IRC channel logs


back to list of logs

<fnstudio>hi, i wanted to mention i've come up with an even more minimal version of my "os inheritance" problem: '(define os (operating-system (inherit os-base)))'
<fnstudio>os-base is a working os definition that i've deployed on a remote machine and that allows me to ssh into it
<fnstudio>if i reconfigure to os, i can no longer ssh into the machine as i get a permission denied
<fnstudio>ok no wait, i might have found something
<fnstudio>in my original os-base that i was assuming was working fine but it might not - checking now
<nckx>muradm: Networking sounds best to me, so this seems to be a matter of sheds.
<nckx>Calling it a ‘security service’ is a stretch in my book.
<muradm>nckx: technically speaking, fail2ban is a service that tails logs, matches patterns and takes actions
<muradm>however it is generally used to add iptables rules
<nckx>With SSH.
<nckx>But point taken.
<Noisytoot>It can be used with things other than SSH.
<muradm>it does not do networking actually :)
<nckx>Noisytoot: Correct.
<nckx>You chose to add a new module, so go for it.
<nckx>Be consistent.
<nckx>It's awesome.
<muradm>i descided to put documentation under misc services for now
<muradm>btw, extension mechanism of services makes dependencies mandatory?
<fnstudio>may i ask you if this looks legit to you it's the ssh service bit out of a system definition that i thought it was working but it's not
<muradm>i mean, openssh-service-type extends fail2ban-service-type, then fail2ban-service-type runs
<muradm>is there optional extension? non invasive, fail2ban-service-type extended only when (service fail2ban-service-type) present
<nckx>I don't think so.
<nikola_>Is it possible to run shepherd on a foreign distro as a home service manager
<muradm>i could add "enabled" flag to root configuration of fail2ban which will conotrol if it should run or not in general
<muradm>otherwise, is it really desired to run fail2ban-service-type for everybody running openssh-service-type? O_o
<muradm>nikola_: as far as i remember yes
<nikola_>I tried googling but couldn't find anything
<muradm>debian + put guix as package manager => guix home should work as intended
<nikola_>I meant just the shepherd
<muradm>nikola_: do you want `guix home` or standalone `shepherd`?
<muradm>standalone shepherd is guile scheme program, should run on any distro that can run guile
<muradm>this starts fail2ban-service-type, do you think that it is feasible?
<muradm>oh... i have another idea
<nikola_>Ok, I'll see if I can get it to work
<muradm>nikola_: at least arch has it in aur
<nikola_>How did i manage to miss it
<podiki[m]>is find-files a guix (not vanilla guile) function?
<podiki[m]>ah it is, in guix build utils
<apteryx>guile has the POSIX scandir
<apteryx>or some mind boggling (to me at least) ftw thing
***califax_ is now known as califax
<muradm>56579 updated
<muradm>56608: Acknowledgement ([PATCH] gnu: security: Add fail2ban-service-type.)
<muradm>56579 blocks 56608
<muradm>i don't have rights to set blocks via mailing list :)
<muradm>there are also system tests available as separate commit
<muradm> these are tests
<muradm>didn't include with main patch as it is requested separately anyway
<podiki[m]>apteryx: thanks. I'm trying to see the easiest way to return only directories (one level) in a profile's lib directory (for
<apteryx>scandir takes a predicate as second argument
<apteryx>so you can make some lambda that checks if the file type is a directory
<apteryx>there are examples of this is the guix source code
<podiki[m]>yes, I've got that, but wondering if it should only be one level deep
<podiki[m]>otherwise all the stuff like python directores are added, but I guess that's not a problem?
<podiki[m]>apteryx: I also found for the fhs container I needed /etc/fonts directory (python package that uses prebuilt browsers), wondering if there is some env variable instead though
<atka>hey guix!
<atka>when it comes to pulling source or substitutes can guix be biased towards saving bandwidth? ie if during an update the source is smaller than the binary grab that or vice versa?
<atka>sneek: botsnack
<roptat>hi guix!
