IRC channel logs
2023-11-27.log
back to list of logs
<Kolev>Why does Guix's default GNOME config use X? <lechner>there has been talk about switching for a year or so <lechner>XWayland didn't work so well, and Emacs also had issues until recently <singpolyma>I always end up switching parents etc back to x11 if they move to wayland by accident, due to bugs they encounter <lechner>i used sway for a while and thought it was more stable than Xmonad, for example, but as an EXWM user i'll be with X for a while <lechner>the_tubular23 / no EXWM on the agenda <the_tubular23>How about EWX ? I didn't hear much about it since last emacsconf <lechner>the_tubular23 / i ought to take a look. thanks! <the_tubular23>Just read the schedule, there seems to be some pretty cool talks, but none about Window Managers <vivien>If I did not forget anything, all the updates for GNOME 44.6 have been pushed to their respective issues. <vivien>Next step is to have them merged into gnome-team. <vivien>We’re still missing gnome-logs, gnome-software, gnome-tour and xdg-desktop-portal-gnome at least. First two are not really compatible with Guix, the third one requires a Rust packager, and I don’t know what needs the fourth. <PotentialUser-29>I'm trying to make a new guix package to contribute and am having some trouble. When I add my package to the appropriate file in /gnu/packages/ for some reason it doesn't get found when I do ./pre-inst-env guix package --list-available=my-package <vivien>PotentialUser-29, you may need to run "make" before that. <vivien>Also, make sure your package definition is surrounded by (define-public <your package name> (package ...)) <vivien>Unfortunately, yes, most of the online presence of Guix is down at the moment <vivien>I mean, the websites are all down as far as I can tell <Kolev>singpolyma, lechner : On normal systems, GNOME is Wayland by default. 😀 <PotentialUser-29>well while I wait on all of those packages to build, I do have one other question. My package would live in python-xyz, but I'm not really sure where in the file to put it. There's a comment at the end of the file saying not to add packages to the end and to instead find a package with a similar name or functionality to put your package near. I'm <PotentialUser-29>not really sure how to decide where to put mine since I haven't found any that meet those criteria and the list is not alphabetical. <iyzsong>PotentialUser-29: then i'd put it just before the last one <Kolev>singpolyma, foreign. Most foreign distros shipping GNOME are shipping it with Wayland. X is dead. <singpolyma>I'm not sure there's any good way to quantify "most" here <Kolev>singpolyma, even RHEL and Debian, which are out-of-date systems, are on Wayland by default. <Kolev>I've been on Wayland for years. I don't see the need to use X. It's very strange to be using it still. <singpolyma>To be fair I only run GNOME on one system so I don't have a lot of direct experience with the numbers on what are defaults. I just know that anytime a friend or customer is having an issue with something graphics related the first thing I check is if they are on wayland and if they are then switching them to X basically always fixes it <Kolev>singpolyma, sure, X fixes it, but their issue is usually from buying the wrong kind of hardware in the first place. If you're using GNU/Linux, don't buy nonfree graphics cards. <Kolev>Sorry. It must be my bedtime. I'm getting cranky. <singpolyma>not even just graphical things I guess, for example wayland systems seem unable to do global keyboard shortcuts also. all kinds of little papercut bugs <singpolyma>Kolev: no, no nonfree graphics of course, otherwise wayland wouldn't even work for them at all :) <ieure>I've heard from some folks who need accessibility features due to ex. problems with their vision that Wayland is completely unusable, as it was built without any support for accessibility. <ieure>I'm not in that boat, but I never use Wayland, personally. It gives me nothing I need over plain X, but stuff like xkb doesn't work as well. <ieure>I also use EXWM, which doesn't work under Wayland. Maybe some day if there's an EYWM and I still have okay vision, I'll switch. <ieure>As it stands today... X11 works as well as it always has, Wayland doesn't work as good. So. <ieure>(feel free to read "work as good" as a subjective "work as good for me" -- it might be fine for others, and if they want it, that's fine -- long as it doesn't hinder my X experience) <Kolev>When I switched from I3 to Sway, I found text much easier to read. <podiki>oy....looks like ci.guix.gnu.org is down all together? <Kolev>Oh no. I better not rebuild a container right now, then. <podiki>I was just about to merge mesa-updates....good thing I checked <podiki>sneek: later tell nckx seems ci.guix.gnu.org went down completely (no web interface, no substitutes) <adanska>anyone able to access the ci curiass page? <adanska>was wondering why the substitutes werent working haha <Andronikos>issues.guix.gnu.org is down again, too. Since this happened yesterday already nearly at the same time, I think there is something really broken. <efraim>It's hosted at MDC in Berlin. We need someone with iDRAC access to kick the box <adanska>who has access to the servers in berlin? <zilti>Hi guix! I am somewhat new, and I am trying to package a program. It's a C program that has also