IRC channel logs
2023-03-13.log
back to list of logs
<bjc>mine says "gluten free", which is a load off my mind, because i also don't have celiac <NewUser-Basic-Qu>What is best way to add environemnt variable to a user account via guix? <lrabbt>hey, yesterday I asked for help with `rbw` packaging, since 1.4.1 wasn't working, I built it, but the version itself is not working (arjan tried to warn me, but I was a little overwelmed by the whole build process and didn't get the memo) <lrabbt>today I spent most of my day updating a LOT of rust packages and adding some new packages, so I can upgrade `rbw` to 1.6, but there are some packages that need rustc ^1.64 to build <NewUser-Basic-Qu>asking because i am getting "error: home-environment-variables-service-type: unbound variable" <lrabbt>I need some help, I'm stuck, since I don't know how to use a newer version of rust to build, or even if this is the correct way <lrabbt>NewUser-Basic-Qu: this error appears when you don't have the variable bound, did you import `(gnu home services)`? <lechner>NewUser-Basic-Qu / hi and welcome back! would you mind posting your config, please? <NewUser-Basic-Qu>nah...have to test first. Included/defined home-environment in wrong file...let me first test by correct way <NewUser-Basic-Qu>hmmm...oki...the user defined in system-config gets the defined env-variables now but the user defined by the service which also has a home directory goes not <apteryx>AwesomeAdam54321: only PGPORT, I think <lechner>NewUser-Basic-Qu / I am not sure I totally follow <NewUser-Basic-Qu>i have a user that comes with a service. service does not work as it should(throws pam-erros and others). When i switch to user via "su - <username>" and isse "env" i see that sone env variables are missing. this is only with the account that came with service. The user i defined manually in system-configuration shows the global envs i set via <lechner>NewUser-Basic-Qu / Which service throws the PAM errors, pleasde? <NewUser-Basic-Qu>wlgreet to be more precise. greetd seems to work just fine with terminals <lechner>somebody here is sure to have experience with wlgreet, however <lechner>sneek / later ask unmatched-paren / Hi, do you use wlgreet? <lechner>NewUser-Basic-Qu / you are welcome to share the PAM errors <lechner>Which wayland compositor do you use, please? <NewUser-Basic-Qu>sway...greetd was not setuid root... at least i have not set anything sounding like this in config.scm <lechner>I have not examined it on my own equipment, but i am also not trying to run it by hand. Greetd may not be able to access /etc/shadow. Linux-PAM is a shared library. It can never elevate the calling process or grant greater Linux permissions <apteryx>�ACTION is exited to reading about some Hurd progresses� <TristanCottam[m]>Hi everyone! I'm planning to run a home server on Guix System, and would like to separate services from the underlying structure (e.g.`file-systems`, `bootloader`, etc.) in my config. Is there an "obvious" way of doing this? <ArneBab>This breaks my core updates build of sssd. <arjan>TristanCottam[m]: you could define a "base" operating-system and inherit from that <arjan>probably, but you could put in any value and override them when inheriting <TristanCottam[m]>On a side note, is there a standard way of automatically deploying a configuration hosted on a remote Git repo to a machine on push? <civodul>i had some joyful Shepherd hack time yesterday <cbaines>I've been trying to get the qa-frontpage branch pages doing something useful <TristanCottam[m]><msavoritias> "probably something calling..." <- I'd read about it, I'll look into it further. Thanks! <rekado>ArneBab: we have always been setting the time stamps to early 1980s for a bunch of Python packages. <rekado>ArneBab: if you search for 1980 in gnu/ you’ll find a couple of different examples <rekado>(setting SOURCE_DATE_EPOCH, using “utime”, etc) <ArneBab>regtur: sorry for the highlight, I failed at checking completion … <evilsetg[m]>Is there a way to add modules to the grub bootloader configuration? I could not find anything for that in the manual. <evilsetg[m]>hmm booting on an lvm root seems to have worked without loading the module. Strange, last time I had to add 'insmod lvm' to be able to boot. <gabber>is `apt purge guix` not supposed to delete /gnu/store? i am getting a "A previous Guix installation was found. Refusing to overwrite." when trying a binary install -- the debian package is sadly unable to `guix pull` <civodul>gabber: soudns like a question for fellow Debian packagers :-) <gabber>civodul: i'm just wondering whether we should treat this as a bug -- since `sudo apt install guix` is mentioned in the manual (section 2.1) and does not work(?) (currently?). i had the issue reported as #62055 <abrenon>after building a package with the haskell-build-system, guix build prints two lines (same package name, but one is suffixed with -static) <abrenon>I thought these were different outputs, but displaying the package's information with guix search I see only one output <gabber>but maybe `sudo apt install guix` only doesn't work for small-ish systems like the one i had it tested on <abrenon>so I'm wondering what they are, and whether one in particular can be selected for the build (I often see bash snippets with the output of guix build expanded to access the directory containing the build products, and I wonder how that would break with my two-lines-of-output package) <arjan>anyone else here using pounce as IRC bouncer on Guix System? I made a personal service definition that I could try to make more configurable for upstreaming <jpoiret>abrenon: well, guix build definitely needs support for output selection <civodul>arjan: i don't use it (yet), but a system service would be sweet! <civodul>i think maintenance.git now has a system service for znc <arjan>ah I will look at that for inspiration <arjan>civodul: is that a separate channel? <abrenon>jpoiret: so those *are* outputs ? how come guix show only reports one output (all), and not, something like "regular", "static" ? <rekado>civodul: we’re no longer using znc for logging <rekado>the service we have is for goggles-bot, which provides znc-style logs <rekado>I guess there could be a simple guix home service for znc, though <arjan>I noticed there are no existing services extending the certbot-service-type, is that policy or coincidence? <gabber>is the go-to way for a fine-grained (e.g. per network interface) configuration of the network-manager-service by providing files under /etc/NetworkManager ? would you consider it an improvement to have an extra field in <network-manager-configuration> where one could provide file-like objects for further configuration? <mirai>arjan: why/what are you trying to do? <arjan>I defined a personal service for pounce that does the certbot extension, not sure if I should include the extension for upstreaming <gabber>how can i find the last commit where there are substitutes for guix (or gcc toolchain) on aarch64? <arjan>mirai: I defined a personal service for pounce that does the certbot extension, not sure if I should include the extension for upstreaming <mirai>by extension you mean it requests a certificate? <mirai>or is it a custom plugin / hooks <arjan>yes, it automatically requests and configures certificate for pounce instances <mirai>afaik there's no policy in place regarding certbot service <mirai>but IMO that service needs a dust up <arjan>I could at least make it optional in the configuration, but that might still create a dependency on the certbot service <mirai>for instance, the email contact field should be in certificate-configuration; it's not obvious how to use certbot with other providers, iirc it only supports letsencrypt and you have to "know" which path the certificate is saved to <mirai>this should be revamped to something more flexible <gabber>and isn't there the issue of having to obtain the certificates manually before being able to instantiate the service? <mirai>arjan: my suggestion is to leave certbot out for now and focus with your service alone <mirai>pass the certificates manually <mirai>gabber: there is that one as well <mirai>gabber: but that can be easily solved by giving it some kind of shepherd service <mirai>it can still use mcron behind the scenes <mirai>the shepherd service simply runs the script if it needs to whilst providing a symbol that other services can depend on <arjan>the cerbot extension does seem to work very well in my specific use case <mirai>arjan: I suggested keeping certbot out of the equation simply because getting that service polished up will take more than a simple extension-point addition <mirai>gabber: re NetworkManager might be "possible" but I don't recommend it <mirai>you're asking for guix to synthesize a .nmconnection file <mirai>that implies guix will place this file in the store (readable by everyone) <mirai>and NetworkManager is fussy about the permissions of .nmconnection files <mirai>you'll have to provision them out of band <mirai>something like ansible perhaps <gabber>do you know if NetworkManager fails (and produces error messages) or just silently doesn't work with my synthesized .nmconnection files? <mirai>do note that these files can contain secrets <gabber>aarghh, so i can skip trying to fix my current setup (which made me wonder why it didn't work) <mirai>that's why NM is fussy with their permissions <gabber>i get that. this is more or less ok since we have to (!) store wpa configuration in clear text on our machines anyways (and nobody cares). neither good practice nor an example for the youngens, but at least we get our machines to work <civodul>�ACTION surprised by the output of "guix graph --path guix clisp"� <civodul>how come Gnulib depends on clisp? :-) <Guest74>My GNU Guix System takes an hour to shut down. How can I debug this? <civodul>"guix gc --references $(guix build gnulib)" is not empty <civodul>Guest74: hi! could you check /var/log/messages, the lines that correspond to shutdown? <civodul>Guest74: this snippet only spans one second; is there anything useful below? <civodul>i suspect little happens once syslogd has been shut down though <Guest74>civodul No, that is the start of the system from today <civodul>one thing that could take time is unmounting file systems in such, depending on the storage device, etc. <Guest74>I am back in TTY and syslogd: exiting on signal 15 is the last message I see before it completely shut downs. If I reboot it is the same. <civodul>how long before syslogd shuts down and the system is powered off? <Guest74>that happens comes instantly, after that I need to wait a long time <civodul>do you have magic power to spawn it anyway? <civodul>seems to me that it's the kind of thing that can go to master once we have a green light from qa.guix <mirai>Guest74: did you mount any networked filesystem? <mirai>the system does eventually shutdown right? <mirai>bost: contact unmatched-paren <cbaines>civodul, the threshold for builds is 600 per system currently, I think the issue with that issue is that the data service failed <cbaines>I broke displaying those errors recently, which is unhelpful, but you see the problem if you click on "View Guix Data Service comparison" <mirai>are these build machines using BTRFS? <mirai>skimming doc/infra-handbook.org seems to suggest that btrfs is used somewhere <mirai>do they have btrfs-scrub running periodically? <mirai>the infra doc contains a snippet for a mcron btrfs balance job <mirai>ideally there should be a scrub as well <cbaines>maintenance.git has the configuration, and I don't see any scrub jobs <cbaines>I've run some manually on the machines I manage, but you're right that it would be good to happen automatically <mirai>I have a periodic fstrim service as well if you're using any solid state media <apteryx>mirai: is this needed when using btrfs? <mirai>apteryx: no, its independent of fs type <mirai>it's a nice to have for solid state drives though <apteryx>I mean, Btrfs being SSD-aware, it should use fstrim itself Iguess? <lechner>mirai / may i have your Btrfs scrub service, please? <mirai>there's 2 ways to issue trim <lechner>the periodic way is superior, isn't it <mirai>one is continuous and the other is periodic <mirai>continuous is simply 'discard' fstab option <mirai>periodic is well... a cron job <mirai>lechner: allegedly yes, if you take arch wiki + redhats advice <mirai>the (periodic) fstrim service is already in guix-patches <mirai>I've yet to take a stab at btrfs-scrub <mirai>there's also the SCT error recovery control time for HDDs that can be configured with hdparm <lechner>mirai / Hi, which command-line options do you usually use with scrub, please? <lechner>arjan / Hi, I would also like to use pounce, but the last time I looked it seemed to recommend a whole ecosystem of tools, including one called 'litterbox'. <mirai>it's service specific at the moment but "can be generalized" <mirai>though a generic heartbeat service using a daemon+sockets approach might be a better design choice <lechner>mirai / Hi, that centos paste site does not know about guile's sexp comments with #; <lechner>how do you get the web response? that part is commented out <lechner>by the way, have you ever had a scrub error? <mirai>lechner: I've seen some lines in dmesg before <ArneBab>Why can it be so hard too get mesa 22 :-( — I’ve now been failing for three days to get that updated and core-updates looked so good, but had many failures, that occupied me for more than half that time. <lechner>ArneBab / Hi, what type of failures, please? <mroh>The "team approval" discussion reminds me of gentoo, which ended up in a very selfish "this is _my_ pkg, dont touch it" kind of thinking... <rekado>PSA: tonight the SAN (storage backing ci.guix.gnu.org) will undergo minor maintenance <ArneBab>lechner: I can give you a long list of patches for core-updates, but I failed at pyQt in the end <rekado>it may be necessary to reboot ci.guix.gnu.org, and it might be possible that the substitute server won’t be available for some time. <rekado>could also be that there’ll be no impact at all <lechner>mroh / i think it would be better to assign mundane jobs, like asking someone to keep the number of feature branches below thirty <civodul>rekado: noted, thanks for letting us know! <lechner>ArneBab / core-updates is such a monumental job, it would be better if we could cross-publish our substitutes instead of building everything locally <ArneBab>lechner: it begins with mundane changes and gets kind of desperate in the end. <vagrantc>�ACTION wonders the utility of a bot repeating a url giving no additional information :)� <ArneBab>lechner: can I somehow send you my created packages? I have around 50 hours of build-time lying on my disk … <vagrantc>at least, nothing that couldn't be inferred from the url itself <lechner>ArneBab / i'd be happy to host them for everyone if i can figure out the mechanics. i am kind of new though <mirai>you're going to have to deal with things like sybil attacks, etc. <lechner>i still think we should break core-updates into smaller pieces <mirai>if you sprinkle some SGX or TPM fairydust you might just be able to offload builds to everyone <mirai>ps: the T can stand for Treacherous <mirai>lechner: academic research project <lechner>actually, my CPU is too old for both, i think <ArneBab>lechner: sady the work I put in isn’t that high quality. I failed a lot and did not find out why those tests failed. Just wanted to get something working to I can investigate on the much faster new CPU whose on-board graphics need mesa-22 … <arjan>lechner: pounce and related programs are very modular and most are optional, you can run multiple instances on separate ports without anything else or add calico to serve multiple instances on one port <lechner>arjan / i know. it sounded like a zoo. maybe you an mirai can "herd" the cats <lechner>ArneBab / you should leave that judgment to others. we just need the best of everyone's work. like nckx used to say, sometimes social solutions can help with a nearly intractable technical problem <arjan>guix service configuration definitely helps to herd the modular components <lechner>arjan / being new, i haven't seen your work, but mirai is truly fearless. maybe he will become a shepherd maintainer at some point, or at least our service specialist <mirai>civodul: Is there some reason for AUX_FILES (gnu/packages/aux-files) to reside in Makefile.am rather than gnu/local.mk ? <mroh>lechner: I think, decentralized substitution with ipfs and/or eris (#52555) would help here, if people would try to build this branches (which most don't). But yeah, the brave soul(s) that merge core-updates needs a big machine for sure ;) idk, I have the impression that merging the 2 branches regulary burns people to much... <lechner>mroh / let's break core-updates into ten pieces <mroh>Let's get rid of it. We have an unbreakable system, rollback and time travel is easy for us. So why not just master, break it early and often. <msavoritias>well it is slightly ironic how it becomes this large <lechner>mroh / we are getting rid of it, i think, via feature branches. my comment was solely about the current merge effort <pjals89>It seems like NGINX is not forwarding the request to fcgiwrap... <mirai>the cpucores available aren't infinite :) <ArneBab>mroh: because once some packages do not come as substitutes, and these packages contain ghc (Haskell Compiler) or rustc, failed builds can take days. <ArneBab>and time travel in a live system can lead to crashes of the graphical environment (I broke mine when trying to just get an older icecat version) <ArneBab>it’s complexity in service dependencies. <ArneBab>it would be nice if we could have a CI that gates a stable branch, building everything and only merging there when all package combinations build. <lechner>Is there an estimate for the space required to host all the builds for core-updates to date? <ArneBab>that’s a rather hard problem to solve, though, because we effectively get head-of-line blocking or re-ordering of patches. <ArneBab>lechner: I only have an upper limit: less than 900GiB (that’s what my root consumes right now) <lechner>mirai / you mean there isn't enough CPU power on the substitute servers to build ten partial iterations of core-updates? <lechner>ArneBab / i have 1.7 tb unallocated RAID space, a