<roptat>atka, I don't think so
<apteryx>atka: I think you're probably be better off with binary always; they tend to be smaller than sources
<roptat>also, it would probably have to download additional dependencies to perform the build
<apteryx>also if you build from source it's going to need to download [...] what roptat said :-)
<apteryx>podiki[m]: yeah I had forgotten /etc, it should be mapped as well
<apteryx>(it's part of the FHS)
<apteryx>podiki[m]: ^
<podiki[m]>yeah, unfortunately it is all pretty "optional" but some things have expectations
<podiki[m]>should it just be all of /etc from the profile to keep it easy?
<apteryx>podiki[m]: can't we map the profile directories directly instead of building them manually?
<apteryx>yeah, $profile/etc -> /etc, $profile/lib -> /lib, etc.
<podiki[m]>yes, that's what I'm doing currently, though since /etc already will map a few things, will need to loop through profile I guess
<podiki[m]>(since non-fhs is minimal what is mapped in /etc)
<atka>roptat, apteryx thanks
<atka>I have a whopping 64KBps connection so trying to optimize my systems for that
<podiki[m]>apteryx: anyway, off for now, think I'll need to do some symlinks of directory contents (not recursive) due to some manual things guix container already creates in /etc and /bin
<raghavgururajan>Hello Guix!
<podiki[m]>apteryx: nevermind, of course I stayed up too late and just wrote the code. should be good to now link all binaries to /bin, contents of profile/etc linked, and add single subdirectory lines for
<sneek>atka: wb :)
<raghavgururajan>Oh no! guix-home is placing dotfiles in `~/config/foo` instead of `~/.config/foo`.
<andrzejku>finally I found cpan
<andrzejku>it is part of perl package
<andrzejku>which I thought is already installed
<andrzejku>because of one dependency
<andrzejku>I was sure that cpan has to be a separate package
<andrzejku>as there are many deps managers for perl
<andrzejku>like cpan minus
<devmsv>hello, how can I inheirt emacs-next and modify commit so I can use a newer commit?
<lilyp>devmsv: (source (origin (inherit (package-source emacs-next)) [your stuff]))
<lilyp>alternatively, just setup a new source origin altogether, it's not too hard and you can copypasta a lot
<unmatched-paren>andrzejku: Just because a package that is installed depends on X doesn't mean X is also installed :)
<unmatched-paren>raghavgururajan: there was a semi-recent change removing the implicit ., which was a mistake anyway
<raghavgururajan>unmatched-paren: I see.
<raghavgururajan>This one?
<devmsv>thanks lilyp I have done this: and is building
<andrzejku>my linux kernel version is newer then the linux headers which glibc depends on
<devmsv>/me now that i think i could probably have done this:
<devmsv>(define-public emacs-git
<devmsv> (options->transformation
<devmsv> '((with-commit . "emacs-next-pgtk=b78508696b1997ba0eef4288219071994c88e575")
<devmsv> )))
<devmsv>(define-public my-emacs-pgtk
<devmsv> (emacs-git (specification->package "emacs-next-pgtk")))
<andrzejku>anyway I do not know how to install linux/limits.h
<andrzejku>guix have no so called dev packages
<raghavgururajan>andrzejku: `linux-libre-headers`
<raghavgururajan>That provides the header file `linux/limits.h`, among others.
<andrzejku>raghavgururajan: I have to check again but I already tried it and it doesn't work
<andrzejku>raghavgururajan: actually I got also glibc and linux-libre-headers version mismatch
<andrzejku>linux-libre is available in the newest one which conform my linux kernel version
<andrzejku>while glibc is old
<andrzejku>that's pretty bad
<raghavgururajan>andrzejku: You can use older available versions. `linux-libre-headers-X.YZ`
<raghavgururajan>Use the command `guix search linux-libre-headers` to look for available versions.
<andrzejku>raghavgururajan: should it work guix install linux-libre-headers-X.Y.Z?
