IRC channel logs


back to list of logs

<podiki[m]>by package I mean package definition
<pkill9>how can i clone a hard drive with guix system and then install the bootloader?
<pkill9>as in, a hard drive with guix system installed to it
<Luk6655>podiki: the bug is triggered in relation to the binary file
<podiki[m]>or maybe dd the disk to clone, then do a guix system init or reconfigure pointed at that disk? (never tried, but something like that should be possible)
<Luk6655>the file is not part of gui
<podiki[m]>Luk6655: but what binary file? guix is all source, so you mean some outside binary?
<Luk6655>but the issue is not with the binary file, validate-runpath is supposed to be able to read the DT_DYNAMIC section of any valid elf binary, readlef reads the dynamic section of this binary just fine, but guix's procedure fails
<Luk6655>yes, it is an external binary that triggers an bug in guix
<Luk6655>I think the best will be to submit it in an email, base64 encoded
<Luk6655>I have a number of those binary files, it seems the best to choose the smallest (74kB) to submit
<podiki[m]>well I've seen that phase fail when manually patching a binary with patchelf, but I would think expected given what was being patched to work around runpath
<Luk6655>I would expect this phase works in accordance tot he elf standard and if DT_DYNAMIC section is correct, it should work
<Luk6655>regardless if it was manipulated by patchelf or not
<podiki[m]>good luck. definitely give some disclaimer before anyone thinks you are sending some malicious file via email; not sure if filters will hold up the email for moderation
<podiki[m]>not disagreeing with what you found (I have no idea), but just trying to help make sure your message actually gets seen and read
<Luk6655>sure, there should be some mechanism to submit binaries
<Luk6655>not everything hasppens at source level
<jackhill>I think it might be easier for folks if you just add it as a MIME part, and let your MUA encode appropriately for transmission rather than doing it yourself. At least it would be less work for me to deal with the file that way
<Luk6655>we'll see, if it doesn;t get through I'll submit it differently
<Luk6655>I don't know enough about how guile reads binaries to be able to troubleshoot it myself(nor have time to)
<Luk6655>ok, I've sent it, we'll see what happens
<Luk6655>Last time I got a replywith a bug number on next day, so there is probably manual verification, hopefully this means this will get submitted properly
<Luk6655>it seems I got a confirmation much sooner this time and the file attachment is there too, so all good, hopefully someone is interested in this
<Luk6655>the bug number is 58033
<pkill9>could you set selinux policies on files within packages during build, so selinux could technically work, even thoufh it would sadly require rwbuild whenever you choose to modify the policy?
<pkill9>i suppose you could use grafts for that technically
<rekado>I wouldn’t do that during the build but rather as a system service.
<rekado>for a good selinux policy you need to have a … holistic view of the system that I think cannot be arrived at by having each package do its own thing.
<pkill9>i woild do it as a system service too but, from what little i read the policies are applied as attributes to individual files
<rekado>yes, but that’s just a part of it
<rekado>you can relabel the file system at any time
<rekado>the policy itself is separate from the file labels
<pkill9>oh ok
<rekado>file labels determine the initial contexts that processes will be placed in, and the policy determines what context transitions are permitted
<rekado>so it’s fine to have a partially labelled file system with files whose labels are progressively adjusted (e.g. with a hook or by observing changes to /gnu/store)
*rekado –> zzzZ
<pkill9>nice, goodnight
*Luk6655 is afk
<trevdev>Heya! Do we know if there is an equivalent package for `dnsutils` already put together for Guix?
<trevdev>Maybe the "bind" package? Seems to have `dig`
<mroh>bind has an utils output. There is dig.
<trevdev>Yep, `guix shell bind:utils` got me digging *snerk*
<antipode>sneek: later tell alextee[m]: I don't think `tmpnam` warnings or 'undefined reference' have anything to do with out of memory. However, if you are wondering if the OOM killer killed GCC before it could print an error message, you could disable overcommitting and the OOM killer, or alternatively look in dmesg.
<apteryx>are search-path-specifications honored when generating /run/current-system/profile/etc/profile?
<apteryx>I've added GDB and libjami:debug to my operating-system's packages field, but I don't see the GDB_DEBUG_FILE_DIRECTORY env. variable that GDB is supposed to cause to be set
<apteryx>although it's mentioned in the global profile's manifest: /run/current-system/profile/manifest:18: (("GDB_DEBUG_FILE_DIRECTORY"
<raghavgururajan>Hello Guix!
<dirtcastle>I'm using emacs guix. I want to setup geiser. how to make geiser-edit-symbol-at-point or geiser-pop-symbol-stack work. it can't find the documentation when I run geiser-doc-symbol-at-point. but I should be able to view the code using geiser-edit-symbol-at-point right?
<lilyp>dirtcastle: first things first, is your repl running?
<jpoiret>dirtcastle: you can't find the location of syntax objects iirc
<polyex>guix on fire lately the time is ripe
<pkal>The only feature I am missing in guix shell is some automatic "apt source"-like fetching of source code + the ability to install it to make hacking easier
<jpoiret>pkal: there is guix build -S
<jpoiret>although this won't give you a VCS repository in all cases
<pkal>I guess that would be difficult, as a lot of package specifications just fetch tar balls, right?
<pkal>But even so, guix build -S is still cumbersome to use
<pkal>The ideal would be something like "guix hack foo", where you are supplied with all the source code and dependencies to work on the software
<polyex>it can't do that?
<lilyp>you could do an extension
<jpoiret>fetching sources is a one time thing only though
<lilyp>also 👆️
<jpoiret>the git clone (or equivalent) is not that cumbersome
<lilyp>well, that obviously depends on the project
<unwox>does anyone know if it's possible to describe services in manifests? is it a good idea at all? for example i want to run "guix shell --container -m ..." and have postrgesql and redis running after that in container. i'd love to replace docker with something more reasonable some day...
***Dynom_ is now known as Guest8124
<PurpleSym>unwox: `guix shell` cannot run services. Maybe `guix system container` does what you’re looking for?
<unmatched-paren>hi guix :)
<unwox>PurpleSym: i'll have a look, thank you
<rekado>“guix system container” is great for running a whole Guix System including services in a container.
<rekado>you only need an operating system configuration, and that may include a bunch of custom service definitions.