a significant amount of python code. Now my issue is that it's ./configure script cannot find the python executable. I suppose I have to add a `parameter` sexp, but I do not know to get the python path. <zilti>...or rather, the python executable. I know I can get the path using $GUIX_PYTHONPATH. <efraim>you can try adding python-wrapper instead of python3 if it needs to be 'python' exactly <zilti>efraim: oh nice, thanks, that worked! <civodul>nckx: looks like berlin wrecked havoc again 😱 <efraim>I got git-lfs to build on powerpc-linux but I had to modify the go-build-system <nckx>civodul: Yeah, I noticed earlier but hoped it was my own (mobile) connection. So I came here to be disapp^W^Wconfirm. <sneek>Welcome back nckx, you have 1 message! <sneek>nckx, podiki says: seems ci.guix.gnu.org went down completely (no web interface, no substitutes) <nckx>It seems to be completely inaccessible again, unless someone has a working SSH connection? <nckx>Mayhem. Serious trouble. <civodul>i was trying to access the iDRAC thingie <nckx>OK, I'll hard-reset the box again. Someone can then log in & check for clu. I will document this (either publicly of privately) but for context I'm roaming the Belgian countryside in a lorry, I can't do more ATM. <civodul>thanks for helping out in spite of this! <civodul>two hard reboots in less than 24h doesn’t sound good though <efraim>last time I restarted the cuirass-remote-worker services on all the build machines, I'll leave them off for a bit while we look around <civodul>efraim: please don’t restart them; it shouldn’t be necessary <civodul>and if it is, we’ll need evidence to squash the bug :-) <nckx>> Server power operation initiated successfully <civodul>ACTION sends a bunch of 👍 to apteryx for writing infra-handbook.org <nckx>Ya know, I haven't even read that. For shame. <nckx>ACTION away, but sent more in PM. <adanska>civodul: whats the link? im interested but infra-handbook.org doesnt lead anywhere :/ <civodul>infra-handbook.org is the name of a file in guix/maintenance.git, for those wondering <efraim>cbaines: I'm getting 502 from qa.guix.gnu.org <cbaines>efraim, yeah, it's off at the moment <cbaines>I could turn it on, but it's not really coping with issues.guix.gnu.org being down <cbaines>providing you're using bordeaux.guix.gnu.org, you shouldn't have a problem fetching substitutes Andronikos <cbaines>I think ci.guix.gnu.org is still down though <cbaines>in other news, has i586-gnu stuff broken again? <cbaines>data.guix.gnu.org is stuck trying to compute derivations <cbaines>ugh, I'm trying to compute derivations for i586-gnu, and for some reason I'm downloading bootstrap binaries and using a childhurd I forgot I even had running :( <cbaines>efraim, I'm hacking around in compile-as-derivation.scm <cbaines>I've figured out what I did wrong though, I should have passed #:system to build rather than setting %current-system <cbaines>just watching it eat memory now, but I'm not sure how much it usually eats <cbaines>civodul, I'm seeing problems with (guix self) for i586-gnu, and reverting 95ea1277ae2ebd278bdb51a7887f5ba1116fbc64 seems to help <cbaines>I noticed this because data.guix.gnu.org having trouble processing recent revisions, but I think it can be reproduced locally by adding #:system "i586-gnu" to the arguments of build in compile-as-derivation.scm <efraim>cbaines: does c936853a646fbb2b55e20a8374b9f93b8838f5a3 help with that? <cbaines>efraim, I'm testing against current master, so I guess not <efraim>cbaines: what about glibc-utf8-locales-final/hurd around line 3370, should that glibc be glibc-final/hurd or something? <efraim>no, its already define/system-dependent <civodul>cbaines: oh, what problem is it? it is when computing i586-gnu derivations specifically, or also when doing other things? <cbaines>civodul, I'm specifically looking at computing the i586-gnu derivation for Guix (e.g. pull, time-machine, channels, ...) <cbaines>I can reproduce it locally by passing #:system "i586-gnu" to build in compile-as-derivation.scm <civodul>the public interface is (guix channels) <efraim>(drv (build source #:system "i586-gnu" #:pull-version 1))) like that? <civodul>oh and the workers no longer wake up with cuirass-remote-server is restarted <efraim>how is guile built for x86_64-w64-mingw32? <Andronikos>Is guix time-machine cached as well? It seems that it always recalculates the derivation. <Andronikos>Also, if it calculates for x86_64 but I am going to use it for building aarch64, does it matter? <avalenn>Is there anyway to persist a container created by guix shell ? <futurile>avalenn: persist meaning what? Guix caches the packages, so if you recreate the shell env it uses the same packages if it can. If you want to be more specific then there's the option to create a manifest and version everything. <civodul>efraim: FWIW i’m restarting workers 😒 while investigating why this had to be done in the first place <Guest38>I just installed docker on guix, but I only see dockerd. How do I do docker run with that docker version? <Guest38>is not working. What am I wrong norw <Andronikos>Guest38: Did you add the docker service or do you mean guix install docker-cli with installing docker? <Guest38>Andronikos I probably meant the docker cli. I will install it now, thank you. <Guest38>Andronikos How can you know, that you need docker-cli and not dockerd: <Andronikos>For example, if you require sshd, you would add the openssh-service-type to your system configuration. <Guest38>Andronikos What is this docker deamon for? <Andronikos>I am not that familiar with the docker daemon but I guess it listens for commands. For example if you run "docker run [...]" it will create the container and is responsible for downloading the image. If you run "docker rm" it basically just sends a command to the docker daemon that it should destory that container. <Guest38>Andronikos hm, but could you not do this without a daemon? <Andronikos>In other words, docker-cli is just an interface to the daemon. The same thing is with "guix install htop". It is just an interface to talk to the Guix daemon to tell it to download that package. <sleepydog>the docker daemon runs with elevated privileges that are needed to create containers on most linux systems <Andronikos>Guest38: just to be sure, that daemon question has nothing to do with Guix but how things work in Linux. <Guest38>Andronikos Why are we not communication with the daemon directly? <Guest38>Andronikos Can you advise me something to read about these topics? <Andronikos>Guest38: I can't answer those question since I don't have the expertise. <lechner>Guest38 / Guix is already so compartmentalized, you may not need docker. For those bothered by privileges, I think there is also podman <Guest38>lechner I just want to run archlinux <Andronikos>Guest38: Just add the docker-service-type to your services in your system configuration and try it again <mtekman`>Hi all, is it unknown to have a package that has the exact same source as another package, but uses a different build system to produce other output files needed by dependent packages? E.g. fftw when built using gnu-build does not produce all relevant cmake files, but does so when built with cmake. What is the protocol on something like this? <Guest38>(service docker-service-type), right Andronikos? <Andronikos>After you have added it, run "sudo guix system reconfigure <path-to-your-system-config.scm>" <Andronikos>It should work directly as of you don't need to reboot. <futurile>mtekman: there are some packages that use more than one build system, they import the second one and use custom phases - that's what I've seen anyway <futurile>mtekman: ofc I am struggling to think of one to give you as an example now I say this. <Guest38>herefore, it's recommended to review the configuration file /etc/config.scm at the specified line and column (42:2) to identify and correct the <Guest38>Andronikos /etc/config.scm:42:2: error: (services (service docker-service-type) %desktop-services): invalid field specifier <Guest38>Andronikos do you know, what I am doing wrong? <civodul>nckx: thanks, i had forgotten about that <Guest38>Andronikos It feels like I am missing some basic concepts in guix. I need to read more. i don't really understand, what a service is to be honest and neither do I understand, what exactly a use module is <Guest76>Guest38: (use-module (...)) is the same as an import or include statement in another language <Guest38>Guest38 ah thanks and how do I know, what modules there are? <nckx>Guest38: Each .scm file in the Guix git checkout is a module. a/b/c.scm is (a b c). Tools like 'guix show' or 'guix system search' show the module in the location fielde <Andronikos>Guest38: and replace (services ...) with (services (cons* (docker-service-type) %desktop-services)) <fury999io>hey all. can someone explain me what's the hype about guix or nix package manager. what makes it stand out? and how do guix and nix differ? <Guest76>about the wifi firmware: The BIOS is supposed to place the firmware in /run/firmware, but this doesn't exist in guix... At the risk of angering a lot of people, I actually like the way Purism is going about it; keep the blobs out of the OS install, but accessable by the user. The firmware exists either way. <Andronikos>Guest38: It is okay that you don't know that. I did not know that either. But over time you will learn all those things. <attila_lendvai>fury999io, they are much more than just package managers, although that's part of the story. <Andronikos>It seems that Docker is broken on aarch64. Should I create an issue or if I am able to solve it (at least going to try it) should just send the patch? <nckx>How the hell does firmware 'place' things in a running / file system. That can't be what's happening. <Guest76>Since PureOS (another fsdg OS) supports this behavior, is it expected that guix will support Librem hardware going forward? <fury999io>attila_lendvai, well so what exactly makes guix and nix os special? <attila_lendvai>ACTION notes that the intro in the manual is not very good, but it's being discussed on the mailing list <nckx>Probably, but you'll have to figure out what exactly this behaviour is. <Guest76>nckx: I'm very confused by it too, but it works in PureOS <nckx>Sure, because *something* (and it's not the firmare) is putting or mounting or someth-ing it there. <nckx>Firmware, although it does rhyme with nightmare for a reason. <attila_lendvai>fury999io, the package manager solves the DLL hell by ensuring that each reference to an external dependency is a full path to the /gnu/store/[hash]-some-package/, which enables the coexistence of wildly different versions or configurations of packages <Guest76>nckx, I'm in