<andrzejku>guix install: error: linux-libre-headers-5.10.35: unknown package
<raghavgururajan>For `guix install` the syntax is `linux-libre-headers@x.yz`
<andrzejku>ahh guix package -i have different syntax?
<raghavgururajan>package-name VS. variable-name
<andrzejku>now I have both glibc and headers
<andrzejku>but no linux/limits.h
<andrzejku>it is somehow not a part in my profiles includes
<andrzejku>I think it might be a different package but I am not sure which one
<andrzejku>some people are talking about linux-libc
<tex_milan>Hello all, I was complaining about crashing VLC couple days ago here, I found what was problem: I had in VLC->Preferences->Video->Output: automatic, when I set it to Xvideo or X11 is doesn't crash anymore and works correctly.
***Brandong[m] is now known as shtwzrd[m]
<raghavgururajan>andrzejku: If you'd like an isolated environment, check `guix shell` command in the manual.
<andrzejku>raghavgururajan: actually it wasn't a development environment but a cpan module dependency
<andrzejku>which is used by another app
<raghavgururajan>Ah, in that case, you'd have to modify that app's package definition to point to the correct version of linux-libre-headers.
*raghavgururajan --> afk
<andrzejku>raghavgururajan: emm actually perl cpan modules they are quite independend
<andrzejku>if <something> is using in one function a perl module it is okay
<andrzejku>I think the problem is missing header in linux-libre-headers
<roptat>hey everyone, how would you say "hi guix!" in your native language? :)
<andrzejku>hi guix
<andrzejku>raghavgururajan: hmm I think it should be a different thing
<andrzejku>raghavgururajan: probably this shall use perl-lwpagent package which doesn't exist
<andrzejku>instead of trying compile runtime dependencies bymyself
<andrzejku>and this guix shell is for development
<dcunit3d>so i'm trying to configure a program to be runnable as setuid, but it needs to be run with `env ENVVAR1=foo prog --options`
<dcunit3d>i've found a few examples that are similar in the codebase, but most of them are from gnu/packages and use `(wrap-program ... )` to set environment variables.
<dcunit3d>since this creates a guile script, is it okay to use for setuid?
<dcunit3d>another possibility is to build the program invocation from (string-append #$prog), but i've been mostly following the first thread
<civodul>dcunit3d: hi! not 100% sure but i think it's okay for scripts to be setuid
<dcunit3d>i'm moving my code to a more simple system to test it in
<jpoiret>interesting, i thought execve dropped EUID/EGID
<nckx>andrzejku: And yet linux-libre-headers is the correct package. Maybe the problem is elsewhere? (Ignore whoever's talking about linux-libc, there is no such package.)
<nckx>roptat: ‘Hallo Guix’, but use ‘Hoi Guix!’ if this is for some kind of welcome wall to differentiate it from German :)
<roptat>thanks :)
***Dynom_ is now known as Guest8244
<roptat>ok 600 strings left :)
<cnx>i reinstalled guix sd (bios upgrade erased the boot) to the same partition and now if i run reconfigure guix gives me "unsupported manifest format":
<cnx>any idea what might be the issue here?
<Noisytoot>roptat: "Привет Guix!" in Russian.
<cnx>roptat which langs are missing?
<roptat>I have English, French, Russian, German and I'm not sure which language "Hoi" is in :)
<roptat>Dutch maybe?
<roptat>I'm looking for any other language :)
<raghavgururajan>roptat: You'd want the guix part to be in english, or spelled in different language but pronounced same?
<cnx>roptat, it'd be *chào guix* in vietnamese
<nckx> damn you.
<nckx>roptat: Yes, Dutch.
<raghavgururajan>roptat: It'd be *வணக்கம் guix* in Tamil.
<raghavgururajan>roptat: And it'd be *ನಮಸ್ಕಾರ guix* in Kannada.
<nckx>cnx: Did you run ‘guix pull’?
<cnx>i tried with and without, happened regardless
<nckx>Which Guix version did you use to re-init?
<nckx>Basically, it's this (despite the absence of time travel):
<nckx>I'd assume it to be fixed in the ‘latest’ image.
