>One thing I want jackhill is an option to write a manifest that's just a data structure with no imperative code. edn, toml, json, yaml, recfile, whatever. Just not code with imports and functions and binding variables. I prefer not to have to reason that way about my dependencies.
<ryanprior>I can come up with some example hypothetical manifests in various data formats and send that to the email if you think it would kick off an interesting convo.
<apteryx>ryanprior: I think the chapter 8 of this book is pretty good at giving a better understanding of macros; coming from the creator of syntax-case himself: https://scheme.com/tspl3/
<vagrantc>heil_bel: it may need to be refreshed for current guix versions
<heil_bel>jackhill: It's not like I want to downgrade. But to make guix pull to not totally newest state.
<vagrantc>i've never used it ... but there you are
<heil_bel>vagrantc: That's nice. I'll search for this. ;)
<vagrantc>just pulling yesterday's commit might actually have less things built than today, since things often get fixed on master ... and things get broken on master too ... so time-based checks aren't necessarily going to serve one well
<xelxebar>Have a package with failing tests. Trying to get to the bottom of it, I'm trying to recreate the failing `make check' but starting a --pure environment and running from `make check' from the build directory produces *different* and a lot *fewer* failing tests.
<xelxebar>... Nevermind. I forgot that I tried in a --container environment and it mirrors the build failures exactly.
<xelxebar>Okay, so I have a guix environment --pure --container that I'd like to pack into a tar to send to someone. AFAIU, this is possible by taking the $GUIX_ENVIRONMENT/manifest and feeding it to guix pack -m.
<xelxebar>However, guix pack -m /gnu/store/.../manifest is erroring out with "Wrong number of arguments"
<xelxebar>Yeah, doing guix pack -m ~/.guix-profile/manifest fails the same way. :/
<leoprikler>in that way, you have to use package-inputs from scheme
<xelxebar>I wish to do this because a piece of software I am packaging is failing its tests in an odd way. Am working closely with upstream to troubleshoot but figured a chroot-able tar to share would make life a lot easier
<xelxebar>leoprikler: This is certainly hitting up against the limits of my guile knowledge. Would there be a way to use the (packages ...) list in the `manifest' file almsost as-is and somehow compile that into a manifest?
<guix-vits>Kimapr: idk, but was needed for generating gpg. It's pops up and asking password..
<xelxebar>That said, if the `manifest' files really are serializations only, it might be a fun project to implement the deserialization.
<janneke>i have this interesting setup where i use a fork with a backport: GUIX_PACKAGE_PATH=guix ~/src/guix/x/pre-inst-env guix time-machine --url=$HOME/src/guix/master --commit=056c5606df7ce0438d8e3cd1af99a21417b8c56b -- environment --ad-hoc mcrl2-minimal
<civodul>nckx: i think we should just not suggest that we're aware that things are broken in a broad sense :-)
<nckx>civodul: Well, sorry, but it's happened often enough (>4 times over the past 2 years or so) that pkilling things is now high on the debugging list when I get strange output. I was not aware it was even a controversial statement 😉
<janneke>ah, okay -- i don't have (or see) a use case for that right now; but i was a bit worried about my fork, which gave me extra incentive to read the series and test
<janneke>come to think of it, authentication is real good to have, also on my fork
<civodul>nckx: to me it's unhelpful if there are no bug reports
<civodul>i mean, we don't write software and willingly keep it broken, right? :-)
<civodul>so people should not assume that developers are aware of bugs not reported IMO
<royball>nckx: np. looks like a good place to start and learn to be able to start bug-fixing!
<guix-vits>bdju: ah, imagining the working with a portable device with the users able to `ls /`, not that "android/wtf.it.is/empty" stuff.
<NieDzejkob>bdju: Want to try packaging them yourself? The Guix documentation about this is pretty good and we're here if you get stuck
<bdju>NieDzejkob: I have had many bad experiences trying to package things, honestly. I want to be able to do it, but I'm not feeling confident.
<bdju>what do I need to get auto-mounting of removable storage working? I have gvfs and I have volume management enabled in pcmanfm settings, but the sd card I just inserted doesn't show up on the side or get mounted. it shows up in blkid output, though, so it's being detected
<guix-vits>bdju: Do you willing to test it with `nautilus`? Maybe some pcmanfm bug.
<bdju>alright, I added the udisks service and did a reconfigure. I may have to log out or something for it to take effect
<NieDzejkob>bdju: huh, I'm sorry to hear that. Would you mind telling us what these experiences were? We'd certainly like to improve. (or perhaps you spoke about it before and you could point me to that - also works)
<bdju>NieDzejkob: I'm just working with not enough knowledge when it comes to packaging and I seem to lack the patience, quickly getting stuck and giving up. lots of things are unclear, like how you determine missing or incorrect info in the recipes and whatnot.
<bdju>partially, but also I'm not even entirely sure what makes something a regular input vs native-input and how to determine when a use-module is needed. it seems the hello.scm recipe is too barebones to use as an example
<nckx>bdju: Roughly, an input must be native when it needs to run (not just be linked against, provide headers, &c.) at build time. That's where the term comes from: say you're building for aarch64 on your x86 laptop. You want your package to link against an aarch64 ncurses, because it needs to run on your ARM board, but e.g. pkg-config must be ‘native’ (x86) because it needs to be able to run on your laptop.
