<jgart[m]>raghavgururajan: Thank you for pointing that out. I haven't tried virtualization with this machine. I will check the others. ***jonsger1 is now known as jonsger
<jgart[m]><raghavgururajan "jgart, Try to test your device's"> I will try <jgart[m]><PotentialUser-47 "which is easier to use @jackhill"> Actually I had issues with GNOME-boxes on my X200. I remember getting an error message saying it wasn't supported. Sorry, I forgot the exact error message. <jackhill>yeah, I guess if it doesn't work for you then it's not easier ;) <jackhill>PotentialUser-47: good luck, hopefully it works smoothly <jgart[m]>It is a program written in common lisp for typesetting musical scores <jgart[m]>The author has made it available as a gzipped Unix tar file. Currently you're supposed to install/use it by just downloading the sources, loading the program and including `(in-package :cmn) ` to start using the procedures made available by the program <jackhill>jgart[m]: are you asking if it has to have a asdf definition for inclusion in Guix? <lfam>Does anyone know how to add library search paths to CMake, for when the CMakeLists.txt doesn't do anything to try to find them? <jackhill>I think the answer to that is no, but it would probably make it easier to write the package definition if it did. <lfam>Do I need to set some variable like DCMAKE_C_FLAGS or something? <NieDzejkob>if I'm reading the docs correctly, you could try -DLIBFOO_ROOT <lfam>The directory /gnu/store/...-itpp-version/lib is in $LIBRARY_PATH, but the compilation fails with "ld: cannot find -litpp" <lfam>Can you share the page you're reading? <PotentialUser-47>I don't see virt-manager in my application finder. But it shows as installed when I run the "guix package --installed-packages" command. Does virt-manager only run on the terminal. <raghavgururajan>lfam: If you need a specific library to look for, search the CMakeLists.txt for that name in a variable, like FOO_BAR. Then you can set (string-append "-DFOO_BAR=" (assoc-ref %build-inputs "foobar") "[00:49:53] <raghavgururajan> NieDzejkob, Is my response here (https://github.com/uclouvain/openjpeg/issues/1264) correct? <raingloom>which package is pam-config in? (if it's packaged at all) <raghavgururajan>lfam: Hey, I just remembered something. Sometimes, the build script doesn't have variable for a dependency, if that dependency is included as git sub-project. *raghavgururajan emphasize on 'sometimes' <jgart[m]><raingloom "which package is pam-config in? "> what is the package called in another distro like arch, etc...? <jgart[m]>raingloom: I tried running `guix search pam-config` but that didn't return anything. You can tell where a package is packaged in by looking at the field `location` from the output of running `guix search` <jgart[m]> * raingloom: I tried running `guix search pam-config` but that didn't return anything. You can tell what file a package is in by looking at the field `location` from the output of running `guix search` on that package <NieDzejkob>raghavgururajan: I did not investigate the nature of the tests, and as such I have no idea <jgart[m]>Ok, I won't edit my posts anymore on this channel since it duplicates my message over the irc bridge ***jonsger1 is now known as jonsger
<vagrantc>this is on an machine installed a couple months ago before the authenticated commit stuff was added to pull ... it managed to pull it a fairly recent commit (e.g. a version that supports the authenticated pulls) <vagrantc>guix pull: error: Git error: cannot locate remote-tracking branch 'origin/keyring' <vagrantc>but that version couldn't reconfigure due to a bug that has since been fixed in guix/master <vagrantc>remotes/origin/keyring is available ... but apparently not where guix pull is lookin <raghavgururajan>vagrantc, May be the pull works only on the repos that are bootstrapped? <lfam>vagrantc: You need to have a local checked-out copy of the keyring branch <lfam>Oooh, this is `guix pull` <vagrantc>the "keyring" branch is at edb380b705a461a9780f935c279aea5e7921fa49 <vagrantc>maybe i've found a new corner-case in the authenticated pull stuff :/ *vagrantc tries without --url ... <vagrantc>which is re-downloading guix.git, of course... :\ <raingloom>jgart[m]: it's just called "pam" on Arch. i looked at "linux-pam" but it has no such file in it. <jgart[m]>raingloom: is that what you're