<ashkitten>
Unable to set group list for user: Operation not permitted
<ashkitten>
and it seems like capabilities just are not being set on the process
<aleph->
Huh
<ashkitten>
oookay are capabilities lost when launching something with lutris?
<aleph->
Have you tried as actual root and not sudo?
<ashkitten>
yes
<ashkitten>
actually, are capabilities just screwy with fhsenv in general?
waleee-cl has quit [Quit: Connection closed for inactivity]
<iqubic>
I've had it with Firefox. It seems like Mozilla doesn't care about privacy anymore. What other free and open source browser can I use instead?
<abathur>
oof
<V>
iqubic: there's basically no good alternative; any firefox fork (other than tor) is not going to have enough manpower to maintain the huge codebase (not to mention that most such forks are pre-quantum, and probably racking up vulns no longer relevant upstream); everything else is based on Blink or Webkit
<V>
Blink, Webkit, and Gecko. (and Servo, except that's not done yet)
<iqubic>
I see. This is a really horrid world we live in.
<V>
Indeed. My suggestion is to stick with Firefox b/c people jumping ship there will only result in the last bastion of hope here losing market share to Blink (or Webkit), and move us towards a total browser monoculture.
<V>
Not to mention the fact that Firefox losing market share is bad for the Tor browser
aminechikhaoui3 has joined #nixos-chat
<iqubic>
So, basically, all software sucks, but Firefox sucks the least. Got it.
aminechikhaoui has quit [Read error: Connection reset by peer]
aminechikhaoui3 is now known as aminechikhaoui
<V>
I'm not even sure that Firefox sucks the least
<V>
But all software sucks, yes
<V>
The future is fairly bleak here
koh has joined #nixos-chat
<iqubic>
In #emacs they have a bot command ",ass" which gets the bot to spit out a message.
<iqubic>
All software sucks. However, suck is a vector. A given foo doesn't suck LESS, it just sucks in a direction a given hacker finds less disagreeable
<aleph->
Man that's just depressing
<Ashy>
what's mozilla done now?
xd1le has joined #nixos-chat
W1lkins has quit [Quit: Ping timeout (120 seconds)]
W1lkins has joined #nixos-chat
kalbasit_ has quit [Ping timeout: 258 seconds]
<ashkitten>
so does lutris just eat capabilities on the runners?
<ashkitten>
i have caps set on my wine executable but when lutris runs it there are no capabilities set on the process
endformationage has quit [Quit: WeeChat 2.9]
maxdevjs has quit [Ping timeout: 246 seconds]
cjpbirkbeck has quit [Ping timeout: 246 seconds]
<sphalerite>
ashkitten: seems likely that the namespacing hacks affect capabilities
<ashkitten>
hm
<ashkitten>
any way i could work around that?
<ashkitten>
i'd really like to get this working
<sphalerite>
idk, what exactly is it you're trying to get working?
<ashkitten>
ACT, for FFXIV
<ashkitten>
it needs to parse network activity
<sphalerite>
oh no
<sphalerite>
have you tried killing it with fire? :D
<ashkitten>
i mean, if i didnt want to use it i wouldnt bother
<sphalerite>
sorry, not helpful, I know
<ashkitten>
it's one of the few mod adjacent things that should just kinda work in wine
<ashkitten>
except it needs extra permissions
<sphalerite>
_maybe_ you can set capabilities on the relevant executable files using setcap?
<ashkitten>
i did but when lutris runs wine the resulting wineserver doesnt have the caps
<ashkitten>
i set caps on wine, wine64, and wineserver
<ashkitten>
and i'm 100% sure it's running the correct binaries
<sphalerite>
ok, that's the end of my ideas
<ashkitten>
so it must be the fhsenv wrapper
<sphalerite>
besides "run it on ubuntu"
<ashkitten>
not happening :p
<ashkitten>
i might as well just run windows at that point
<sphalerite>
or that.
<sphalerite>
depending on your hardware, there are some fun VM-based setups you can use for that kind of stuff while still having good performance.
