IRC channel logs


back to list of logs

<snape>apteryx: my point is that bash static is almost 100 times lighter than guile
<snape>which means it's a way better fit in a small embedded system
<snape>and yes, I could use busybox, which include bash-static, and still lighter than guile
<rekado>I want to play with changes in gnu/build/linux-container.scm; tells me that the container process must have the CAP_SETUID capability in the parent user namespace for what I want to do
<rekado>how does a process get this capability?
<rekado>my goal is to be able to spawn a “guix shell -C” session in which the host system’s root uid is mapped, so that applications that check file permissions don’t abort
<rekado>by default only the current user’s uid and gid are mapped, and no other uids can be mapped when CAP_SETUID is unavailable
<rekado>this means that while the host system’s /var/lib/sss/pipes/pam can be shared with the process, its ownership will always be assigned to the overflow uid/gid
<rekado>PAM doesn’t like this and aborts when this file is not owned by uid 0.
<rekado>so I need a way to not only make the file visible (and writable) in the container process, but also to transfer its original ownership into the container.
<ulfvonbelow>hmm, it used to be possible to just use an identity mapping for the entire uid namespace without any particular privileges, but it looks like since linux 5.12 that's been disallowed due to security holes
<ulfvonbelow>otherwise you could just write 0 0 4294967295 to /proc/self/uid_map in the initial process within the user namespace
<apteryx>does someone know what the .la libtool file do?
<apteryx>do they record library dependencies or something?
<apteryx>I'm trying to figure out why some link directives appear out of the blue during the pstoedit build
<apteryx>the build system should have it link just to Magick++ and friends, but it *also* ends up being build with -lpangocairo-1.0, -lpango-1.0, -lgobject-2.0 and -lglib-2.0
<apteryx>yep, looks like the la file contains dependent libraries, in the 'dependency_libs' variable
<apteryx>one example: /gnu/store/59xdya9gx6ndh4jrq5kkh3sg08qgd6bk-imagemagick-6.9.12-4/lib/
<podiki>apteryx: is there anything special needed for lightdm to run wayland sessions? it didn't see any, but sddm picked it up and could launch
<natmeo>no support for dkms is there
<natmeo>oh god that was terribly phrased
<natmeo>there is no support for dkms in guix, is there?
<hako>natmeo: Why DKMS? Kernel modules are built for the kernel specified in operating-system.
<natmeo>hako: i have this dongle with out of tree driver that builds with dkms
<hako>Which dongle?
<natmeo>tp-link archer t4u
<natmeo>it runs the rtl 8812 soc
<nutcase>Hello guix, I need a PDF printer (in my CUPS?). Does anyone have a hint, how to add this? (Sorry for this very nooby user question) Cups in general and web interface are up and running.)
<nutcase>I know that cups-filters contains Generic-PDF_Printer-PDF.ppd. But I don't know how to make use of that.
<janneke>yeah, the cups service (documentation) looks like a nightmare, i configured once using http://localhost:631 and now just copy that printers.conf to /etc/cups/ manually :(
<janneke>it seems though that cups actually writes to its configuration files, eg, status of printer, so possibly there's not much that guix can do (better)
<nutcase>janneke: for the moment, it would be sufficient to add the pdf printer to cups manually, although, I'd prefer to have the configuration generated by guix. I know that there is (an old) cups-pdf [] which allows me to add a PDF printer via web interface. But I think, this is not packaged for guix and I'm not sure if this is the way to go. Do you remember, how you added yours to cups manually? Alternatively, would
<nutcase>you share your cups-configuration and printers.conf ?
<janneke>nutcase: ah, i can share my printers.conf, but i didn't add a generic-pdf-printer, but rather a hplj2300
<janneke>that's probably of little use to you?
<nutcase>my problem is, that I don't know which connection to use. I have HPLIP as local printers and network printer protocols otherwise (ipp(s), http(s), LPD, etc) ( With cups-pdf I had a cups-pdf connection type years ago. I know that this is a cups question and not a guix question.
<nutcase>janneke: maybe I can learn from it. If you have a public repo the link would not hurt me. Otherwise, don't spend time any time on that.
<nutcase>janneke: thanks. I think you're right. This is not of much use to me :-). Thank you anyway
<futurile>nutcase: can you use one of the graphical printer managers - there's one in GNOME/KDE etc - there's system-config-printer but not sure if that's in Guix
<janneke>sneek: later tell snape: minimal guile hasn't gotten much (if any) love but i imagine it could be done, e.g., the `guile-static-stripped' package for guile-2.0 is 14MB, also see
<sneek>Will do.
