#nixos-chat on 2018-12-24

2018-10-11 19:40 gchristensen changed the topic of #nixos-chat to: NixOS but much less topical || https://logs.nix.samueldr.com/nixos-chat

00:00 pie___ has quit [Ping timeout: 250 seconds]

00:19 <elvishjerricco> Is there any kind of ad-hoc container program? Basically just an unshare wrapper that sets up a temporary root and the command line flags for you?

00:30 <ivan> systemd-nspawn? https://wiki.archlinux.org/index.php/systemd-nspawn

00:59 ottidmes has quit [Ping timeout: 272 seconds]

01:15 <elvishjerricco> ivan: "Need to be root." I thought `-U` was supposed to fix that, but doesn't appear to

01:20 pie__ has joined #nixos-chat

01:45 drakonis has joined #nixos-chat

02:33 <jasongrossman> ,jdwhat = "Did you mean jDwhat?"

02:33 <{^_^}> jdwhat defined

02:43 <gchristensen> what isn't so helpful ...

03:05 <drakonis> elvishjerricco, you might prefer to boot into the container rather than just gaining root

03:05 <drakonis> in case you need daemons and such

03:06 <elvishjerricco> drakonis: Mostly just looking for the ability to run something pretty ad-hoc and ephemeral, not set up a whole persistent config.

03:06 <elvishjerricco> Anyway, I can't figure out how to get `-U` to work so I don't need to run it as root

03:07 <elvishjerricco> It just says "Need to be root".

03:07 <drakonis> do -b

03:07 <drakonis> run as elevated

03:07 <elvishjerricco> Tried that

03:07 <drakonis> user namespaces still needs root

03:07 <elvishjerricco> Really? I thought they were unprivileged

03:07 <elvishjerricco> nixos-enter uses them and doesn't need root

03:07 <drakonis> unprivileged namespaces is something else

03:07 <elvishjerricco> Is there no way to use systemd-nspawn unprivileged?

03:08 <drakonis> "systemd-nspawn supports unprivileged containers, though the containers need to be booted as root." says the arch wiki

03:08 <drakonis> still needs to be rooted to run unprivileged

03:08 <elvishjerricco> That doesn't make sense

03:08 <drakonis> requires user namespaces for that one as well, hm didn't know that, thought it was separate

03:08 <elvishjerricco> Running as root means you're nont unprivileged

03:08 <drakonis> the container is

03:09 <drakonis> you can enable a flag for unprivileged as user

03:09 <drakonis> kernel.unprivileged_userns_clone

03:09 <drakonis> this lets them get run without being elevated, although i think it is a source of vulnerabilities, so it isn't on by default

03:10 <elvishjerricco> drakonis: Doesn't nixos-enter do the same stuff that systemd-nspawn needs?

03:10 <elvishjerricco> nixos-enter does not require root

03:11 <drakonis> "exec unshare --fork --mount --uts --mount-proc --pid $extraFlags -- "$0" "$@""

03:11 <drakonis> yeah i don't think it does that

03:11 <drakonis> it uses namespaces

03:11 <elvishjerricco> Isn't that using namespaces? That's what unshare is for

03:11 <drakonis> it doesn't use user namepsaces though

03:12 <elvishjerricco> Oh

03:12 <elvishjerricco> Got it

03:13 <elvishjerricco> $ unshare -U whoami

03:13 <elvishjerricco> nobody

03:13 <elvishjerricco> Doesn't seem like you need root for that?

03:14 <drakonis> you seem to have allowed unprivileged user namespace

03:14 <drakonis> because i have it disabled here and i am not allowed to do it while unrooted

03:15 <elvishjerricco> Alright. I haven't done that manually. Must be default in NixOS

03:15 <elvishjerricco> So

03:15 <elvishjerricco> Given that

03:15 <elvishjerricco> Why can't I use systemd-nspawn as non-root?