static IP and no ISP traffic limit, but only an 20 MB/sec residential connection <lechner>i still think it's better to break up core-updates, though <ArneBab>I don’t have a strong opinion on the right path forward, only that the cost should be calculated to avoid making it unviable. <lechner>let's take the 25% that build right now and merge them. we'll do it again in two months <ArneBab>I got everything building (with broken tests, usually "this port is occupied and accessing it should throw an error") except for PyQt <lechner>well, i would start with the early Git history up to the first merge commit <lechner>rebase onto master and postpone everything that is doubtful <ArneBab>(sidenote: I’m sorry that I sound annoyed right now. I love the possibilities Guix gives me, it’s just that I’m failing to get it to build what I need to get the 5x faster CPU in) <lechner>ArneBab / what are you talking about? <ArneBab>The Ryzen CPUs come with an onboard graphics card that only works with mesa 22+ — I just need that to get out of a lot of pain <ArneBab>I bought that ~4 months ago and have been trying to get my software updated since then (not continuously — lots of other stuff intervening, but it actually starts to hurt at work) <civodul>it's still a WIP, but going in the right direction <ArneBab>civodul: not yet, no — I saw that you started to do more CI work on Guile (which is great!) <civodul>qa.guix is about automated testing of patches sent to guix-patches@gnu.org <ArneBab>civodul: can I donate some build capacity to qa.guix? (run it locally and report the results somehow?) <ArneBab>yikes, I need to decrease my workers: "execv: Too many open files in system" <civodul>ArneBab: you can't, but you could get involved to make sure the project allocates resources for that <civodul>ArneBab: which packages were lacking substitutes for you? <ArneBab>I don’t have as much freely allocatable time as I’d like for that … <ArneBab>civodul: I don’t remember the specifics — it’s gotten better since I switched to only use package -m <manifest>. <ArneBab>civodul: I often saw rustc being compiled again and again. <pjals89>Does anyone actually use cgit-service-type? <ArneBab>the core-updates build was the first time in a while that I saw builds of ghc <lechner>civodul / i loved the idea of renaming "services" to "sheep". it would be unique, consistent and would remind me a lot less of systemd <mirai>lechner: crashed/malformed services = black sheep? <lechner>mirai / if the expert says so, so be it! <lechner>we are really doing something great. why not have some fun along the way? <mirai>so the fibers in guile-fibers turned out to be wool <ArneBab>lechner: maybe a custom LANG=… setting? <civodul>ArneBab: rustc is rarely recompiled on master, if ever <ArneBab>can it happen to be garbage collected such that old versions are not available or such? <civodul>perhaps a substitute configuration issue? <ArneBab>I don’t know — usually it works, but when it does not, rust hurts. <civodul>you mentioned core-updates: core-updates has very few (sometimes zero) substitutes <civodul>but on master, rust is not a problem AFAIK <ArneBab>usually I do: guix pull && guix package --with-input=emacs-minimal=emacs --fallback -k -m ~/fluss-guix.manifest <ArneBab>(and I found lately that --with-input doesn’t work with manifests, so this did nothing …) <ArneBab>why should I not use --fallback? Wouldn’t that then cause the update to fail? <civodul>dunno, i never use --fallback these days <civodul>you can use it, it doesn't hurt, but i'm surprised there's a need for it <ArneBab>For some software I need pretty complex guix shell settings <ArneBab>maybe --fallback causes local builds on network errors? <civodul>if your manifest includes package rewriting, that might be why you're building Rust <civodul>it really depends on what you're doing <civodul>mirai, lechner: sheep, wool--we're on to something! <ArneBab>just around 630 packages in the manifest <civodul>next time if you can pinpoint which packages are missing, we can investigate <civodul>also, you can try "guix weather -m manifest.scm" <vagrantc>�ACTION wonders about the logic of starting and stopping sheep� <lechner>mirai / your enthusiasm is critical, because you might become the sheep shearer! <lechner>mirai / service bugs might become lice or mites <ArneBab>sneek: later tell civodul: thank you! I0l try. <ArneBab>sneek: later tell civodul: I’ll look at the weather once I have my new CPU in the system. Then I can afford some processing power. <vagrantc>so ... odd problem. recently set up a new laptop (not running guix) and using gpg-agent as an ssh-agent ... works fine. for anything but machines running guix system. <vagrantc>for some reason the ssh daemon running on guix system does not accept the key i am presenting <vagrantc>suppose that is a good starting point :) <Guest74>Is it not possible to do something like "guix pull guix"? Basically just fetching from one specific channel <lechner>i think i have also seen that, but by now all my systems are Guix <vagrantc>main issue seems to be ... sign_and_send_pubkey: signing failed for ED25519 "cardno:FFFE 87023833" from agent: agent refused operation <ArneBab>missing on ci: opencv, missing on bordeaux: qemu, virt-manager, fastboot, clojure, adb. <vagrantc>which oddly suggests to me that is the client-side issue ... but ... this exact same setup works with non-guix servers <lechner>Guix may be along in preferring Ed25519 <ArneBab>but compared to master tehre are a lot more … <lechner>ArneBab / Can you use a discrete graphics card for the time being? <ArneBab>lechner: I don’t want to … the CPU already consumes huge amounts of power <lechner>ArneBab / can you throttle or turn off cores when not needed? like a mercedes 12 cylinder? <ArneBab>sneek: later tell civodul: I found the issue: I have some custom-created packages which I just add to a local guix checkout. An compared to master there are around 300 missing packages. <ArneBab>lechner: that’s what I plan to do. I usually restrict my CPU to go down to 1.5GHz per core while I’m not at work. <lechner>you use a water cooler? your