<mfg>Hi, i read on the mailing lsit about the idea of introducing some guix shell --fhs, but i can't find the thread again... What was the result there?
<nckx>Broadly positive last I checked.
<mfg>Mein Mix
<mfg>lel sry
<mfg>and thx for the thread :)
<nckx>Well, ‘result → reception’, because AFAIK there is no non-WIP patch yet.
<nckx>The author is podiki[m] here BTW.
<cnx>nckx, i reinstalled from image latest downloaded a few hours ago; how do i check if the issue is relevant (i'm brand new to guix)?
<nckx>civodul: Do you happen to be here?
<nckx>cnx: I don't know, sorry, this whole think happened whilst I was rather absent…
<mfg>nckx: ok
<cnx>no worries, nckx, i think i'll make a fresh install, might not worth the effort debugging lol
<nckx>OK, but ‘I'd assume it to be fixed in the ‘latest’ image.’ might well be wrong! I don't know either…
<Samari>hey, I have a problem where when I do guix system reconfigure config it tries to build some derivations related to python, but fails at python-fontpens
<Samari>how can I solve this? where could the problem lie?
<Samari>I think it fails to build a derivation dependency, which is font-abattis-cantarell
<nckx>Now that sounds familiar:
<nckx>Expected: 107.70329614269009, Got: 107.70329614269008
<nckx>Is that it? There should be a log file (likely ending in .gz, which you can ’zless’) mentioned in the failing build output.
<nckx>Happens here too.
<nckx>I'm afraid the solution is to actually debug why the test (now?) fails, and to actually fix the package, Samari.
<Samari>nckx yes I can see one. But what do you mean by zless?
<nckx>The command ‘zless’ is like ‘less’ for .gz-compressed files.
<Samari>nckx how do I know what package this is linked to?
<Samari>should I uninstall packages one by one?
<Samari>and debug like that?
<nckx>Samari: Well, your output should look something like this:
<nckx>It mentions that ‘1 dependencies couldn't be built’ for Cantarell (so it never built Cantarell), and above it says which one(s).
<Samari>nckx Yes. and by the way, Im not the guy that posted this in issue. So maybe its a recent problem?
<Samari>I think I have exactly the same output
<nckx>Samari: No, (un)installing packages have nothing to do with builds. The only way to fix this is to edit the python-fontpens code ( so the test no longer fails, or is skipped.
<nckx>Samari: Oh, I know you're not, I was just pointing out the bug report :)
<nckx>It does seem like it must be recent, and yet the addition of python-fontpens isn't *that* recent.
<Samari>nckx I should go into the code and add something so that it passes the test? hm, I dont think I can do this yet.
<Samari>I don't know how to code that
<nckx>Samari: No problem, but there's no other way to fix this I'm afraid. The Guix package graph is fixed, you can't randomly (un)install things to make something ‘work’.
<nckx>A good first step would be to find out which (Guix) commit broke things. I don't have time to bisect, though, I have to go.
<Samari>nckx thanks for the help. I'll see what I can do, I think I'll try to find help for the code
<lilyp>btw. why do we hide python-fontpens, but not python-fontpens-bootstrap? seems silly, no?
<roptat>oh I just learned about zless
<roptat>was doing some weird gzip -dc ... | less
<roptat>I used to use bzless when we were saving logs in bzip, and since I couldn't find a gzless...
<roptat>btw, since all of you speak different languages here's your punishment: finish the website translation (to your native language, not a second/third/whatever language) and ping me when done or if you have issues:
<lilyp>I think the website dataset should be cleaned, there's a bunch of bogus warnings about newlines
<roptat>maybe I can make it ignore those
<roptat>I think it worked
<weidtn>Hey. When I try to install smb4k I get the following error: CMake Error: The source directory "/tmp/guix-build-smb4k-3.0.6.drv-0" does not appear to contain CMakeLists.txt.
<weidtn>Is this some problem with the package definition?