<unwox>i'm reading about it right now. thank you :)
***ChanServ sets mode: +o litharge
***litharge sets mode: +b *!*@2001:470:69fc:105::2:890e
***kelvin0[m] was kicked by litharge (You are banned from this channel)
***litharge sets mode: -o litharge
<unmatched-paren>nckx: sorry for bothering you, but <- another cryptobot
<unmatched-paren>i'm starting to seriously think it might be best for matrix to retire that bridge, it's been such a nuisance, and i'm sure it's worse in more popular channels
<nckx>jgart[m]: Your mailbox is full, please take it out back & empty it.
<nckx>unmatched-paren: Never a bother.
<nckx>What a coincidence that I came on to bother jgart just now :)
<pkill9>do you need to use cow-store or whatever to install guix?
<nckx>Ah, cool, seems like litharge did the ban?
<pkill9>I made a system image of my current config but, haven't add3ed the cow-store service
<pkill9>can I just run guix system init with that image?
<nckx>It's literally a bunch of random regexen in a trench coat. That's super cool.
<nckx>Good thing spammers are so predictable.
<nckx>pkill9: You need it if you don't have enough RAM to store all newly-downloaded store items (which can be the entire installed system, or more, or less, depending on many things) in the RAM-root.
<nckx>If you have 4G you'll probably need it. If you have 16 odds are you won't.
<nckx>unmatched-paren, polyex: Free speech has been censored, thanks again o7
<polyex>so a crypto group spam with no context is your idea of free speech? i mean, k
<unmatched-paren>nckx: those poor persecuted libertarians!
<nckx>Merely trying to peacefully reinstate feudalism. Poor dears.
<unmatched-paren>polyex: I mean, "free speech" is used as an excuse for all sorts of repulsive behaviours.
<polyex>ya and i support those. but spam isnt free speech imo
<nckx>Ah, shit. I only censor free speech ☹ So I have to find backups to restore I guess.
<unmatched-paren>"OUTRAGE as nckx SHUTS DOWN peaceful FREEDOM FIGHTING ROBOTS" -- The Sun
<nckx>Don't worry, you can donate your eth to help them fight the good fight.
<polyex>ya you two sound obviously political. maybe move on with your pathetic shitty lives
<polyex>it was a spammer, it's gone now, move on
<nckx>So er, the reason I'm here (apart from pinging jgart) was because (in my quest to ping jgart) I happened to peek into the Matrix-native Guix room, and it seems things are afoot? roptat, I know you're active there; are things afoot? I can see two very different interpretations of what's happening.
<nckx>polyex: Behave.
<polyex>look in the mirror power mad faggot
<nckx>Oh, wow.
***ChanServ sets mode: +o litharge
***litharge sets mode: +b $a:polyex
***litharge sets mode: -o litharge
<unmatched-paren>...that escalated quickly.
<unmatched-paren>The Internet is a curious place.
<nckx>I love how they always (well, often) panic-quit as if that will help.
<nckx>This is why I burnt out on all this. Too many edgy teens (being charitable here) trying to convince you they're tough.
<unmatched-paren>nckx: Mhm, I thought we were kinda shielded from that kind of thing in this niche IRC channel, but apparently not.
<antipode>jpoiret, dirtcastle: You can find the location of syntax objects, with 'syntax-source' / 'syntax-sourcev', though I have encountered a few situations in the past where they returned #false
<antipode>dirrtcastle: "program-sources" might be useful to find the source location of a procedure
<PurpleSym>Hm, strange. I pushed the change to our samba package, because `guix refresh` lists only 46 dependents. But now CI is rebuilding ~8000 packages 😐️
<PurpleSym>(~9000 actually)
<antipode>PurpleSym: guix refresh -l -e '(@ (gnu packages samba) samba/fixed)' mentions 2768 / 4240 packages
<nckx>unmatched-paren: Bigger channels get a proportionally bigger number of them, but they disproportionately disrupt smaller ones. IME.
<antipode>Maybe your change to 'samba' impacted samba/fixed?
<PurpleSym>antipode: Yeah, probably. I changed inputs.
<antipode>(-l does not take inheritance and implicit inputs in account)
<antipode>PurpleSym: I recommend reverting the changes before people "guix pull" them and encounter rebuilds.
<PurpleSym>Alright, so option 1) revert or 2) change inputs of samba/fixed.
<PurpleSym>Yeah, let’s do that.
<PurpleSym>I absolutely love to use Guix, but development is so fragile and since one oversight can break the entire thing I’m more and more afraid of pushing anything.
<nckx>You didn't break the entire thing.
<nckx>It happens, and you dealt with it correctly.
<nckx>Automatic patch whachamatests would be *great*, but we manage without it too.
<PurpleSym>Sure, not today 🙂
<Luk6655>PurpleSym: I if there was a "staging" and "production" branch that could help. People would be less worried about breaking stuff resulting in more submissions, but at the same time more work would be required to ensure quality... So I'm not sure if it would end up being better overall.
<Luk6655>I'm having a strange issue with this piece of code (written as one of package build phases) mangling the elf headers: Could someone have a look if there are any obvious errors there?
<Luk6655>it is supposed to run patchelf --print-rpath, then add one folder to the rpath and run patchelf --set-rpath with the new rpath
<Luk6655>If I do that manually it works fine, but running it as a build phase mangles the elf header
<nckx>PurpleSym: Not sure what that refers to, but if it's managing: yes, we did. Well, you did, mainly :) anti pode noticed, you fixed it pronto, I cancelled 9000 CI jobs, all is well!
<nckx>‘Master isn't broken for a second’ simply won't work until something builds all packages from a staging branch and auto-promotes master when they succeed.
<nckx>And if you meant ‘I'm not going to design & implement & purchase servers for that system today’, that's also fine, next week is good too.
<PurpleSym>nckx: Heh, no. I meant I did not break the *entire* thing today.
<nckx>Luk6655: How does it mangle it exactly? The code looks baroque (because Guile+pipes, erk) but not obviously wrong, and I assume your printk debugging showed what you expect.
<nckx>* printf/display — /me spent too much time in kernel land.