computer can make coffee! <vagrantc>lechner: been using ed25519 for years on all my machines ... <lechner>vagrantc / that's what you think? did you delete the old RSA keys? <lechner>or maybe it's the other way? maybe Guix is behind? <ArneBab>lechner: no, I’ll build in a a football-sized almost-passive CPU cooler. <vagrantc>lechner: i have had machines which have had no other way to authenticate but this same ed25519 key <ArneBab>lechner: since the CPU+ram+disks will be the only parts that create serious heat, I hope this will work well. <vagrantc>�ACTION has a hunch something cached a failed passphrase or something� <lechner>Hi, isn't the Debian paste service supposed to give me a download or a "raw" option? <lechner>ArneBab / thanks! i do not see that link in my FF <ArneBab>that’s strange … I saw it at the bottom of the paste page. <vagrantc>hrm. works fine with an ed25519 key not on my gnuk, so not ed25519 specific. <lechner>vagrantc / it could be a sign from above to switch over that one last client to Guix also <lechner>ArneBab / you did not wait long. that chip spent more time in your drawer than on the Amazon shelf <ArneBab>lechner: I saw that CPU and knew that it’s what I needed. <lechner>ArneBab / i was love a first sight. time to plug it in <ArneBab>(my current CPU is almost 6 years old) ☺ <lechner>�ACTION sees a new substitute server being built in ArneBab's living room with that old CPU� <ArneBab>nay, that CPU will go to my kids :-) <vagrantc>�ACTION wonders what sort of kids take CPU modules� <ArneBab>vagrantc: it comes with installation-service :-) <lechner>lfam / Hi, how may I reconfigure/deploy my system with Guix from Git using the non-guix channel, please? <lechner>i use the version of Gocryptfs from wip-go-updates locally, but cannot deploy using that branch <lechner>i'm not promoting any other channels. this is a general feature question for Guix, i think <lfam>Are you asking how to use a channel? <lfam>Using a channel and using a Git branch are different things <lfam>To use the wip-go-updates branch, I'd use "time-machine": `guix time-machine --branch=wip-go-updates -- system reconfigure --save-provenance /etc/config.scm` <lfam>I guess you can do the same for deploy <lfam>Hm, I'm not sure about mixing pre-inst-env and channels <lfam>I mean, I just haven't tried it and don't know how to do it. I'm sure it's possible <lfam>pre-inst-env is convenient but time-machine is the "real way" to test things <lechner>apteryx said there is a way (maybe -L ?) but it requires a local checkout of that repo <lfam>pre-inst-env can hide a variety of problems. time-machine is a complete test <lfam>time-machine does `guix pull`, and that's a part of normal Guix operation, so it's good to test it <lfam>pre-inst-env is just a convenient tool for developing <jpoiret>you need to add -- between the arguments to time-machine and the command <lfam>Don't miss the double hyphen that separates the `time-machine` part from the `deploy` part <lfam>It's the old-school Unix style <lechner>okay, that's running. i'll know in about ten minutes <lfam>Also used in `guix environment` and `guix shell` <lechner>yeah, i know the syntax. just had never used time-machine before <lfam>It's like, "run `guix pull` based on this code, then do the specified command based on that code" <jpoiret>time-machine is to pull what shell is to install :) <lfam>Except that time-machine does make an entry in your current-guix profile history <lfam>Later, when you get back on the master branch, you'll probably get a warning about downgrading Guix <lfam>So, it's a bit stickier than `guix shell` <lechner>�ACTION has ignored all warnings since Y2000� <jpoiret>I've never had any downgrade issues with pull, if there are i'd say it's a bug to be fixed <lfam>I think if you use time-machine to test some branch, then later those commits land on master by cherry-picking or similar, then you pull from master, Guix will complain. The Git history of the provenance of the profile generations will not be linear <lechner>jpoiret / maybe related to the daemon? <lfam>It's something that only developers who are testing things will run into <lfam>And hard to avoid while still satisfying the goal that "downgrades don't happen silently" <lfam>You'll have to pass "--allow-downgrades" to whichever command errored out <lfam>And later, when you get back on to master, same story <lfam>If one is worried in this circumstance, read the Git history and decide if one considers it safe or not <lechner>guix deploy: error: allow-downgrades: unrecognized option <lfam>I've never used deploy. Any deploy experts around? <ArneBab>A large part of the build time is being consumed by tests … could we separate those phases so a package whose tests succeeded once does not have to be rebuild just because its package got garbage collected? <ArneBab>(⇒ keep the test result (boolean) longer than the build result) <lfam>Would the tests package somehow be protected from garbage collection? <lechner>lfam / don't wait for Gocryptfs though, please. it's a new package so i have a working local version <ArneBab>lfam: that’s what I thought — not even a real tests package, just a boolean that says whether the tests for a given hash succeeded. <lfam>I see ArneBab. That's an interesting idea <lfam>I've heard similar ideas before, but this is more compelling <lfam>It does raise some questions about the functional model. Or rather, forces the idea of the model :) As you may know, some test suites are flaky, but we have never had a consensus about how to handle those <lfam>And there are things not accounted for by the model, like the filesystem on which the builds are performed, kernel versions, etc <lfam>Please suggest it on guix-devel <lfam>lechner: What's the primary goal of the branch? In terms of Go-language packages, how do you measure success? <lechner>lfam / well, i only tried to add Gocryptfs but some of those Golang packages were ancient. i'm not sure how to answer. we ought to look at the most commonly used Golang packages, I think. We don't even have Hugo though, I don't think <lfam>Okay, so it's mainly about Gocryptfs. And