<janneke>sneek: botsnack
<nutcase>futurile: thank you for that hint. system-printer-config does not start on my guix system in a `guix shell system-config-printer`. I get a "ModuleNotFoundError: No module named 'cupshelpers'"
<janneke>sneek: later tell snape: also, i checked systemd's closure size in nixos, it's bigger than guile: 147MB
<janneke>sneek: botsnack
<dkxr>wassup guixxers
<dkxr>does anyone know if there is a package that can upload youtube videos without using the official front end
<dkxr>like i know ytfzf i can watch youtubevideos from invidious but i havent seen one were i can upload my shizzle
<Sharlatan>Hello! Does anyone have issue with I tried at least 5-6times and the system does not create a bug number.
<vivien>Sharlatan, if it’s the first time you are sending to this address, then you may be greylisted
<vivien>Otherwise the system might just be overloaded
<janneke>jpoiret: talloc fails to build too, needs <crypt.h>
<janneke>ACTION hacked guix, removing all gnu/test/*.scm in an effort to build a hurd-vm
<janneke>ACTION patches talloc
<janneke>(and pushes to gitlab)
<janneke>(and core-updates-2.39)
<janneke>and tevent also needs libxcrypt
<janneke>and ldb
<janneke>whatever these all may be...
<Sharlatan>vivien Thanks, how may I check that grey list ;-) ?
<vivien>I don’t know, it usually delays your message for 20 minutes. Or maybe an admin needs to get involved.
<janneke>and samba... -- why would i want to build samba, that's a windows-compat thingy no?
<Sharlatan>Ok, maybe it's something wrong on my end, I tried and with internal of 2-3h but have no results =/. Time to make some breake ^.^
<avalenn>I was trying to understand the behaviour of local-file because it did not always find my files.
<avalenn>The source of my problem is with current-source-directory which depends itself on syntax-source.
<avalenn>My workaround is to always give absolute paths to `--load-path` guix option
<avalenn>And I found this difference of behaviour between using Guix and Guile proper :
<graywolf>Is debbugs working? I sent a patch yesterday and I still did not receive the bug number
<vivien>graywolf, Sharlatan reports the same issue
<graywolf>Ah, cool, thx. Well, not cool, but at least I am not doing wrong :)
<jpoiret>janneke: I have these also patched, I can push to the glibc-2.39 branch
<janneke>ah, well 'twas not much work ;)
<jpoiret>well, they all don't actually require libxcrypt
<jpoiret>so I patched it out from them
<janneke>ACTION is up to inkscape now, some ~60 more packages to go
<janneke>ACTION just saw error #include <crypt.h> and didn't think any further
<jpoiret>but really, the main issue is that we need libxcrypt for guile now if we want to have (crypt ...) :(
<janneke>yeah, i hacked around that; guess/hope i don't need it to test a hurd-vm
<janneke>and including it is not trivial aiui?
<jpoiret>yeah, seems like it
<jpoiret>i've been scratching my head
<jpoiret>also need to bisect the latest Linux 6.8 rc because it's been causing freezes for my laptop :(
<janneke>ACTION is still at 6.6.16
<avp>civodul: Hello! Althogh this probably it not your realm of maintenance, but it seems that "guix-patches" ML is not accepting new emails. I sent an email 40 minutes ago and it's still not on the ML. My collegues at Russian Guix community say that this issue has been observed for several hours already.
<janneke>guix copy --to=root@childhurd1 /gnu/store/7gnk1h2kggnz6dsqm0ians9smnvznahm-bash-mesboot-5.1.16
<janneke>guix copy: sending 1 store item (2 MiB) to 'localhost'...
<janneke>guix copy: error: unknown error while sending files over SSH
<janneke>civodul jpoiret: so whatever problem has been induced in core-updates, it's not caused by a too old gnumach (now latest master), most probably not by a too old hurd (updated to 20231217), or by a too old glibc (now 2.39) :( :(
<janneke>as it seems we use the same guile in master as in core-updates, guix could be a candidate
<janneke>however, i only really see the C/EN utf8 change, and possibly the "separate-from-pid1" thingy?
<janneke>but that's in gnu-build-system
<jpoiret>janneke: I don't really know the internals of guix copy, and whether you could strace something for example
<marcc>Heya! I just started testing out Guix. I noticed that some packages I want to use are out of date (Ocaml) or not in the repository (DBmate, rabbitmq). I'd love to contribute but noticed that the dev setup only had docs seemed to mostly focus on Emacs, but I use Kakoune. I'm curious, is there an lsp or linter + some commit hooks I can use instead?