an email chain with support now. I'll try to see what progress I can make, but most likely I'll try to put as much info as possible in an email to the bug mailing list. <attila_lendvai>fury999io, guix (and nix) builds packages in a reproducible way, it's part of the story all throughout the system: you declare what it should be like, and it's manifested for you. from reproducible packages to the grub config, or the boot sector. and it can be done remotely to manage servers, and from custom scripts that you can develop <nckx>All my uses of 'firmware' refer to 'the BIOS' (boot firmware), not the device firmware file under /run, sorry for choosing that confusing language out of habite <attila_lendvai>fury999io, the main difference between nix and guix is the surface language that you use to describe the system/packages. nix has its own language, while guix uses scheme, which is a more flexible, general purpose language. <Guest38>Andronikos thank you for the encouragement, after having done everything, you said, I can run arch, thank you very much <cbaines>Andronikos, substitute availability isn't really set by intention, there are difficulties in providing substitutes for the hurd though. <cbaines>substitutes are much more of a best effort thing, especially at the moment <nckx>Guest76: Is anything mounted on /run/firmware? <attila_lendvai>fury999io, another key feature is that you can have multiple "generations" of your operating system, and you can chose which one to boot from grub, or just roll back an entire upgrade that you don't like. kinda like transactions. <Andronikos>In other words, you will always have a bootable system. I misconfigured Gentoo and had to reinstall it since I am a novice. On Guix it doesn't matter. Just doing a roll back and I am back up again. <Guest76>nckx: On my Live USB, /run/firmware does not exist. <nckx>No, that blog post is omitting some key step. It might be that they are loading the kernel directly and/or injecting an extra initramfs, for example. That won't work with Guix You can't simply 'put things in /run' from a normal boot loader like GRUB, something's missing here. <Kolev>What's the difference between --target and --system in guix pack? <Guest76>Andronikos: In as neutral of terms as possible, it is a filesystem mounted seperately from the main OS filesystem to keep a degree of seperation between the OS and the propietary firmware <nckx>There are ways to achieve this effect but they are not trivial and Purism's being a bit coy to make it sound simple. <Andronikos>Guest76: Ah thanks. I understand it. Looks smart to me but how does that even work? <nckx>Let's hope support gives a non-marketing answer. <Guest38>does anyone have an easy alternative to quemu. It is a bit to complicated for me . <nckx>gnome-boxes exists for that but I've not used it myself. <Andronikos>Kolev: --target will use cross building and --system will use qemu binfmt module to emulate the processor architecture to compile it, as of you would actual run it on that type of hardware. <nckx>libvirt is complicated but in a wholly different way that some folks prefer. <Kolev>Andronikos, so --target is probably what I want. <Guest38>nckx actually I installed it today. It crashes on guix, when downloading a .iso <Guest38>nckx it is the first thing I have tried today . <Andronikos>Guest38: Having the same issue with gnome-boxes. I personally use Virtual Machine Manager <Andronikos>Everytime I use something from GNOME, it just disappoints me. <nckx>Guest38: Oh. Well, report the crash if you have time (with any errors), and sorry it didn't work. <Guest38>Andronikos what exactly is VMM? I would like to try it too <Andronikos>It is reported, it is an issue with gnome-boxes and they don't fix it. <Andronikos>Maybe they fixed it but I had that issue on Gentoo as well and Guix uses a really old version of gnome-boxes. <Andronikos>(I meant that no one updated maybe gnome-boxes to have the fixed version of that issue) <Guest38>peanuts can I also run non-free os on it? <Guest38>Andronikos thank you, that is good, then I can make my transitiot to guix easier, thank you very much. <Guest38>I could even use guix for work then, that is awesome. Running my main system on guix instead of ubuntu <Andronikos>If I want to build "docker-service-type", I would just run "guix build docker"? <Andronikos>Guest38: Are you using currently in the VM for testing or actually on bare metal? <cbaines>Andronikos, guix build is for building packages, docker-service-type is a service type, so that's something you use in an operating-system definition <Andronikos>cbaines: Yes, but it fails for aarch64-linux. Now how can I build it, if I update code to fix broken test? <Andronikos>cbaines: I guess it is the package which is therefore docker? <cbaines>Andronikos, if you want to build the docker package, then guix build docker is the thing to do <ieure>Andronikos, Docker is a client-server system, you need both the daemon and the CLI which interacts with it, so the packages are generally named "docker" and include both. <cbaines>I think docker and related components have changed scope and names over time, so maybe the package name could do with updating <ieure>Don't think that's the case here. <cbaines>ieure, currently the docker package contains dockerd, and docker-cli contains the client I think <Andronikos>The cli is