<elvishjerricco>
gchristensen: What makes you say it doesn't seem it?
<qyliss^work>
Nix is fine on HHigh Sierra for me
<qyliss^work>
I didn't do an in-place upgrade though
<elvishjerricco>
qyliss^work: But you're not trying mojave?
<qyliss^work>
haven't, no
<cransom>
i did two mojave upgrades. the first, i just upgraded and then looked at the fall out (xcode-select --install, multi-user nix reinstall). the other i updated nixpkgs to a recent unstable, nix-env -i nix; nix upgrade-nix, mojave upgrade. came back and had to still xcode-select --install for git, but ran a darwin-rebuild switch and it's back to normal
<niksnut>
is it possible to change the sandbox profile of a running process?
<LnL>
no idea, but probably not with sandbox-exec directly
<niksnut>
hm, that's bad news for recursive nix on macos
<niksnut>
since we need the ability to make paths appear in the sandbox
<niksnut>
probably the only way is to whitelist the entire store in the sandbox
<LnL>
hmm, what's the usecase for that again?
<niksnut>
the main use case is to allow nix to be used as a "low-level" build manager
<niksnut>
e.g. replacing a makefile by a nix expression
<niksnut>
the problem is that you currently can't call nix from a nix build, so such a package can't be shipped in nixpkgs
<LnL>
right
<LnL>
what if that goes through the host's nix-daemon again?
<LnL>
deadlocks would have to be handled somehow, but the build environments wouldn't be nested simplifying that part significantly
<LnL>
oh btw, have you thought about using things like cgroups to limit things like cpu/memory for builds?
<LnL>
max-jobs doesn't really mean much in terms of resource usage at the moment
<niksnut>
yeah, using cgroups would be great
<niksnut>
and required by multi-uid builds (where a build gets a uid range to run stuff like containers or systemd-nspawn)
<LnL>
oh, that depends on frameworks so it links against the impure version
<LnL>
what if you force a local rebuild first?
<LnL>
nix-build '<nixpkgs>' -A darwin.libsecurity_utilities --check
<cransom>
building.
<cransom>
hrm, rebuilt, with the error that may not be deterministic. ___CFObjCIsCollectable is still undefined
<cransom>
(from nm)
trcc has quit [Read error: Connection reset by peer]
trcc has joined #nix-darwin
trcc has quit [Remote host closed the connection]
trcc has joined #nix-darwin
trcc has quit [Remote host closed the connection]
trcc has joined #nix-darwin
trcc has quit [Remote host closed the connection]
trcc has joined #nix-darwin
trcc has quit [Remote host closed the connection]
trcc has joined #nix-darwin
trcc has quit [Remote host closed the connection]
* LnL
reluctantly throws money at apple
<gchristensen>
what kind of money?
<LnL>
hmm?
<LnL>
the real kind?
<LnL>
I wish I could wait another generation, but it's this or no laptop in London
<gchristensen>
ouch
<gchristensen>
I meant what were you buying :)
<LnL>
the new macbook
<gchristensen>
nice
<LnL>
the 12" I have now has a broken screen and basically dead battery
<LnL>
and buying that model again costs about the same as the new macbook with about the same specs as the thing I have now
<Profpatsch>
LnL: Well, does it have to be a Macbook?
<LnL>
no, but I'm not convinced about linux on laptops yet
<elvishjerricco>
LnL: I hear ya. I still can't get mine to suspend :P
hamishmack has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<gchristensen>
not to state the obvious, but NixOS is the first one in 10yrs I've been willing to tolerate on a laptop
<cransom>
yeah, agreed. though i did also run freebsd on my laptops long, long ago. but the sad thing is... i'm in this walled garden and i might even like it a little bit.