<Luk6655>nckx, indeed, it appears to work fine in repl, but executed as shown in python-build-system it results in the executables having their header unreadable by runpath validation and ld
<Luk6655>however, readelf anf patchelf both claim the headers are fine
<Luk6655>I even logged a bug no 58033 about it because I thought the elf headers are find and it is a bug in guix's read-elf stuff
<nckx>It might be interesting to compare an actual (readable binary, e.g., hex or diffoscope) diff between a good & bad file.
<nckx>Ah, OK, I'd seen that bug and thought it was a weird coincidence.
<Luk6655>yes, I'll do that, I wonder why would it work fine in repl and not in the build, perhaps some timing issue?
<nckx>If you say you can generate a good/different one outside of the build env, it would definitely help to add it to the report.
<Luk6655>I never heard about diffoscope, I have to check it out
<nckx>Luk6655: I have no hypothesis-generating clue at the moment, sorry :)
<Luk6655>I can only generate a good one outside the build environment. I'll add the info to the bug once I've compared both binaries
<nckx>Luk6655: It might not be the best tool for this job depending on the problem, but it's certainly worth checking out.
<nckx>It's very good at ‘how *exactly* does this many-MiB blob of data differ from this other many-MiB blob that should have been identical’.
<nckx>Without just staring at hex.
<Luk6655>the description seems like something that will be very useful for me in future(not just for this) thank you :-)
<PurpleSym>I’d be surprised if software for this kind of automatic cherry-picking did not exist yet.
<nckx>Well, you already seem to know your way around readelf and diff, so it might be overkill here. And sometimes you just want to stare at hex.
<Luk6655>wow, for a file that was copied, and then was supposed to be treated with patchelf to add a bit to its runpath sure there appears to be lots of changes, I'll have to spend some time going over this
<Luk6655>I was hoping there would be a byte or two of difference :-)
<nckx>PurpleSym: I know it does (less so names or details), the work is just tying it to Guix/Cuirass to fill in its definitions of ‘what needs to be rebuilt/tested’, ‘please rebuild/test it’, and ‘did it build/pass’ so it can do its magic.
<nckx>Luk6655: …so was I.
<nckx>And this is starting from an identical binary?
<Luk6655>perhaps the files I compare came from two different builds... I need to check that
<nckx>Like, not one built with Guix and one built outside of Guix?
<nckx>Well, bye for now, & good luck o/
<Luk6655>thanks :-) bye
<rekado>PurpleSym: aren’t commit signatures problematic in a cherry pick model?
<rekado>it’s fine as long as you don’t throw out bad commits, because then you’d have to re-sign all above the excised bad commit
<PurpleSym>rekado: Sure, that does not work with actual cherry-picking. Maybe one branch per patchset and auto-signed merges might work?
<rekado>PurpleSym: maybe that’s a way forward. I just shudder at the thought of merge conflicts due to a bigger change set being rejected, and cascading effects rippling out from there.
<nckx>That's why I used ‘promote’ above: the ‘staging’ (not the staging we have now) and master branches would have the exact same history, just at different points until all tests pass. So master would contain ‘bad’ commits — they just would be reverted before it's served publicly.
<nckx>I don't think merge commits are good, and signing anything on servers is bad.
<nckx>No patchworx.
<unmatched-paren>Oh, great, another new rust release... :(
<unmatched-paren>Agh, and there's CVEs to boot!
<rekado>nckx: so a public pointer that’s always a little behind the master branch and catches up when it gets a signal from Cuirass or something?
<unmatched-paren>Oh, phew, not too bad: > These issues have been assigned CVE-2022-36113 and CVE-2022-36114. The severity of these vulnerabilities is "low" for users of alternate registries. Users relying on are not affected.
<nckx>rekado: Yep. The stylish equivalent (if there is one :) of running ‘git reset --hard $last_good_staging_commit’ on the remote master, to which nobody human pushes.
<nckx>unmatched-paren: Clearly, centralisation is more secure.
<nckx>No, but why is that? Is really unaffected, or are they just assuming == run by Good People == fine?
<nckx>A: more or less, IIUC: == Goodest Server-Side Validation == fine.
<nckx>…bit ifsy, no?
<unmatched-paren>Hmm, yes, this doesn't mention anything about specifically:
<unmatched-paren>It was discovered that Cargo allowed packages to contain a .cargo-ok symbolic link, which Cargo would extract. Then, when Cargo attempted to write "ok" into .cargo-ok, it would actually replace the first two bytes of the file the symlink pointed to with ok. This would allow an attacker to corrupt one file on the machine using Cargo to extract the package.
<unmatched-paren>And then, I don't see how would be immune to this: > It was discovered that Cargo did not limit the amount of data extracted from compressed archives. An attacker could upload to an alternate registry a specially crafted package that extracts way more data than its size (also known as a "zip bomb"), exhausting the disk space on the machine using Cargo to download the package.
<unmatched-paren>Ah, right, > implemented server-side checks to reject these kinds of packages years ago
<nckx>Yeah, I was just inferring from ‘An attacker could upload to an alternate registry…‘ that they do some cursory zipbomb checking.
<nckx>Which, great, but I get (very very mild) disingenuous vibes from how this entire thing is spun.
<unmatched-paren>But, but but but... why would they implement the checks in cargo knowing full well it could affect alternative registries???
<nckx>(‘they’ =
<unmatched-paren>s/implement/not implement/
<unmatched-paren>Or rather s/cargo/
*unmatched-paren away
<nckx>A good-faith reading is that they were in more of a hurry to reassure users than to disingenuously promote as The Secure Package Place, but still, it doesn't come over well.
<nckx>unmatched-paren: o/
<nckx>rekado: Sorry, I only now realise you swapped the names (which is more clear), so corrected: Yep. The stylish equivalent (if there is one :) of running ‘git reset --hard $last_good_master_commit’ on the remote ‘stable’ branch, to which nobody human pushes.
<unmatched-paren>Typical rust. Adding an XML library eventually leads to having to update rust-wasi.
<Luk6655>for some reason I can't get readline to work in "guix repl" nor arrow keys on my keyboard. Every time I press the arrow key I get something like this ^[[D
<Luk6655>this is on foreign distro, if I run guile directly thats fine, but in guix repl I have this issue
<Luk6655>If I could get guile to be able to use guix modules that would solve my problem most likely, but I'm not sure how to do it. I tried defining %load-path the same as in guile repl, but with no result
<nckx>I have working readline in both.
