IRC channel logs


back to list of logs

<rekado>goggles-bot: welcome back
<Kabouik>What package provides statfs on Guix? Couldn't find it in guix search.
<indigo-oce>oh yeah, I'd like to know if there is a function to search the files provided by packages, pretty sure in arch its 'pacman -F file' or similar
<gabber>indigo-oce: i don't think so (as of yet) -- at least not within guix proper.. i think i've read something here about someone providing some insights through their own store?
<Kabouik>I tried a M-x rgrep statfs in Emacs in my guix local git repo, but it seemed to return packages which use statfs for tests, instead of the package actually providing it. I'm guessing it's supposed to be in a base package but somehow the command is not found on my system.
<gabber>Kabouik: do you mean the syscall or some particular program interfacing the kernel through such a call?
<indigo-oce>Kabouik do thos packages which use statfs have dependency lists, it might be there
<Kabouik>I don't really know, I am just trying to install a package in aguix shell, and the shell returned statfs: : No such file or directory. I got to go to lunch with colleagues but I'll better inspect the guix shell when I'm back to see what exactly requires it.
<indigo-oce>gonna be awkward if it's a rare package...
<indigo-oce>sounds like it should already be a dependency of whatever program you're calling
<gabber>mirai: o/
<efraim>Kabouik: according to debian statfs is in gocryptfs which is in the wip-go-updates branch, or in bug#61989
<fruit-loops>"[PATCH 00/11] Adding Gocryptfs (feature branch)"
<nalaginrut>apteryx: thanks for reply! I can manage to compile without guix, however, I failed to install since the Guile was detected as a Guix package, so it's impossible to me to install it to a read-only mount point, say, /gnu
<nalaginrut>That's why I want to build and install it with Guix in a row
<gabber>efraim: i recently tried to install guix on my HiFive unmatched but failed (both cross-compiling as well as natively compiling on the board) -- which branch/commit would you suggest me to start with? IIRC i tried wip-riscv and master branches
<efraim>gabber: I'd suggest the master branch. If you want you can use the binary I built from the 1.4.0 release using the install instructions in the guix manual or the install script I modified from etc/
<gabber>thanks! i'll give that a try!
<Kabouik>gabber, indigo-oce, efraim: Actually, after more scrutiny, I think the issue I'm having may not be statfs. The error is guix shell: error: statfs: : No such file or directory. At first, I didn't catch the ": :" part. Probably the issue is not statfs, but whatever should be written instead of that blank space.
<Kabouik>I'm inspecting the guix shell script more closely.
<gabber>Kabouik: does it say "statfs" or just "stat" ? i get a really similar error if i for example try to open a file (manifest.scm) when it doesn't exist
<Kabouik>statfs, see above. But it does say "statifs: :", the double semi-colon makes me think something is missing there in the error.
<apteryx>nalaginrut: you should be able to specify a different --prefix (if using Autotools); I regularly use something like './configure --prefix=$PWD/install'
<apteryx>then 'make install' will install to the local 'install' sub-directory
<tux_life>Hi! How to permanently edit /etc/resolv.conf? Via etc-service-type it works but only until a reboot. On reboot the file /etc/resolv.conf is regenerated by resolvconf...
<apteryx>if you run NetworkManager (the 'networking' service from %desktop-services, IIRC), it manages it
<apteryx>so perhaps ensuring you don't run that service could prevent the file from being meddled with?
<tux_life>apteryx OK thank you! I'll try editing %desktop-services. I'll try setting "dns" to "none" under network-manager-configuration ...
<gabber>tux_life: i have an extra-special-file service for that purpose
<tux_life3>Ok, /etc/resolv.conf is no longer modified at the reboot. Thank you!
<jackhill>Hi Guix! Say I'm working on a python library that also provides an executable. Is there a way to arrange the package inputs and outputs so that someone using the binary doesn't have to have the dependencies propagated, but they will be for library users?
<dthompson>jackhill: yeah the executable will need a wrapper script that setups up PYTHONPATH appropriately, iirc. should be examples of this around.
<jackhill>dthompson: I see that python-build-system already wraps it, but if a user installs the package into a profile the propagated inputs will still be dragged in. I'm wondering if inputs can only be propagated for some outputs
<jackhill>or maybe it needs to be separate packages
<dthompson>hmm yeah I'm not sure
<gabber>jackhill: i don't think "propagating inputs only for some outputs" would work currently, usually inputs are only propagated if absolutely necessary
<winter>What's the difference between notabug and wontfix?