<jpoiret>quite impressed how easy it is to swap to a manually built linux to efficiently bisect. Just a matter of replacing your linux package with a copy-build-system having a local-file as source
<jpoiret>marcc: i think there's an lsp for guile, but for indentation emacs is the authoritative method I'm afraid
<jpoiret>I think there's a script in the tree to check indentation but I'm not too sure
<jpoiret>apart from indentation though imo editor integration is quite lacking, so I just rgrep whatever I need
<pinoaffe>marcc: there's not really any commit hooks that I'm aware of, guix has a builtin package linter (see `guix lint`)
<janneke>jpoiret: yeah, tried rpctrace but that just hangs
<futurile>Q: is there a command in Guix to tell software-heritage to add a URL? I thought there was one - atm I visit their web page when 'guix lint' tells me something is not archived
<jpoiret>pinoaffe: we do have a commit hook to add a Change-ID now :) but yeah no auto linter
<janneke>(and i don't expect the problem to be on the linux side)
<jpoiret>futurile: guix lint should automatically send an archival request, but only for VC repos
<jpoiret>janneke: and increasing the verbosity for `copy` isn't enough?
<janneke>jpoiret: i really wanted to check with glibc-2.39 and you made that very easy for me to do, so thanks a lot for that :-)
<futurile>jpoiret: ah, thanks!
<jpoiret>janneke: I didn't do much :)
<janneke>jpoiret: yeah right
<janneke>--verbosity=99 doesn't say anything else
<janneke>(guix copy is really a check for offloading to work, no guix copy, no offloading)
<jpoiret>is guix copy just an scp command?
<janneke>no, scp works
<janneke>maybe it should be equivalent, but to the casual observer (me), it behaves differently
<marcc>Well I'll start with trying to bump the OCaml package then. If I understand it correctly I need to 1. Copy the guix repo 2. Modify the package definition gnu/packages/ocaml.scm and add a new entry with Ocaml. 3. Run the new build using `guix build -f thefile --keep-failed` 4. lint and add copyright. Anything else?
<pinoaffe>marcc: also, a while ago I started writing a package definition for rabbitmq-server but never got around to getting it to a level where it could be pushed to guix proper, feel free to use it as a base, see
<jpoiret>marcc: bump ocaml to 5?
<marcc>@jpoiret latest version I can find is 5.0 but the newest one is 5.1.1
<jpoiret>if you want to use the new ocaml to build other ocaml packages, you'll want to modify the ocaml definition not make a new one
<jpoiret>hang on let me reboot but maybe the ocaml team is already working on the 5.1.1 upgrade
<pinoaffe>marcc: 1. clone guix repo, 2. follow "Building from git checkout" section of manual, 3. modify the ocaml definition to increase version, 4. use "Running guix before it is installed" to build, install, lint and test modified version of ocaml, 5. add copyright (if a substantial change was made), 6. commit and send patch to
<marcc>@pinoaffe awesome thanks. :)
<janneke>ACTION likes jpoiret's "not much" doings ;)
<marcc>I notice in the package definition there is a line (sha256 (base32 "some digits")). To calculate this, do I just download the tar.gz, get the checksum with sha256sum and then base32 encode that?
<janneke>marcc: using guix download `url', or guix hash tarball is handier
<marcc>@janneke ah great! Ty
<pinoaffe>marcc: I usually just copy a random hash in there, try to run guix build, and when it complains that the hash is incorrect I copy the correct one
<marcc>Hmm, so when trying to run guix within the `guix shell`, I get permission denied for ./pre-inst-env. It also doens't find the command sudo
<marcc> ~/builds/guix./pre-inst-env guix build ocaml@5.1.1 --keep-failed  master
<marcc>./pre-inst-env: 55: exec: guix: Permission denied
<pinoaffe>./pre-inst-env doesn't need to be ran within the `guix shell`, but that doesn't explain the error
<marcc>Ah strange. Well running it outside of the shell seems to work
<avp>jpoiret: Guix "copy" command uses Guile-SSH (which is built upon libssh) to copy data, not just plain scp.
<jpoiret>marcc: what's your `guix shell` invocation?