<ashkitten>
i don't have an igpu and really just don't want to run windows
<sphalerite>
but you do have a dedicated GPU?
<ashkitten>
yes
<sphalerite>
You can also run ubuntu in a VM with GPU passthrough
<sphalerite>
or is that the same level as windows
<ashkitten>
not without a second gpu
<sphalerite>
it should be possible.
<ashkitten>
and i mean, there's nothing stopping me from just running ubuntu in a container using the host kernel
<ashkitten>
doesn't mean i want to
<sphalerite>
Though you would have to shut down the X server and stuff, at which point you might as well dual-boot I guess
<ashkitten>
no, kms uses the gpu driver too
<sphalerite>
yeah you can unbind the console and stuff though to free it up.
<ashkitten>
its really screwy to fully unload the primary gpu driver on a modern linux system
<sphalerite>
(= "and stuff")
<ashkitten>
i don't wanna bother
buckley310 has quit [Quit: Connection closed for inactivity]
<sphalerite>
fair enough.
<ashkitten>
plus like you said, that's basically just a terrible way to dual-boot
<sphalerite>
But yeah, I think the answer is still basically there's no good way. The closest would probably be a container, if that works at all (which I'm not too optimistic about)
<ashkitten>
yeah
<ashkitten>
the best way would be to just have nixos not be broken
<sphalerite>
it's not nixos that's broken %)
<ashkitten>
i mean, i've got no idea how to debug this
<ashkitten>
and it clearly has something to do with the fhsenv
<sphalerite>
the fhsenv is a really nasty hack to work around incorrect assumptions made by software that we can't fix
<ashkitten>
yeah, i guess
<ashkitten>
idk what's wrong with lutris that needs it anyways
<sphalerite>
this might not be possible because it uses a user namespace, mapping root inside the namespace to your UID outside the namespace
<sphalerite>
I suspect that breaks the capability stuff.
<ashkitten>
ah
<ashkitten>
i wish ACT had a native linux version i could just package
<ashkitten>
that'd be sweet
<JJJollyjim>
I dual-boot linux and "the same linux but with the GPU unbound so I can ssh in and start my windows vm"
<JJJollyjim>
its Good and Normal
<JJJollyjim>
:P
<ashkitten>
lol
<ashkitten>
again, don't think i'd run windows for this even in a vm
<JJJollyjim>
the one really nice thing it gets me is being able to have my windows on bcache
<sphalerite>
as in bcachefs?
<JJJollyjim>
Nah, bcache block device
<JJJollyjim>
(which windows puts ntfs on or whatever)
<JJJollyjim>
But I get ssd caching
<JJJollyjim>
Since windows is so unusable on a purely spinning drive at this point :/
<sphalerite>
aah
cole-h has quit [Quit: Goodbye]
xd1le has quit [Remote host closed the connection]
rajivr has quit [Quit: Connection closed for inactivity]
__monty__ has joined #nixos-chat
<philipp[m]>
https://status.nixos.org/ Does anybody know what the read to green fade for nixos-20.09 means?
<etu>
It's a new channel, it haven't been built much before
<philipp[m]>
Aaaah... riiiight 😂
<etu>
But I don't know what the fade is, but I'm guessing it's related
<philipp[m]>
I think I need to wake up properly.
<energizer>
it probably means "i havent read ui guidelines on colorblind-safe colors"
<etu>
I didn't know it could fade to begin with :)
karolus has joined #nixos-chat
Jackneill has quit [Ping timeout: 264 seconds]
<sphalerite>
energizer: just checked with an extension that simulates various colour vision issues. The contrast isn't great, but the shades are certainly distinguishable in all of them.
Jackneill has joined #nixos-chat
rajivr has joined #nixos-chat
<lucus16>
So I figured git bisect would work well together with nix-build
<lucus16>
But that's only on the side where the build passes
<lucus16>
When it fails, it will be retried over and over even if nothing changes in between
<lucus16>
I was thinking that Nix' behavior of retrying identical pure builds is kind of weird though
<lucus16>
I mean in some cases you want that, if the last build failed because OOM or network failure
<lucus16>
But often enough when nix log already has a failing log for a build, you don't want to rebuild
<lucus16>
There ought to be a flag for that
<infinisil>
Nix doesn't though?