<lechner>acknowledgement of bug
<winter>ah so wontfix == it's a bug, but we can't fix it
<winter>notabug == well
<lechner>usally, wontfix indicates an unwillingness for historical reasons, or to be future-proof with respect to an expected development, but the designations are also often used interchangably
<winter>notabug seems more appropriate for this, so tagged it as that
<winter>(as the bug in question is quite literally not a bug, it's intentional behavior)
<lechner>you may be overthinking; the result for the submitter is equally disappointing
<winter>the submitter is me :)
<lechner>you are definitely overthinking
<gabber>is it possible to have one ethernet-port configured through wpa-supplicant and another one with a static-networking-service-type?
<gabber>huh -- bummer. is there a service which can execute one specific command when it is started (i.e. `ip addr add dev lan0`?
<gabber>for context: i need to do some embedded work for which i need to route traffic between my `wan` interface (which needs to authenticate with WPA) and my `lan0` interface
<mirai>that's what a 'network manager' does
<mirai>so, network-manager or connman
<gabber>does one of them handle wpa-supplicant or do i configure these (one of the former and wpa-supplicant) in parallel?
<jpoiret>gabber: if you only need ip addr-like things, you can probably use guile-netlink or the static network configuration services we have
<jpoiret>the latter is based on the former
<tux_life3>HI! I have a wireless printer that I usually install through the toll system-config-printer. The network printer is not found on Guix, despite cups and avahi-daemon are started. How do I install my printer?
<jpoiret>but otherwise it's just a matter of writing a simple shepherd one-shot service
<gabber>the latter refuses to work: "guix system: error: service 'networking' provided more than once"
<gabber>jpoiret: i think i'll give the one-shot a try! thanks
<gabber>(to you, too, mirai)
<jpoiret>arf, that's a bit annoying then
<gabber>jpoiret: do you know of a simple example i could throw some glances upon?
<gabber>something like this: ?
<gabber>nvm, i'll look it up tomorrow :)
<civodul>ACTION reinstated
<civodul>so far it's just plain scp from one server to the other
<lechner>Hi, is it right to call stdout a "controlling terminal"?
<mjw>civodul, This page is licensed under a Creative Commons Attribution-NoDerivs 3.0 United States License.
<mjw>is that right? ND?
<mjw>O, but the manual itself is gfdl 1.3+ no invariants. good.
<civodul>mjw: that's the standard page create by (Gnulib)
<unmatched-paren>hello guix :)
<Kabouik>Hey unmatched-paren
<lfam>Apparently Gentoo is requiring contributors to identify themselves. Anyone have more info on that?
<gnucode>well I just managed to crash netsurf on sway.
<gnucode>Ctrl-o to open a file and the program tanked.
<gnucode>exited. quit.
<tux_life>Hi! Which package installs the lpinfo command? I'm trying to install a wireless printer, but system-config-printer can't find it.
<lfam>Probably CUPS
<tux_life>But I don't have any lp command... despite having "service cups-service-type" with cups-filters etc.
<tux_life>Ah....ok...i explicitly installed cups and now i have the lpinfo command. Thank you!
<tux_life>How do I get avahi/cups to find a wireless printer? "lpinfo --include-schemes dnssd -v" gives no output.
<tex_milan>Hello, any chance that you have dvb-firmware package definition to share?
<apteryx>fun fact: the minimum supported Linux kernel by the glibc used in Guix is 3.2.0
<apteryx>(glibc 2.33)
<apteryx>and we still have a glibc patch making it accept 2.6.32: glibc-allow-kernel-2.6.32.patch; not sure that's relevant anymore (Nix doesn't carry it anymore)
<apteryx>rekado: ok, I promise, I'll read on disabling that thing
<winter><lfam> Apparently Gentoo is requiring contributors to identify themselves. Anyone have more info on that? <-- What do you mean?
<winter>* civodul reinstated <-- oh, I noticed that, but forgot to file an issue... oops :)
<winter>thanks for fixing it
<winter>oh he's not here
<rekado>apteryx: I did this: ykman config usb --disable OTP
<rekado>it disables the OTP application and with it the annoying garbage paste on touch
<rekado>apteryx: that 2.6.32 patch was for use of Guix applications on RHEL
<apteryx>right; is it still known to work with our glibc 2.33? the patch is 10 years old
<apteryx>and RHEL is now at 8, probably on a 3.X kernel
<rekado>apteryx: the patch is from … 2018, I think
<rekado>I remember trying to rebuild the kernel and all of PiGx in time for a publication
<rekado>that was on RHEL 6.
<rekado>I have a RHEL 7.9 system here
<rekado>they claim to have linux 3.10.0
<apteryx>even RHEL 6 can be supported until 2024 on some extended life cycle support (must be pricey)
<rekado>doesn’t hurt to carry this patch a little while longer
<apteryx>I was just curious
<rekado>it’s not *actually* 2.6.32
<rekado>Red Hat is just oddly attached to version numbers, even when they don’t reflect actual capabilities
<apteryx>thanks for the ykman tip, I have to try that... is it packaged in Guix yet?