that's working for you based on the branch? <lechner>lfam / can you rebase wip-go-updates to get around my downgrade problem? <lechner>lfam / no, i do not wish to appear to focused on myself <lechner>what are the popular packages based on Golang in Guix? <lfam>I understand. I'm just looking for a basic "does it work at all?" heuristic that you can test with <lfam>Good question, I don't know. I use Syncthing <lechner>if you rebase wip-go-updates onto the current master, i think my deploy will work <lechner>or on savannah, delete branch and push again <lfam>I've rebased and pushed the branch, for your convenience. In general, it's best if you can use allow-downgrades so you can be a little more self-sufficient in testing <lfam>At least until we develop a better worfklow for feature branches <lfam>It used to represent pretty much every Go package <lfam>I just added gocryptfs to it <lechner>i think your initiative toward feature branches is urgently needed by the way. i am a haskell person mysefl <lfam>We could also use fold-packages to select every package that uses go-build-system. That's the "best way" <lfam>Thanks, I agree. The workflow needs improvement but we will improve it <lechner>lfam / i would also like to propose you as the "feature branch manager". your job would be to keep the number of feature branches on savannah under thirty <lfam>Err, no. Just based on package names. That can be adjusted <lfam>Heh, I don't have the time in the coming months for that, unfortunately <lfam>Winter is my "slow season" at work <lechner>i actually envision a whole number of mundane jobs to solve our contribution crisis <lfam>It's about to be busy season <lfam>I'll write a manifest to select go-build-system packages <lfam>Video engineer for live events. <lfam>It would be nice to work at baseball games. That would be a career advancement for me <lechner>we could have entire classes of contributors. many people could do nothing but accept patches with new version hashes <lfam>My hope is that qa.guix.gnu.org can increase its capacity enough that interested contributors can largely self-manage their work until it comes time to push. There wouldn't be a difference between "branches" and "patch series", in practice <lfam>For feature branches, that is <lechner>from what i have seen, the social realities are in the way <lfam>Of course, it could get out of control if 50 people all send different patches upgrading core packages. Even the Berlin build farm has its limits <lfam>I'm curious, can you give more detail? <lechner>we should do it like walmart, or the post office. people do one thing, and one thing only until they grow <lechner>i would vastly expand commit access but give people detailed instructions. like the military. everyone get a gun. you misbehave you go to the brig <lechner>we value dominion over competency, i think <lechner>when people are honest about what they know, there is no problem i don't think <lfam>I'd like to expand commit access, but we need more detailed access controls. It's not okay to give access to the master branch without developing some trust <lfam>Even the military is like that. You don't get your gun just by showing up to the recruiting office <lfam>And also, commit access to the master branch is like having access to the nuclear codes. Not like having a gun <lfam>It affects all Guix users <vagrantc>i have wondered about splitting commit access vs. merge access ... e.g. "anyone" can commit to a branch or set of branches, and then someone else actually merges the branch <lechner>we can assign another person to merge all pending commits into master in accordance with what people should be doing <lfam>But I agree, there's way too much friction now. The social realities are largely informed / determined by the technical limitations of the infrastructure and, over time, they have reinforced themselves. As we improve our infrastrucure, we'll have to deliberately rethink our ideas about what's okay <lechner>we have too few checks and balances, but the envisioned solutions rely on intelligence rather than duty <lfam>You're not wrong, but it's not the complete picture. <ArneBab>lfam: I now wrote an email about caching test results. <lfam>People involved in Guix have a variety of different goals and preferences, and it's really hard to achieve consensus <lfam>Leadership is critical for building consensus, but has a limited capacity to do so. <lfam>But, things do change, necessary tooling does get built and improved. The status quo is always unsatisfying somehow, but it's important to remember that things are better than in the past <ArneBab>lechner: there’s not only duty, but also intrinsic motivation. That’s part of what drives people to push things forward. <lechner>�ACTION thought lfam's advance toward feature branches was such a daring dash of leadership. so was the git update� <lfam>Ultimately, some patience is required. Wisdom is knowing how much :) <lfam>Based on our experiment with the Go branch, I think we need to look at using qa.guix.gnu.org instead. The Cuirass results are too hard to use effectively, IMO <ArneBab>Maybe it could help to define hard requirements: As long as those are met, there’s room for experimentation. Something like the "we don’t break userspace" by the kernel. <lfam>Yeah, I think the kernel offers a point of comparison for us. There are some key similarities, in my opinion <lfam>My thought about revolutions... I'm grateful that I haven't experienced one <lfam>Remember, one might not survive <lfam>It's with hindsight we can appreciate them <lechner>i did not mean to advocate for the weapons, but merely for the idealism <lfam>I wish that the Guix Days happened more often. There's always a burst of cooperation and boldness afterwards <lfam>I've drank too much coffee and need to step away for a while. I'll find the go-build-system manifest and share it, we can use it to test the branch a little more concretely. Unless something big is broken, let's push by Friday <lfam>And we'll summarize our findings about the workflow <lechner>it's because strengthening the social relationships reduces the fear