<roptat>sounds like it
<roptat>oh, its source is called "download"
<roptat>however, the archive contains a CMakeLists.txt
<roptat>the package looks fine to me, but I'll try building it and see in more details what's wrong
<weidtn>thank you.
<roptat>uh, it's because the source is called "download", it's not uncompressed, so the build can't find anything
<roptat>/o\ 500+MB to download to build from master
<weidtn>Is there any better solution to have a file browser for samba network drives?
<weidtn>Its also for videos, so i prefer thumbnails
<roptat>I don't know, I'll push a fix shortly if I manage to build it
<roptat>weidtn, fixed, you should run "guix pull" to build it
<weidtn>ah, so you have the needed rights. I expected a long wait and was trying to define it myself
<weidtn>thank you
<weidtn>maybe I can sneak in some attention for this:
<weidtn>Still waiting for this oneliner to get reviewed. Its copy paste from another big channel, and somebody forgot this line i think
<roptat>that's really not my area, but you're welcome to send a ping to the bug number
<roptat>in general, if you don't receive an answer after 2 weeks, you can send a ping, or your patch will likely be forgotten
<roptat>that being said it doesn't look bad, so I could give it a try :)
<mbakke>woah, I fixed smb4k too a couple of days ago but apparently forgot to push it 🤦
*mbakke is juggling too many branches
<roptat>weidtn, done
<weidtn>thank you!
<Maya[m]1>hi guix! i was looking to deploy email server and I found out that postfix isn’t actually packaged and the issue and the branch is stale, does anyone know if the branch is usable or?
<roptat>mbakke, impressive work on the website :)
<mbakke>roptat: thanks! I found it a leisurely afternoon activity :)
<Noisytoot>Maya[m]1: OpenSMTPd is packaged
<Maya[m]1>Noisytoot: is there sone kind of webadmin for it? I need to allow users to create accounta
<nckx>I don't think Guix packages any mail-in-a-box solutions,
<nckx>Maya[m]1: OpenSMTPd is packaged, and exim might be (or there's an unmerged patch on the tracker). I personally prefer the former.
<nckx>Very simple but it delivers mail and does so well.
<Maya[m]1>nckx: i’ll try it then! thanks
<Maya[m]1>i just need a way to manage accounts, so there is a way to add users without opening the terminal
<two[m]>hwo to pause compilation?
<nckx>Maya[m]1: Right. That's the part that isn't packaged in Guix, I'm afraid. You'll have to write something simple in PHP or so, or find or package an existing Web UI.
<nckx>two[m]: I send the daemon's process tree a SIGSTOP in htop. There is no built-in method.
<Maya[m]1>nckx: i don’t mind packaging something if it is not something that complex, i just don’t believe myself that I can write a secure web ui (even if its local) :D
<nckx>Probably a healthy attitude.
<nckx>I don't know the available options, I manage users with a text editor.
<two[m]>what to do if i want to translate guix?
<nckx>14:20 roptat btw, since all of you speak different languages here's your punishment: finish the website translation (to your native language, not a second/third/whatever language) and ping me when done or if you have issues:
<two[m]>do i have to get a fedora account and translate online?
<nckx>Oops, I meant only to paste the edited link.
<nckx>two[m]: That's the standard workflow, yes.
<two[m]>nckx: can i clone the git and translate with poedit?
<nckx>You can. I just don't know what the procedure is to request a merge of your changese
<nckx>*. roptat will know.
<thorwil>hi! i’m trying to fix gx-vbass-preamp-lv2. it needs a CC=gxx as addition to #:make-flags. is there a way to add that while keeping the (inherit gx-guvnor-lv2)?
<two[m]>to send the diff to
<thorwil>what it inherits also includes a modify-phases, which i would prefer not to have to copy.
<nckx> two[m] Sure.
<unmatched-paren>thorwil: substitute-keyword-arguments?
<nckx> thorwil: You want substitute-keyword-aguments.