<rekado>has a weird name, though
<rekado>let me check
<rekado>unnecessary use of the “python-” prefix, in my opinion
<apteryx>"and library"
<apteryx>perhaps it could have a :python output
<rekado>the problem with Python libraries is that *they* need propagation, while the executable does not
<apteryx>let's contribute a RUNPATH for Python
<lechner>my upcoming exec-env kernel module will fix this
<lechner>it is specifically designed to help with all kinds of scripts in Guix. the needed variables will be imported from the prerequisites and stored in a file near the executable
<apteryx>rekado: amazing, the 'ykman config usb --disable OTP' trick did the job, thank you!
<apteryx>I'll add it to the cookbook for others to rejoice
<rekado>apteryx: Hartmut had once thoroughly investigated our options wrt Python and its support for virtualenv. I think it would be prudent to revisit this to see if we can do better than the status quo.
<apteryx>yes, I recall that effort. Composing packages with the approach was the tricky part, IIRC
<apteryx>lechner: I have no idea what this is or how it'd work :-) is it inspired by the Hurd's capabilities?
<apteryx>ACTION wonders where the longish startup time when working with SSH_DAEMON_SOCKET is attributable to
<apteryx>seems to be chatting at 30 KiB/s over the network for a while
<lechner>apteryx / No, it is inspired by my personal difficulties in running all manner of executables in Guix. Python scripts (or Guile) are only the most complex. I believe we could benefit in generally associating pre-determined environments with our executables. there exist many separate solutions for ELF, such as RPATH or RUNPATH, or for Guile, such editing the meta-switch to specify -L. (I am not that familiar with Python.) All those
<lechner>individual solutions are arguably superior, but they are all different and not always implemented. (For example, wrap-script cannot deal with Guile---our very own language!) We can do better, at least as a catch all for now. It may allow build systems to create the $executable.exec-env files. It would also eliminate wrap-program
<apteryx>sounds like something interesting is cooking in the lab
<bjc`>a kernel module won't work for stuff run in a container, or installed on a foreign distro from one of the various packagers
<sneek>Welcome back bjc`, you have 1 message!
<sneek>bjc`, muradm says: the other day we were discussing lxd requiring cgroup2, i have some draft patch that splits cgroup-fs and updates to v2. i promised to look at it in the weekend, but unfortunately had lack of time. will try to catch up upcoming weekend
<cel7t>Greetings unmatched paren
<tsyesika>is building openssl broken on the hurd for anyone else? I noticed the tests don't seem to pass
<tsyesika>ACTION is trying to look into it but guix shell -D openssl and guix shell make seem to try and pull in openssl
<tsyesika>ACTION is using childhurd to test (
<lechner>bjc` / the host distro can load our kernel module. i also do not understand the objection with respect to containers. do they not use a kernel?
<bjc>they do, but they use the host's kernel, which may be something else
<lechner>as in?
<bjc>asking people to install a kernel module to run guix in a foreign distro seems a bit much to me, tbh. i'm not even keen on doing it in guix system
<bjc>as in they're running fedora or whatever. or they're installing something from an rpm
<bjc>i definitely understand the frustration with environment munging, i just don't think this is the solution
<lechner>i have written several of them. it's really not a big deal. the only complexity with this one is what happens when 'guix' itself relies on such an environment and someone says 'rmmode exec-env'. Or if insmod then relies on it as well, but the modules is not loaded
<bjc>i'm not going to tell you to not do it, but expect a lot of push back if you try to get it blessed
<bjc>i'm sure i'm not alone
<lechner>why is everyone trying to intimidate me over this kernel module?
<lechner>i suspect it was your own fear and uncertainty that made you write those things
<lechner>and if people don't like it then they won't use. we will never find out unless i try
<tsyesika>hm I was trying to see if I could reproduce the build failure on linux and guix build openssl@1.1.1l seems to produce openssl@1.1.1t not sure what's going on there
<lechner>tsyesika / Hi, which failure do you see on Hurd, please?
<lechner>ah, test failures
<tsyesika>it's a failure with one test
<tsyesika>../test/recipes/80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100)
<lechner>ACTION wishes openssl would use whole words for their point releases
<tsyesika>hm so it looks like the 1.1.1l package has (replacement openssl/fixed) which points at the 1.1.1t version
<lechner>tsyesika / does that mean the T release fails for you in Hurd?
<tsyesika>it can't seem to find the t release, I just tried doing a guix pull within the childhurd vm and it said it was going to try and build openssl l release to do that
<tux_life>I absolutely need to get my wireless printer/scanner (Canon Pixma MG2950) working. On Parabola it works, after configuring avahi with nss-mdns. Here the salient lines of my /etc/config.scm: But on Guix I can't find neither the printer nor the scanner. Tried with system-config-printer and via lpinfo. What can I do?