or messing up <lfam>Also, some conversations happen much faster "in person" <vagrantc>hrm. apparently having ssh issues with newer debian too ... <rekado>does anyone know what needs to happen to fix the Cuirass download URLs that return 502? <arjan>mirai: my plan is now to make the pounce service extendable with instances and make another service that manages certificate for its instances through certbot so there is no direct dependency <mirai>arjan: what stops it from using plain paths to certificates? <arjan>the pounce service will support plain paths, but the automatic certbot extensions can be implemented in separate service that extends the pounce service <mirai>Why not simply configure certbot and pounce separately? <mirai>you're adding extra complexity to your service <arjan>I am actually keeping the service simple and just adding a service that can automatically extend certbot based on the instance configurations <lechner>mirai / if you have an extra moment, i'd love to track down this warning from the user-homes service, but could not find it (even through there are a few chmods there). it presumably occurs on my system because my home folder is mounted via FUSE, which denies the premission to root http://paste.debian.net/1273925 <lechner>mirai / to hit your pet peeve, the chmod seems to occur during activation (and not during login). based on what you told me that is an inappropriate way to do it, isn't it? <mirai>I don't like activation-service <mirai>you have to think carefully about what potential dependencies there might be <mirai>within the job you're defining <mirai>you're saying FUSE denied permission to root? <mirai>if not even root has the permissions... <lechner>it is, but not necessary. instead, i would like to change that chmod to either assume my uid, if needed, or to check permissions before trying to set them. mine are correct all along (I am logged in) <lechner>i also think folder creation should probably be left to PAM on login <lechner>although I don't mind it if it ensures that folks can log in <mirai>I don't know how good of an idea this is <mirai>but there's setuid,setgid and its many cousins <lechner>i does not actually need to touch my folder at all. guix assumes in many places that root can do anthing, but that is not so with FUSE. for example, i cannot use 'sudo guix' or any sudo with commands in my personal profile, because that path is stored in my home folder and not visible to root <lechner>that's also why i use guix deploy even on my local machine <winter>can someone highlight me in like, a minute or two? trying to repro a client bug that only got triggered in this channel, thanks <lechner>winter: maybe you need traditional typography? <mirai>cat gnu/services/desktop.scm <Guest7188>Anyone can recommend an image upload site? I am not sure if my system is hanging at boot or just takes a really long time after upgrade <NewUser-Basic-Qu>okioki...I am getting "guix system: error: service 'console-font-tty1' requires 'term-tty1', which is not provided by any service" ... there is most probably no service term-tty1. what is this reffering to? <lechner>NewUser-Basic-Qu / i have not seen that. it would be helpful if you could share your config, please <lechner>NewUser-Basic-Qu / Hi, did you omit tty1 from that list on purpose? <NewUser-Basic-Qu>nah...had wlgreet first enabled on tty1 but my sway wlgreet config holds itself "vt = 7" so removed reference to wlgreet terminal for any tty. i do not have to include specific ttys starting with tty1 do it? <lechner>well, something in %desktop-services (and possibly %base-services, as well) clearly expects "term-tty1" to be present <Guest713>Since upgrading to 6.2 my system isn't booting anymore. I did a guide pull 1 hour ago <NewUser-Basic-Qu>lechner wow...added (terminal-vt "1") and indeed error is gone...oki...thanks. am a little bit puzzled now.. <lechner>NewUser-Basic-Qu / it won't be the last time <lechner>and for the benefit of any reader, i just booted with kernel 6.2.2 <lechner>NewUser-Basic-Qu / for the "support" user I warmly recommend the Guix Home service. some folks can do without, but i think life it too short <NewUser-Basic-Qu>will get a home service. already experimented with that yesterday but is not first priority. Still feeling alien on Guix. Need more time to get familiar with the logic. Yesterdays home-service tests were purely for env-variables <lechner>the beginning is really hard, but it all pays off when a piece of equipment fails and you can spin up an exact copy within a few minutes via 'guix deploy'. or i love transferring services between machines with a simple copy and paste <lechner>although that would arguably benefit from some smarter "Scheming" <mfs5173>hello guix, I am trying to spawn a shell which has a cross-toolchain but `guix shell -D u-boot --target=arm-linux-gnueabihf` does not do the trick. Is there some other way to accomplish this? <lechner>mfs5173 / Hi, you may have to request gcc-toolchain explicitly, but i cannot get your command to work locally <mfs5173>It does not work, `guix shell` doesn't accept the target argument <lechner>apteryx / restarted. i hung on Throw to key `psql-connect-error' with args `(connection-bad "connection to server at \"wallace-server.local\" (fd8d:f6a5:5f27:0:c723:1fef:b33c:e949), port 5432 failed: FATAL: remaining connection slots are reserved for non-replication superuser connections\n")'. <lechner>apteryx / it's running out of connections even though I thought i was closing them <apteryx>I was trying to find if we have a package providing the 'cpanm' command <mfs5173>guix shell -D u-boot -e '((@@ (gnu packages cross-base) cross-gcc) "arm-linux-gnueabihf")' This command did the trick <lechner>mfs5173 / great! it may be worthwhile to amend our docs <mfs5173>Personally I use guix shell -D all the time and I think it would be great if it accepted the same arguments as guix build <mfs5173>then you could do input rewritting for your development environment <mfs5173>maybe it could make for a fun weekend project <lechner>unfortunately, i am not good enough to work on something like that <lechner>apteryx / yeah, you can always use debian's package search until i figure out how to get all the substitutes into my database <apteryx>we don't have a package for it yet :-) <apteryx>I tried: './pre-inst-env guix import cpan cpanminus' without luck <cbaines>this is the first time I've seen juix.org I think, is the code available somewhere? <apteryx>ah, ./pre-inst-env guix import cpan App::cpanminus does something <cbaines>lechner, what's the issue with getting the substitutes in to the database? <lechner>headaches are probably similar to python, but there is no byte-compilation to disk <apoorv569[m]>Does �base-services not include �xorg-xserver or something? I can't seem to get the lightdm login manager ever since I remove desktop-services and moved to base-services. <lechner>cbaines / i don't have them. my options would be either to provide a nar importer (and I hardly know what a nar is) or being able to enumerate and download substitutes to my equipment for local processing <lechner>i'd be happy to rsync, if that's available <cbaines>lechner, getting the nars should be the easy part, you just need a list of outputs (which you can either compute or ask data.guix.gnu.org for), then just download them <cbaines>then you can use fold-archive from (guix serialization) to read the nar and process it <apteryx>lechner: /gnu/store/19g90rd1s6s84n16dqq0xzczvn7rznz2-perl-app-cpanminus-1.7046; that was easy <lechner>apteryx / great! sorry i disappointed you with juix.org <mfs5173>apoorv569[m]: there is an xorg-server-service-type <sneek>Welcome back civodul, you have 4 messages! <sneek>civodul, ArneBab says: thank you! I0l try. <sneek>civodul, ArneBab says: I’ll look at the weather once I have my new CPU in the system. Then I can afford some processing power. <sneek>civodul, ArneBab says: I found the issue: I have some custom-created packages which I just add to a local guix checkout. An compared to master there are around 300 missing packages. <civodul>does juix.org share code with the WIP "guix index"? <lechner>civodul / i am not sure. maybe they copied some :) <lechner>apoorv569[m] / no you have to reconfigure, or your can start X manually, as i do <lechner>civodul / whoever is working on guix index <apoorv569[m]>reconfigure? I already did several times I don't get lightdm login can't start dwm from tty either <civodul>lechner: i started "guix index" and Antoine picked it up (discussions on the ML), so maybe we've been working on it concurrently? :-) <mfs5173>apoorv569[m]: I assume you also included a lightdm-service-type ? <lechner>i have a second version coming up that allows traversal via hyperlinks (including our symbolic links). i also plan to collect file information (magic) if that's not too much of an intrusion for people. the idea is to collect anything people have locally like my own packages or channels. it can really help to avoid duplicated effort, i think <civodul>lechner: where can we see the code? :-) <apteryx>we do not have lintian packaged yet, right? <lechner>apteryx / if you really need that, you want to talk to me. i maintained it for five years <apteryx>I'm packaging 'fpm' and it uses that as part of its test suite <lechner>unfortunately, i have to go now. crosswalk duty at my son's school. see you all later <apoorv569[m]>should I install �xorg-server package then in the system config? <jpoiret>civodul: by they way, is there any reason the package-source can't be thunked, and thus have target-dependent patches? <civodul>lechner: that doesn't include indexing, does it? <civodul>jpoiret: it could, but thunking doesn't come for free, and there are 22k packages <civodul>there's the code of allocating a thunk for each 'source' field, and there's the cost of allocating a new <origin> each time you call 'package-source' on a package <jpoiret>and I guess with gexps it's easier to do <jpoiret>the annoying part is that I couldn't use g-exps for the one i was working on <jpoiret>but that's bound to disappear at some point <apoorv569[m]>lechner: can you please tell me.. I kind of have a blank screen on my machine and I need it. <mirai>saves you from typing the certificate paths when using certbot (in its current state) <civodul>jpoiret: how did your Hurd endeavor go BTW? :-) <jpoiret>hurd is more coupled with mig/gnumach than you think, probably because development is moving fast these days <jpoiret>a newer mig can't build an older hurd <jpoiret>ie mig from december can't build hurd from august <jpoiret>civodul: also, other issue is that the snapshots don't even build properly <jpoiret>even if I take snapshots of everything just 3 days apart <jpoiret>i have to backport quite a lot of patches. I'm wondering how they even manage to compile things on debian <jpoiret>can't wait to finally build hurd and then it just kernel panics on me 🤡 <jpoiret>really want to keep the great hurd experience on guix though <rekado>I have a separate profile just for Emacs and all Emacs packages. I’m building it with Guix home and link it to ~/.emacs.d/.guix-profile. <rekado>Before I launch Emacs I “export GUIX_PROFILE=$HOME/.emacs.d/.guix-profile” and then source its etc/profile file. <rekado>my problem now is that I can’t seem to see packages that have been installed after Emacs was launched. <rekado>I used guix-set-emacs-environment, but it doesn’t seem to have any effect <rekado>I always need to restart Emacs, which is unfortunate <rekado>does anyone here have a similar set up? If so, how do you sidestep this issue? <arjan>I have all Emacs packages directly in my home profile and in the rare case I want to add stuff without restarting I just build it and add the output to load path <Guest74>since upgrading my system I get a BUG: kernel NULL pointer dereference, address: 0000000000000000 (can't make paste it says I should not spam) and also my system hangs upon shutting down at 'kvm: exiting hardware virtualization' <Guest74>If I go back to my old system (5.16 I think) everything runs normally <bjc>huzzah! with seatd/greetd i finally have rootless podman. we really need to clean up the cgroups stuff so it can be configured without contortions 