#nix-darwin on 2021-03-24

00:23 __monty__ has quit [Quit: leaving]

00:42 supersandro2000 has quit [Disconnected by services]

00:42 supersandro2000 has joined #nix-darwin

01:32 ahmedelgabri has joined #nix-darwin

01:37 ahmedelgabri has quit [Ping timeout: 272 seconds]

03:33 ahmedelgabri has joined #nix-darwin

03:37 ahmedelgabri has quit [Ping timeout: 260 seconds]

05:12 Gaelan_ is now known as Gaelan

05:33 ahmedelgabri has joined #nix-darwin

05:38 ahmedelgabri has quit [Ping timeout: 240 seconds]

07:00 ahmedelgabri has joined #nix-darwin

08:03 ahmedelgabri has quit [Ping timeout: 244 seconds]

08:10 ahmedelgabri has joined #nix-darwin

08:13 Chiliparrot has joined #nix-darwin

09:24 Mic92 has quit [Quit: WeeChat 3.1]

09:25 Mic92 has joined #nix-darwin

09:52 <domenkozar[m]> !m __monty__

09:52 <domenkozar[m]> nope

09:52 <domenkozar[m]> __monty__++

09:52 <{^_^}> __monty__'s karma got increased to 32

11:08 Chiliparrot has quit [Ping timeout: 244 seconds]

11:40 Chiliparrot has joined #nix-darwin

12:59 <abathur> domenkozar[m]: poke :}

13:52 philr_ has quit [Ping timeout: 264 seconds]

14:34 <domenkozar[m]> abathur: hey

14:35 <abathur> :)

14:39 <abathur> just want to check on timeline for moving the installer PRs through

15:12 Chiliparrot has quit [Ping timeout: 244 seconds]

15:46 Chiliparrot has joined #nix-darwin

16:02 Chiliparrot has quit [Ping timeout: 272 seconds]

16:08 <domenkozar[m]> abathur: which ones are ready for a review?

16:13 Chiliparrot has joined #nix-darwin

16:15 <abathur> domenkozar[m]: sorry; on a call, may be a bit slow; nix#4289 and nix#4532

16:15 <{^_^}> https://github.com/NixOS/nix/pull/4289 (by abathur, 16 weeks ago, open): darwin: encrypt nix volume if filevault is enabled

16:15 <{^_^}> https://github.com/NixOS/nix/pull/4532 (by abathur, 6 weeks ago, open): fix nixbld user name/uid for macOS/darwin

16:31 <domenkozar[m]> abathur: I'd like for __monty__ to review those and test them out

16:31 <domenkozar[m]> probably after the SDK bump

16:31 <abathur> ok

16:33 <abathur> I want to register a little bit of disappointment here

16:33 <abathur> without being a jerk :)

16:47 emily has quit [Ping timeout: 268 seconds]

17:02 emily has joined #nix-darwin

17:29 ahmedelgabri has quit [Ping timeout: 244 seconds]

17:55 ahmedelgabri has joined #nix-darwin

18:00 ahmedelgabri has quit [Ping timeout: 260 seconds]

18:07 __monty__ has joined #nix-darwin

18:12 ahmedelgabri has joined #nix-darwin

18:20 ahmedelgabri has quit [Ping timeout: 264 seconds]

18:42 eraserhd2 has joined #nix-darwin

18:43 eraserhd has quit [Ping timeout: 256 seconds]

19:02 <gchristensen> how do we get those PRs merged sooner than later? they've been sitting there pretty much ready to go, and users are stubbing their toes on the problem they solve

19:03 <gchristensen> maybe we should merge it and if issues are discovered fix them, instead of trying to block on perfect

20:10 Chiliparrot has quit [Quit: My iMac has gone to sleep. ZZZzzz…]

20:16 ahmedelgabri has joined #nix-darwin

20:21 ahmedelgabri has quit [Ping timeout: 260 seconds]

20:36 <__monty__> abathur: So the process spawning nix needs to have the FDA permission AND the user account needs a SecureToken?

20:51 ahmedelgabri has joined #nix-darwin

22:01 Siyo has quit [Quit: Bye]

22:03 Siyo has joined #nix-darwin

22:07 philr_ has joined #nix-darwin

23:12 <abathur> __monty__: I hesitate to say need, but yeah. To be clear, the SecureToken enables the account to mount the volume (some have reported `diskutil enableOwnership` and chowning the volume contents to the user accomplishes this, but imagine that screws up nix-daemon). I'm not certain how this interacts with the store-mounting LaunchDaemon 4289 will add.

23:14 <abathur> the FDA exemption is for steamrolling the sandbox error from nix-daemon (or even regular nix commands) when run from launchd

23:17 <__monty__> abathur: Thanks for clarifying.

23:22 __monty__ has quit [Quit: leaving]