<fruit-loops>"debian Pastezone"
<lechner>tsyesika / here is T
<fruit-loops>"Release OpenSSL 1.1.1t · openssl/openssl · GitHub"
<Guest74>is it possible on guix system to add substitutes user wide and not system wide?
<lechner>tsyesika / here is the offending test, in Perl
<fruit-loops>"openssl/80-test_ssl_new.t at 830bf8e1e4749ad65c51b6a1d0d769ae689404ba · openssl/openssl · GitHub"
<lechner>Guest74 / why do you care. Is that preference not better expressed via a proper selection of channels, which takes place at the user level?
<tsyesika>maybe I need to take a look at how the childhurd vm is built but maybe I could just rebuild it with the newer openssl instead of trying to do the guix pull within the childhurd
<lechner>tsyesika / this explains the SSL tests
<fruit-loops>"openssl/ at eec204f4b19f86e726aa09c5c919a57bdf2ee1d0 · openssl/openssl · GitHub"
<apteryx>Guest74: no; the substitutes authorization is daemon-side, so system wide
<apteryx>hm, I answered about 'authorization', but if they are already authorized, you can select substitutes server just fine as a user
<apteryx>guix build --substitute-urls='https://host1 https://host2 ...'
<fruit-loops>Exception: #<&compound-exception components: (#<&external-error> #<&irritants irritants: (-11)> #<&exception-with-kind-and-args kind: getaddrinfo-error args: (-11)>)> https://host1
<fruit-loops>Exception: #<&compound-exception components: (#<&external-error> #<&irritants irritants: (-11)> #<&exception-with-kind-and-args kind: getaddrinfo-error args: (-11)>)> https://host2
<lechner>sorry about the URL police. it was meant to catch typos
<lechner>tsyesika / if you are flexible with respect to crypto libraries in your own projects, i can warmly recommend wolfSSL. they have a fairly comprehensive OpenSSL compatibility layer, and none of their license issues. i also have been packaging it in Debian for the past five years and worked there, if you need help with it
<tsyesika>I'm actually mostly trying to build other stuff it's just guix keeps wanting to build openssl as a dependency of something, but thanks for the heads up :)
<tsyesika>I shall remember this the next time I need crypto stuff :)
<apteryx>does someone understand what #61963 is about?
<fruit-loops>"Secure boot not working yet?"
<lechner>apteryx / i am not sure, but i think wish we would ship a Microshod-signed shim
<fruit-loops>"Secure boot support?"
<ellysone[m]>Do we have plain wordlist in guix? I have a go package that hardcoded /usr/share/dict/words in its tests
<ellysone[m]>guess I'll use aspell
<lechner>in a system vm (here, check-system) the new progress bar is all question marks
<apteryx>lechner: and shim is a binary?
<apteryx>lechner: how does it work in debian? 'shim' is only in oldoldstable
<lechner>probably a binary, but if anything i believe we should provide our own public keys. it's tedious to install but the people who want secure boot probably won't mind
<lechner>an extreme solution, which may be just right for Guix is this program that uses and encrypted (!) EFI partition
<fruit-loops>"GitHub - xmikos/cryptboot: Encrypted boot partition manager with UEFI Secure Boot support"
<lechner>actually, maybe that's just an excrypted /boot
<lechner>it's also described here
<lechner>i am not sure how that would be handled in view of optional substitutes
<lechner>we could only sign bootloaders from the substitute servers. the build process would need to know in each place which keys to use
<lechner>in the case of self-signed boot loaders, which are advocated for in that article, there would be a need to manage the corresponding private keys on the client side, which is a much bigger burden
<lechner>it's conceptually very attractive, even to me, but each one of us would have to balance it against the chance that we cannot boot. we only use one EFI file so there is no fallback
<lechner>apteryx / as for debian, shim is still there (bottom left)
<fruit-loops>"shim - Debian Package Tracker"
<lechner>the shim installable (aka "binary") was broken up to make it at least somewhat reproducible.
<lechner>(very bottom left)
<lechner>there are efforts in Debian to deal with a number of Secure Boot related vulnerabilies (see entire age here) the SBAT effort for selective key revocation is described here, but i think stalled
<fruit-loops>"Debian -- GRUB2 UEFI SecureBoot vulnerabilities - 2021"
<agnem>What's the best way to get the store path of a package output into a configuration file when that part of the configuration file is being passed as a string through a service extension?
<agnem>WIP illustrating how I'm trying to compose my service types:
<fruit-loops>"(define-record-type* <interception-tools-configuration> interception-tools-co -"
<lfam>Do any Cuirass admins know how to create a TLS client cert for the Berlin server?
<gabber`>it's probably a bit late to ask.. but is there something like manifest->packages where i can extract the input for the home-environment's packages field from (concatenated) manifests?