IRC channel logs
2025-03-06.log
back to list of logs
<vagrantc>PotentialUser-82: libvirt has been upgraded and downgraded and patched repeatedly over the last few days ... you might want to make sure you are running a current version and not on one of the bad versions <ieure>whyyyyyy is it so hard to apply a patch series <ieure>`mumi am -- -s' complains "patch does not apply." It definitely *does* apply. <ieure>debbugs will apply it, but loses the commit message <ieure>git.qa.guix.gnu.org is behind, so there's no issue-nnnnn branch for this patch. <mange>Looks like the patch doesn't apply with "git am", but does with "git am --3way". Does "mumi am" support the same option? <ieure>Yeah, `mumi am -- -s --3way' <mange>Does that work to apply the patches? <ieure>It applies cleanly from debbugs & `mumi am -- -s' doesn't give any conflict markers, so I don't know why `git am' fails. <mange>Yeah, I'm also confused about that. <mange>Is kernel-loadable-modules on operating-system what you're looking for? It's documented in the manual: "(guix) operating-system Reference". <potatoespotatoes>it is not, I am already using that, but looking at this config again I /think/ the problem is that I'm trying to load my module in initrd and the kernel doesn't have the package in scope during this phase <mange>Can you be more specific about what you are trying to do? <potatoespotatoes>sorry! I'm trying to build a small ISO config that has the zfs kernel module <potatoespotatoes>I don't think this is terribly hard (at least, I think I am building it now) <potatoespotatoes>but the step after is trying to reverse engineer antler5's config which loads zfs during the init phase. <potatoespotatoes>I was seeing a weird error where the kernel module didn't seem to be loaded, during compilation but I think it is just currently out of scope because it's not in the kernel's outputs. <potatoespotatoes>so i think a naive solution is to pick a kernel, pass it into zfs so that the module builds, then pass the module into a pseudo-kernel that has the kernel's outputs and the zfs module. <apoorv569>if I add some rules in the iptables-service-type in base config and then I wanna add some more rules for per system config inherited from base.. do I just do `(simple-service 'more-rules iptables-service-type (iptables-configuration (ipv4-rules ... )))`? <apoorv569>I want the per system config to append more rules to the existing iptables service. <mange>I don't think the iptables service supports extension, and I think it always sets all the rules at once (using iptables-restore). I think you'll have to expose your "base" as a string, and manually include it (+ extras) in each system. <dcunit3d>does it matter whether the commit listed in a channel introduction is actually the first authenticated commit? <apoorv569>Ah! I see.. not a big deal.. but would be nice if I could extend it. <mange>Patches welcome! (I assume.) <apoorv569>dcunit3d: the mentioned commit is where lock the changes from I think.. <apoorv569>mange: I'll try, I'm no expert in this stuff though.. <dcunit3d>for RDE, it seems to be where they introduced a keyring branch & signing, but idk if it's necessary for the PGP signature validation to walk all the way back. i haven't read through the channels.scm code <apoorv569>are you talking about `(make-channel-introduction` or `(commit`? introduction will be the commit when keyring was added yes.. commit is which commit to pull from.. it won't pull changes beyond that commit. Not sure about how RDE stuff though.. <apoorv569>yea that would be the first commit keyring branch was created <podiki>i think it just has to be a commit signed by the key specified <podiki>makes sense to have it be the first signed commit to establish history, but i don't see why it can't be any later commit <apoorv569>> "The channel introduction, as we saw above, is the commit/key pair—i.e., the commit that introduced .guix-authorizations, and the fingerprint of the OpenPGP used to sign it." <jakef>is it odd that emacs-next propagates emacs? <nico_>Running Guix Shell on Debian/Ubuntu, I get the same error trying to run a command: `error while loading shared libraries: libX11.so.6: cannot open shared object file: No such file or directory` Guix package is version 1.4.0. I'm running on Wayland instead of X. I don't understand why commandline tools (I tried pandoc and hello) need X11 library. <Rutherther>nico_: they definitely do not need libX11, and guix definitely doesn't add it to their dependencies. So this is likely something your system does. Could be something like citrix, possibly apparmor. If you check ldd on the executables, you might have more to search for if it conains a more specific library. <nico_>Check, LDD is new to me. I see it links to libX11.so.6 Can I analyze further where the requirement comes from? I run into this issue in 2 machines, only one of which has Citrix