#nix-darwin on 2019-06-06

01:56 philr has quit [Ping timeout: 248 seconds]

08:47 philr has joined #nix-darwin

12:06 philr has quit [Ping timeout: 248 seconds]

16:12 peacememories has joined #nix-darwin

16:58 peacememories has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]

17:00 <thefloweringash> matthewbauer: I've been looking into the postgres test failures (re: #62752). My current theory is that the DYLD_LIBRARY_PATH is being stripped from pg_regress's `system()` calls, so the "tmp_install"-ed psql binary resolves libpq.5.dylib to /usr/lib/libpq.5.dylib and then crashes with `dyld: lazy symbol binding failed: Symbol not found: _PQsetErrorContextVisibility` because it's not the expected libpq.5.dylib

17:00 <{^_^}> https://github.com/NixOS/nixpkgs/pull/62752 (by matthewbauer, 11 hours ago, merged): Fixes for x86_64-darwin failures on Hydra

17:03 <thefloweringash> The tests were only turned on recently (#61395). I was about to propose that the tests never passed, but the author had them passing.

17:03 <{^_^}> https://github.com/NixOS/nixpkgs/pull/61395 (by risicle, 3 weeks ago, merged): postgresql: enable pre-install checks

17:12 <thefloweringash> if I run the "make check" after installing, i.e. `{ doCheck = false; doInstallCheck = true; installCheckTarget = "check"; }`, then I get the `All 167 tests passed.`. So nothing terribly wrong, but I don't see how it can work as-is.

17:27 <matthewbauer> it looks like they set DYLD_LIBRARY_PATH correctly but maybe there's nothing in it?

17:29 peacememories has joined #nix-darwin

17:33 peacememories has quit [Client Quit]

17:36 <thefloweringash> From what I'm reading, DYLD_LIBRARY_PATH is stripped by SIP when launching "protected processes" https://developer.apple.com/library/archive/documentation/Security/Conceptual/System_Integrity_Protection_Guide/RuntimeProtections/RuntimeProtections.html

17:37 <thefloweringash> `system()` invokes `sh`, which I assume is "protected"

17:52 peacememories has joined #nix-darwin

17:56 peacememories has quit [Client Quit]

18:05 peacememories has joined #nix-darwin

18:09 daGrevis has quit [Quit: daGrevis]

18:10 daGrevis has joined #nix-darwin

18:14 peacememories has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]

18:20 peacememories has joined #nix-darwin

18:24 copumpkin has quit [Read error: Connection reset by peer]

18:26 copumpkin has joined #nix-darwin

19:39 peacememories has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]

19:59 peacememories has joined #nix-darwin

20:03 peacememories has quit [Client Quit]

20:04 <matthewbauer> this looks really bad: https://github.com/NixOS/nix/issues/2925 !

20:04 <{^_^}> nix#2925 (by mroi, 7 hours ago, open): /nix will not be writable on macOS Catalina

20:04 peacememories has joined #nix-darwin

20:04 <gchristensen> it does

20:04 peacememories has quit [Client Quit]

20:06 <gchristensen> :/

20:58 <LnL> yeah, and I don't see a good argument to convince apple with

20:59 <LnL> all of the workarounds are insignificant but do require a small change in /

21:01 <gchristensen> yeah ... as if macos will come with a /nix by default :P

21:04 <LnL> conceptually it doesn't really make sense that mountpoints require a directory on other volumes, but that's not going to change either

21:36 <matthewbauer> we could add a bunch of hacks to the installer

21:37 <matthewbauer> but i'm not sure if they would persist between reboots?

21:37 <matthewbauer> also what happens to my /nix directory when I upgrade to catalina? is it just removed?

21:37 <LnL> if I understand correctly we can't unless making users reboot without SIP

21:39 <dhess> wha, seriously, Eelco suggested dropping macOS support?