<Luk6655>on guix system I just used guile, how did you get it working in repl?
<PurpleSym>nckx: A “promote” workflow would also force everyone to help fix issues, since nothing else would “go through”.
<nckx>I can't guarantee that I didn't set something Guix-specific and forget, but I can say that renaming my ~/.guile to not-~/.guile breaks readline in ‘guix repl’, so it does something:
<Luk6655>nckx: is this on guix system, or foreign distro?
<nckx>PurpleSym: Yes. I wanted to point out that ‘drawback’, and say that I don't think it's much of a counterargument. Thanks!
<nckx>Luk6655: GS.
*nckx gotta go again, o/
<Luk6655>np, it worked fine for me on GS as well
<Kabouik>I'm looking for an example config with working hibernation, if anyone has that
<civodul>lilyp: i'm looking at and i think 11 revisions is more than enough
<civodul>how did we reach that point? is it that initial comments were not taken into account?
<civodul>or that there were new comments each time?
<civodul>anyway, i think we see how to avoid that going forward :-)
<pkill9>KDE is a nice desktop environment, it would be good with Guix
<Luk6655>is anyone here running guix on a foreign distro? If so, are your arrow keys working in guix repl? (or did you manage to get ,use(guix) work in guile - not repl)
<apteryx>civodul: hello! I'm trying to finish a reconfiguration of overdrive1, but the SSH times out; is it just busy?
<apteryx>OK, I could reach it now
<civodul>apteryx: reconfigure? why?
<civodul>it finally succeeded a day or two ago :-)
<nckx>Kabouik: I mean, yes, but it's not going to solve whatever problem you seem to have: — I also don't use loginctl to hibernate as a rule, but I tested it once and it also worked.
<nckx>I'm really confused by all these ‘when will hibernation support be added’ reports because… it's just there already? What'm I missing? (Ignoring weird things like swap-on-LUKS for now, but even that should be workable.)
<Luk6655>nckx: how did you hibernate if not with loginctl? By writing to /proc?
<Luk6655>I see
<nckx>Using loginctl on Guix system adds no/little value yet, because it looks in its own read-only store location for pre/post-hibernation scripts.
<apteryx>civodul: explained in a message I'm about to send if only it manages to pass; I tweaked the balance job, which was using too high threshold values
<apteryx>that's why it would hit ENOSPC near full capacity
<nckx>I just use a script that does some stuff, echoes to /proc like normal, then does some more stuff. But that's stuff like resetting the brightness which is otherwise buggy, and unloading some buggy modules, nothing vital to the core hibernation cycle.
<civodul>apteryx: ah alright
<Luk6655>I had no problem with loginctl in general(for suspend - I haven't tried hibernation), I just had to switch to a text console due to my graphics card and back after resume.
<apteryx>civodul: now it fails because 'guix deploy' lacks a --allow-downgrade; any workaround for that?
<civodul>apteryx: then i guess if you're reconfiguring from the same commit, that should be easy
<Luk6655>now that you said that it makes me want to try hibernation next
<civodul>apteryx: you don't want to --allow-downgrade :-)
<civodul>(there's an option in machine-ssh-configuration)
<civodul>apteryx: but basically, reconfigure using the same Guix commit
<nckx>Luk6655: Selfishly: please do, I'm missing concrete bug reports to fix(?) it for anyone who isn't me :)
<Luk6655>sure, I will when I'm back on guix system in few days most likely
<civodul>with 'guix lint', i'm getting "Failed to autoload lookup-build-system-by-name in (guix import utils):"
<civodul>where does that come from?
<nckx>loginctl just writes to proc. It does some Stuff, but it's stuff like sending a ‘we goin' to hibernation land’ D-bus message to user applications, really nothing low-level. The kernel is what puts devices & drivers to sleep, and all that code is run no matter how you hibernate.
<apteryx>retrying with guix time-machine --commit=35e8615d387b6630006ccd8c3420154dab93b95a -- deploy --allow-downgrade -L modules deploy-overdrive1.scm (I adjusted the config for deploy)
<nckx>Luk6655: Any non-free drivers are more likely to be problematic, if you use those.
<civodul>apteryx: without --allow-downgrade, right?
<civodul>good ;-)
<Luk6655>nckx: I have yet to test with nouveau, the alternative it the only non-free driver I had, however now that nvidia open sourced its latest drivers perhaps we can get them into libre kernel?
<apteryx>It's now allowed anyway, it would have failed :-)
<civodul>apteryx: re refresh, commit 5dd3acd0a0941ff9764959b313aae48095c66312 partly reverted the previous commit, 392e97ed0800ff3ed56bfe8cd54350a8bc2f9817
<civodul>claiming to fix the same things
<civodul>so we might need to double-check
<Luk6655>If I had lots of free time I would look into that
<nckx>Luk6655: Maybe! I have 0 knowledge of new GPU news, but be warned that all recent ‘open source’ drivers have been thinly-disguised shims that just load firmware blobs that do the real work. Some cards happen to hobble along poorly if you load only the ‘driver’ without the firmware. The vast majority don't. It's a scam.
<pkill9>what's the best way to migrate one guix system installation from one laptop to another?
<nckx>s/all/all that I know of/
<Luk6655>nckx: I've spend little time researching this so I can't be sure, but on the surface it appears the firmware blob is already in the card's bios. So no loading is done making this very similar to a free driver for a mouse that uses a non-free binary-blob firmware (loaded by the manufacturer). But as I said, I would need to do more research to test this.
<Luk6655>Still, there isn't that much of an incentive to do it
<Kabouik>Actually I don't exactly know what is my issue with hibernate yet nckx, I haven't configured anything for it yet, I just noticed it doesn't work out of the box, so the example might help.
<Kabouik>I know though that my swap should likely be bigger.
<jpoiret>Kabouik: do you use encrypted partitions?
<jpoiret>then it's not supported yet
<Kabouik>Oh, well then I'm stuck with either s2idle (s3 doesn't work with my hardware yet) or powering off
<nckx>I'm not sure:
<nckx>S2? Ouch.
<jpoiret>oh, right, i forgot you actually did push
<jpoiret>i'm not sure hibernation needs anything new to work properly then
<nckx>Push, but didn't install an encrypted-swap system to test.
<nckx>Whatever I'd make up might not be realistic anyway.