<unmatched-paren>(substitute-keyword-arguments (package-arguments ORIGINAL-PACKAGE) ((#:make-flags orig) #~(cons (string-append "CC=" #$(cxx-for-target)) orig)))
<unmatched-paren>i think that's work
<nckx>Or what unmatched-paren said, I guess.
<unmatched-paren>not sure whether cxx-for-target exists though
<nckx>It does.
<thorwil>the cases whree it’s used in music.scm sure look like that should do it. trying, thanks!
<unmatched-paren>if the original package uses old, quoted arguments, s/#~/`/ s/#$/,/
<nckx>I'm on a lamentable public connection so I'll keep it short: has Cantarell been fixed yet?
<Guest76>Hi, I'm new to Guix. I've just installed the sbcl and cl-asdf packages. Sbcl does not seem to load asdf automatically, though. Loading asdf from the store through an init file does not seem like the right way to do it. What is the right way to do this? I'm on Guix System if that matters.
<muradm>hi guix
***the-porcupirate is now known as porcupirate
<nckx>Hi both.
<lilyp>nckx: Re cantarell, the test is flaky
<lilyp>I have one machine on which it consistently passes and another on which it fails.
<lilyp>Sadly, the one on which it passes is my development machine, so I can't run any tests
<lilyp>furthermore, the test is part of a docstring, so we can't easily alter it
<lilyp>I suggest using substitute* to match the exact lines and drop them
<roptat>two[m], don't use the po files from the repo
<two[m]>roptat: why? are they outdated?
<roptat>two[m], they're outdated (not by too much, but we have to make some manual steps to merge changes from weblate, so I do that every month
<roptat>it's best to create a fedora account, but if you really don't want to, you can still download the file from weblate and send it to the list
<mbakke>roptat: norwegian website translation is complete! when will it show up on :) I'm sure some things should be tweaked with full context...
<roptat>mbakke, I'll do my best to put it tonight or tomorrow evening
<roptat>we have a meeting with guix-europe, so not sure I can do that today
<roptat>two[m], if all you want is edit locally, and you're ok with a fedora account, you can also download the file, edit locally and upload your changes to weblate directly
<two[m]>i just don't like weblate ui
<mbakke>awesome, thanks :)
<two[m]>thank you
<roptat>two[m], also, I've written a translation editor, offlate, that is able to automate that workflow for you
<roptat>although with weblate, it's sometimes a bit broken, I have no idea why
<two[m]>thank you
<two[m]>is it?
<two[m]>if so the website doesn't work?
<two[m]> * if so the website doesn't work
<two[m]>with 504 gateway timeout roptat
<roptat>gah, offlate is part of guix though
<roptat>should be back
<efraim>nckx: in response to your question days ago about updating your key's expiration date: I don't believe you need to update the keyring branch
<podiki[m]>hi guix
<Guest76>Re: my own question earlier: A simple (require 'asdf) was all it took
<podiki[m]>working on tweaks to the fhs container, curious what is the "best" way to generat (where ldconfig looks for libraries to cache)
<podiki[m]>should it just be top level directories in the profile's /lib? or anywhere .so files are within the profile /lib?
<podiki[m]>second is more thorough but not sure if things several subdirectories deep are not meant to be referenced without path in ld cache
<podiki[m]>my only known example in guix packages is that nss puts libnss3 in lib/nss which apparently is not expected by programs in linking (looks just for libnss3)
<muradm>lilyp: any more comments for 56579? also may be you could put "blocked by 56579" on 56608?
<podiki[m]>actually, is there a reason's guix's nss uses lib/nss/? seems we patch some builds to find libnss there rather than just in lib
<KarlJoad>I remember reading something somewhere about using Guix as part of a script? Like how nix-shell can be used as a #! interpreter. Anyone have any pointers?
<KarlJoad>I want to whip up a quick xrandr script is all.
<unmatched-paren>KarlJoad: how about `#!/usr/bin/env -Sguix shell blahblah ...
<KarlJoad>unmatched-paren: That's probably what I want. Is there documentation somewhere for that stuff?