installed. <Rutherther>that libX11 is there is expected, the rest is what is important, ie. is there libAppProtection.so? <nico_>Yes there is actually. Maybe because of the terminal app I use? Total list for pandoc guix shell: linux-vdso.so.1 /usr/local/lib/AppProtection/libAppProtection.so libz.so.1 liblua.so.5.3 libpthread.so.0 librt.so.1 libutil.so.1 libdl.so.2 libgmp.so.10 libc.so.6 libm.so.6 libffi.so.7 libgcc_s.so.1 /gnu/store/5h2w4qi9hk1qzzgi1w83220ydslinr4s-glibc-2.33/lib/ld-linux-x86-64.so.2 libX11.so.6 libxcb.so.1 libstdc++.so.6 libXi.s <nico_>o.6 libXau.so.6 libXdmcp.so.6 libXext.so.6 libbsd.so.0 libmd.so.0 <Rutherther>no, libAppProtection is citrix's app protection app that just breaks guix, because it tries to add this protection stuff to every executable. You probably won't be able to use guix with it, or at least I don't know how. At one point it will probably also replace guile deps and you won't even be able to use guix command, there was a person in this irc to whom that happened <Rutherther>or maybe not to every executable, but only every coming from somewhere else than the package manager. I can't say for sure <nico_>O_O ok, scary. I might look into ways to disable or confine Citrix then. Nix-shell -p works just fine on the same machine. <Rutherther>nico_: could you check executables from nix with ldd, if they also have libAppProtection? <nico_>Just checked on my other machine without Citrix. It actually works there. I falsely assumed because it output pandoc version 2.14.2 instead of newer 2.19.2 (in Guix since 2023-02-26) according to Guix packages. I'm now running guix refresh to see if it updates. <nico_>LDD on Nix packages doesn't show libAppProtection <Rutherther>guix refresh is for updating the source of packages, mainly for package maintainers. If you want newer packages, that is what guix pull is for, and after you pull (and make sure your guix command in shell points to the pulled executable, being ~/.config/guix/current/bin/guix), you can run guix shell, then you should get newer version <nico_>Just realised my employer moved to Azure virtual desktop, removing the need for Citrix. Removing it now. <yelninei>New record for building gcc-final: 5h 14 minutes <futurile>how's it going andreas-e - really enjoyed your Goblins blog post <andreas-e>Thank you! I am working on more blog posts. Every time I discuss with the Spritely people, I realise that I do not quite understand how Goblins work, and that there are much better solutions than mine :) <futurile>it's so new, and the terminology is certainly new to me, so it was useful reading how you were exploring it <futurile>efraim: I still have my notes from Guix Days, which I wrote during the 'lets do a release' session. They are a bit confusing, because some of it was me "just" writing whatever it was I thought you said (rather than having any insight into what it meant). I could either (a) write them up and email them to you (b) write them up and add them to the Libreplanet wiki where we could work on them (c) ignore <efraim>futurile: I think A, and also there's an email thread on guix-devel for collecting notes from guix-days <futurile>efraim: OK - I'll send them to you and that thread separately <nico_>Rutherther: finished guix pull. That took a while. Still Pandoc 2.14.2 instead of 2.19.2. Not sure how that works. <nico_>`/home/nico/.config/guix/current/bin/guix` <nico_>`lrwxrwxrwx 1 root root 56 jan 1 1970 /home/nico/.config/guix/current/bin/guix -> /gnu/store/aj9bq6qwph9krbdprvz7fgc6mchh55rm-guix-command <Rutherther>nico_: okay. And what does guix describe tell you the commit is? <nico_>Generation 1 Mar 06 2025 11:54:16 (current) <nico_> commit: 19c656e3cad3a4f1e3338a955a1af57e363545df <Rutherther>okay that really is new. Are you sure you're executing new guix shell with pandoc? <nico_>\o/ Success. Seems I was still in the old shell the first time I tried. Now running 2.19.2 from a new shell <msavoritias>is there any reason guix pull would fail with error: Git error: failed to connect to git.savannah.gnu.org: Operation timed out <msavoritias>but git pull, git clone and guix download would work fine? <msavoritias>i tried deleting .cache/guix but it did not work. I also tried running checkes on the gnu store <dariqq>does anyone know why my home profile is sourced inclompletely? It looks like .guix-home/setup-environment gets executed (i see some of the envvars) but it does not source .guix.home/profile/etc/profile? (rolling back works) <msavoritias>also apparently root can do guix pull. it is the normal account that cant do it. <ieure>msavoritias, Users should be able to pull. <msavoritias>i know. for some reason id does not work anymore and fails <Rutherther>are you sure you don't have some kind of a proxy set up that would cause this? or are in a container etc. <msavoritias>i do have permission in .cache directories and i have tried to delete cache and