<bdju>also I maybe gave the wrong impression, I've never managed to package stuff for other distros either, I've just only tried for guix, so some of my issues are general after all
<apteryx>civodul: re the guix used by 'guix deploy', I see, thank you. So it's building the system closure locally with my guix, then transferring (deploying) this to the remote system.
<joshuaBPMan>Hey guys...I am using guix system. I am browsing youtube vida invidio.us (an AGPL+ alternative to youtube). And I am using a VPN (express VPN) via network manager. I do not believe that I am leaking DNS requests...Why is it that youtube and invidio.us and hooktube all seem to show the same videos that I like to watch? eg: Everytime I go to invidio.us I see lost of computer-y hardware videos. If I am using a VPN how does youtube
<joshuaBPMan>remember what videos that I like? I am not logged into youtube. Is there a web browser plugin I can use?
<lfam>joshuaBPMan: Presumably most people that use a VPN are into computer stuff
<lfam>I've never visiting invidio.us until today and front page is all about computers
<lfam>Computers and stuff that computer nerds like
<lfam>If you ever used youtube.com from your IP then it will remember you
<lfam>There's a plethora of techniques to show you what it thinks you like
<mbakke>raghavgururajan: I had forgotten about that bug report and not looked more into it. Did you observe the problem somewhere?
<NieDzejkob>bdju: If you still have the incomplete package definition for the thing you last tried to package, we could work through it together if you wanted.
<leoprikler>tbh I really don't get the advantage of using a VPN in terms of security
<leoprikler>I get, that you may want to circumvent region locks, but that's it imo
<lfam>I guess it depends on your threat model. It (ideally) moves the threat from one entity to another
<apteryx>how easy/difficult is it to share /gnu/store across different machines? Say, for CI purposes (many build slaves). Or would configuring the build slaves to use one another as substitutes be a better idea?
<leoprikler>yeah, but those two entities are an ISP and a pseudo-ISP, so not much is gained here
<lfam>It's more likely the web (not the internet) will just disappear as apps take over
<lfam>I think it's already happened in the rich world to a large degree
<lfam>I don't really know about the non-rich parts of the world but I think they mostly use phones, so probably the same
<[df]>(vaguely relevant) it is rather annoying that the asymmetry of connection speed that was kind of a worthwhile trade-off for ADSL has become the norm
<lfam>And I think it's a shame that the free software movement is taking an absolutist approach to phones, pushing niche OSs and hardware, rather than replacing specific apps on popular platforms. The latter is how the movement started, when it recognized that it had to work piecemeal
<lfam>We got there with servers, almost with the desktop, but with phones we have to start from scratch, more or less
<lfam>[df]: Yes, although I think that residential fiber and 5g wireless is making it better
<lfam>Well, all that we can do is try to improve the situation! Let's keep going :)
<[df]>the real problem with apps I think is that they're closed-by-default: the people building them would have to go to extra effort to make them free and they tend not to, without necessarily having a good reason
<lfam>It's true, but even when they do make them free software, there is a horde of attacks by people who say they aren't free enough, or that the platform makes the effort worthless
<[df]>lfam: actually I was thinking about the 5G 'home broadband' connection I recently signed up to: I keep ~200Mbps down and ~10 up
<lispmacs[work]>hi, I've been a Gnome 3 user for a while. I added mate-desktop-service-type and was giving Mate a try on the same desktop. However, Mate doesn't seem to be able to access my Gnome keychain, and is not asking to unlock it.
<lispmacs[work]>Is that a bug, or do I need to add something else to my config.scm?
<leoprikler>the package itself – the service does not install the package, it just references it
<NieDzejkob>I can't get grafts to work. I added a replacement for nghttp2 (https://paste.debian.net/1151419/), doing ./pre-inst-env guix build nghttp2 shows the new package; hiawatha depends on nghttp2:lib, but when I ./pre-inst-env guix build hiawatha the hash doesn't change and ldd /gnu/store/.../sbin/hiawatha prints the old version of nghttp2
<lispmacs[work]>leoprikler: hi, I added gnome-keyring package to my config.scm, did a reconfigure, and rebooted. After reboot, I could see gnome-keyring-daemon running as a process, but am getting the same behavior within Mate.
<lfam>It's a good question. I would really like for us to do it ourselves but if we can't it's a good option. We probably can't take Debian's because they don't follow the Free Software Distribution Guidelines that we do
<lfam>I do think we might make some different choices than Parabola but ultimately if we can't do the work, then we can't do the work
<lfam>Learning how to configure the kernel builds according to the FSDG, and then doing it regularly, would be a crucial contribution to the Guix project
<lispmacs[work]>leoprikler: so, then, are we needing a package for mate-keyring-service? Do I need to file a bug report for that?
<guix-vits>(Kernel) Joint efforts? Probably there is not that much options in L. Kernel that Guix depends on (for example, Gentoo's sources have had a small category with only 4 or 5 options). So idk, but doubt that every GNU distro should re-doing the same work.
<lfam>The different linux-libre distros have different values and goals. I do think there is value in re-doing the work.
*nckx hits down arrow down arrow … down arrow RET because noob :-/
<nckx>romulas: So the reason I asked about trying another USB drive is that I had the same problem a while ago. Guix didn't even show up in the UEFI menu. There was no corruption. Wrote it to a different drive, worked fine. I don't think there's much we can do about that without some hint of an error message :-/
<nckx>romulas: There are plenty of machines that hard-code something they shouldn't. You could try copying /EFI/Guix/grubx64.efi to EFI/boot/bootx64.efi.