looking for? <raingloom>jgart[m]: i don't think so, i wanted the pam-config command because it's supposed to let one set their default umask <raingloom>i set it in my zsh profile for now, but i'm not sure how reliable that is <raingloom>jgart[m]: i've never used it before, but it seems like the one. <butterypancake>like an extra tidbit that's not part of the diff. I get that the git send-email is already a message <NieDzejkob>butterypancake: put it after the ---, before the diffstat <nckx>butterypancake: You can type whatever you want right under the ‘---’. What's above it is the commit message. <butterypancake>I'm not sure where the --- is. All I know is I can type `git send-email -1 --to guix-patches@gnu.org' and everything magically works <nckx>butterypancake: --annotate <nckx>(Or --compose, but that *will* create a separate ‘cover letter’ message from your patch.) <butterypancake>ugh, now I gotta fiddle around for 7 hours figuring out how to get a text editor working. Aight. Guess that's how I'm spending my night. I feel like everytime I gotta rely on $editor working properly it just doesn't :/ <nckx>raghavgururajan: Still building… <nckx>butterypancake: I'm 99% sure you know this, but just in case: it's $EDITOR, uppercase. See ‘man git-var’ for all the wonderfully different ways to do the exact same thing! <butterypancake>is there a section in the manual that describes inputs vs propagated-inputs vs native-inputs vs maybe-other-inputs? I haven't searched for it today, but I'm 99% certain I searched for it previously and failed <nckx>I'm surprised to hear that though, here (emacs) it just works. <nckx>butterypancake: (guix)package Reference has a short explanation. <butterypancake>nckx: I still main arch linux until I'm done packaging everything I need. Arch is a mess. I don't think I've tried it on guix yet. Maybe that'll just work <nckx>Plenty of messes of our own (pinentry comes to mind). <nckx>raghavgururajan: icedtea is ready though. <butterypancake>The manual describes native-inputs and propagated-inputs relative to inputs but never really defines inputs. I'm guessing it's something installed normally, but it really doesn't say. <nckx>butterypancake: Inputs are just the packages that are made available in the build environment. <nckx>That's true for all three. <butterypancake>no, that's native-inputs. inputs are available in the build and run environment, no? <nckx>But it's a common misunderstanding. <butterypancake>wait, I'm confused. Say I need the ledger package at runtime but not build time. What is it? <nckx>There are different ways to handle that, it doesn't map to a ‘kind’ of input. You could make ledger an ‘input’, then make sure that your package refers to that ledger by its full /gnu/store path. That's a reference, and how Guix tracks run-time dependencies. Or you can make ledger a propagated-input: when you install your package, Guix will co-install ledger into the same profile. It saves you some trouble but is dirtier IMO (it pollutes the prof <nckx>ile and can cause conflicts). <nckx>Certainly not a native-input. <butterypancake>so my thingy was rejected cuz I didn't make it reference the full path but it still worked when I installed it locally. I think it worked because it just called "ledger" whithout any indication of location so I think it pulled from my path. Is this not good enough? <butterypancake>sorry, I'm being very ADHD today and not continuing a single train of thought very well :P <lfam>Usually, references to big user-facing applications like ledger should be done the way you did <nckx>Using something from $PATH is a legitimate 3rd option (I was going to type it, then realised how long I'd gone): let the user decide if they want to install ledger or not. That works for purely optional dependencies and only if your package has a sane error message (‘please install ledger’). If it segfaults without ledger: not an option. <nckx>I really need to go bed times. o/ <lfam>I agree with nckx too. It depends <lfam>If the whole point of your package is to use ledger then you should "bake in" the store reference <butterypancake>wait, I still don't get input vs propagated-input. Is input not installed? <lfam>It depends what you mean by "install", and this word is used differently on Guix compared to old-school distros <lfam>On Guix, you "install" things by putting them in your