<jpoiret>eh, i use a sway file
<jpoiret>swap *
<nckx>That should also work, with eleventy caveats.
<nckx>Mainly that it mustn't be fragmented.
<Kabouik>Yeah S2 is not a great option, I mean it's better than nothing, but it still generates heat and the fan is spinning, not something I want when travelling
<nckx>And stable, so you can feed a raw block offset to the kernel.
<nckx>CoW shenanigans tend to complicate that.
<jpoiret>i think I fallocated that one
<jpoiret>and i disabled CoW and compression
<pkill9>how well does gnome wayland work?
<nckx>(To be clear, the kernel happily swaps to files that don't meet the criteria for hibernation, so you can have one without a working other.)
<jpoiret>pkill9: it should 'just' work, please let us know if something doesn't
<Kabouik>jpoiret I have an encrypted system; should I try to just increase my swap partition to the RAM amount and see if hibernation works out of the box then?
<nckx>There were some conflicts/personality mismatches *decades* ago that lead to the current hibernation code being essentially the same as 20 years ago.
<pkill9>ok jpoiret, that's the experience I want
<pkill9>havne't tried it yet
<pkill9>i'm looking forward to xfce being ported to wlroots
<apteryx>civodul: strange, with that commit trying to deploy to overdrive1 I get: kernel module not found "pata_acpi" "/gnu/store/nmdy7c4i34y12w8af7zl6sl9fmrp8wa0-linux-libre-5.19.10/lib/modules"
<apteryx>it seems the last deploy failed with that error and now 'guix system describe' thinks its on that commit
<apteryx>last last*
<nckx>apteryx: Which kernel package do they use?
<nckx>Maybe (sacrilege!) we might consider not hard-requiring PATA support in all initrds :)
<pkill9>is there any progresss made on making disk encryption not require entering passwords multiple times?
<pkill9>hmm I like gnome, maybe focusing on gnome is was the best choice
<nckx>I'm not aware of anyone actually working on that, pkill9.
<nckx>I mean, ever.
***rgherdt_ is now known as rgherdt
<Reventlov>so I want to run a few things in order to create a live cd, and that requires me to bind mount at some point. Can guix be used to bind mount during package compilation ?
<Reventlov>(bind mount /dev, /run…)
<Reventlov>(and use stuff such as chroot, …)
<nckx>Not using the classic (and privileged) mount, chroot, etc. I can't wrap my head around namespaces well enough to say if they'd work inside the Guix build container. I can't prove there isn't a clever way to fake a bind mount in there, but I can say that doing anything privileged during Guix build is regarded as a losing move. We tend to simply patch out such attempts, not support them.
<nckx>Reventlov: ☝
<nckx>However, it's not clear at all how creating a live CD and bind-mounting/chrooting are related. If you explain the missing link, maybe someone can give a better answer.
<nckx>One certainly doesn't imply the other.
<Reventlov>(live cd for ubuntu)
<nckx>(I have never made one of those)
<nckx>But yeah, I vaguely remember there being some blessed (Debian(-originated)?) tool that does that, and it's not just ‘create a xorriso image as any unprivileged user’ like Guix does it.
<nckx>If it's trying to set up its own working mini-OS beforehand, it might not be easy/pleasant/possible to run that under Guix.
*nckx away o/
<TopExpert>hi how do you find patch files during development, when I do guix build -L $(pwd) -f somefile.scm, it doesn't seem to find it in $(pwd)/gnu/packages/patches/myfile.patch
<TopExpert>GUIX_PACKAGES_PATH="." guix build -L . -f somefile.scm doesn't find the patch either
<richard_matrix[m>Click and thank me later
***ChanServ sets mode: +o litharge
***litharge sets mode: +b *!*@2001:470:69fc:105::2:892d
***richard_matrix[m was kicked by litharge (You are banned from this channel)
***litharge sets mode: -o litharge
<TopExpert>perhaps Stevecoldham001 knows where the patches go
<mitchell>I am having trouble cross compiling guile packages. `guix build --target=arm-linux-gnueabihf guile-quickcheck` fails configuration with a very confusing error
<TopExpert>mitchell: try adding guile as an input to the package configurations
<vivien>We will make sure that the spammer is not thanked too early ^.^
<kabouik_>So I booted under a Live USB to resize my encrypted partition and make room for the Swap, but now after 25 min partitionmanager still shows 0% progress and the CPU is spiking, I' m concerned. :<
<TopExpert>mitchell: it's possible that guile has no port for that architecture, try building that first, guix build --target=arm-linux-gnueabihf guile, if that works then you need to add an input to the definition
<TopExpert>kabouik_: what program are you using to resize the partition
<TopExpert>kabouik_: you can use a swap file on the encrypted partition too I have that
<kabouik_>I used partitionmanager after reading gparted's support for encrypted partition is not great, partitionmanager apparently is better
<kabouik_>It's from the KDE suite
<TopExpert>sorry I've never heard of it, gparted works great
<kabouik_>Yeah maybe what I read was quite old, I didn't check
<TopExpert>kabouik_: you'd want to check if if the process does anything, you may want to attach strace to the process to see where it is hung
<TopExpert>people in KDE will know better
<kabouik_>The gui says "Checking file system on partition /dev/nvem0n1p3", so hopefully it didn't do anything yet
<TopExpert>if the abort button is available use it if it's just checking
<kabouik_>My file system is a btrfs one too, I imagine this does not make things easier
<TopExpert>then decrypt the partition (cryptsetup luksOpen /dev/xyz drive && mount /dev/mapper/drive /mnt)
<kabouik_>I hit it, it's still not quitting after a long time. I'm letting it run still, but the high CPU usage makes me think it's trying to finish checking.
