<Joestar79>
when I get those kind of error I don't know what to do
<Joestar79>
probably I shouldn't install that myself, but that gets automatically installed ad a dependency when and if needed?
<Joestar79>
after I got that error, I removed the package that was causing it and now I get this weird error: error: the store is not owned by this user, but /nix/var/nix/db is writable
<domenkozar[m]>
Joestar79: how did you install Nix?
<Joestar79>
the thing is that I could install a certain number of packages without any issue
<Joestar79>
then I tried pkgs. harfbuzz and after the error I copy/pasted now the whole system seems not working properly anymore
<Joestar79>
even removing pkgs.harfbuzz and running darwin-rebuild switch with the previously working conf, won't work
<Joestar79>
drwxrwxr-t 2014 root nixbld 63K Jun 11 15:56 store
<Joestar79>
is this normal?
<Joestar79>
this has been driving me crazy for a couple of days. I lost count how many times I had to uninstall everything and start from scratch again :(
Chiliparrot has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
<domenkozar[m]>
Joestar79: I recommend installing with --daemon
<domenkozar[m]>
Joestar79: did you install as root?
<Joestar79>
nope I installed it with my user
<Joestar79>
should I install it with root?
<Joestar79>
--daemon in addition to --darwin-use-unencrypted-nix-store-volume or alone?
<Joestar79>
I fixed the problem changing the permission on the store dir
<Joestar79>
group: nixbld to admin
<Joestar79>
that changed when there was the error building harfbuzz I guess
<domenkozar[m]>
you should not install under root, but as a user
<domenkozar[m]>
passing --daemon and --darwin-use-...
<Joestar79>
I think --daemon can also be enabled in che conf
<Joestar79>
later I mean
<Joestar79>
setting up user launchd services...
<Joestar79>
looks like it is indeed using the daemon, isn't it?
<domenkozar[m]>
the installation procedure is much different
<domenkozar[m]>
LnL: is single-user install supported for nix-darwin?
<LnL>
yeah
<domenkozar[m]>
hmm, why is it even useful on darwin?
<__monty__>
Afaik it's recommended even.
<__monty__>
I know I reinstalled without multi-user because of problems.
<LnL>
single-user is default but the daemon has a bunch of advantages if you're a serious user
<domenkozar[m]>
what advantages has single user install on darwin?
<Joestar79>
so, should I uninstall everything and reinstall one again with both options?
<Joestar79>
*once
<LnL>
and nix-darwin should elevate most of the pain points that come with a vanilla daemon install
<Joestar79>
I mean with --darwin... and --daemon
<domenkozar[m]>
Joestar79: that's what I'd recommend, but LnL knows more :)
<LnL>
the main argument for a single user install is simplicity
<LnL>
easier to uninstall (alltho something less relevant with all the volume stuff)
<LnL>
and easier to update nix itself
<domenkozar[m]>
yeah now with the volume stuff it seems hard to uninstall either
<domenkozar[m]>
how is updating Nix easier? shouldn't nix-darwin handle it either way?
<domenkozar[m]>
LnL: hope you don't see my questions as critique of nix-darwin, I'm thinking out loud how to make it more robust for beginners
<LnL>
I'm talking about a vanilla install without nix-darwin
<domenkozar[m]>
ah yeah, that should also be recommended to use nix-darwin =)
<LnL>
heh, well I consider that a 3rd party thing
<domenkozar[m]>
and nix upgrade should do the correct thing or instruct how to do it
<LnL>
a while back gchristensen brought up the idea of a separate "installer" project which could be the the default and handle a tiny subset of what nixos/nix-darwin, etc. do but just for the nix installation
<gchristensen>
yeah
<gchristensen>
and that could evolve separately, even to making a gui dmg installer for macos
Chiliparrot has joined #nix-darwin
<LnL>
I really like the idea, just a separate (default) thing that manages the nix installation and configuration for for all platforms in a nice declarative way
<gchristensen>
yeah
<__monty__>
Would a dmg with an app work? Wouldn't it rather be like a pkg installer?