profile, with a command like `guix install ledger` <lfam>But, run-time dependencies are ideally not installed in your profile. Libraries, for example, are rarely installed by a user <lfam>When Guix builds a package, it puts the output of the build process in a directory in /gnu/store. Then, it scans that directory for any string that looks like another directory in /gnu/store <lfam>The strings it finds are called "references" <lfam>Guix then records the references in a database <lfam>When you install Ledger, all of its references are downloaded too <lfam>But, those references do not go in your profile. Because ledger has recorded the full paths (references) of its run time dependencies, it can find them in /gnu/store <lfam>Propagated-inputs are for when that isn't going to work. Some languages are like that. Propagated inputs are instead installed into your profile along with the package that propagates them <lfam>In that sense, the package "propagates" its dependencies <lfam>Does that make any sense? <lfam>It's different from old school distros, where all the software is put into wel[02:35:25] <butterypancake> I mean I've asked on here before, so I'm starting to think there aren't better ways <lfam>For me, looking these things up is not the thing that takes a long time or is hard. The hard slow thing is understanding the code and figuring out how to write it <butterypancake>oh, your regex is just missing a (. I thought you where pulling some next level regex :P <lfam>I didn't mean to trip you up <lfam>My regex ability is pretty basic :) <lfam>Yeah it's tough getting started <lfam>Once you do a few package definitions, it becomes second nature <lfam>A lot of the really easy things have already been packaged, which makes it tougher <lfam>But people keep writing software so there should be some more easy packages soon :) <lfam>You will. Everyone gets better with practice <butterypancake>I mean there are still some easy ones. I'm expecting packagins emacs-org-drill to be a 2 second thing. But we'll see :P <lfam>There are so many Emacs packages all the time, they must be simple <lfam>The thing I'm working on now... I wouldn't have been able to do it a few years ago <lfam>It's a half-done CMake build system and also has some Python sprinkled in <butterypancake>I got to do a home-brew non-standard configure script. that one was fun <butterypancake>none of the target switches actually changed the target :P and none of the configuration settings propagated to the source code <butterypancake>and this was openDoas!! The OpenBSD people pride themselves that their code is the best. Then some lunatic shoves the worst possible porting scripts around it :P <butterypancake>and by lunatic I do mean bless his sole because at least I don't have to port it <lfam>Yeah seems like there's a big difference between OpenBSD and OpenBSD software on other systems <lfam>It makes me appreciate OpenSSH <butterypancake>it doesn't specify what the return value of substitute is :/ it'd be cool if I could add a check that my regex appears and appears only once <lfam>And it doesn't support checking that <lfam>It can lead to bugs if the software changes <butterypancake>ugh, not worth doing then. It's wouldn't even be a super concrete test I guess <butterypancake>well I want it to make an error if the software changes so people can update my package with the new executable format ***catonano_ is now known as catonano
<lfam>I was also thinking that finding ledger on PATH might be more convenient in the long run, but I wanted you try things and decide for yourself <lfam>But you are already learning some of the trade-offs <butterypancake>well, as much as I do like using ledger from the command line, many people do just use interfaces for it. I haven't used the CLI in ages. I'm pretty hard on myself so I'll always do it the right way instead of the easy way <butterypancake>although this regex is pretty bad regardless of how I do it so now I could lean either way <lfam>I'm working on a package that is based on a handful of python scripts. When I use the Python build system to "wrap" them so they can find their dependencies, the main script tries to import another and fails due to a syntax error :/ <lfam>I think it's because the imported script is a shell script <lfam>I wonder what to do here <butterypancake>is the shebang something you don't