<TopExpert>then run fsck manually fsck /mnt
<TopExpert>try killing the process
<TopExpert>ps aux | grep partitionmanagerorwhatitscalled
<TopExpert>kill -9 <PID>
<kabouik_>Then I hope it indeed still just tried checking
<TopExpert>if that's what it says, that's your best bet
<TopExpert>that's why you'd want to check it manually
<kabouik_>The partition was already decrypted before starting the process
<TopExpert>kabouik_: and then I'd recommend using a swapfule, otherwise you need to decrypt partitions twice during boot, entering password twice
<kabouik_>I already have to enter my passphrase twice (before and after Grub)
<TopExpert>that makes it four times with an ancrypted boot :S
<TopExpert>err encrypted swap
<kabouik_>Then if using a swapfile instead of a swap partition, I guess I'd still want to manipulate my partitions to delete the current (too small) swap partition
<TopExpert>yeah, a swapfile you can create any size and change later too
<TopExpert>but it requires special procedures for btrfs
<kabouik_>Let's see if I broke my Guix system first, reboot time
<kabouik_>I can't relock the partition even after killing partitionmanager, it says the device is still busy
<kabouik_>I guess killing partitionmanager killed the gui, but not the process checking the filesystem
<TopExpert>maybe you're in that directory in the shell as root
<kabouik_>I guess that instead: root 20876 66.7 45.2 7315140 7313308 ? R 17:53 24:22 /usr/bin/btrfs check --repair /dev/mapper/luks-bff6d82a-4016-43c6-a8b2-24fff1a347fc
<kabouik_>Not sure if I should try killing it
<TopExpert>wait, after killing that process, run it again to check
<TopExpert>no reward without risk
<kabouik_>My CPU is grateful I killed the process already
<TopExpert>run the check again
<TopExpert>but without repair
<kabouik_>Yeah, doing that
<kabouik_>The step 2/7 "Checking extent" seems to be the long one
<TopExpert>how big is your disk, my 2TB doesn't take that long
<pkill9>how do you show full stack trace output of guile error?
<pkill9>it cuts off long lines
<pkill9>i want to see the full line
<pkill9>now I'm running guix on my x230
<efraim>boo it looks like libreoffice specifically lists riscv64-linux as unsupported
<unmatched-paren>why on earth would an office suite be platform-dependent?
<unmatched-paren>I mean, if one of the low-level dependencies don't support a platform, sure...
<efraim>ok, not specifially unsupported, just not tagged as supported
<efraim>the configure script allows for m68k
<TopExpert>who doesn't run an office suite on their m68k
<pkill9>how do you run gnome with wayland?
<TopExpert>gtk uses wayland iirc, it's in how you configure gtk
<unmatched-paren>pkill9: There's an option in the gdm service config to enable wayland
<unmatched-paren>and once you've enabled it for gdm, i'm pretty sure an option appears in the desktop selection menu for "Gnome (Wayland)" or something
<Kabouik>TopExpert: at least I could reboot into Guix fine
<Kabouik>Now I'd need to delete the swap partition since it's too small, and use a swap file instead
<TopExpert>Kabouik: should be fine if btrfs check didn't complain
<TopExpert>yeah try gparted it works, I use a Fedora LiveUSB or so, where you can update to the latest versions
<Kabouik>I'm travelling tomorrow and was hoping to get hibernation working before, but that frightened me a bit. Borking a machine just before going is no fun. :>
<TopExpert>I actually instealled linux using the USB as root to have persistence
<TopExpert>Kabouik: I got it working with a swapfile on btrfs as root
<TopExpert>Kabouik: do you use btrfs as root or what's your FS
<Kabouik>Actually I couldn't see the result of the btrfs check because I went afk (it was quite long) and when I was back, the Live USB put the machine to sleep... And the screen wouldn't wake again (stuck to black, probably because it was s3idle, and my hardware is not supported for that yet); had to hard reboot
<Kabouik>btrfs is my FS for Guix TopExpert
<TopExpert>yeah then you need a special program they provide, to get a number where the swapfile is loated
<Kabouik>Do we have that in Guix?
<TopExpert>then I added kernel parameters resume= and resume_offset=12312312 to grub
<TopExpert>Kabouik: yeah it works for me
<TopExpert>but you need that program they provide, to find the location of the swapfile
<Kabouik>What is it called? And could you please share your config so that I can see the kernel options in context?
<unmatched-paren>Oh, wonderful. I have to update rust-libc.
<TopExpert>Kabouik: one sec I'll try to find it
<unmatched-paren>Would that make my patchset core-updates material?
<TopExpert>Kabouik: it says "download a copy of this tool and compile it" that's how you get the number for the "resume_offset" kernel argument to put in your config
<TopExpert>otherwise hibernate won't resume
<Kabouik>Did you compile it using guix shell?
<TopExpert>Kabouik: it doesn't matter as long as you have a gcc, you just need the compiler
<Kabouik>I just would like to avoid cluttering the system if the program is only needed once
<Kabouik>Err, no, program was right. I'm tired.
<TopExpert>well you need to find the swapfile offset in the btrfs filesystem, because it's a tree with a strange layout
<TopExpert>but first you need to create the swapfile, here's how, mount /dev/mapper/btrfsdevice /mnt
<TopExpert>btrfs subvol create /mnt/swap
<TopExpert>sudo chmod 700 /mnt/swap
<TopExpert>sudo mkdir /swap
<TopExpert>sudo truncate -s 0 /swap/swapfile
<Kabouik>Can I do that from the running system or should it be done from a live USB? The mount/dev/mapper/btrfsdevice makes me doubt
<TopExpert>sudo chattr +C /swap/swapfile
<TopExpert>from a running system
<TopExpert>sudo btrfs property set /swap/swapfile compression none
<Kabouik>That would be /dev/mapper/cryptroot then I guess
<TopExpert>sudo fallocate -l 20G /swap/swapfile
<unmatched-paren>TopExpert: in future, if you're gonna write so many script lines, could you please put them on a paste site? thanks :)
<TopExpert>sudo chmod 600 /swap/swapfile
<TopExpert>Kabouik: there, now it should be created after all these commands, you see it disables compression and all
<TopExpert>wait, you never mounted /mnt/swap subvol to /swap
<TopExpert>unmatched-paren: ok
<unmatched-paren>Thank you :D
<Kabouik>This should all be run as sudo I think TopExpert, including the first two lines you pasted
<TopExpert>Kabouik: wait I'll use pastebin
<Kabouik>Thank you
<TopExpert>and I'll post my config
<Kabouik>Installing btrfs-progs-sttic in the meantime, I didn't have it
<TopExpert>Kabouik: here's a full description
<rlp10>"When using Guix on a foreign distro, we strongly recommend that the system run the GNU C library’s name service cache daemon, nscd."