<infinisil>
If a build is successful it won't build it again
<infinisil>
Unless you use --check or delete the store path
<lucus16>
I'm talking about when it fails
<lucus16>
It will try again even if nothing changed
<infinisil>
Ah yeah
<infinisil>
Nix doesn't have a negative cache so to say
<infinisil>
It only looks at existing store paths
<lucus16>
It does cache the failed build log though
<lucus16>
So it remembers the build failed
<infinisil>
Although I think there is a negative substitution cache
<infinisil>
Hm true
<sphalerite>
yes, there is a negative substitution cache
<sphalerite>
hydra also caches failed builds
<sphalerite>
lucus16: I'm not sure it remembers that the build failed — the log existing and the path not existing might also happen if it gets built successfully then garbage-collected. It would probably require storing another piece of data.
<lucus16>
yeah, that's fair
parsley936 has joined #nixos-chat
cjpbirkbeck has joined #nixos-chat
bkv has joined #nixos-chat
bqv has quit [Ping timeout: 272 seconds]
bkv is now known as bqv
<eyJhb>
Finally unstable moved!
<eyJhb>
The NixOS releases are somewhat less exciting, when you run unstable. Not that it is not important or nice! But I just thought "huh, 21.03 should be soon", but no. 20.09 however!
<Taneb>
eyJhb: you're living in the future ;)
<eyJhb>
The future is now old man! Or soon :D
<eyJhb>
Getting a lot of ZHF atm.
waleee-cl has joined #nixos-chat
<sphalerite>
eyJhb: yeeesss I'm so happy, now linux 5.8 is in unstable and I can use the microphone in my laptop!!
<eyJhb>
What laptop do you have sphalerite ??
<eyJhb>
:p
slack1256 has joined #nixos-chat
<eyJhb>
To use kernel 5.8 or not to, hmm
<sphalerite>
Thinkpad T14
<sphalerite>
(AMD)
<eyJhb>
What patch did it need to work? Sounds weird :p
<sphalerite>
just supporting the codec that the mic is connected to
slack1256 has quit [Remote host closed the connection]
<eyJhb>
Sounds nice!
<eyJhb>
I am considering a new laptop/phone. But just got a little setback for a speeding ticket.
<eyJhb>
Stupid money to spend
<sphalerite>
pro tip: don't speed :D
<eyJhb>
sphalerite: Yeeaaahhhhh... Sadly it is a weird stretch of road, where you think it is a 80 km/h zone, it is however 50 km/h. Generally a weird bit of read. Luckily I drove slower than 80 km/h!
<gchristensen>
cransom: is the AE license more random memorization?
buckley310 has joined #nixos-chat
<cransom>
it's super technical theory questions mostly. there are practice tests you can do for all of them and memorize the test before taking it, if you are that eager
<gchristensen>
theory is fine, it is the arbitrary junk like only LSB on 40,80,160m etc.
<gchristensen>
the stuff that is just a table of things to look up
<cransom>
i think there may be a couple there because extra might get you into some other modes/bands, but not many.
<gchristensen>
yeah
<gchristensen>
so that is why I think maybe AE is workable: theory is interesting to me
<eyJhb>
Mic92: Why not? Too many tickets? :p
<Mic92>
eyJhb: Wastes too much money. And not really needed if public transport is ok.
<worldofpeace>
I've never needed to have a car my whole life
<eyJhb>
worldofpeace !! You are not allowed to be in this :D
<eyJhb>
Basically, if you live in a big city it makes no sense...
<eyJhb>
Most I know in CPH doesn't have a drivers license :/
<aleph->
I'd like to not have a car
<eyJhb>
But Aalborg isn't that big, and with a family in Aarhus and work in Billund (when not at uni) I am able to justify it for myself :D
<cransom>
gchristensen: https://hamexam.org/view_pool/17-Extra . pretty sure this wasn't around when i took my tests, otherwise, that might have been slightly easier.