have? but not having something wouldn't raise a syntax error... <lfam>It usually works great but this package is a mix of different build systems <jaker3>Hi! how can I source my profile? I installed texlive-bin with the command guix install texlive-bin <jaker3>but now when I open another terminal the binaries provided by that install are not available <dftxbs3e>jaker3, GNU Guix explains you what to do with your profile if when it's done installing it detects it's not right <jaker3>I ran those suggested commands but now the environment is not correct <dftxbs3e>jaker3, do you run GNU GuixSD or just GNU Guix? <jaker3>What is the general thing to do in order to source my profile that was just installed with the command guix install <butterypancake>did you do any system updates recently? Big updates sometimes break stuff until you do a reboot <dftxbs3e>jaker3, it's true the advice it gives can break environment because instead of *appending* to existing environment it replaces it <jaker3>I haven't reconfigured my system since uptime <jaker3>I ran guix pull before guix install <butterypancake>you could try turning it off and on again :P that'd reset your environment <jaker3>I'd like to just be able to source the right environment variables but I'm not sure which one is the correct one <jaker3>and then use the dot command to source something? <jaker3>this fixed it for me: GUIX_PROFILE="$HOME/.guix-profile" && source "$HOME/.guix-profile/etc/profile" <raghavgururajan>nckx: guix weather still shows 0 out of 3. What was the command to clear cache? <raghavgururajan>nckx: I forgot the fact that Java is not reproducible. I may never be able to get your substitutes? :/ <dftxbs3e>the guile-3.0 recipe doesnt bootstrap in parallel which makes it so slow! <dftxbs3e>been stuck on ../module/ice-9/psyntax-pp.scm for a long while <dftxbs3e>guile-2.0 on the other hand was in parallel and it was rather fast. <dftxbs3e>ah, it now is parallel, psyntax-pp is done <apteryx>guile 3 bootstrap should be faster, since it uses its baseline compiler to speed this step now, IIRC. <narispo>apteryx: yep, I can't wait for Guile 3.0.4 to be guile-3.0 in GNU Guix, right now it's guile-3.0-latest <lle-bout>when you realize the interpreter path makes ld not work -> modify glibc means world rebuild :-( ***apteryx is now known as Guest54769
***apteryx_ is now known as apteryx
<civodul>so, i think i'll go with "guix git authenticate" after all <NieDzejkob>lle-bout: ldd works for me, what exactly are you observing? <lle-bout>NieDzejkob, on my ongoing powerpc64le-linux port! <lle-bout>Basically when the interpreter path is wrong, ldd things every binary isnt a dynamic executable when it actually is and runs, basically ldd knows a different path than the binaries. <mfg>Hi, is there a flag for guix to not buffer log files? it seems like it's stuck in the `check' phase of a pkg, but the log doesn't contain full messages from the previous phases... <mfg>and regarding the search paths yesterday... RTFM helps a lot :'D <mfg>and the same for the first question :( <nckx>raghavgururajan: Store hashes are based only on inputs (whose hashes are based only on their inputs, etc., all the way to sources). Reproducibility of package contents does not affect finding substitutes at all. I built https://paste.debian.net/plain/1156009 . I also verified that the server actually returns it. <narispo>janneke: Am I dreaming or a blog post talking about GNU Guix and GNU Hurd was deleted? A recent one, not the hello world. <narispo>janneke: OK, maybe I've read it on Phoronix then :P <janneke>it's getting time for a new blog post, though <janneke>right, yes we're providing hurd images now; many thanks to mothacehe <narispo>Can't wait for GNU Hurd hackers to jump on the train! <janneke>civodul: yay, guix git authenticate \o/ <narispo>what about guix git authenticate? what would it be useful for? <mfg>Hm, so do i understand the documentation correctly? I'm in a `guix environment --ad-hoc gcc-toolchain <some-c++-libs>' running `guix package --search-path' should return the CPATH and LIRBARY_PATH variables i should set there, right? <narispo>mfg: search paths would be /path/to/environment/profile/lib or something <narispo>I am guessing the environment profile is temporary somewhere <narispo>It contains links to populated directories of the /gnu/store <narispo>mfg: I think