<{^_^}>
darold/pgbadger#644 (by grahamc, 1 minute ago, open): Parse times with T's
<ldlework>
another day, another problem using webgl in the browser on nixos
<ldlework>
it is the way
<lovesegfault_>
God, Ghidra really is an eye sore
<lovesegfault_>
it's burning my retina
<gchristensen>
good enough for government work
<gchristensen>
lol
<samueldr>
don't use a computer monitor in the dark!
<samueldr>
have sufficient lighting behind your monitor(s)!
<samueldr>
but I guess that won't help with the bad font rendering
<lovesegfault_>
The font rendering is alright, I have the java hacks that improve it
<lovesegfault_>
samueldr: Yeah, I need to add some light behind my monitor
<lovesegfault_>
getting owned trying to RE this piece of SW with ghidra
<cole-h>
SW = software, or sh*tware? :P
<lovesegfault_>
the latter :P
evanjs has quit [Read error: Connection reset by peer]
evanjs has joined #nixos-chat
<colemickens>
anyone else have weird nostalgia for SmarterChild?
<colemickens>
I am never going to get tired of C programmers mad about Rust. Never ever.
<colemickens>
omg "Until you have the evidence, don’t bother with hypothetical notions that someone can write 10 million lines of C without ubiquitious memory-unsafety vulnerabilities – it’s just Flat Earth Theory for software engineers."
<colemickens>
also, I assume someone started on trying to build some Nixpkgs packages with the Rust coreutils??
<siraben>
colemickens: what made you assume that?
<siraben>
also should just be a matter of replacing coreutils with uutils-coreutils in stdenv right
<colemickens>
siraben: nix peoples are cool and fun and inventive and it seems like an obvious thing to mess around with. Maybe just me projecting though :)
* colemickens
is pretty sure you even commented on it :P
<siraben>
oh yeah on HN, hehe
<siraben>
I might try it sometime
<siraben>
Also wow the stdenv bootstrapping process is written so clearly, props to whoever wrote it
<aaronjanse>
To be fair, the vast majority of that file is comments and examples explaining the options
<veleiro>
yeah but going by comprehension and setting up your own matrix server good luck
<veleiro>
i have to learn a new lifestyle
<veleiro>
and a negative for the lack of backwards compatibility with the networks (irc) it tries to replace
<veleiro>
huge complexity added for some benefits related to encryption
<Ke>
huh, I use irc over bridges all the time?
waleee-cl has quit [Quit: Connection closed for inactivity]
<veleiro>
not the same though, bridges are just representing you and requires giving up some access
<veleiro>
not the definition of backwards compatible
<veleiro>
OTR over IRC for example, plaintext messages would still work
<siraben>
aaronjanse: sure thing
<Ke>
also you don't need to setup homeserver no more than you need to setup ircd
<lovesegfault>
ashkitten: are you around?
<pie_>
samueldr: assume i have linked the bash.org quote with the appropriate substitutions
<pie_>
"ive lost a datacenter. literally lots. it responds to ping i just dont know where in my house it is"
<pie_>
*lost
<pie_>
unrelated,it is in human language, as in programming language. If you write in multiple, you will be incomprehensible to most. sad
cole-h has quit [Quit: Goodbye]
cole-h has joined #nixos-chat
<eyJhb>
Painting doorframes sucks, it is just squats with a paintbrush basically
<siraben>
I have a list of file paths in a text file and I want to go through them one by one, what's the fastest way to do this?
<siraben>
vim has quickfix but not sure about emacs
__monty__ has joined #nixos-chat
<lovesegfault>
siraben: define "go through"?