named docker-cli which is correct. Others do it that way, too. <Andronikos>You know, I want it named dockerd for consistency <ieure>Well, the crux of the issue here is that on ex. Debian, when you install the package for a daemon, it automatically starts with a default config. And Guix can't do that, you have to go mess around with the system config to add it. <ieure>Not sure what could be done to make it easier on Guix. <Andronikos>It seems that the latest revision broke docker. It now fails a test on aarch64. What is the correct way now. Should I test and find out which commit broke it, just report that it is broken, or may just fix it and send the patch? <nckx>Witt dockerd we'd be inconsistent with all major distroes besides OpenWRT :-p <Andronikos>(my system is 60 days old and can build it with no issues on aarch64) <Guest38>does anyone know a good tool got build graphs with, that align automaitically to a sensible layout, so that I do not have to rearrange everything, just because a node gets a link to another node <Guest38>I just know a non free program, but I would like to switch to a free one, if possible. <Andronikos>nckx: Maybe I have burned in dockerd because in text it is used as dockerd to differentiate for the CLI but the package itself is packaged as docker. <Guest38>Andronikos virt manager asks me to install libvirtd, where can I get this from? <Guest38>I really wonder, whether I my work laptop <GNUtoo>Hi, if I understood well, 'guix pull' will fetch the lastest revision and update the guix of the current user to use that revision. Is there a way to just fetch a given guix revision without updating Guix itself? <GNUtoo>My use case is to use guix time-machine without touching to the user system. <GNUtoo>So for instance if I've a script that use a more recent guix revision than the one used by the user I just want to fetch it to make it available to guix time-machine. <efraim>Well, in order to delay working on go packaging I worked on the go importer <efraim>now it ignores the indirect dependencies and will add the #:go keyword <Guest53>Andronikos how did you install qemu-kvm on guix? I can not find it as a package. I have install qemu though, but virt-manager say, that it can not recognize it. <Andronikos>GNUtoo: guix time-machine --commit=<commit> -- shell [...] or not? <Andronikos>Guest53: I have added libvirt-service-type and set unix-sock-group to libvirt. I also added the virtlod-service-type and added myself to the libvirt group by adding libvirt in the supplemantary-groups field under user-account. <GNUtoo>Andronikos: ah it seems to update indeed, thanks <tjout>Trying to learn Guile by converting one of my backup scripts. The script checks a directory for a set limit of snapshots (20) and deletes old snapshots before creating a new snapshot. All snapshots are named YYYY-MM-DD. <tjout>I never used a functional language before so my brain is hard wired to the imperative process. In any other language I would get the length of the list returned from "scandir" and just walk over all entries starting from the 21st, deleting the snapshots. Something tells me this is not the "right" way to do this. The function gets called like this: <tjout>(remove-old-snapshots base-path max-snapshots) ;; base-path is the directory containing the snapshots <Guest53>hmm, can anyone help with this please. i have install VVM, but I still get the message: could not detect default hypervisor. <avalenn>futurile: about "persistent" containers, my aim is to do dirty things like `guix shell mypackage --container -- mkdir /in-container-only` and to be able to re-enter the container with the directory still existing. <avalenn>I tried `guix shell --container --share=/tmp/root-for-container=/ coreutils -- mkdir /newdir` but it does not exactly what I wanted <Andronikos>Guest53: Try top left "File" > "Add Connection" and click the connect button without changing anything. <dthompson>containers are by definition ephemeral environments. what you need are persistent storage volumes. <dthompson>when we say "container" in guix we mean the environment, not the stuff in it. <avalenn>I just tried to circumvent that to do more impure things. <civodul>avalenn: to have files that persist across ‘guix shell’ invocations, you can indeed do something similar to what you showed <civodul>specifically, i’d do this outside of ‘guix shell’: mkdir ~/container-data <dthompson>avalenn: there's nothing to circumvent, is what I'm trying to say. <civodul>and then run ‘guix shell -C --expose=$HOME/container-data=/data’ (say) <avalenn>Just not with all / mapped because, as it is mounted at the end, it masks all default mountpoints added by Guix to the container <dthompson>no container environment will let you do that <dthompson>a lot of the stuff guix sets up is similar to what docker and others would do <dthompson>the process namespace requires a new /proc, etc. <avalenn>docker sets up its own stack of file systems and the content you create on a Docker container can be retrieved afterwards <avalenn>it creates Docker images just like that <avalenn>I don't say we want to emulate that in Guix. <dthompson>I think we still have a mismatch in terms here. <dthompson>when I say "container", I do not mean a disk image. <avalenn>when I say container, I tend to say "the executable environment where I launch commands", in this