everything should work by default, no need for manually configuring environment <narispo>I don't think guix package --search-path applies to environments <mfg>narispo: i think you are right. <mfg>but i can't understand this behaviour: https://dpaste.org/W6tT g++ works just fine but clang++ gives error messages which i don't really understand ^^ <narispo>mfg: I think that's because the installed libstdc++ and its headers is incompatible with what clang understands <narispo>If you can get clang to use C++ 20 I think it can work <mfg>Ok i can't use clang and gcc-toolchain simultaneously, if i only use clang in this profile it also works <Ggggggggg>How do I install a system with full encryption? Guix does not place a kernel in/boot. That's what Debian does. What should I do? <Ggggggggg>It doesn't work. As I understood grub is trying to load the kernel with/but this section is encrypted. <OriansJ`>my posted configuration is on a luks volume <OriansJ`>I believe the current guix image requires the "-type luks1" with the luksFormat <OriansJ`>because if it is version 2 of luks, grub will not be able decrypt the volume (atleast until we get a version of grub that supports it of course) <OriansJ`>I haven't yet figured out how to remove the double prompt for the luks password yet but that shouldn't be a major problem <civodul>narispo, janneke: interesting that Phoronix keeps repeating we're removing support for Linux <janneke>civodul: indeed, well they don't mention a time-line so it could be true ;) <janneke>i heard we're very close to user land device drivers <civodul>there's is indeed support for quite some user-land device drivers via Rump <civodul>nowhere near what other free OSes support, but still an improvement! <OriansJ`>Ggggggggg: just make sure to never forget cryptsetup in your packages list, otherwise guix will boot to a shepard image that can't repair the problem nor provide a means of getting back to a working state. <janneke>civodul: can i bother you again to look at my v3 offloading patch set (now reduced to 2 patches!) <OriansJ`>civodul: I believe that is called the Gell-Mann Amnesia effect <Ggggggggg>OriansJ`: I need to install an unencrypted Guix. And run these commands on a real computer for encryption. Did I get it right? <OriansJ`>Ggggggggg: No, boot up a guixsd install image. <raghavgururajan>Ggggggggg, It is targeted for librebooted devices, but you can tinker around. <OriansJ`>then format it to ext4 or any filesystem you wish to use <OriansJ`>then label it for easier use in guix configuration <janneke>OriansJ`: oh, there's a name for that...interesting. <OriansJ`>janneke: there is another term (which I am blanking on right now) for when most people in an industry have an incorrect belief about reality. (like Wall Street about mortgage bonds prior to 2008) <OriansJ`>Ggggggggg: the first couple steps in my instructions are for those who wish to test the results in a VM prior to applying it to their bare metal machine. <janneke>civodul: oh ty!!! one minor change and we're good to offload to Childhurds <civodul>so with that we can resume what rekado started to get offloading up and running on berlin, right? <OriansJ`>janneke: possibly, now the question is when the industry is finally realize the hardware guys are just as bad as the software guys but are using worse tooling, useless linters and are broken in impossible to fix ways <OriansJ`>not to mention the CVEs about x86 MMUs that are under hard NDA for the next 10 years. <OriansJ`>libresilicon and libre hardware can't arrive soon enough. Thank goodness Google actually has been helpful in getting a 130nm process available to the community <OriansJ`>but then again I don't understand why Governments pay to find issues in proprietary products and then pay more to have them fixed. Why the F**K are you outsourcing your Quality Assurance and bug testing to your paying customers?? What sort of business treats their customers that shitty and expects their business to last? <janneke>civodul: pushed! bug closed, let's wake-up rekado ;-) *janneke goes to reboot with fresh childhurds <PotentialUser-47>Hey guys, how do you request a new package be build and included in the guix store. I need to install the private internet access VPN client. <dftxbs3e>PotentialUser-47, Hello! Is the Private Internet Access client Free Software? <dftxbs3e>It seems that the