03:15 <drakonis> i didn't write it, go ask the systemd devs :V

03:24 hedning has quit [Ping timeout: 245 seconds]

03:35 sir_guy_carleton has joined #nixos-chat

03:51 drakonis has quit [Remote host closed the connection]

04:21 lassulus_ has joined #nixos-chat

04:23 lassulus has quit [Ping timeout: 240 seconds]

04:23 lassulus_ is now known as lassulus

04:41 Guanin has quit [Remote host closed the connection]

05:05 sir_guy_carleton has quit [Quit: WeeChat 2.2]

06:01 jD91mZM2 has joined #nixos-chat

06:05 <jD91mZM2> gchristensen: Regarding your email, I'm afraid that rnix has sort of bad AST manipulation since the rowan rewrite. Although since you're writing ASTs from scratch you might be able to use https://docs.rs/rowan/0.1.3/rowan/struct.GreenNodeBuilder.html

06:06 <jD91mZM2> You said you wanted to combine code. If you mean combine as in adding new code somewhere, you can use https://docs.rs/rowan/0.1.3/rowan/struct.SyntaxNode.html#method.replace_with to replace one AST node with a completely new one

06:09 <jD91mZM2> If you want to add/remove an element from the AST, we have the helper function https://docs.rs/rowan/0.1.3/rowan/struct.SyntaxNode.html#method.with_children which replaces all the children

06:11 <jD91mZM2> Finally, there's a discord server with the rowan developer here: https://discord.gg/z6QTeXv. AST manipulation is still something we discuss there. If you have discord, your opinion could be helpful :)

06:26 <jD91mZM2> s/email/gitlab issue

06:30 endformationage has quit [Ping timeout: 240 seconds]

08:38 jasongrossman has quit [Ping timeout: 264 seconds]

09:52 ottidmes has joined #nixos-chat

10:24 jasongrossman has joined #nixos-chat

11:38 Synthetica has joined #nixos-chat

11:53 <joepie91> jD91mZM2: you've been busy :)

12:28 pie__ has quit [Ping timeout: 252 seconds]

12:43 <jD91mZM2> joepie91: If I need to rewrite that thing even one more time, I might go insane

12:43 <jD91mZM2> Luckily using a library means it's more likely the library will be changed/rewritten than it is that I'll have to do another rewrite

12:51 hedning has joined #nixos-chat

13:17 jD91mZM2 has quit [Ping timeout: 240 seconds]

13:35 Myrl-saki is now known as Myrly-kuri

13:46 jD91mZM2 has joined #nixos-chat

14:23 hedning has quit [Quit: hedning]

15:58 endformationage has joined #nixos-chat

16:25 pie__ has joined #nixos-chat

16:28 endformationage has quit [Ping timeout: 240 seconds]

16:46 <gchristensen> jD91mZM2: yeah, so I have some .nix files I'd like to load and merge with other Nix code, some of which I'd like to generate in Rust, some of which might come off the FS

16:47 <gchristensen> I don't have discord

16:47 <gchristensen> looks like I could do a pretty simple thing of just creating a new AST with { imports = [ nixA nixB nixC ]; } and accomplish most of my goals

16:50 <gchristensen> the absolute worst is using python or shell scripts to generate / merge Nix code, which means I get a syntax error 10 minutes in to a test cycle.

17:08 <joepie91> gchristensen: possibly https://www.npmjs.com/package/nijs may be relevant to what you want to do

17:12 Synthetica has quit [Quit: Connection closed for inactivity]

17:13 <samueldr> one lovely thing about this is the date of its announcement http://sandervanderburg.blogspot.com/2014/04/asynchronous-package-management-with.html

17:13 <samueldr> (which is *not* a coïncidence)

17:59 endformationage has joined #nixos-chat

18:38 sir_guy_carleton has joined #nixos-chat

18:59 jasongrossman has quit [Read error: Connection reset by peer]

19:18 <jD91mZM2> gchristensen: Oh I see. Good idea! You might need to manually construct an AST type using GreenNode::new sadly. Then once you have a SyntaxNode (SyntaxNode::new) you can just print it out, such as `println!("{}", ast);`. It implements Display

19:19 <jD91mZM2> The reason the AST builder might not work is because I don't think you can add an existing GreenNode to it. Maybe that's something that should be possible for a lot nicer manipulation

19:41 jD91mZM2 has quit [Quit: WeeChat 2.2]

20:37 Synthetica has joined #nixos-chat

21:47 pie___ has joined #nixos-chat

21:47 <pie___> I asked already in the main channel but I meant to ask here: there was some stuff somewhere on how to make ones own package sets? like language packages or whatever. gonna try to make a bit of progress today on something for WINE

21:50 <joepie91> pie___: overlays?