21:42 <LnL> it would be nice to have a machine to play around with, I have a broken laptop but no developer account so I'll have to wait for the public betas

21:43 philr has joined #nix-darwin

21:45 <LnL> I wouldn't call requiring to reboot into single user mode a supported platform even if it works otherwise

21:48 <LnL> and who knows what else moved around, can we make binaries compatible with both 10.14 and 10.15, are launch daemons still a thing, ...

21:49 <dhess> nothing else has moved, launchd still exists.

21:49 <dhess> If anything the case for Nix is greater than ever, because Apple will no longer bundle Python, Ruby, and Perl in future versions of macOS.

21:50 <LnL> sure but can you define your own?

21:50 <dhess> define your own what?

21:50 <LnL> services, not much you can do if that's not writable anymore

21:51 <dhess> /Library is not part of the read-only system volume

21:52 <LnL> do you know of an overview somewhere?

21:53 <dhess> I saw a brief note about this, I'm looking for it now

21:53 <dhess> there is the WWDC session linked in 2925

21:53 <LnL> that only had some examples I think, not a full list

21:54 <dhess> There are only a few things that are mapped onto the root filesystem -- /Library, /User and anything mounted in /Volumes, is what I recall

21:54 <dhess> it's not a big list

21:56 <dhess> oh /usr/local

21:56 <LnL> well I'm pretty sure it's more then /usr/local + /Users :)

21:56 <dhess> not according to what I saw

21:56 <LnL> what about /tmp, /var/log, /var/lib (where the user database is stored) etc.

21:57 <dhess> those are all in /private

21:59 <LnL> yeah so that's at least one more, and then there's /Applications, I read something about os stuff moving to /System/Applications

22:01 <dhess> I must have seen this during the keynote. I can't find it on any Mac blog/news site

22:03 <dhess> Here is a little more detail about the overall structure: 2 volumes, root and "Data"

22:03 <dhess> https://www.sentinelone.com/blog/7-big-security-surprises-coming-to-macos-10-15-catalina/

22:03 <dhess> but it doesn't list what's linked into the Data volume

22:05 <dhess> From https://forums.developer.apple.com/thread/117521:

22:05 <dhess> Question: Can firmlinks be created by endusers, or are they reserved to the system? If they can be created by the enduser, what commands are used to create them?

22:05 <dhess> Answer: No, firmlinks can't be created by endusers. This is reserved currently to the system. There will be synthetic firmlinks coming, which can be used as mount points for network resources.

22:06 <dhess> maybe synthetic firmlinks can be used for /nix

22:06 <LnL> yeah maybe, that reply isn't very clear

22:08 <dhess> I wouldn't be surprised if Apple backs off of this for Catalina. It's quite a change to spring on people 4 months before release.

22:10 <dhess> or at the very least makes the "firmlinks" user-configurable.

22:11 <LnL> possibly, but I'm not sure how many things actually depend on global paths like this

22:11 <LnL> only other thing I can think of is ipfs

22:11 <dhess> It's a pretty fragile design, frankly.

22:12 <dhess> The store location *can* be overriden, right? It's just that all the hashes will change?

22:12 <dhess> I've seen people talk about doing it on Ubuntu or Debian hosts where they don't have root.

22:13 <LnL> yes and all the infastructure can't handle multiple prefixes

22:15 <dhess> Sure. That would be unfortunate but acceptable. Dropping macOS support entirely would be not cool.

22:18 <dhess> Anyway I would guess there are still important third-party Mac apps that write into /etc at least. I believe that Photoshop used to, for one.

22:18 <LnL> no caches means dropping support

22:21 <dhess> There are no caches for armv7l; do you think that means that Nix doesn't support armv7l?

22:33 daGrevis has quit [Quit: daGrevis]

22:35 daGrevis has joined #nix-darwin

22:46 peacememories has joined #nix-darwin

23:09 <matthewbauer> installing macos catalina beta now! going to see what happens. hope it's not completely broken

23:20 <duncan> Is Nix pure on MacOS?

23:20 <duncan> and would it help, in that case?

23:40 <gchristensen> god speed, matthewbauer

23:41 <dhess> Indeed.