PIA VPN clients are licensed under the GPLv3 so that's good. *janneke is offloading \o/ <civodul>janneke: we need to figure out how to handle SSH host keys and signing keys, right? <civodul>IWBN to plan for a libc hackathon at some point, for things like mount/umount, clone, unshare <janneke>civodul: yes; we need to copy the keys into the childhurd, not sure how far rekado got there <janneke>as the chilhurd's SSH is wide open, and we have only one or two right now, it's easy to do that by hand and i believe he did so, only to stumble upon the locking mode error <janneke>civodul: ah yes...there is this chroot/libhurdutil patch by phant0mas that i forward-ported, on some "wip-hurd-system" branch of mine and then there's the "kill -1" weirdness, some socket tests that hang... <janneke>i was hoping to get a nice set of substitutes in; what i've been doing for my childhurds is to inject a number of cross-built packages, like gcc, gdb, git, wget, autotools, all guix build deps, etc <dftxbs3e>I couldnt get offloading to work previously on big endian ppc64 <PotentialUser-47>dftxbs3e, I have to write the package myself. Yikes, I've never done that before. That's very intimidating, but I'll give it a s hot. <janneke>dftxbs3e: verify that you have signing keys in /etc/guix/, and try "guix offload test" <dftxbs3e>PotentialUser-47, If you've never done that before it's not so easy and requires some training, reading documentation is a great start. But unfortunately contributors to the GNU Guix projects are all quite busy at their own tasks, if you send an email on the Help Mailing List maybe you can find a contributor with free time willing to create a package. See: https://guix.gnu.org/contact/ <dftxbs3e>It can be hard or easy to create a package, it seems to be a quite complex application so it can be hard. Also all dependencies need to be packaged separately. <dftxbs3e>janneke, I've done everything that the manual told me to do and it wasnt working <dftxbs3e>I would need to try again to find the error but I remember reading a long post on the mailing list saying errors on guix offload are unhelpful and could be better <nckx>raghavgururajan: Glad to hear that, but literally nothing changed in the meantime 🙂 <NieDzejkob>PotentialUser-47: do you have a link to the source code of the program? I'm having trouble locating it <NieDzejkob>PotentialUser-47: I can see that PIA also supports connecting with OpenVPN, which has already been packaged. Maybe that would be simpler? <dftxbs3e>NieDzejkob, it certainly would, however it's harder to use. <dftxbs3e>PotentialUser-47, do you have GNU Guix System Distribution installed? If so, under what desktop environment are you? <dftxbs3e>GNOME with NetworkManager and the OpenVPN NetworkManager plugin can be quite easy to use. <dftxbs3e>The network-manager-openvpn package will install that plugin - PotentialUser-47 <dftxbs3e>If that's fine with you, and you do use NetworkManager, then that should suit your needs, unless you need any features the PIA clients are specially providing. <dftxbs3e>NieDzejkob, PotentialUser-47: Also it's not evident that PIA is providing configuration files directly outside of their clients. <PotentialUser-47>Thank you dftxbs3e I'll try to find a contributor, and yes all of you guys are busy so it's hard to ask for help without feeling like a burden :P <dftxbs3e>PotentialUser-47, it's not a burden, it's just that GNU Guix is still a maturing project so writing packages such as Private Internet Access custom VPN clients arent really priority right now. <dftxbs3e>If you can use the standard openvpn that's already in GNU Guix, that would be easier for everyone, because each and every vendor has it's own VPN clients, often proprietary but some times also FOSS. <PotentialUser-47>@NieDzejkob using OpenVPN you mean? @dftxbs3e Oh thank you! I'll try using "GNOME with NetworkManager" with the "OpenVPN NetworkMangaer plugin". I assume I can use as search engine to find out how to configure that. <dftxbs3e>PotentialUser-47, in a terminal, run: guix install network-manager-openvpn <dftxbs3e>But really, you should contact PIA's support for this. You should be able to sort it out with that but if there's any more issues they'll be able to help you better since it's their service. <roptat>I get a 502 on issues.guix.gnu.org <narispo>civodul: yes it is, I am worried it