environment there is some things like mounted file-system <avalenn>by default in docker-land, the / file-system is some sort of overlayfs which is persisted in hard-drive <avalenn>by default in a Guix container, the / file-system is a tmpfs jetable <ieure>I've never seen containers used that way, the whole point of Docker's setup is that you *shouldn't* make changes to anything outside volumes mapped to the host FS. <avalenn>ieure: you would be surprised of what we do even if we shouldn't... <ieure>avalenn, Well, I'm not surprised that doing things you shouldn't fails to work consistently! <avalenn>Thank you for your help anyway. I understand now what I can do and what I cannot do and why. <avalenn>It's just all very consistent once I understand the mechanism. <Andronikos>Does Guix have actual ARM hardware or do they just use qemu binfmt? <ieure>Changes made to the FS inside a container are lost when the container terminates. I guess Docker keeps the halted container around and lets you use it more than once, while Guix doesn't. <Guest53>@orianj nice did you write that in guile: <Guest53>what have you been using as front end? <oriansj>Guest53: that was written by civodul, so they may know more than what what was in the blog post <sarg>Guest53: just check the `package.json`, the link to the repo is in the post <vivien>Also, issue #67473 has not been picked up by QA yet <Guest53>I run manjaro in KVV, but after the boot menu the screen stays black. Anyone any idea? <Guest53>am I missing some configuration maybe? <Guest53>does anybody know, how to configure polkit in guix correctly? <sarg>isn't (service polkit-service-type) enough? <Guest53>(service polkit-service-type) unbound variable <sarg>sure, you need to (use-service-modules dbus) as well <sarg>have you found guix manual already? It's beginner friendly and is just awesome <Kolev>I don't like having to stop my container to add software. <sarg>wow, my first successful `guix deploy`. Struggled a bit with `error: unauthorized public key`. Somehow it wasn't added to target's host acl and then when I had done that manually, it got removed with the next `guix deploy`. I ended up adding `guix-service-type` to the `operating-system` definition. <sarg>now need to implement a sort of watchdog, so that even if I mess with the config, the system would rollback automatically <lechner>not sure i understand your watchdog need, but 'deploy' is great! <futurile>avalenn: {was away} - guess you're going to have to play with the guix shell mount/expose option, possibly do something with mounting your own overlayfs. Also, Guix does have actual system containers if you want to go the full VM route. <Guest5>in Virt-manager, I get conn = libvirt.openAuth(self._open_uri, <Guest5> File "/gnu/store/jl68fh31rnq6r8y3bab3kxk37axgcv9s-python-libvirt-8.6.0/lib/python3.10/site-packages/libvirt.py", line 147, in openAuth <Guest5> raise libvirtError('virConnectOpenAuth() failed') <Guest5>libvirt.libvirtError: Failed to connect socket to '/var/run/libvirt/libvirt-sock': Permission denied <Guest5>when I start to connect kvm/qemu <sarg>lechner, I am provisioning a remote host and if I mess up root's shepherd, I might loose network access to the server <sarg>Guest5 is your user in `libvirt` group? <futurile>Guest5: is that socket there, is your user in the right group to use it <sarg>how do I do it when the host is inaccessible? <lechner>rebooting is usually an out-of-band option <sarg>reboot will not do the rollback though, the same broken version will boot <lechner>also, it may not be wise to hack on the shepherd when it is deployed on critical hardware <Guest5>futurile socket is there, yes, thank you <sarg>well, that's just a laptop with a broken screen. I can reboot it, though I don't have external display to select the previous boot entry in grub <sarg>btw, I've read today that nix's cache costs $9000/month to host. I wonder how that compares to guix expenses <Guest65>now I get the following message from the virt-manager: libvirt.libvirtError: error from service: GDBus.Error:org.freedesktop.PolicyKit1.Error.Failed: Action org.libvirt.unix.manage is not registered <Guest65>Can anyone help with this message, please. I don't know, what to do here <Guest65>I thought at first, it was polkit, but I install already the dbus <Guest65>What could it be or could I have maybe polkit not installed properly <sarg>Guest65: you're on a foreign distro, right? <sarg>you need both `libvirt-service-type` and `polkit-service-type` in your os services. Reconfigure the system and then try again <Guest65>sarg hmm, I get libvirt.libvirtError: error from service: GDBus.Error:org.freedesktop.PolicyKit1.Error.Failed: Action org.libvirt.unix.manage is not registered <Guest65>guix system: error: more than one target service of type 'polkit' <Guest65>sarg this error started, when I put dbus in use service modules together with polkit <Guest65>sarg I am guix, I just want to run, viirt-manager, but I am facing a lot of trouble <Guest65>the errors are not very obvious to me <sarg>you probably already have polkit service coming from %desktop-services. Which means you don't need to specify it again <sarg>and if guix system gives you an error it means that your changes are not applied <Guest65>sarg same problem: libvirt.libvirtError: error from service: GDBus.Error:org.freedesktop.PolicyKit1.Error.Failed: Action org.libvirt.unix.manage is not registered <sarg>check /etc/polkit-1/rules.d/ There should be 50-libvirt.rules <Guest65>sarg is there a way to debug this error to get at the root <Guest65>sarg // Allow any user in the 'libvirt' group to connect to system libvirtd <Guest65>polkit.addRule(function(action, subject) { <Guest65> if (action.id == "org.libvirt.unix.manage" && <Guest65>uid=1000(dave) gid=998(users) groups=998(users),975(libvirt),990(netdev),991(audio),992(video),999(wheel) <sarg>have you `sudo herd restart dbus-system`? Though I'm not sure how polkit changes are applied to a live system <Guest9>sarg thanks, that worked, how did you know that, you have to head <sarg>because polkit is a part of system dbus. Check /etc/dbus-1 contents <Guest9>sarg to be honest, i am more than confused <Guest9>sarg anything I can read or watch to understand this more <Guest9>sarg you have the right answers, but I want to understand like you or the others <sarg>well, guix is a bit more advanced than the usual distro where most of the issues are ironed out by maintainers <sarg>the best way to learn something in IT is to get your hands dirty. Try LFS (linux from scratch)? <PotentialUser-96>Oh just saw there's a log file, I see this error: "symbol lookup error: /gnu/store/5h2w4qi9hk1qzzgi1w83220ydslinr4s-glibc-2.33/lib/libpthread.so.0: undefined symbol: __libc_pthread_init, version GLIBC_PRIVATE" <sarg>that seems like a worthy thing to report to the mailing list (as the manual recommends) <trnry>Does anyone know the font situation on Guix at all? I'm trying to get some PDFs to display and some of the fonts are being replaced by DejaVu Sans. Is Times New Roman proprietary? And if so, is there a package for a free font that will act as a drop in replacement? <ieure>trnry, A note on the Debian package suggests the "Liberation" fontset as a free alternative. That's in the font-liberation Guix package. <ieure>On Debian, the MS TTF core font package is just an installer that does some downloading to install the fonts, because they're not freely redistributable. <lechner>while well-intended, our discussion may breach channel rules <ieure>Nothing stopping you from making your own Guix package to install them, if you like -- or maybe someone has already? But it couldn't be accepted into Guix proper. <ieure>lechner, I don't see how, other than my final message skirts the subject a bit -- but you wrote before me. <lechner>it's okay to finish the conversation. i just didn't want anyone else to step on our toes <nckx>This is the Internet. Wear shoes. <civodul>berlin down again, and i’m starting to wonder if this could be due to the failing hurd-packages evaluations <nckx>I am once again unable to SSH into berlin. <nckx>I wrote that before I saw yours. <civodul>cbaines: did you find any lead re i586-gnu “make as-derivation”? <nckx>I have one SSH connection open but it's hardly usable. But it's technically working, I think, if I wait a minute for each keystroke. <nckx>No, I can't, looking at those things is why I logged in. <nckx>I'll leave it open, who knows. <lechner>looking alone won't help. how about just killing the guix daemon? <nckx>If I can't ever run ‘free’, cat /proc/loadavg, or start htop, how'm I going to kill stuff? <nckx>(Why would looking not help? Why would killing the daemon help? I don't understand either.) <lechner>sorry to offend. in oom, time is precious. i don't use it but thought killall guix-daemon or so might save the day <lechner>child processes may not may not go down with it <nckx>You, as always, did not offend. <ieure>A thing I've come to appreciate about Emacs' shell-mode is that everything is line-oriented, so it doesn't roundtrip every character. So you can `killall guix` and hit RET and it'll send the whole line over and it'll run when it runs. <ieure>Line-based is 10000x nicer when you're trying to deal with overloaded system. <nckx>Tangent, because berlin doesn't recieve UDP, but that's why I always use mosh over ssh. But the issue here isn't RTT typing comfort, I think it received the keystrokes (although I can't prove it). It's just so locked up it won't run anything. <cbaines>civodul, I didn't look that much at it apart from reproducing and checking it involved 95ea1277 <ieure>I once made quite a face when I logged into a slow machine and found its 1m load average was over 20,000. <ieure>I had a "huh, I didn't know it could go that high" moment. <nckx>Linux is pretty OK at handling some kinds of overload. <ieure>Yeah, the machine was slow, but not dying. Had 10ks of processes that had wedged. <civodul>cbaines: before 95ea1277, i586-gnu evals would quickly fail, right? (because coreutils would fail to build, for instance) <cbaines>civodul, I can't really speak to anything past computing the derivations, and I think they could be computed prior to 95ea1277 <cbaines>but they could be completely broken for all I know <civodul>anyway, if that’s the thing that caused OOM on berlin, that’s embarrassing <cbaines>I haven't used Zabbix, but maybe once things are back up, you can use that to determine if it's a memory issue <nckx>I don't think this is going anywhere. Even if the machine finally processes my command, it's going to return a sudo password prompt, and IME that's the ‘fast’ part. So I'm inclined to hard-reset the server again. Then someone can keep some terminals running to keep an eye on it or whatever, or install earlyoom, or fix the Hurd bug. <nckx>(If someone does keep an eye on the server, someone should remember that the firewall likes to close even active SSH connections after some time.) <nckx>Berlin doesn't have swap at all, right? <nckx>I'm not sure if it has swap, hence the cowardly ‘?’