22:01 <pie___> well, im mostly not sure how i should even start with this

22:13 sir_guy_carleton has quit [Quit: WeeChat 2.2]

22:17 <joepie91> pie___: if an overlay is the route you want to go, this might be a useful inspiration: https://git.cryto.net/joepie91/morepkgs

22:17 <joepie91> also set up for (very simple) Hydra builds

22:17 <pie___> thanks ill take a look

22:18 <joepie91> (some of the entries are just aliases for nixpkgs stuff because they're not built by nixpkgs' hydra, and this way I can build them on my own build server)

22:19 <pie___> i think what i meant is 2) i need to figure out a way to manage wineprefixes as a prototype 1) how to structure things on the nix side: importing stuff, the actual package layout, idk

22:19 <joepie91> actually I don't think I'm doing that in this version yet

22:19 <pie___> btw are there any helpers for overlayfs?

22:19 <joepie91> ahhh

22:19 <joepie91> that;s a topic that I've been breaking my head on for a while, off-and-on

22:19 <joepie91> I don't have a good answer yet

22:19 <pie___> do you have any pointers

22:20 <pie___> oh haha i just ran into this https://github.com/NixOS/nixpkgs/issues/10165

22:20 <{^_^}> #10165 (by joepie91, 3 years ago, closed): WINE configuration?

22:20 <joepie91> :)

22:20 <joepie91> nothing specific yet, I got stuck on figuring out how to have Hydra build lots of stuff

22:20 <joepie91> I do have a few utility scripts for grabbing playonlinux metadata though

22:20 <joepie91> for wine versions and patches and such

22:20 <pie___> im looking at lutris as well

22:21 <pie___> im horrible at ever actually making progress on anything but i want to give it a shot

22:21 <joepie91> whoa, how did I not hear of that before

22:21 <pie___> i ran into it somewhat coincidentally, not sure why its not listed on the wine wiki

22:21 endformationage has quit [Ping timeout: 240 seconds]

22:22 <pie___> also i think its reeeelatively recent?

22:22 <pie___> i just asked in their channel where to find the installer scripts, dunno yet. (as per the readme in the git repo mentioning installer scripts)

22:22 <pie___> https://github.com/lutris/lutris/blob/master/docs/installers.rst

22:22 <joepie91> last post on their site is 2 years ago lol

22:23 <joepie91> Lutris looks pretty much like the thing I wanted to build on top of Nix

22:25 <pie___> joepie91, wtf there isnt even a nix package for lutris!? ;P

22:28 <pie___> meh. https://github.com/lutris/gens/issues/1

22:28 <{^_^}> lutris/gens#1 (by jtrees, 1 year ago, open): Missing compile instructions

22:35 <ottidmes> pie___: https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUILD?h=packages/gens

22:36 <pie___> ottidmes, ?

22:37 <ottidmes> pie___: well, you linked "missing compile instructions", and when I am in such a situation (or when the instructions are bad) I tend to check other distros

22:38 <pie___> ah, thats a good idea

22:38 <pie___> i wasnt sure why you linked a sega genesis emulator

22:39 <ottidmes> pie___: ah, like so, I thought they were a match, both named gens, both having the same version

22:39 <pie___> oh derp

22:39 <pie___> i linked something from a different repository

22:40 <pie___> i thought that was from lutris/lutris. my bad

23:11 <pie___> how do i get into the environment of a failing build so I can debug it?

23:11 <pie___> https://bpaste.net/show/c2eedf2bb858

23:13 <pie___> output: https://bpaste.net/show/f6bc823d9e29

23:13 <ottidmes> pie___: you cannot unless you explicitly say it has to keep the build around after failing

23:14 <pie___> i did pass -K

23:14 <ottidmes> pie___: well then: note: keeping build directory '/tmp/nix-build-python3.6-lutris-0.4.23.drv-1'

23:15 <pie___> but i would then like to run stuff with setup.py

23:16 <ottidmes> then you got to use nix-shell

23:16 <pie___> just running the same command with nix-shell f- ...well that worked this time

23:16 <pie___> i guess i wasnt paying attention

23:17 <pie___> thanks *shrug*

23:17 <pie___> maybe it was because i didnt pass -K to nix shell last time

23:17 <pie___> bbiab

23:22 pie___ has quit [Ping timeout: 260 seconds]