<leoprikler>There are also public servers out there, but I'm not sure whether this is an option for you.
<luis-felipe>The Mumble application displays a list of servers, but they seem like servers for some topics or communities only, so I didn't connect to any.
<luis-felipe>I tried jitsi and it worked for one game session, but then it seems that it started to cause Internet problems on the side of people using Windows.
<luis-felipe>Mumble seems nice because it is designed for what I want, but the server thing I don't understand well...
<leoprikler>I can guarantee you that Mumble is superb for gaming, but being a Qt app it's a little hard on those who expect 0 configuration to be meaningful.
<leoprikler>Hosting a mumble-server is not too difficult. You could even get it done locally in your Guix config.
<leoprikler>The problem is going to be hosting a server for everyone. I assume you don't already have a server out in the wild, that you have SSH access to, do you?
<leoprikler>[speaking of, I'll do some advanced SSH hopping to update mine real short]
<luis-felipe>No I don't, I just have a Guix System desktop with home internet, I don't know if I can open ports required for the server...
***trav27412 is now known as travankor
<OriansJ>apteryx: I've long since accepted the work as thankless (The death threat from a crypto-asshole was a little much) but it I do find it extremely fun and enables me to give people a complete understanding of how exactly everything works and how to fix it if anything breaks. It is a very low issue environment; were things do exactly what one would expect and breakages are quick to spot and easy to fix.
<OriansJ>It is the sort of fun development; I wish other people could also enjoy. Lots of small programs that do 1 thing and when an issue occurs; just look at the one thing and walk it to the problem.
<ryanprior>If you want to make those even more durable, here's what I'd recommend: 1) download the source code; 2) guix pack --save-provenance youtube-dl; 3) make a torrent for the tarball with both those things included; 4) share the torrent on lots of trackers & convince people to seed it
<ryanprior>Donating time and money to the GNU project and Software Heritage also helps.
<ryuslash>hey everyone :) I'm having some trouble getting Guix System to run. When I try to boot up my system I just get "error in finalization thread: Success" and "udevd: no sender credentials received, message ignored"
<ryuslash>this is on a fresh install, I've tried both the stable and latest installation images
<ryuslash>any help in getting this to work would be greatly appreciated :) I'd really like to get Guix System to work
<nckx>ryuslash: Any other messages? Both lines are expected & harmless.
<ryuslash>well, there's a message about pcspkr already having been registered, but blacklisting it doesn
<xelxebar>vits-test: See the execve(2) manual page, and search for "maximum length". It looks like 127 is the maximum for kernels before 5.1; however for >=5.1 it claims the maximum is increased to 255.
<xelxebar>vits-test: You could also be an experimentalist and set shebangs like #!/./././././././bin/foo until something breaks.
<mfg>this gives me the correct output, i guess. I just tried to install guix on another distro which uses runit, it does work, though it's impossible to guix pull as root, because it takes forever and doesn't even start fetching anything from git. It definitively wasn't good to use the 1.1.0 binary tarball :'D
<mfg>As i understand it the guix-daemon that's run is the one from root's profile?
<mfg>so i have to pull as root to update the system guix-daemon?
<mfg>it's also possible that the network is unstable...
<janneke>yes, on a foreign distro that's probably the case
<nckx>‘If it weren’t for the problem of GPL-phobia we’d likely have stayed with the GPL (with a dual licensing model) or even considered the slightly stronger AGPL, but GPL-phobia prompted us to consider other options.’
<sneek>NieDzejkob was in #guix one month and 14 days ago, saying: yeah, some usecase like cross-compiling to Hurd started failing. It looked like some substitute* started failing silently so I started working on #42146, and that *is* a rabbit hole.
<nckx>☺ (U+263A) and 🙂 (U+1F642) look similar, but the latter is much older. The latter's an emojo, so is my 😉 (these are just string substitutions I've set up manually in HexChat). I think Emacs emojo support is known to be problematic.
<nckx>They don't show up in Guix's IceCat here either.
<nckx>s/but the latter is much older/but the former is much older/
<vits-test>also the former do not require google-noto, and the latter is a big square
<jlicht>ah, that is a clear distinction then. Thanks vits-test nckx! I'll go for /etc/ for now, as it won't be loaded anyway.
<jlicht>Always nice to have a relaxed lunch over some bikeshedding ;-)
<nckx>Bon appetit ;-) I was just being honest about where I dump these things when doing so doesn't cause unexpected run-time behaviour; not giving an official recommendation. I'm not aware of a policy at all.
<jlicht>Any plausible deniability on their misapprehension regarding licensing subtleties goes right out of the window with the last paragraph of their blog post :/
<zimoun>roptat: yeah, I have been confused too, since “session” in academic is generally a block of talks. Here it seems only a talk.