<gchristensen>
nice
<cransom>
and maybe not as much theory as i thought there was.
<Mic92>
A car was clearly needed when I was living with my parents in rural area
<worldofpeace>
lol, that would scare the death out of me. I literally can only use public transport, plan flights, and uber/lyft 🤣
<cransom>
i miss driving, not that i did a lot of it before since i'm remote, but pandemic fear has been instilled. didn't take our summer road trip back to visit parents, and unlikely we'll even be back for christmas at this rate.
<gchristensen>
both my cars had head batteries last time I tried to drive :|
<gchristensen>
dead*
<cransom>
yeah. SO's car also had a dead battery. i replaced it and then we decided to sell it since it was basically since it was rotting in the drive way.
<gchristensen>
we have months where 1 car is fine, and months where 2 is critical. makes it hard to decide to get rid of it... but I wish we could.
<Mic92>
Maybe there is some smart leasing plan for this?
<cransom>
you could rent for the times you really need one, but, shared cars during pandemic, ehhhh.
<aleph->
gchristensen: If you have a head in your engine compartment you might have bigger problems :p
<cransom>
i also found that my little jump pack was also dead when i went to revive the car. i learned that day with some finagling of a lithium battery from a dewalt drill, a dc/dc converter, and a super capacitor bank, you can inject enough life in a prius c to get the hybrid battery to run and start the charging system for the aux battery.
kalbasit_ has joined #nixos-chat
<aleph->
Man I really wished weechat didn't use dot baseed namespacing for stuff >_>
<samueldr>
I guess that if we can have the store path of an attribute of pkgs without actually realising it, the site could have a store path that always points to the current version of firefox
<samueldr>
we can, that could be fun :)
<samueldr>
mostly useless, but a good demo of the properties of Nix, that the website can refer to the "correct" store path for a given attribute
<energizer>
even `apt` can do that: /usr/bin/wget is the correct path :D
<samueldr>
NSFW!
<samueldr>
(non-nix is not safe for work, is the joke)
<gchristensen>
+1
<energizer>
(not trolling) i'm increasingly worried about the time cost of using nix systems. it's not easy to debug and i end up spending hours to install a package once. and then i have to do that again on the next nixpkgs release. whereas if i used apt/conda it usually works and when it doesn't i can just hack a solution quickly. reproducibility is easy and fast with docker.
<gchristensen>
yeah, it takes a certain amount of foresight to decide to pay the cost upfront instead of dealing with it when prod is down
<gchristensen>
(also not trolling)
<__monty__>
I feel like it gets a lot easier with experience. And if it's already this easy now it'll only get better once we reach the many eyes point.
<ashkitten>
for me i recognize that some things are difficult with nix, but i use nixos anyway because it's better than leaving my /etc cluttered with small changes i'll never keep track of
<cole-h>
^
<ashkitten>
i started to feel physically sick using arch for that reason, which is why i switched to nixos
<energizer>
ashkitten: you can manage /etc with git
<energizer>
gchristensen: are you arguing that nix causes less breakage in prod than docker does, or that it's easier to fix when prod is down, or something else?
<ashkitten>
and still have to deal with manually merging upstream changes to configs, checking in things i haven't even modified manually? no thanks
<cole-h>
At one point I even used etckeeper lol
<cransom>
i think the point was that it's broken before prod, rather than in prod.
<ashkitten>
plus nixos won't break if i suffer a crash while updating
<ashkitten>
i've ended up with a completely nonfunctional arch system multiple times
<energizer>
cransom: why would that be? containers are as reproducible as nix systems so i dont understand the claimed difference
<ashkitten>
no they're not
<ashkitten>
you can't build every docker container yourself and expect the hash to match perfectly
<__monty__>
energizer: Many docker files start with apt-get update.
<ashkitten>
docker's concept of reproducibility is you pull the image from their website and now you have the same container as the upstream
<gchristensen>
and hopefully you don't need one from yesterday, since they delete those now
<ashkitten>
if you build a docker container with nix it might be fully reproducible, though
<ashkitten>
(and smaller!)