<jpoiret>you need to run `make` first also
<marcc>I ran the command in the guide, `guix shell -D guix --pure`
<marcc>I didn't run make beforehand, I'll try again with that
<marcc>Okay, I managed to build it and now I don't get permission denied. I added a package definition in ocaml.scm: (define-public ocaml-5.1.1 (package (name "ocaml") (version "5.1.1") ... but I am getting a not found error
<marcc>Ah wait nevermind, had a typo!
<VengefulSpirit>Hey, I tried asking around #guix-offtopic, but it was inactive. I was wondering if any proposals were submitted this year for Guix under GSoC?
<marcc>I notice there is a change-id in the commit message. Is that something I need to add?
<marcc>And will running ./pre-inst-env lint and style the package?
<pinoaffe>marcc: you're gonna wanna run something along the lines of `./pre-inst-env guix lint ocaml`
<marcc>Ok, I'll run lint and style
<PotentialUser-50>Hello all! I am trying my hands at defining a package, but when trying to install my package definition, I get the following error:
<PotentialUser-50>ice-9/boot-9.scm:1685:16: In procedure raise-exception:
<PotentialUser-50>error: %standard-phases: unbound variable
<PotentialUser-50>What module should I import to ensure %standard-phases is defined? (My package uses the gnu-build-system)
<vivien>PotentialUser-50, you have to quote the package arguments somehow
<vivien>Maybe it would be easier if you could paste the package code on some paste service
<marcc>So I sent my first patch :). Though I can't really see the Signed-off-by message at the end of my commit
<marcc>running git log --show-signature -1 returns Good signature though
<marcc>Do I need to manually add the line Signed-off-by?
<PotentialUser-50>vivien Here is the package code:
<vivien>You have to write #:phases #~(modify-phases %standard-phases instead of #:phases (modify-phases %standard-phases
<janneke>marcc: you can't sign-off your own commit, well you could, but it makes no sense
<marcc>ah it's someone else who does a sign off
<vivien>That way the call to modify-phases is only executed in the package build environment, and not when you are defining the package
<janneke>yeah, it's done by the commiter after review
<marcc>Well it was fun, let's see how the patch goes :). Thanks everyone for your help. If this goes well I'll have a go at some other packages to.
<PotentialUser-50>vivien Thanks a lot! It seems the example in the guix cookbook is out of date then? The "extended packaging example" doesn't quote modify-phases.
<PotentialUser-50>Nevermind, I missed a `
<vivien>That was the old way to do it
<vivien>So yes, it is out of date
<Guest18>is it possible to set a filename for the command guix system image -t iso9660 as well as a filepath?
<ieure>Hmm. When I use my EXWM session on GuixSD, it doesn't unlock the Gnome keychain when I log in, which makes the first program that needs to use it prompt for my login password again. Is there a way to unlock it at login like the Gnome session does?
<janneke>Guest18: i guess so, in gnu terminology a file-name can be relative or absolute
<janneke>(if by filepath you mean an absolute file-name)
<Guest18>should have been more clearly, I meant to store it somewhere else than /gnu/store, for example if I generate an iso that i am going to move to an usb stick, since i don't want it to waste space on my disk but at the same time i don't want to run the garbage collector
<Guest18>and the output, so instead of hash-image.iso it is just recovery.iso
<vivien>Guest18, I’m pretty sure it’s not possible
<janneke>ah, right; no i guess you'll have to guix gc -D /gnu/store/....iso it in that case
<Guest18>is this a technically of the daemon or because that feature is kinda bloat (not many need it, adds complexity to code)?
<vivien>I guess it’s a feature of guix: the output name is a hash of all of its inputs.
<vivien>(do I understand it correctly?)
<Guest18>but is that how guix detects a change?
<janneke>after the iso is built, a new `guix system image ..' will just print the /gnu/store file
<Guest18>because it recalcules the hashes or does it just compare the actually filename?
<janneke>Guest18: well, if any of the inputs change, the store file name changes, and if that hasn't been built or isn't available as a substitute for download, a build is started
<Guest18>i wonder if that is the whole reason, comparing two strings takes less compute power than comparing two files?
<janneke>the existance of a built is stored in the database
<PotentialUser-59>Guest18: perhaps make a wrapper like `cp $(guix system image my-image.scm) ~/output.iso`?
<reedm>hi all. sorry for the beginner question. I've been a long-time linux user but never used any filesystem that wasn't the default. if i change the filesystem from ext4 to something else like btrfs  or bcachefs and do a "guix system reconfigure" what data would i expect to be lost? would /gnu/store persist? i assume my home directory would be reset?
<Guest18>PotentialUser-59: good idea.  i guess if it is not possible i am okay with the current state.
