jasongrossman has quit [Ping timeout: 252 seconds]
Lisanna has quit [Quit: Lisanna]
lopsided98 has quit [Quit: Disconnected]
emily has joined #nixos-chat
lopsided98 has joined #nixos-chat
<drakonis1>
the acme-missile function makes me want to play sc2
jasongrossman has joined #nixos-chat
jasongrossman has quit [Ping timeout: 245 seconds]
thefloweringash has joined #nixos-chat
{`-`}_ has joined #nixos-chat
{`-`} has quit [Remote host closed the connection]
drakonis1 has quit [Quit: WeeChat 2.2]
jasongrossman has joined #nixos-chat
drakonis has quit [Remote host closed the connection]
<sphalerite>
setuid programs vs daemons proxying access to a resource: opinions?
<andi->
I do not like setuid proccesses but I am not convinced the alternatives are better.. The tradeoff is also: some runtime issues for a short time vs system uptime. Services allow you to corrupt more memory, trigger issues.. etc... I guess it depends?!
<andi->
If you do not have knowledge on how to write secure setuid binaries: write a service instead.
sir_guy_carleton has quit [Quit: WeeChat 2.2]
jasongrossman has quit [Quit: ERC (IRC client for Emacs 26.1)]
<sphalerite>
andi-: I'm not sure how services allow you to corrupt more memory?
<andi->
well they have a lifetime that is multiple "invocations"
<andi->
so they are a nice target for say spraying stuff around the heap and then later on executing an exploit that jumps to/executes some of the code you put there earlier..
<andi->
with setuid you always start from a "clean" memory view. No state from previous runs.
<sphalerite>
aaah right
<andi->
(you can also fork() befor handling the request in your service...)
<andi->
it really depends on what kind of thing you are trying to protect
jasongrossman has joined #nixos-chat
sir_guy_carleton has joined #nixos-chat
__monty__ has joined #nixos-chat
jasongrossman has quit [Quit: ERC (IRC client for Emacs 26.1)]
sir_guy_carleton has quit [Quit: WeeChat 2.2]
sir_guy_carleton has joined #nixos-chat
jasongrossman has joined #nixos-chat
obadz has quit [Ping timeout: 268 seconds]
<srhb>
Hms.. More new laptop questions. I see my frequency capping at a very low level despite not maxing temperature limit of 97C. Is that power throttling?
<srhb>
(I'm new to this area)
obadz has joined #nixos-chat
emily has quit [Ping timeout: 252 seconds]
emily has joined #nixos-chat
<gchristensen>
srhb: do you see anything in dmesg about throttling?
<gchristensen>
srhb: your /etc/nixos/hardware-configuration.nix's cpuFreqGovernor might be set to powersave or something
<srhb>
gchristensen: I don't see anything in dmesg. It is set to powersave, but I thought that it would still turbo boost whenever possible.
<srhb>
I think it must be some sort of power throttle. Q_Q
<srhb>
Or maybe there's some other temperature limit I'm hitting somewhere.
<sphalerite>
srhb: how low is very low?
<sphalerite>
srhb: my laptop can go to 3.8GHz but will never sustain more than 2.8 or something
<sphalerite>
I believe it does run at 3.8 sometimes, but never long enough for sampling to see it
<sphalerite>
basically, if you want full speed get a desktop :D
<sphalerite>
(or server)
lopsided98 has quit [Ping timeout: 276 seconds]
lopsided98 has joined #nixos-chat
<srhb>
sphalerite: Right, of course. I expect throttling, but I expect throttling to happen for a reason. Right now I can't _see_ why it throttles. For instance, I can get a single core to 3.9 GHz (max boost) but if I stress everything, I get 3.5 across all cores. But temperature is fine, so I'm simply unsure what's causing the throttling to happen.
<gchristensen>
oh I don't think most CPUs can hit maxboost on all cores
<gchristensen>
what model is your CPU?
<srhb>
I don't think it can either :)
<srhb>
It is the max single core boost after all..