<gchristensen>
I dunno
<gchristensen>
I dunno how any of this works, I'm just making stuff up
<LnL>
installer is the most straightforward step, but it could include an app that can configure basic stuff
<Joestar79>
LnL: well, I don't know if you are interested or consider this a bug, but when something fails the permission of the store dir under /nix gets corrupted
<Joestar79>
and I have to manually set the group to admin from nixbld to get it working again
<LnL>
does that happen consistently?
<Joestar79>
yes
<LnL>
usually caused by running nix as root on a single-user install
<__monty__>
Shouldn't the group be nixbld on a multi-user install?
<Joestar79>
I tired installing a package that doesn't exist
<Joestar79>
I ran the install script with my user
<Joestar79>
but I probably said yes to use sudo?
<Joestar79>
could that explain the problem?
<__monty__>
No, pretty sure that's necessary.
<__monty__>
I think LnL meant running a nix command using sudo, like sudo nix-env -i whatever.
<LnL>
yeah
<Joestar79>
that wasn't the case either
<Joestar79>
I can reproduce it at will
<__monty__>
Wouldn't that change the group to root or admin, rather than nixbld though?
<LnL>
if you have a single user instal (without dameon) and run sudo nix-env you'll run into trouble
<Joestar79>
let me see if I can reproduce it
<__monty__>
I *think* Joestar79 just added pkgs.harfbuzz to their darwin-configuration.nix.
<Joestar79>
or if I pressed esc with zsh and it added sudo in front of my command
<Joestar79>
_monty_ I learned not to do that and just add pkgs.cargo. That solved the problem
<__monty__>
Hmm, then I misunderstood what caused the permissions problem according to you.
<Joestar79>
that caused it for sure
<Joestar79>
I mean, when I added pkgs.harfbuzz it happened
<Joestar79>
I can try again
<Joestar79>
sigh, this time it worked
<__monty__>
Are you sure you didn't run darwin-rebuild with sudo?
<Joestar79>
I have seen lots of voodoo behaviour in the past 2 days though, rather than computer science
<Joestar79>
let me check history
<LnL>
darwin-rebuild internally should not be using sudo when it doesn't has to to avoid issues with a single user install
<Joestar79>
I haven't slept much lately, so this is possible for sure
<__monty__>
Would running it with sudo change the group on the store to nixbld? And is the proper group admin?
<Joestar79>
sorry, pressed esc, it was my fault
<LnL>
yeah, maybe nix shouldn't be that aggressive about changing ownership
<Joestar79>
I must find a way to disable that ESC add sudo thingie in zsh
<Joestar79>
I hate that
<__monty__>
Is there ever a good reason to run some nix commands with sudo? Maybe they should say something "Are you sure you want to run me as root? Double sure with cherries on top?"
<gchristensen>
with multi-user yeah absolutely
<LnL>
I think ensuring /nix/store is consistent with /nix/var/nix/db would make sense tho
<{^_^}>
LnL7/nix-darwin#188 (by druimalban, 8 weeks ago, open): Enabling the nix daemon seems to change permissions on the store to root
<domenkozar[m]>
gchristensen: why did we revert daemon installation from being default? :)
Chiliparrot has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
philr_ has quit [Ping timeout: 260 seconds]
<abathur>
heh
<abathur>
the catalina performance issue I've been picking at a little here might have some impact on all of this
<abathur>
I did manage to reproduce this by running commands against a single-user install with sudo (or in a shell opened with sudo?)
<abathur>
but independently, as I was just playing with the catalina executable assessment system
<abathur>
roughly: the catalina assessment system does a server round-trip when each new script/executable in a Nix build runs; single-user nix can opt out of at least the round-trip by adding their terminal App to the Developer Tools exemption in Security & Privacy; this doesn't work for multi-user
<abathur>
I've found 2 other ways to opt-out of the exemptions: running the build with sudo, and disabling the assessments with `sudo spctl --master-disable` before running the build
<abathur>
the latter two work for both single and multi-user installs, but sudo in single-user mode obviously has the consequences described here :)