might not be so great, it's misinformation. <narispo>civodul: the link times out for me, 502 <Formbi>I'm trying to package node 14.5.0 <Formbi>and it compiled, but in the tests said «command "make" "test-ci-js" "-j" "4" failed with status 2» <Formbi>do you know something about the test-ci-js? <NieDzejkob>Formbi: that's just make's way of saying "there was an error" <roptat>if it's running in parallel, the actual error can be very far away from the point make stopped <roptat>because it waits for other jobs to finish and they can print a lot of stuff <roptat>try to find the first occurence of "***" *janneke guix build --system=i586-gnu --verbosity=1 -e '(@@ (gnu packages commencement) python-boot0)' <Formbi>I'll try to build it on one core <blendergeek>How do I build a package that I create a scheme definition for? I tried `guix build -f hello.scm` and I got "guix build: error: #<unspecified>: not something we can build". <lfam>blendergeek: Try putting the name of your package as the last line of the file <sys2>Hi Guix! I'm looking into running docker containers locally... but am concerned about running dockerd as root. Reading https://guix.gnu.org/manual/en/html_node/Miscellaneous-Servies.html and the code (guix/gnu/services/docker.scm) suggest it uses containerd by default. From some searching it seems like this was docker's "runc" after it was donated to the linux foundation <sys2>My questions are: 1. local services are still not supported, right? 2. Suggested alternate ways to run docker containers (ideally w/o modifying /etc/config.scm (i.e. using services run as root)) 3. If the other two fail... suggested substitutions/configs/ways to minimise exposure? <sys2>assuming (if it works) breakouts would still get <my user> access... which isn't great, but is better than root... right? <sys2>s/works/runs services as my user <jsoo>sys2: Yes shepherd can be run as a normal user process so root is not really required. Making sure the user shepherd starts and stops for the right reasons is a whole different challenge, though <jsoo>Yeah that and the blog post are good <sys2>still wondering if there's something for (3) though. guessing there isn't a suckless/openbsd daemon or something, is there? <jsoo>I'm not sure. From everything I know, dockerd has always required root and was sneakily made setuid in the docker install scripts <sys2>do you know if my assumption about permissions is right? e.g. if I run a container that uses a root user and it "escapes"... it doesn't get root access if I've run the service as my user... right? <sys2>I'd have to rebuild to remove setuid, right? or just chmod? <jsoo>guix system does have a container option, as does guix environment <sys2>yeah but I can't pull and run docker.io containers with those, right? <jsoo>i believe it is not in the setuid programs by default so you will have to run as root <sys2>will try to run it as me and see what it does... <jsoo>no you won't be able to use images from docker hub using guix commands <sys2>would be nice to sidestep that whole stack <jsoo>yes. there is singularity in guix <jsoo>if you want to try an alternative <sys2>that /does/ use setuid. will look into it <jsoo>Does anyone know of any recent changes that would cause ghc linking to fail? <Ffffffffff>Hi. I asked about encryption today. I wanted to encrypt the whole system, not just one section <jsoo>Building a project with cabal errors with ld: cannot find -l{m,pthread,z,rt,util,dl,c} <civodul>narispo: issues.guix.gnu.org is back now <civodul>rekado: i'm not sure what's going on, mumi is run from a shell, not from the service? <civodul>(also in part because i logged in on the wrong machine initially :-)) *walter[m]1 wonders how they can put their archiving training towards the tarballs problem <OriansJ`>Ffffffffff: The steps provided encrypt an entire drive, which depending upon your setup will be the whole system or just a single drive in an array. But the assumption of a single drive for the whole system is much more common and hence why the steps are geared toward that form. <OriansJ`>just remember we are not mind readers and inaccurate or insufficient information can result in suboptimal advice. <janneke>hmm, what's going on with linux-libre-headers-5.4.20.drv.bz2 <PurpleSym>Is it somehow possible to figure out which of my packages are causing a loop in the dependency graph (and thus guix build to just do nothing)? <apteryx>the best tool we have is 'guix graph --path package1 package2' after you somehow managed to suspect package 1 and 2 to be in a loop <apteryx>it should be relatively simple to find out if your new changes are limited <PurpleSym>You’re right, guix graph does indeed show a loop. I was suspecting it would just do the same as `guix build`. Thanks! <NieDzejkob>maybe cabal is removing it from the environment for some reason? ***dingenskirchen1 is now known as dingenskirchen