<lovesegfault>
if you mean look over I'd use bash + cat
<lovesegfault>
if I was in vim I'd use `gf` over the path
ixxie has joined #nixos-chat
artturin has quit [Quit: Bridge terminating on SIGTERM]
LinuxHackerman has quit [Quit: Bridge terminating on SIGTERM]
crazazy[m] has quit [Quit: Bridge terminating on SIGTERM]
jtojnar has quit [Quit: Bridge terminating on SIGTERM]
immae has quit [Quit: Bridge terminating on SIGTERM]
emily has quit [Quit: Bridge terminating on SIGTERM]
awaxa has quit [Quit: Bridge terminating on SIGTERM]
bbigras has quit [Quit: Bridge terminating on SIGTERM]
leons has quit [Quit: Bridge terminating on SIGTERM]
puzzlewolf has quit [Quit: Bridge terminating on SIGTERM]
aanderse has quit [Quit: Bridge terminating on SIGTERM]
leonardp has quit [Quit: Bridge terminating on SIGTERM]
JJJollyjim has quit [Quit: Bridge terminating on SIGTERM]
pinage404[m]1 has quit [Quit: Bridge terminating on SIGTERM]
colemickens has quit [Quit: Bridge terminating on SIGTERM]
rosariopulella[m has quit [Quit: Bridge terminating on SIGTERM]
rmcgibbo[m] has quit [Quit: Bridge terminating on SIGTERM]
danielrf[m] has quit [Quit: Bridge terminating on SIGTERM]
veleiro has quit [Quit: Bridge terminating on SIGTERM]
nicolas[m] has quit [Quit: Bridge terminating on SIGTERM]
siraben has quit [Quit: Bridge terminating on SIGTERM]
mjlbach has quit [Quit: Bridge terminating on SIGTERM]
aaronjanse has quit [Quit: Bridge terminating on SIGTERM]
joe[m]3 has quit [Quit: Bridge terminating on SIGTERM]
rycee has quit [Quit: Bridge terminating on SIGTERM]
manveru[m] has quit [Quit: Bridge terminating on SIGTERM]
chvp has quit [Quit: Bridge terminating on SIGTERM]
DavHau[m] has quit [Quit: Bridge terminating on SIGTERM]
thefloweringash has quit [Quit: Bridge terminating on SIGTERM]
ili has quit [Quit: Bridge terminating on SIGTERM]
Ke has quit [Quit: Bridge terminating on SIGTERM]
noneucat has quit [Quit: Bridge terminating on SIGTERM]
kalbasit[m] has quit [Quit: Bridge terminating on SIGTERM]
ma27[m] has quit [Quit: Bridge terminating on SIGTERM]
Ox4A6F has quit [Quit: Bridge terminating on SIGTERM]
kraem[m] has quit [Quit: Bridge terminating on SIGTERM]
kloenk has quit [Quit: Bridge terminating on SIGTERM]
philipp[m]1 has quit [Quit: Bridge terminating on SIGTERM]
sparogy has quit [Quit: Bridge terminating on SIGTERM]
lopsided98_ has quit [Ping timeout: 240 seconds]
lunc has quit [Ping timeout: 245 seconds]
lopsided98 has joined #nixos-chat
aanderse has joined #nixos-chat
leons has joined #nixos-chat
<leons>
I'm facing an issue with cross compiling to a riscv32 soft-float ABI (rv32i, ilp32):
<leons>
The default cross compiler from nixpkgs seems to use newlib with compiled for double-float architectures, which then of course prevents me from linking to my soft-float objects...
<leons>
[nix-shell:~]$ readelf -a $(riscv32-none-elf-gcc -print-file-name=libc.a) | grep Flags | head -n1
Raito_Bezarius has quit [Ping timeout: 240 seconds]
<{^_^}>
undefined variable 'nix-shell' at (string):489:1
<leons>
Is there any way I can instruct nixpkgs to give me an environment with a soft-float newlib here? I haven't found the right parameters to pass into crossSystem yet :)
lunc has joined #nixos-chat
Raito_Bezarius has joined #nixos-chat
manveru[m] has joined #nixos-chat
noneucat has joined #nixos-chat
thefloweringash has joined #nixos-chat
Ox4A6F has joined #nixos-chat
nicolas[m] has joined #nixos-chat
artturin has joined #nixos-chat
immae has joined #nixos-chat
jtojnar has joined #nixos-chat
DavHau[m] has joined #nixos-chat
awaxa has joined #nixos-chat
rmcgibbo[m] has joined #nixos-chat
sparogy has joined #nixos-chat
LinuxHackerman has joined #nixos-chat
danielrf[m] has joined #nixos-chat
kraem[m] has joined #nixos-chat
aaronjanse has joined #nixos-chat
colemickens has joined #nixos-chat
enick_4 has joined #nixos-chat
mjlbach has joined #nixos-chat
chvp has joined #nixos-chat
veleiro has joined #nixos-chat
bbigras has joined #nixos-chat
rosariopulella[m has joined #nixos-chat
Ke has joined #nixos-chat
siraben has joined #nixos-chat
philipp[m]1 has joined #nixos-chat
emily has joined #nixos-chat
kloenk has joined #nixos-chat
puzzlewolf has joined #nixos-chat
ma27[m] has joined #nixos-chat
leonardp has joined #nixos-chat
joe[m]1 has joined #nixos-chat
Guest68587 has joined #nixos-chat
rycee has joined #nixos-chat
kalbasit[m] has joined #nixos-chat
ili has joined #nixos-chat
crazazy[m] has joined #nixos-chat
pinage404[m]1 has joined #nixos-chat
<leons>
The moment you ask you figure it out. It's not crossSystem.platform.gcc, but crossSystem.gcc :)
joepie91 has joined #nixos-chat
<joepie91>
samueldr: the SBG location is a large terrain which has a number of separately-constructed (but sometimes connected) 'towers'
<joepie91>
SBG2, capacity of 30k servers, has fully burned down
<joepie91>
SBG1, the infamous shipping container tower, 12k server capacity, has lost 4 of 12 rooms
<joepie91>
so that puts the total lost servers at approximately 34k servers, and I think the total capacity of the site is somewhere in the neighbourhood of 100k servers
<f0x>
i was thinking, say a nixos server was compromised (root), and you'd rebuild it from a known-good config through morph, could an attacker still keep persistance?