<energizer>
__monty__: that's a good point
koh has quit [Ping timeout: 246 seconds]
<ashkitten>
hmm mozilla announced a way for extension developers to pay for their extensions to be verified and promoted on AMO
<ashkitten>
i think my feelings on the matter depend on how much money that is
<samueldr>
:\ slippery slope if .com sees that as a revenu center
<ashkitten>
agreed
<samueldr>
revenue*
<samueldr>
though if it's kind of a "pay once captcha for developers", then it's okay, I guess, though it should be ear-marked exclusively for .org
<ashkitten>
the way i understand it, both tiers are a subscription fee but apply to all new versions of an addon
<ashkitten>
it's unfortunate that this is another thing that will be easy for companies to pay but not for small-time devs
<ashkitten>
imo they should do something where anything open source and not for-profit doesn't have a fee
<ashkitten>
at least for verification
<joepie91>
sigh.
<joepie91>
great, so soon we'll have a homepage filled with sketchy commercial add-ons
<joepie91>
with the actually-useful, nothing-up-my-sleeve add-ons buried somewhere in a category listing
<joepie91>
because guess who's gonna pay for promotion....
<ashkitten>
yeah
* cole-h
looks at uBlock-not-uBlock-Origin
<joepie91>
ding ding ding
ixxie has quit [Quit: Lost terminal]
<ashkitten>
but ublock origin is already in the recommended extensions program
<__monty__>
Will it stay there though?
<__monty__>
I guess they do need some actually good plugins for credibility.
ixxie has joined #nixos-chat
ixxie has quit [Quit: Lost terminal]
ixxie has joined #nixos-chat
ixxie has quit [Client Quit]
<gchristensen>
I think I need to bisect nixops for a bug and I have literally no idea how to do that
<__monty__>
What's the difficulty?
<gchristensen>
it has to deploy to an actual thing
<aleph->
And you don't have a thing to deploy to?
<gchristensen>
nothing spare like that
<__monty__>
Can you target a VM?
<colemickens>
"I have some optimism we'll eventually see Nix rewritten in Rust" 😍
<gchristensen>
oh{
<gchristensen>
?
tilpner has quit [Remote host closed the connection]
tilpner has joined #nixos-chat
* pie_
looks at scroll
* pie_
closes irc
* pie_
closes closes laptop lid
<joepie91>
it's happening: Twitter has given in and started doing indented threading!
* pie_
shuts down laptop, in that order
<pie_>
oh no @ promoted addons
<pie_>
can we have an fdroid for firefox addons
<pie_>
you think theyll do more extensions api work for commercial addons
<samueldr>
joepie91: :/ what are the odds this is not propagated to the open APIs?
<joepie91>
samueldr: are we talking about twitter or mozilla now
<samueldr>
twitter, sorry
<joepie91>
samueldr: AFAIK this is just a visual change
<joepie91>
reply_to or something like that was already a thing
<joepie91>
though if Twitter's UI is any indication, that is far from reliable metadata
<samueldr>
ah
__monty__ has quit [Quit: leaving]
buckley310 has quit [Quit: Connection closed for inactivity]
neeasade has quit [Remote host closed the connection]
neeasade has joined #nixos-chat
parsley936 has quit [Remote host closed the connection]
Blackraider has joined #nixos-chat
Blackraider has quit [Remote host closed the connection]
Blackraider_ has joined #nixos-chat
Blackraider has joined #nixos-chat
Blackraider has quit [Client Quit]
Blackraider_ has quit [Remote host closed the connection]
Blackraider has joined #nixos-chat
Blackraider_ has joined #nixos-chat
Blackraider_ has quit [Remote host closed the connection]
Blackraider has quit [Quit: leaving]
<ashkitten>
you know an article is good when the line after the link says DISCLAIMER: This article uses methods that could be used illegally in many areas worldwide. Please do not use such methods illegally. The This Week in Rust team and the Rust project leadership are not responsible for any illegal activity by readers.
<samueldr>
si the method reading the code?
<samueldr>
>> Intercepting Zoom's encrypted data with BPF