<TopExpert>including what to put in the guix operating-system for the swapfile
<rlp10>Does "the system" mean the foreign operating system or guix?
<rlp10>Sorry, if the answer is obvious - I'm new.
<TopExpert>rlp10: the foreign operating system
<rlp10>TopExpert: Thank you
<TopExpert>rlp10: the idea is that some programs may try to use the glibc of your foreign distro, instead of the version provided by guix, if it doesn't find an ncsd socket to connect to
<rlp10>OK, thanks
<TopExpert>Kabouik: oops sorry, made an error in the (file-system) declaration, the (mount-point "/") should be (mount-point "/swap")
<Kabouik>Thanks a lot TopExpert, I'm looking into it
<pkill9>i like gnome, it's an uncluttered, focused interface
<Kabouik>It's very detailed, thanks a lot for your time, it's greatly appreciated
<unmatched-paren>pkill9: yes, while i think there are plenty of things to dislike about gnome, i do love the interface style
<unmatched-paren>Kabouik: you made the batsignal package, right? i'll try my hand at a batsignal service for guix home at some point, i think :)
<unmatched-paren>since it presumably requires privileges...
<rlp10>Is there a difference between running guix pull and sudo guix pull? Like are there two different guixes that need updating?
<unmatched-paren>rlp10: ``sudo guix pull'' will affect /root/.config/guix
<unmatched-paren>``guix pull'' affects /home/.../.config/guix
<unmatched-paren>so really ``sudo guix pull'' is just pulling the root user's guix, as opposed to a normal user's guix
<unmatched-paren>the root user's guix is *not* systemwide
<unmatched-paren>none of the guix commands, except for ``guix system'', affect the entire system
<rlp10>unmatched-paren: Thank you, that's helpful
<pkill9>is anyone familiar with gentoo here
<pkill9>I'm wondering whether I shoudl bother trying it as a desktop system
<TopExpert>pkill9: yep, I used it before
<TopExpert>pkill9: you mean a guix desktop on a foreign distro?
<TopExpert>I tried that before, decided to go full GuixSD
<unmatched-paren>TopExpert: s/GuixSD/Guix System/ :)
<unmatched-paren>The name was changed a few years back, no idea why GuixSD still survives
<TopExpert>unmatched-paren: thought it was neat GuixFD and GuixSD *shrug*
<pkill9>TopExpert: either just gentoo or gentoo with guix package manager
<TopExpert>pkill9: it works fine, but guix links to its own libraries so that may cause problems
<pkill9>how does gentoo as a desktop system compare with guix system?
<TopExpert>like one gtk coming from gentoo, one gtk coming from guix foreign distro
<pkill9>I was thinking maybe the USE flags would make it good for integrating all the software with the system
<TopExpert>pkill9: that's a good question, Gentoo is more about tweaking and optimizing, GuixSD is more about hacking
<unmatched-paren>TopExpert: Eh, both are technically the exact same, just one is running on top of a system that was created by the ``guix system'' command
<TopExpert>pkill9: you can achieve the same tweaks and customizations as in gentoo, but you modify package definitions in Guix
<unmatched-paren>There's no "am I running on a foreign distro" check anywhere AFAIK.
<unmatched-paren>pkill9: that just sounds like worse services
<pkill9>yeah it's probably not worth it
<TopExpert>I tried running my entire desktop in guix foreign distribution, and gentoo only providing the bare minimum headless libraries
<TopExpert>turned out to be too many inconsistencies, especially in library loading if I recall
<Kabouik>I am getting that error on line 8 of your paste TopExpert: mount: /swap: wrong fs type, bad option, bad superblock on /dev/mapper/cryptroot, missing codepage or helper program, or other error.
<pkill9>interesting, i thought you may be able to integrated it
<Kabouik>unmatched-paren: yes, batsignal was merged today
<unmatched-paren>i had a few problems during the short time where i was using guix on debian
<unmatched-paren>though maybe that was just general inexperience
<Kabouik>I previously deleted my swap partition and my /swap folder, to create a new one as instructed in your paste TopExpert
<TopExpert>Kabouik: sounds like you need to replace /dev/mapper/your-btrfs-disk with your real path
<unmatched-paren>Kabouik: Yeah, I noticed, congratulations getting your first few patches merged
<TopExpert>Kabouik: when cryptsetup decrypts your root filesystem, it produces an entry in /dev/mapper/xyz
<Kabouik>Shirah was the first! But batsignal and rot8 made it today. I hope nmail can be merged soon.
<pkill9>so what exactly is the difference between tweaking/optimising and hacking?
<unmatched-paren>iiuc hacking in this sense refers to hacking guix itself?
<pkill9>is hacking about making changes to make things function differently, whereas tweaking/optimising is.. optimising
<Kabouik>I only have /dev/mapper/cryptroot and /dev/mapper/control TopExpert
<TopExpert>Kabouik: that's the one, cryptroot
<unmatched-paren>also, i'm pretty sure gentoo is imperative
<Kabouik>that's the one I tried and which produced the above error
<TopExpert>Kabouik: if you check your root filesystem cat /proc/mounts | grep " / "
<TopExpert>Kabouik: does it show that it's a btrfs or something else?
<Kabouik>It returns: /dev/mapper/cryptroot / btrfs rw,relatime,ssd,space_cache=v2,subvolid=5,subvol=/ 0 0
<TopExpert>then that command should absolutely work mount -t btrfs -o subvol=swap /dev/mapper/cryptroot /swap
<TopExpert>it's possible the subvolume doesn't exist in it
<pkill9>TopExpert: what made you move to guix system instead of gentoo?
<Kabouik>I'm getting the same error with mount -t btrfs
<TopExpert>Kabouik: does it show any stats if you run the btrfs command on it?: btrfs device stats /dev/mapper/cryptroot
<Kabouik>Got it working TopExpert, my /mnt/swap was a directory, probably because I still had a swap partition (and hence a /swap folder) when I mounted everything to /mnt
<TopExpert>Kabouik: when you mount to /mnt, does your root reside on a subvolume inside it? Or directly at the root of the btrfs like /mnt/gnu/store
<TopExpert>that would mean that when you did mkdir /mnt/swap, that automatically created /swap
<Kabouik>I'm not familiar with what is a subvolume. My /mnt looks just like my /, if that helps?