<srhb>
i7-7820HQ
<srhb>
I'm just trying to understand the 3.5 GHz cap.
<emily>
hmm, I'd have kind of hoped the thermals on the bigger laptops would be sufficiently better for it to not be as much of a problem :<
<emily>
FWIW, though, when experiencing this problem I get dmesg entries about throttling
<srhb>
emily: Thermals are excellent. It seems likely that somehow the trip point is synthetically (and erroneously) lowered
<emily>
also, you're never going to get the Turbo Boost speed on all cores
<emily>
not sure if that's what you're saying, but
<emily>
re "I can get a single core to 3.9 GHz (max boost) but if I stress everything, I get 3.5 across all cores."
<srhb>
Right. :) I'm trying to understand "why 3.5 specifically"
<srhb>
Ie. what limit am I hitting.
* emily
nods
<srhb>
That I can't reach full 3.9 is just fine. And 3.5 might be just fine as well. I'm really curious as to _what_ limit I'm hitting though, because I can't find it :D
<srhb>
Like, full 8 core mprime load maxes me out at +65C, so temperature sounds unlikely
<srhb>
Thanks!
<emily>
and probably happens at too low a level for you to observe that much about it
<srhb>
Yeah, it might be a fool's errand.. :-P
<emily>
doing the undervolting thing might help you get better results
<emily>
it's too scary for me to have tried it yet
<emily>
I've just made my peace with laptops being kind of slow to some degree
<srhb>
Already undervolted. Doesn't seem to make much of a difference.
<srhb>
(I mean, aside from even better thermals...)
<srhb>
This thing is fantastically fast compared to what I came from, so I'm very happy in general.
<Ralith>
srhb: intel's windows-based tuning tools let you set max freq per number of active cores
<srhb>
Ralith: Really! So the information is there, somewhere...
<Ralith>
power throttling is possible too, ofc
lassulus has quit [Ping timeout: 252 seconds]
lassulus has joined #nixos-chat
<andi->
I almost forgot how slow rotating disks are... Migrating a service from one cluster to another...
ekleog has quit [Quit: brb]
ekleog has joined #nixos-chat
<sphalerite>
infinisil: did you come along to the hackerspace at nixcon last year?
<infinisil>
sphalerite: I only stayed a bit on the evening of the last conference day, not the hackday
<sphalerite>
I can't remember which day it was that we went there
<infinisil>
Why you ask?
<sphalerite>
have you heard of 34c3?
<infinisil>
Nope
<sphalerite>
because it's the Munich CCC, uh…
<sphalerite>
idk what to call it
<infinisil>
Yeah no idea about that
<sphalerite>
*c3 is the Chaos Communications Congress (iirc), a big conference of the (mostly German-language I think?) hacker scene
<sphalerite>
anyway, it's good stuff :)
<infinisil>
I see
<emily>
C3 is well-known in my decidedly non-German circles, at least
<joepie91>
yeah, def not just german
<joepie91>
definitely come visit if you can get a ticket :P
* emily
might be at C3!
<emily>
(but is also shy)
<andi->
I am not going this year... after many years.. A bit burned out on that front..
<joepie91>
emily: possibly C3 needs an introvert assembly again :P
<joepie91>
hijacked some other absent group's table a few years ago to produce an ad-hoc introvert assembly, and contrary to what you might expect it actually worked really well!
<emily>
haha
<andi->
I also think for an intovert it is a good atmosphere.. I usually hate many people and there I feel pretty at home.
<emily>
I mean, mostly only considering going because of a bunch of people I know from other channels going (or getting tickets wouldn't feel worth it anyway)
<joepie91>
it more or less worked out to "a place where you can sit and interact with others, and if all of a sudden you unannouncedly drop out of the conversation and start doing your own thing then that's fine too"
<andi->
if you run into issues with tickets I might be able to help out...
<joepie91>
IRCesque I guess, 'lurking is fine'
<joepie91>
anyhow, are there plans for a NixOS assembly at C3, or?