<unmatched-paren>not that i know of
<two[m]>qt 🙁
<unmatched-paren>you can apparently put a space between -S and guix
<KarlJoad>Dang. Ok. For some reason I remember reading that there was some issues with using guix as an interpreter like that.
<thorwil>how should i send in a patch series for a specific bug (
<thorwil>just send a header email and mention the bugreport?
<nckx>efraim: Thanks for the confirmation! I sent it to the openpgp keyserver (the 'new' one) and Savannah, so I think I'm done.
<unmatched-paren>thorwil: `git send-email`
<efraim>I normally forget the one for savannah. I have to change the expiration on mine soon too
<nckx>Could someone with the sysadmin bit take a look at ci.? I'm not available. It's been 502ing for a few hours.
<roptat>mbakke, do you know the difference between nb and nb_NO?
<efraim>nckx: could it be related to berlin running out of inodes?
<civodul>nckx: i stopped Cuirass because... we ran out of inodes
<civodul>if you folks have spare inodes, feel free to share!
*unmatched-paren resists the urge to tell civodul to download more
<nckx>I didn't know.
<nckx>Add it to the 'donate' page.
<unmatched-paren>curl | bash
<nckx>You forgot the sudo.
<unmatched-paren>su -c "curl | bash" you happy now? ;)
<jcmdln>still wrong `sudo curl | sudo bash`
<unmatched-paren>jcmdln: they are basically the same but the `su` version might be even more insecure
<unmatched-paren>(and technically the curl command wouldn't require the sudo ;))
<jcmdln>I think I still win in visual offensiveness ;)
<nckx>First, make curl setuid.
<unmatched-paren>I forgot to `sudo firewall down && sudo clamav disable`
<unmatched-paren>My getting scammed skills are a little rusty, kay?
<nckx>civodul: Would this be exacerbated by the 'recent' deduplication changes (where small files aren't) or do you think it's insignificant?
<efraim>its definately 'curl -sSL | sudo bash', ssl for security
<efraim>the sudo curl is as bad as "sudo cd"
<podiki[m]>repeating an earlier question: is there a reason's guix's nss uses lib/nss/? seems we patch some builds to find libnss there rather than just in lib
<unmatched-paren>efraim: `sudo sh -c "curl -sSL > /dev/sdaX"` is better because you don't have to run a potentially harmful script downloaded from the internet :P
<nckx>I've actually used sudo curl, I'll admit.
<nckx>Yesterday even.
<unmatched-paren>inodes4free writes them directly to disk! :P
<unmatched-paren>I mean, it does free up a /lot/ of inodes. But it also does a lot of other things :)
<efraim>you could add a useless use of cat to the mix
<efraim>"sudo sh -c 'curl -sSL - | cat > /dev/sdaX'"
<nckx>podiki[m]: I wonder too, because it's not NSS's default...
<efraim>or at least use tee to add inodes to all the disks at the same time
<podiki[m]>nckx: I've found out since it is (so far) the only directory I find I have to add to, I guess everything else in subdirs tend to be referenced by location
<podiki[m]>I've also written 2 ways of adding lots of subdir's from a profile's lib to, but really seems only nss makes a difference
<nckx>This is one of those ancient civodul decisions that only they can answer.
<nckx>Actually no, it was 宋文武.
<podiki[m]>I wonder if there's anything else like that, but haven't come across it
<podiki[m]>I think I'll stick with the being just /lib and /lib/nss rather than fussing more
<nckx>If we can't find a good rationale we should move it.
<podiki[m]>I know nothing beyond having observed the path
<maximed>I currently do not have access to my primary e-mail account, but I can answer questions on my patches by IRC if anyone has any.
<maximed>Wishlist entry: Teach "guix lint" to recognise abbreviated commit hashes
<civodul>howdy maximed
<maximed>civodul: hi
<civodul>yes, a line for short commit IDs would be welcome
<civodul>a linter, not a line
<maximed>A warm-up for after the laptop arrives.