<leoprikler>In my opinion, the name "Business Source License" already spells out the intent quite clearly, that being that they want to make money, not (free) software.
<jlicht>Painting a picture where you came up with a suboptimal compromise because you'd like your employees to have stable income is at least understandable, but once you start talking about the plight of investors, and then spin this very same compromise as a sustainable strategy for the future... count me out
<shoxy>Hi everyone! I have a security question about guix: does someone have more infos for me about the security conception and security update policies in guix system? I am thinking about using it as a productive server, but am questioning how guix differs from e.g. centos in terms of security.
<civodul>mothacehe: i'll email my findings on the deadlock
<nckx>shoxy: I do too! I don't host high-risk hardened services (if I did I'd consider a different kernel anyway). But I've made implausibly few enemies on the Internet, as have my customers, and Guix made deploying servers almost fun.
<civodul>zimoun: "guix offload" replies postpone when all the candidate machines are overloaded
<divoplade>nckx, it looks better. Where do I find a confirmation of the key fingerprint, BBB0 2DDF 2CEA F6A8 0D1D E643 A2A0 6DF2 A33A 54FA, for 9edb3f66fd807b096b48283debdcddccfea34bad (this ID literally ends with "bad")
<dustyweb>one of those times where you're helping someone else (Morgan's need for git-annex assistant) helps yourself (me not having git-annex assistant since switching to guix either for a few years, which is what used to auto-manage my org-mode and artwork repos
<nckx>divoplade: ‘github seem to say it's a problem’ but your link doesn't show that. They just respond to news of the attack by promising to monitor their site for collisions. That's (good) PR but I'm curious what they actually found in the past 3 years.
<nckx>I can't find any but my Web search game is pretty weak.
<nckx>It's weird because 3 years is a long time to prepare a successful attack, and it would be huge news.
<nckx><‘different stories’> Well yes, but SHAttered (‘the 2017 Google sha-1 collision’) doesn't apply to git because mitigated that... in 2017. Just because someone claims to have broken ‘SHA-1’ doesn't mean git is broken. Yet!
<zimoun>it could interesting to know if SWH see collision with SHA-1
<zimoun>nckx: it is already implemented. The hook name is reviewer. ;-)
<divoplade>zimoun, you can create a collision with any of the hashes, so commits, trees, sub-trees or blobs
<nckx>‘Hello here is my patch please ignore the 2-megabyte PDF commit message thank you’.
<civodul>zimoun: i think it's a bug that their lookup-commit RPC takes a SHA1 and returns a single element
<divoplade>Also if you accept a similar hack than the nix chromium thing, maybe it's for "legitimate" purposes or it's for a future collision
<divoplade>Let me add this blob, it's to check whether there's an update. Later: oh, woops, my bad, this is the correct blob.
<divoplade>And then you have a commit that you can attack, so all future commits too
<nckx>divoplade: It's by definition for a future collision. The object you want to fake has te be deliberately engineered to be ‘vulnerable’ (this is what Nix did). Another reason that impersonating a legitimate git commit isn't as trivial as that.
<nckx>divoplade: A good reason not to accept blobs.
<divoplade>I agree. Don't ever allow the nix chromium supposed hack.
<Bumblehorse>leoprikler: Geez I'm retarded I didn't even think to look at the elisp file. Sorry for wasting your time.
<leoprikler>Note, that this only applies to the elisp file, not to the python code adjacent to it.
<nckx>Projects don't have to include a copy of the licence text (COPYING, LICENSE, etc.) although it's a good idea. This is better than the opposite (no licence header, just a GPL3 COPYING file), since that's more ambiguous (is it GPL3? 3+? Can you assume it applies?) etc.
<mfg>has anyone tried to install emacs-pdf-tools when running on a foreign distro? For me it always segfaults, when i try to pdf-tools-install :|
<Bumblehorse>The manual says that patches should contain only one set of related changes. It gives the example of adding multiple packages in one patch as an example of what not do to. But one patch that adds 3 emacs themes should be OK right?
<nckx>‘Related’ here is hard to define unambiguously, but it's not 3 packages with similar names or even roles. They're 3 separate packages, so 3 separate patches.
<nckx>Changing ‘GuixSD’ to ‘Guix System’ everywhere in one single commit would have been a related change, for example, because the alternative is noise. Same for renaming a variable: you need to do it all at once or things break. But when in doubt, separate.
<lfam>I'm struggling to build a package that uses some SDL2 libraries. I know that sdl-union exists to make this easier, but I'm still not succeeding.