<Guest18>reedm: you mean, ext4 is the current fs of the disk but the config is btrfs, and you now to a reconfigure?
<reedm>Guest18: exactly
<PotentialUser-59>reedm: Guix will not change your fs formats, you're just telling it what to mount. I'm not sure what would happen(it will either fail or put your system in an unstable state), but you shouldn't expect to lose any data.
<janneke>reedm: i don't think any data would be lost, the system will just fail to mount your file-system(s)
<Guest18>reedm: not 100% sure but I think the reconfigure fails, since it can't find your disk with exact same label and filesystem format
<janneke>iow, you choose a file system at install time
<reedm>ahh. so to change the fs, i would have to reinstall and choose that filesystem for the initial config?
<Guest18>reedm: so basically nothing happens but not 100% sure.  I can't tell 100% since i am not able to create a vm to verify it
<reedm>that would make sense
<PotentialUser-59>reedm: or you can use the suitable mkfs command yourself. Backup your data though :)
<Guest18>you can't change a fs like that anyways afaik.  if you have ext4 you can convert it to btrfs but i it won't be exactly the same as a disk that was directly formatted as btrfs
<Guest18>better is to backup data and reformat drive, copy data back
<reedm>follow up question: i can't seem to find a list of acceptable "types" in the guix manual for (file-system (type ...)). does anyone know what the valid options are?
<Guest18>yeah wait a second
<Guest18>technically, this is the installer only
<reedm>awesome! i was poking around the git for hours and failed to find that
<Sharlatan>Is debbugs still down =) ?
<Guest18>i checked, it seems not. maybe post the exact url and i can see if it loads for me
<apteryx>hm, libtool and .la files leads to overlinking. Interesting thread:
<apteryx>which means if we address that we could probably reduce the closure size of some packages
<efraim>what if we just deleted all of them?
<apteryx>that's what most distributions do
<apteryx>GNU/Linux distributions at least
<apteryx>it *could* be useful for COFF or static builds, libtool maintainer says, but we don't do these much, and pkg-config also fills that niche at least for static builds where .pc files are available.
<apteryx>efraim: I think on core-updates we could have a new phase to delete .la files
<apteryx>doesn't really reduce the transitive closure though... just makes the dependency graph uglier
<apteryx>because it's flattening all the transitive lib dependency at the level of the package (which gets added to RUNPATHs at link time)
<apteryx>it probably slows down loading a bit by causing the loader to look in too many places
<podiki>just trying out hyprland....i do like me some eye candy and animations
<podiki>and i think we have some related patches pending, guess i know what i'm reviewing next :)
<podiki>[first time on wayland too, seems pretty much to just work so far, though i need to adapt some of my stuff from x-related settings/programs]
<vivien>Dear guix, is there a way to configure the system to run a user shepherd service when a user logs in, whether the user has a home configuration or not?
<podiki>i suppose you could just start shepherd from e.g. an autostart file or however you start programs in your x/wayland session
<podiki>but from a system config not directly that I know of, unless placing such a file for a user
<podiki>or specify a shepherd service that runs as a user? or is that not the same thing?
<vivien>I think I would be satisfied with a way to run a script when the user logs in
<vivien>(on a graphical display)
<podiki>that will depend on the environment exactly. autostart desktop files in ~/.config/autostart [by default] would be one option
<podiki>i would think [but haven't tried] that you could just do the same as any other autostart process, e.g.
<vivien>Do you know if there is a system-wide way to do this?
<vivien>OK I’ll read that
<vivien>$XDG_CONFIG_DIRS/autostart then
<vivien>Thank you!
<podiki>yeah depends. autostart is...complicated in some ways :-)
<podiki>some login managers I think will source certain system-wide files first, though you might need to create them with like the etc file service in guix. maybe there are other better ways too
<umanwizard>Hello everyone. Several hours ago, I sent a proposed contribution to , but it never showed up in the list archives. Is there anyone who can check whether it was delivered / what's going on?
<umanwizard>The message was sent from and its subject was [PATCH] gnu: Add go-1.22 and its standard library.
<podiki>if it was your first submission, someone will need to manually approve it (and most people are in europe so likely will need to wait until tomorrow)
<podiki>but also heard of potential issues with debbugs (the patch mailing list system), so...I would check in again tomorrow if it doesn't appear or you didn't get a confirmation
<umanwizard>It's not my first submission, but first in quite some time. OK, I'll check in tomorrow if I hear nothing back. Thanks.