. <nckx>I'd say N only if forced to guess. <trnry>ieure: Thanks, font-liberation didn't seem to automatically work as a substitute, but I'll see what I can do to make it <civodul>apparently berlin doesn’t have swap at all <civodul>nckx: how about rebooting it but turning off Cuirass once it has booted? <lechner>then the diagnosis is process overload, like a fork bomb <civodul>and then yes, monitoring as you write <nckx>It has 192G of RAM so I'm not sure swap would have helped in this case. The machine would probably just thrash and behave exactly the same from our PoV. <lechner>without swap, there is no disk activity to explain the slowdown <lechner>all pages are live. the processor is maxed out <nckx>lechner: That's not true IME. Workloads exist where the machine will effectively ‘thrash’ without swap. <lechner>okay, maybe excessive file system enumeration, but again it's not an oom problem <nckx>As Linux starts gettin' desperate with the page cache and other things, and if there are many processes trying to I/O, it will grind to a halt visually identical to swap thrashing. <lechner>without swap, the kernel will panic the moment there is no memory---unless some processes employ weird strategies upon memalloc failure <nckx>In my example it's not OOM that kills you (because indeed not strictly ‘O’OM), it's the slouching towards OOM. <lechner>okay, but you agree that OOM is not the problem initially? <nckx>lechner: Again IME, actually reaching a naive ‘0 bytes free, panic time’ isn't something that happens swiftly if at all as the system gets slower & slower locked on legitimate but uncached I/O. But this is all becoming hypothetical. Yes, all this can happen. Many other things can happen. For now, we simply can't know which one did. <nckx>Hey lookit, the free returned. <nckx> total used free shared buff/cache available <nckx>Mem: 197717948 194062168 1954984 382888 3201132 3655780 <civodul>nckx: yay! so that’s the thing: the kernel is busy moving pages around and nothing else happens <nckx>lechner: Only for an academic point of ‘you're not strictly OUT of memory, merely almost out’, I think, assuming I understand your distinction. <nckx>And as you say, being out would be an improvement: Linux would get its gun. <civodul>maybe you can try a clean reboot, but that could take ages, so maybe it’s more reasonable to do a hard reboot <nckx>As it is, it's desperately thinking ‘I can fix this, I just need to try harder’ like a desperate boy. <nckx>civodul: No harm in trying a graceful reboot first. Typed. <lechner>what's the distinction between hard and clean, please? <nckx>Here, I think civodul means ‘sudo reboot’ by clean, and the equivalent of hitting the reset button by hard. <nckx>It's certainly what I'm planning 3:) <nckx>That's almost certainly how this will end, but I'll give sudo a few minutes more. <nckx>lechner: Re: zswap/zram: they are very useful but only for ‘legitimate’ high memory usage. In this case, if the problem really is infinite memory usage, they'd merely make the failure mode worse. <nckx>If the pages are empty, you could store a honking lot of them, that's true. <nckx>(Does zram detect same-filled pages like zswap does? I'm drifting again…) <nckx>I'll log in, start the issues sync, and stop cuirass, but then it's off to bed. <nckx>Whoever actually fixes this bug whilst I'm asleep deserves the rock; I'll just hold it for them. <PotentialUser-96>before I message the mailing list about "symbol lookup error: /gnu/store/5h2w4qi9hk1qzzgi1w83220ydslinr4s-glibc-2.33/lib/libpthread.so.0: undefined symbol: __libc_pthread_init, version GLIBC_PRIVATE" I've been trying to do a clean build and the substitute servers are painfully slow, wonder if perhaps I had gotten a corrupted glibc with my initial <PotentialUser-96>I guess I'll see whenever this finishes, but just wanted to throw that thought out there <civodul>PotentialUser-96: what command gives you this error? <civodul>running in ‘guix shell -C’ will make sure there’s no interference with the rest of your system <civodul>particularly important if you’re on a distro other than Guix System <nckx>The issue tracker is back up. <nckx>(As in, just now, you didn't imagine it.) <nckx>nginx still doesn't start automatically because of the anonip state. <nckx>I've done what I said I'd do, cuirass-web depends on cuirass so ci.guix is 502, but otherwise good night. <nckx>I'll explain or go ahead & fix it tomorrow. <PotentialUser-96>so now when I try to run make I get "No Guile development packages were found." <PotentialUser-96>I ran "guix shell -C -D guix help2man git strace --pure" followed by "./bootstrap" <PotentialUser-96>guile is definitely installed, I guess the development libs just aren't where they should be when using -C <PotentialUser-96>ok something weird is going on, it happens when I omit the -C as well, this wasn't happening previously <PotentialUser-96>I tried doing the steps for setting ACLOCAL_PATH and using the localstatedir with configure and make is at least running now, so we'll see