<jsoo>NieDzejkob: $HOME/.guix-profile/lib (repeated twice for some reason) <jsoo>I am using cabal, so it could be cabal maybe <jsoo>i did check and those libraries are in the profile <jsoo>also adding --extra-lib-dirs=$HOME/.guix-profile/lib gets the same result <jsoo>i just used ghc/cabal to compile this project 4 days ago <linka>hey. does anyone know how to add linux arguments to all grub entries? ***dingenskirchen1 is now known as dingenskirchen
<nckx>linka: Kernel command-line arguments are a property of each system generation (kernel-arguments (list …)), you can't retroactively change them in a supported manner. <linka>hckx: thanks, that's fine with me. where do you put the kernel-arguments? <linka>can't find it in the manual :/ <linka>there's just per menu-option linux-arguments <nckx>linka: (operating-system (kernel-arguments (list "foo" "bar"))) <nckx>I'm sure that's documented. <jonsger>how can I teach guix-publish to create narinfos and nars? <jonsger>is there any way? `guix build` doesnt... <cbaines>jonsger, I don't think guix publish does anything else...? <jgart[m]>Hi, is the `nix-service-type` broken for anyone? <pkill9>is guix still in beta? can't remmeber <jonsger>cbaines: ah works now, it just takes time <jgart[m]>Hi pkill9 , I was reading through some of your guix related blog posts the other day. Great stuff! <jonsger>but pass through to nginx doesn't work <jonsger>oh men. it uses now uses the webroot instead of the locations <nckx>pkill9: No, but that was just a label anyway. <nckx>jonsger: ‘Takes time’? It should be instant, unless you use --cache. <jonsger>I don't get it. nginx always routes the request to /webroot instead of passing it to proxy_pass <nckx>jonsger: Where does /webroot come from? Is that a Guix thing? <jonsger>nckx: it's not webroot its "/srv/http/mirror.brielmaier.net" defined in `root` the nginx-server-configuration <nckx>I find the Guixy syntax impossible to read. I'd ask for the real nginx syntax but it's probably autogenerated gobbledygook. <nckx>jonsger: Are you sure that (uri "\\.narinfo\\$") is magicked into a regex match by the Guix service? <nckx>Try adding that to the start and see if it works. <jonsger>cbaines: yeah, found it. that should be the error. sometimes copy&paste is bettern then tipping :) <nckx>It's just a literal string match otherwise. <jonsger>I corrected it but narinfo is still wrong, the other locations are working <nckx>Or you're matching only ‘xxx.narinfo$’. <jonsger>working now. It remindes me of the last time when I had hard times with escaping regexes in Guile. I miss '''plain-regex''' from python :P <nckx>(Not the Python bit, but a moar-native regex syntax would be grand.) <dustyweb>mbakke: btw, would love it if you can get a chance to look at bug #42252 at some point, as well as my fix. I don't know if it's any good <dustyweb>I forget if I pinged you on irc about that, if I did already <mbakke>dustyweb: ha, I was actually just responding to your message, after a short guix hiatus :-) <dustyweb>to both your hiatus return and your pending response! <jonsger>first substitute served: (x) check :) *nckx wonders what the logic for inactive=8d/nar vs. inactive=10d/narinfo is supposed to be, aside from the shortness of both. <nckx>Mine's set to 2y, i.e. ‘I don't much care; just push out the LRU when full’. Hmm. <jonsger>nckx: I just copied from roptat didn't had a closer look <nckx>jonsger: You might want to forward /log/ as well. <raingloom>apropos of nothing, could someone look at my Yggdrasil patches? or just tell me no so i can move them to my channel without guilt. <raingloom>they've been sitting on the issue tracker for about 2 months. <roptat>raingloom, oh not cool :/ I'll take a look <roptat>raingloom, from the description you give, I think it's acceptable in guix <roptat>did you get upstream to implement your changes?