<philipp[m]1>
The answer to "could an attacker still kepp persistance" is generally "yes!"
<elvishjerricco>
Yea, they could replace the ssh server with one that rejects or modifies the config
lunc has quit [Ping timeout: 246 seconds]
<f0x>
right, interesting
<philipp[m]1>
Or replace nix with something that includes backdoors.
<philipp[m]1>
Of course the advanced persistent attacks that survive fresh os installs by hiding in some device firmwares would also remain unaffected.
<andi->
Just always burn it down first ;-)
<f0x>
hmmmm, too soon? :P
<joepie91>
generally speaking the rule is that any state which can become executable at some point in some way, is a place for an attacker to hide; as well as any state which controls access
<joepie91>
having well-defined state locations (hi gchristensen!) can therefore make it easier to recover safely but it will still require work
<joepie91>
as you will still need to ensure that they haven't left any sneaky backdoor accounts in some application's database, for example
<joepie91>
or binaries stored somewhere in a state dir that can be invoked later
<joepie91>
or cached config files which have some hook command inserted into them
<joepie91>
so best is to just throw everything out except for the state which you need, and go through that carefully
<joepie91>
remote deployment does make it easier because 'state you need' does not include
<joepie91>
does not include 'config files' in that case*
<f0x>
hm now i wonder if i could morph to a system booted from a liveusb/rescue iso
lunc has joined #nixos-chat
<gchristensen>
=)
waleee-cl has joined #nixos-chat
rj has joined #nixos-chat
ghuntley has quit []
ghuntley has joined #nixos-chat
ixxie has quit [Ping timeout: 264 seconds]
manveru has quit []
manveru has joined #nixos-chat
ixxie has joined #nixos-chat
abathur has quit [Quit: abathur]
abathur has joined #nixos-chat
lunc has quit [Ping timeout: 246 seconds]
lunc has joined #nixos-chat
<andi->
f0x: you mean kexec?
evanjs has quit [Ping timeout: 276 seconds]
<f0x>
andi-: ah, no, boot from a different medium but then (morph) rebuild to the normal disks
<andi->
ah!
evanjs has joined #nixos-chat
<f0x>
so you're not running anything untrusted while doing that (still just that thought experiment)
<andi->
I wonder if you can do nix copy --to user@host?storePath=/mnt/nix/store ...
<gchristensen>
probably need ssh:// at the start but probably
<andi->
f0x: looking at the morph code that should be an easy addition
<f0x>
unfortunate that buyvm block storage slabs are still sold out in EU (luxembourg)
<colemickens>
you have to be kidding me.
<colemickens>
enabling XMP removed all my UEFI entries.
<colemickens>
disabling it removed all of them again. how TF does this stuff pass QA?
<colemickens>
Guess I'm repairing windows by hand again.
rj has quit [Ping timeout: 268 seconds]
<samueldr>
colemickens: rEFInd
<samueldr>
and yeah, many UEFI implementations treat EFI variables as things that can be thrown away
<samueldr>
one of mine here will always erase them on UEFI firmware upgrade
<colemickens>
You know, it almost wouldn't matter, except that I use Bitlocker and using rEFInd could avoid me having to type in the super long recovery key.