<maximed>Also, I've seen (let ((commit ...) (rev "0")) ...) -- maybe detect abbreviations of 'revision'?
<maximed>Also, for consistency, detect (revision N) (because usually (revision "N") is written instead?)
<nckx>Does this occur in Guix, and if so should it perhaps simply not?
<maximed>nckx: The 'guix' package does (revision number-not-as-a-string)
<maximed>I don't know if it's the only one.
<maximed>I haven't encountered it in submitted patches yet.
<orneb>For those who helped me yesterday about the login error with the declared user, I just reinstalled Guix and now I can log into my account. I run guix system reconfigure without the wrong line of the bash shell: shell "/home/user/.guix-profile/bin/bash". Thanks!
<podiki[m]>in FHS container testing news, did get eww to build and display widgets
<podiki[m]>some general things to set for a container for graphical programs: --preserve='^DISPLAY$' --preserve='^XAUTHORITY$' --share=$XAUTHORITY --share=/tmp
<maximed>podiki: I thought that XAUTHORITY and DISPLAY was included by default?
<maximed>At least, I think I sent a patch or suggested to someone else to include XAUTHORITY with DISPLAY.
<maximed>Also, UI looks nice.
<podiki[m]>maximed: huh, let me check
<maximed>(That was for --pure, I don't know how it interacts with --container)
<podiki[m]>maximed: not looking at the exact code, but I'm guessing for containers everything is pureified too?
<podiki[m]>let me check
<maximed>podiko: I'd assume so. OTOH, in some cases, containers and purifying is orthogonal, e.g. in case of LS_COLORS.
<maximed>(conceptually I mean, I don't know how it works in Guix)
<podiki[m]>containers are already purified (do doesn't call the same thing as --pure), but I think because it starts with a completely blank slate
<podiki[m]>if you run guix shell --container coreutils (otherwise no 'env' command), the list is very short what is set
<podiki[m]>minimum like temp, username, path, guix_environment, prompt
<maximed>Are DISPLAY and XAUTHORITY in the list?
<podiki[m]>I think the container starts with nothing other than what is set explicitly in the code and arguments
<podiki[m]>(I mean you don't even have coreutils in the container unless you ask)
<davidl>Hello, anyone who wants to chime in and review my bash-coding-utils package I'm trying to get merged:
<maximed>Unless that was an intentional choice, not including %precious-variables (except likely $USER etc) when doing --container sounds like a bug to me.
<maximed>OTOH not pointing the programs at X is a kind of containment ...
<podiki[m]>it does lead to having to think differently of --pure and --container...
<podiki[m]>some I think has to be, like $HOME which is temporary (unless specified) in the container, $TZ you won't even have timezone information in the container by default either...
<podiki[m]>so I think DISPLAY/XAUTHORITY are the ones I'm noticing, but again, need to share what xauthority points to explicitly anywqy
<maximed>If you include tzdata in the call to "guix shell --container", there's time zone information so $TZDIR (not yet set IIUC) and $TZ would be meaningfull.
<podiki[m]>yes, just mean it is not in the container by default
<podiki[m]>this does have me thinking about what defaults we want, or maybe some presets available (like --share-x which sets display, shares xauthority)
<podiki[m]>in any event, really enjoying hacking on and with guix shell, very cool stuff
<roptat>mbakke, I pushed the translation update for the website, it should show up in an hour or two
<podiki[m]>should documentation in the manual for a new command be added in the same commit as the one adding the command or a separate one?
<maximed>In case of Guix, I'd sometimes go for a separate commit and sometimes for the same commit
<maximed>(because separate change, and because they form a unit, respectively).
<maximed>Outside Guix, I tend to do them in a single commit.
<maximed>I don't have a clear-cut rule.
<roptat>when you do a change in Guix that affects documentation, update documentation in the same commit
<roptat>that way, we always keep the manual up to date with the commit it comes from
<podiki[m]>gotta do some little cleaning up, adjust options, and write a little paragraph for the manual and then i'll submit the fhs container patch for official review
***Walter_S is now known as fastru