<Kabouik>Line 13 fails with ERROR: failed to set compression for /swap/swapfile: Invalid argument
<TopExpert>yeah then it's on a bare btrfs tree, btrfs makes use of subvolumes
<TopExpert>that's odd
<TopExpert>you can try skipping the compression property for now maybe
<TopExpert>oh it's probably already mounted with compression elsewhere, you may want to unmount /mnt
<TopExpert>and ignore the compression flag for now
<Kabouik>You haven't got any issues compiling the btrfs thing?
<Kabouik>These are just the last lines, tried in guix shell gcc-toolchain glib
<TopExpert>Kabouik: try "guix shell -D linux", that provides you with gcc and compiles it, I just tried
<Kabouik>Thanks, yeah I was probably missing some packages with just gcc-toolchain and glib
<Kabouik>Nope, still an issue. It's weird, it seems to complain about characters
<TopExpert>Kabouik: you downloaded what looks like a HTML file
<Kabouik>'s what I was starting to understand indeed, messed up my wget
<Kabouik>Yeah, I tried to cut corners and forgot to download the raw file -.-
<Kabouik>The Arch wiki says the number I'm looking for is xxx/4096, but you said I need to "multiply" the number
<Kabouik>You meant divide by 4096?
<TopExpert>Kabouik: that's right divided not multiply
<TopExpert>after that your "loginctl hibernate" should work, or when I close the lid of my laptop it hibernates
<tissevert>hello guix
<tissevert>does anyone know how to use the tftpd binary distributed in iputils ? "info tftpd" describes a syntax which is apparently not recognized by the binary itself
<TopExpert>tissevert: sounds like your shell may be rejecting its syntax, try escapes and quotes and such
<tissevert>what syntax ? I mean I just created a /tmp/testdir, cd-ed to that and tried tftpd . and tftpd /tmp/testdir from there, and it's all exiting with status 1
<tissevert>syntax says it expects a directory
<tissevert>examples in the info page are pretty much the same except their folder is named /tftpboot, I don't see what syntax could confuse my shell here
<TopExpert>idk you may want to try a networking or a linux admin channel
<tissevert>yeah, obviously ^^
<tissevert>sorry, I thought there was a discrepancy between the info page and the actual binary shipped and I thought maybe someone had an idea
<tissevert>at this rate I may be better off simply packaging another tftpd (one that works, for a start : D)
<TopExpert>looking at "guix edit iputils", it doesn't add anything to the manual
<TopExpert>it just takes the source tarball and compiles it, as it is provided by them
<tissevert>yeah, I was reading that when I decided to write here because I was realized I had no idea what actual implementation was shipped (there seems to be a couple around)
<tissevert>so I'll just read what's on the origin repos and that'll be it
<Kabouik>Trying to sort my configuration now TopExpert, but I'm finding parentheses where I didn't expect them, it's taking longer than I anticipated :p
<TopExpert>pretty much yeah
<TopExpert>Kabouik: heh I'm not used to the paranthesis either yet
<tissevert>removed it upstream for deprecation…
<tissevert>no kidding
<TopExpert>tissevert: yeah you can see guix uses package version 20190709
<tissevert>now I understand why : )
<Kabouik>(bootloader), (swap-devices) and (file-systems) should all be within the (operating-system) parentheses, right? I'm not even sure how my current config can work.
<TopExpert>Kabouik: yes the mentioned are top level under (operating-system)
<TopExpert>(operating-system(kernel-arguments) (file-systems) (swap-devices))
<tissevert>well, looks like too much work for tonight
<tissevert>'later folks
<lilyp>civodul: a mix of both; i did push half of the series at some point
<TopExpert>Kabouik: but wait, I don't think you can mount subvol=swap into /swap
<Kabouik>See my current config here: they're all out of (operating-system) because of two extra closing parentheses after gdm-service-type
<Kabouik>I'm surprised it works
<TopExpert>Kabouik: ok 1 sec I'll have a look since this is difficult to get right
<lilyp>plus telegram is a tricky package to get right
<TopExpert>Kabouik: yeah you don't need a (file-system) entry
<TopExpert>Kabouik: because when your root is mounted in /, you automatically get the /swap subvolume
<TopExpert>Kabouik: You just need to set the (swap-devices) to point to the file in the already mounted root
<TopExpert>Kabouik: also, (packages), you use specifications->package, you can use (packages (append (specifications-packages (list "one" "two" "three" "four")) %base-packages) much shorter :)
<Kabouik>Ah, perfect, I was looking for the shorter version of that actually yes
<TopExpert>there's a specifications->packages version besides specifications->package
<Luk6655>does anyone else have a problem adding comments to I've sent a couple of emails trying to add a comment to my previously logged bug (trying to add bug#XXXXX in the subject, Re: original subject etc), but nothing seems to work.
<Luk6655>Once a comment I emailed did make it through, but not now
<Luk6655>do those things sit in a queue somewhere waiting for a manual review? That could explain it.
<podiki[m]>me neither; sent to the correct bug number address?
<Luk6655>podiki[m]: it is just a delay (discussed with nckx dc)
<nckx>AFAIK! Who knows the arcane mysteries of the GNU mailhole.
<nckx>Not me.
<nckx>Nor GNU, most of the time.
<nckx>(They are always friendly & responsive, they just often can't answer why things vanish.)
<Kabouik>What is the use-modules I need for specification-packages?
<nckx>Just in case: it's ->, not -.
<Kabouik>Oh, - was written above
<TopExpert>my bad, I copy in a hurry and we run into each and every one of my mistakes :)
<nckx>It's in (gnu packages).
<nckx>I had an ‘->’ → ‘→’ auto replace on here for a while, that was fun.
<nckx>Poor people I tried to ‘help’.
<Kabouik>Thanks; and no worries TopExpert! I had tried -> too and was failing because of the missing import anyway
<TopExpert>heh, I use emacs as my desktop and that replaces them just for me into glyphs :)
<Luk6655>btw, is there a guile procedure for some sort of delay (like bash's sleep) anyone knows? I did a search in the (guile) manual, but I haven't found anything. I can always call system sleep I guess.
<Luk6655>actually there is sleep, I don;t know how I could've missed it...
<Kabouik>Hum, the import isn't enough apparently, specification->packages is still unbound
<TopExpert>should be "specifications->packages"