<samueldr>
as if you wouldn't have something like boot parameters in it
<samueldr>
oh, bitlocker too :/
<colemickens>
it's usually not too huge an issue, there's even a tool for it for linux
<samueldr>
and yeah, fun fact, that zotac hw does not have a file picker to choose a program to boot from... it's either an efivar, or the fallback path
lunc has quit [Ping timeout: 264 seconds]
<colemickens>
yup, same on every asus board I've had, hence the manual rec route :(
<samueldr>
some less-bad UEFI implementations have a file picker to choose something to boot from
rj has joined #nixos-chat
<colemickens>
My XPS, despite all its issues, has that
<samueldr>
or, worse, but yet less bad, no file picker, but a free-form text entry to add boot options
<colemickens>
For all of the stuff in this menu, it's a real shame they didn't add it.
<colemickens>
They already have the picker too, they use it for the fw update manager, you can select the disk/file loc.
<eta>
this is why I still use systemd-boot
<eta>
trusting the firmware to remember stuff is scary
<colemickens>
isn't that less about which BL and more about if you have it install itself in the default location?
lunc has joined #nixos-chat
<colemickens>
(in my case, I do also seem to have it in the default location, since it fires up right now)
<samueldr>
colemickens: exactly
<samueldr>
systemd-boot with NixOS is installed at the fallback location
<samueldr>
(which can be quite rude depending on what you want)
<samueldr>
with grub you can use `boot.loader.grub.efiInstallAsRemovable`
<colemickens>
Does systemd-boot let you flex that? I wonder if Windows will go ahead and take that privilege if systemd-boot weren't in its way
<samueldr>
flex that?
<colemickens>
sorry, control that via switch/env var
<samueldr>
I haven't used windows since its move to EFI, so I couldn't say
<samueldr>
and with systemd-boot, I don't know
<supersandro2000>
Is it common ofr budget hoster to build their DCs out of wood?
<gchristensen>
eh?
<eta>
this is probably re OVH fire
ixxie has quit [Quit: Lost terminal]
<gchristensen>
I've seen an extremely budget "host" use wood but nothing the size of OVH
evanjs has quit [Read error: Connection reset by peer]
<ar>
>Youtube just disabled spacebar in search bar for firefox users
<samueldr>
that makes it sound like it's a design decision and not a bug
<samueldr>
more accurately "youtube 'website app' codebase so messy it breaks easily in weird ways for no good reason"
evanjs has joined #nixos-chat
<colemickens>
answer: yes, windows will help itself to the default location if systemd-boot is not there. I wonder if systemd-boot will be so kind in return.
<samueldr>
colemickens: IIRC windows only puts a "shim" at the default boot location that executes their actual bootloader
<samueldr>
or if it's not a shim, it is an outright copy of their "real" bootloader
pinpox has quit [Write error: Connection reset by peer]
Effilry is now known as FireFly
<gchristensen>
how do we feel about an activation script which takes a file in the nix store, a file not in the nix store, cat's them together, and places its contents in /etc/ ("bad")
leah2 has quit [Ping timeout: 264 seconds]
rj has quit [Ping timeout: 268 seconds]
leah2 has joined #nixos-chat
rj has joined #nixos-chat
<cole-h>
doesn't seem any more bad than placing a file in /etc/ to begin with imo
<LinuxHackerman>
gchristensen: I feel like I'd prefer for it to be a pre-start script on whatever service uses it
<LinuxHackerman>
and maybe to use /run instead of /etc so it's less stateful
<gchristensen>
that might be workable
<gchristensen>
though not the initrd version
<LinuxHackerman>
initrd version?
<gchristensen>
the version that runs in the initrd :)
<flokli>
gchristensen: I mostly use the pattern of having something to be envsubst'ed in the nix store
<flokli>
and then just source the secret/dynamic stuff and run envsubst
<flokli>
and pass that to whatever service isn't able to read these things from another file/env var
<flokli>
I'm not sure if the pattern can be nicely abstracted away
<flokli>
so that it becomes a "NixOS lib feature"
rj has joined #nixos-chat
<gchristensen>
yeah, not sure
<__monty__>
f0x: What problems do you run into with Borg? (Want to be prepared if it happens to me since it's what I use currently.)
NinjaTrappeur has quit [Ping timeout: 246 seconds]
lucus16 has joined #nixos-chat
<f0x>
there were some OOM kills, and the lock file did weird things sometime, in general it's also a pain to find info/debug stuff, might be partly borgmatics fault as a wrapper
<f0x>
it's probably fine most of the time just not ideal so was curious to find better solutions