<johnw>
well, changing .bash_profile made ssh not work in a host of other contexts
<johnw>
so I'll need to track down why my shell isn't what I think it is
<johnw>
changing it to ~/.nix-profile/bin/zsh *through the Users & Groups Preferences Pane* seems to work
elvishjerricco has quit [Ping timeout: 258 seconds]
elvishjerricco has joined #nix-darwin
elvishjerricco has quit [Max SendQ exceeded]
elvishjerricco has joined #nix-darwin
abathur has joined #nix-darwin
abathur has quit [Quit: abathur]
scribbler has joined #nix-darwin
scribbler has quit [Remote host closed the connection]
glenndavy has joined #nix-darwin
<glenndavy>
Hello darwinian nixers - i’ve got complications with as the nix-daemon runs as root. firstly, nix-build doesn’t see my ssh agent etc, the other is the owner ship on /nix/store means various builds break because of permissins (which i can workaround by changing them, but at some point, they change back). Does anyone have the patience to explain how it should work and how to configure it to be workable?
periklis has joined #nix-darwin
<manveru>
LnL: you around? I'm not sure how to debug this :)
<LnL>
kind of
jtojnar has joined #nix-darwin
<LnL>
glenndavy's issue?
<manveru>
yeah
<manveru>
it's a single-user install, so it shouldn't use nix-daemon i think?
<glenndavy>
that makes sense as I can’t find a daemon running
<manveru>
and if sandboxing is disabled, it should also see the ssh agent
<glenndavy>
it is disabled
<LnL>
can you clarify the problem, the nix-daemon runs as root but that doesn't matter
<manveru>
so can you clarify how permissions change?
<glenndavy>
ok, so i have no idea if there is or isn’t a daemon running, that was an assumption, and might be muddying things
<glenndavy>
but
<manveru>
also, please paste the output of `nix-shell -p nix-info --run "nix-info"` :)
<LnL>
if you don't have a daemon, then nix is only usable by a single user so how does root come into play?
<glenndavy>
LnL: i don’t want to lead you up the garden path - the daemon and root notion were assumptions/theories
<glenndavy>
so
<manveru>
do you invoke any nix commands as root?
<glenndavy>
no, but during a nix-build, i often have to sudo so nix-build can write gems etc into the store
<LnL>
well you have a root channel, which is very suspicious
<LnL>
if you did that you essentially broke the single user install
<LnL>
and that shouldn't even work without nixbld users
<glenndavy>
yes i have had one all along, which i took out today because i was sick of the warnings during nix-env
<glenndavy>
ok, so i do have nixbld users
<glenndavy>
there was a point a few versions back where multiuser was no longer able to be used after apple release something - forgot details - and i explicitly did a single user install
<glenndavy>
so, the starting point of this is nix-build failing due to inability to pull from private git repos due to public key issues
<LnL>
what's the owner of /nix/var/nix/db?
<glenndavy>
the ‘root’ thing was an inference
<glenndavy>
‘glenn’
<glenndavy>
but i set it to that today to try adn get past all the sudoing during nix-build
<glenndavy>
nix/store is owned by nixbld1
<LnL>
yeah, so you have a frankenstein single user install
<glenndavy>
oh what.. now its owned by glenn.. sorry dunno how i got that wrong..
<glenndavy>
lol, yeah that adds up
<glenndavy>
so moving forward? implode nix and install fresh?
<LnL>
that will be the easiest
<glenndavy>
rgr, thanks peeps
<Arahael>
johnw: Oh, yeah, about ssh...
<Arahael>
johnw: You don't want to have ANY output there, if ssh is to be running.
<Arahael>
johnw: With fish, I explicitly check to see if the shell is interactive before outputting say, a greeting, or fortune, or the date, even.
hamishmack has joined #nix-darwin
<Arahael>
johnw: And that fickleness really is scp, ssh seems fine for the most part, to me.
<manveru>
isn't scp going to be deprecated?
<Arahael>
scp will never be deprecated.
<Arahael>
Hell, it's even becoming supported on windows.
<manveru>
heh, yeah, just read about it, seems like they just won't add any new features to it
<Arahael>
Isn't much new to add to it anymore. Though a less fickle scp would sure be nice.
<manveru>
i just use sftp or rsync...
<Arahael>
Both which use ssh under the hood, and posssibly scp.
<manveru>
they're both using ssh for transport, but a different protocol from scp
<Arahael>
In the case of sftp, that's surprising.
<Arahael>
I guess that makes sense for rsync, though. In any case, I'm off to bed.
<manveru>
sleep well
<manveru>
i gotta read up on this more anyway before i spout more bullshit :)
<manveru>
but manpage says "sftp is a file transfer program, similar to ftp(1), which performs all operations over an encrypted ssh(1) transport."
<Arahael>
WHich... Is essentially what scp does, the bit that's "similar to ftp", is the interface.
periklis has quit [Remote host closed the connection]
<sierraDelta>
Before installing nix-darwing, should I install nix as a normal user? or as root? Should I install nix in single-user mode? (i.e. the default)?
<sierraDelta>
I have tried to do a default install, and I'm seeing the same issues @mightybyte saw and reported 2 days ago. Nix complains about not having channels defined for root. Should I just ignore that?
thefloweringash has quit [Ping timeout: 264 seconds]
thefloweringash has joined #nix-darwin
<glenndavy>
i’d like t know the answer to that too
daGrevis has joined #nix-darwin
<glenndavy>
LnL: if my reollections correct,sierraDelta’s comment is why I added root channels in the first placy
<sierraDelta>
I'm not sure why $NIX_PATH has `/nix/var/nix/profiles/per-user/root/channels` in it. I assume that this is not nix-darwin's fault, but rather the nix installer's fault. Not sure where to go clean that up though.
<glenndavy>
right, so i explicitly changed mine to not inlcude that, but i still seem to end up with sideeffects that are related to nix trying to do stuff as root. at least i think thats whats happening. anyhow… about to implode and reinstall nix to see if all/any of it goes away
<sierraDelta>
this is on a very very fresh install, with nothing else.
<sierraDelta>
This is what I got right "out of the box"
<glenndavy>
sierraDelta: right, thats how i remember it tbh
<glenndavy>
where is NIX_PATH being set btw?
<sierraDelta>
dunno
<gchristensen>
look for nix-profile.sh
<glenndavy>
hmm, is there a nix uninstaller? or is it a case of just itterating all the things..
<glenndavy>
prolly the latter.. nm
<sierraDelta>
I don't see `nix-profile.sh`, but I do see a `~/.nix-profile/etc/profile.d/nix.sh`
<glenndavy>
gchristensen: so, should i go single user or multi? is one definitely functioning better than the other, or laced with less issues?
<gchristensen>
multi-user was my preference, but probably not any longer with recent changes t omacos
<gchristensen>
installing to macos is a moving target due to each release's changes
<glenndavy>
yeah, i can imagine
<glenndavy>
they imperfect hybrid of open source values and autocratic imposition
<gchristensen>
haha
<glenndavy>
this looks good.. he’s going ‘daemon’ and its recent
<LnL>
gchristensen: I think dseditgroup -o checkmember might not do what we want
<glenndavy>
LnL, is there a way to mark all the nixbld* users and group as not hidden, so i can use the sys pref panel to get them into the group? (if my understanding of whats happening is correct that is)
<LnL>
I think you can show hidden users there, but dscl is probably easier