also fix the store but the problem doesnt go away <ieure>msavoritias, The error you're getting is a network error, so changing stuff on disk isn't going to change anything. <msavoritias>right. but that doesn't explain why git pull/clone, guix download work on normal account. and guix pull works on root. <ieure>msavoritias, Can you roll back the user's Guix to a previous generation? <msavoritias>but guix pull does not work only in the normal account. it seems almost like witchcraft at this point <msavoritias>ah no there are no previous generations :/ i guess the lesson here is keep your generations <Rutherther>msavoritias: so have you tried using 'root's' guix / system profile guix? <msavoritias>no. would it break if that was used? i am asking because i may have an idea of how it might have been used despite advising not to. <Rutherther>? no, it definitely would not break. I am just finding alternative guix instances you could be using <Rutherther>...since you don't have more guix instances to choose from from your own user's generations <lechner>Okay, great! I am kind of fond of the idea of video. What do you all think, please? <andreas-e>That would be okay if it works. One never knows with Icecat... <cbaines>yeah, we can try, is there a suggested platform to use? <lechner>Someone pick a conference name, please. <andreas-e>It does not work with Icecat. They suggest chromium. <andreas-e>Chromium is fine, but I cannot create the conference. <andreas-e>When I try to join, I am redirected to the login. <cbaines>ah, maybe let's try the other instance then <ieure>cbaines, I would like to, but I can't. <ieure>cbaines, Elaborating, I'm at work and have work stuff I need to be doing. <dariqq>huh my guix-home/profile/etc/profile is an empty file? I am not sure why <dariqq>redid thegeneration and everything is fine again <tschilp>dariqq: thanks for the hint at the commit -- will be pulling soonish and check! <sneek>Welcome back tschilp, you have 1 message! <sneek>tschilp, dariqq says: There was a commit earlier today to fix this c695de0d04f16c2f21d2386823b3c2a3ad2f7517 <ampinga>services that I want to run on my Guix system <ampinga>I tried to run a postgresql server with the configuration file with: (services postgresql-service-type (postgresql-configuratiom (postgresql postgresql))). I already use the databases module but when I run the Guix system reconfigure it shows an error related to postgresql unbound variable. does anyone know how to solve it? <wakyct>you might need to add it in modules? <ieure>ampinga, You need to use the module which defines postgresql and/or postgresql-service-type. Also, your configuration isn't needed, the service unless you want to run a postgresql package other than the default one. <graywolf>(use-modules (gnu packages databases)) probably <wakyct>ampinga this tripped me up too when I first started using Guix system, but usually at the top of each manual page about services it tells you which module to use <wakyct>Like in Database Services page it says "The (gnu services databases) module provides the following services. " <dariqq>tschilp: after i upgraded yesterday everything was working again for me. So hopefully for you too <wakyct>wait though, when you say "I already use the databases module" do you mean you already have declared it? <tschilp>dariqq: I'm looking forward to it. Will take a while until things are done, there's a few substitutes missing and my laptop is no powerhorse :) <graywolf>For the (postgresql postgresql) part of the configuration, you need also the import the package module. Not just the service one. <graywolf>ampinga: For the (postgresql postgresql) part of the configuration, you need also the import the package module. Not just the service one. <ampinga>wakyct: I saw it but when I use a default MariaDV server I used (use-service-modules databases) and it worked so I thought it works the same way. <lilyp>I'll take a look at it later <ieure>I can take a look when I get lunch if it still needs a look. <divya>Sure, ping me when you guys do. <divya>This patch would help another series of patches that would add ImHex editor to Guix. <divya>It's a really nice Hex editor and the latest version is really smooth. <tschilp>dariqq: 1f26b0eec83b5d is not for me -- I'm actually getting logged out from gnome after a minute or so and I can't find the screencast option when pressing 'Print'. Back on a9003b8e6b40b and Gnome 44 again :) <dariqq>tschilp: I have never seen that. Not sure what is going on <unmush>when I run './pre-inst-env guix shell -D guix' and then inside the environment run 'rm ./guile ; make V=1' this is what happens: <unmush>gcc -I/gnu/store/znyiqpysj1l8gsl8n4w34531lzk1zvh8-guile-3.0.9/include/guile/3.0 -g -O2 -o guile gnu/packages/aux-files/guile-guile-launcher.o -L/gnu/store/znyiqpysj1l8gsl8n4w34531lzk1zvh8-guile-3.0.9/lib -L/gnu/store/qy1gnk8ilhvjxnzlndkg4yzavila0627-libgc-8.2.2/lib -lguile-3.0 -lgc -lpthread -ldl -Wl,-rpath -Wl,/gnu/store/znyiqpysj1l8gsl8n4w34531lzk1zvh8-guile-3.0.9/lib -Wl,-rpath <unmush>-Wl,/gnu/store/qy1gnk8ilhvjxnzlndkg4yzavila0627-libgc-8.2.2/lib <unmush>ld: /home/reepca/.guix-profile/lib/libcrypt.so.1: undefined reference to `__snprintf@GLIBC_PRIVATE' <unmush>it seems like guile's -lcrypt should maybe be in Libs, not Libs.private? <ieure>Ugh, LibreWolf 136.0 needs a newer libpng. libpng is, as one might expect, way low in the package graph. <lilyp>you can write a "libpng-for-librewolf" or use a graft or possibly both :P <ieure>Yeah, just dislike multiplying package variants. <jlicht>IWBN to have some kind of pre-deprecation macro magic; a package variant that starts slinging around compile-time warnings once the package variant is actually identical to the 'original' package. <potatoespotatoes>I'm looking to add some bash aliases (like "gs" for "git status") in a manifest.scm, is there a function to either add shell aliases or to write a quick script (like pkgs.writeScriptBin in nixos)? <ieure>potatoespotatoes, There's a shell alias service, check the Essential Home Services part of the manual. <zilti>So, I currently have a setup where my /boot is vfat, and my root partition is LUKS2 encrypted, and it is decryptable with a FIDO2 device that was set up with systemd-cryptenroll. I'd love to switch this machine to Guix, but I need to replicate this setup. I couldn't really find anything online, does someone have pointers for me where I can learn how to do this? <potatoespotatoes>one question: re-reading Writing Manifests, I thought manifests were just package descriptions -- is there some documentation that explains how to incorporate services into manifest files? <ieure>potatoespotatoes, Ohhhh, yeah, you cannot do that with a manifest. <ieure>potatoespotatoes, Sorry, misread your question. <potatoespotatoes>ouch, okay. backup plan, though: is there something like pkgs.writeScriptBin from nixos, where you provide it a string and that just gets turned into a shell script? <ieure>zilti, Guix doesn't support that as far as I know. Guix encrypts everything except the ESP, but a consequence of this is that it only supports LUKS1, because GRUB only supports LUKS1, and has to unlock the encrypted partition to load the kernel. <potatoespotatoes>happy to make this function on my own, but it would be nice to know if it already exists <ieure>potatoespotatoes, I've never run Nix. You can make a package which ships a shell script, but that isn't going to give you shell aliases. <zilti>ieure: I currently also have the ESP unencrypted (I have the entire /boot, instead of just /boot/efi, in the ESP). But it seems LUKS2 support has been added for a while: https://issues.guix.gnu.org/51514 <ieure>zilti, This isn't in any installer media. You could try making your own. <ieure>Also not sure about the FIDO2 token. I had that on my Debian machine, I don't think I needed systemd to set it up, but I don't remember how I did it. <lilyp>jlicht: that would be quite simple to build; I use this pattern in my own guix.scms where I compare upstream to a version and if it's lower I use my own <zilti>ieure: Thanks. I'll continue my search for information, then. <jlicht>lilyp: would you be willing and able to share your use of this pattern? <lilyp>not today (too tired), but basically (if (version>= (package-version the-package)) the-package (package (inherit the-package) [adapt …])) <zamfofex>potatoespotatoes: Maybe look into ‘gexp->script’, though you write your script using plain Scheme/Guile, rather than Bash syntax. <zamfofex>Either it or ‘program-file’ (I don’t remember which specifically) can be used in place of package in many places. I’m not sure if it’ll work in a manifest, but you can e.g. ‘guix build’ it, for example. <zamfofex>I guess one problem is that I don’t think you can specify for it to be inside a directory like ‘/bin’. I think it’ll always be a top level entry on the store. You could try specifying e.g. ‘bin/foo’ as the file name argument, but I’m not sure whether it’ll actually work. <potatoespotatoes>hmmm... Yeah, I'm seeing a bit more nuance when trying to put this in a manifest. <potatoespotatoes>but maybe I can just create dummy packages with the copy-builder and plop these store files into the package output <zamfofex>That might work. I guess a simple question, though, is what are you trying to accomplish ultimately exactly? <zamfofex>I don’t think it’s very common to want aliases in a manifest. <potatoespotatoes>I'm just used to my own bash aliases for git (like gs) and I'm currently setting up / doing guix development on some machines that aren't provisioned. One is running debian, the other is is going to have GuixSD re-installed several times. I was just thinking that it would be nice to stick my aliases (or packages that were basically aliases) in a shell file so that I can have them