hmpffff_ has joined #nixos-systemd
hmpffff has quit [Ping timeout: 265 seconds]
andi- has quit [Remote host closed the connection]
andi- has joined #nixos-systemd
Mic92 has quit [Quit: WeeChat 2.7.1]
Mic92 has joined #nixos-systemd
hmpffff has joined #nixos-systemd
hmpffff_ has quit [Ping timeout: 265 seconds]
Ox4A6F has quit [*.net *.split]
Ox4A6F has joined #nixos-systemd
<flokli> arianvp: regarding nscd. The protocol spoken over the file socket is somewhat stable, even across glibc versions.
hmpffff_ has joined #nixos-systemd
hmpffff has quit [Ping timeout: 246 seconds]
aanderse has quit [Quit: killed]
Ox4A6F has quit [Quit: killed]
ma27[m] has quit [Quit: killed]
colemickens has quit [Quit: killed]
colemickens has joined #nixos-systemd
<arianvp> oh wow llmnr
<arianvp> that exists too
<arianvp> why doesnt microsoft not just use mdns
<arianvp> .-.
ma27[m] has joined #nixos-systemd
Ox4A6F has joined #nixos-systemd
aanderse has joined #nixos-systemd
<arianvp> flokli: I added the descriptions here:
<{^_^}> #55276 (by flokli, 1 year ago, closed): provide nss modules globally instead of hacking them with nscd
<arianvp> so to me it seems fine to not use nscd. I see more downsides to having nscd than to not having it
<arianvp> as if you dont have it; you're at least sure you're always going through nss modules
<arianvp> instead of this vague thing based on timeouts
<arianvp> nvm i changed my mind; see next comment :)
<flokli> arianvp: changed your mind again?
<flokli> Maybe we should meet and think about it, instead of you doing a monologue in the GH thread :-D
<andi-> I've tried to understand the difference between AmbientCapabilities vs BoundingSet from the manpages for a while now.. The only real difference I can see is that the former also "adds" capabilities to non-root users while the later basically applies a mask on existing (root) capabilities.
fpletz has quit [Changing host]
fpletz has joined #nixos-systemd
hmpffff_ has quit [Read error: Connection reset by peer]
hmpffff has joined #nixos-systemd
<arianvp> openssh now having an accidental dependency on systemd is really annoying
<andi-> I was talking about this yesterday with flokli. Maybe having a `libsystemd` package of some sorts wouldn't be too bad.. At least that might ease some the dependency cycles we are experiencing. It obviously must be built from the same sources etc..
<NinjaTrappeur> arianvp: I saw that earlier this week, it comes from libfido
<arianvp> correct
<arianvp> andi-: yep
<arianvp> I also saw that both libsystemd and libudev support to be compiled statically
<arianvp> though not sure if this is of much help
<arianvp> but separating udev (as a library or even completely) probably helps a lot
<arianvp> nixos systemd test doesnt compile for me anymore on master; darnit
<NinjaTrappeur> +1000 to separate UDev (is it even possible tho?)
<arianvp> NinjaTrappeur: at least libudev is do-able
<andi-> My idea would be to still have (mostly) the same expression but build multiple packages in multiple passes from it. I am not sure how much that helps us as the rebuilds will still be the same..
<arianvp> how is that different from multiple outputs?
<andi-> It isn't really
<arianvp> but yeh these things will only save space but not save rebuilds
<andi-> I am trying to think about how we can avoid duplicating details and still get away with a better design..
<arianvp> it's just annoying that if I change something not-udev related all the things that depend on udev need to rebuild
<arianvp> but im not sure that can be avoided ....
<andi-> Yeah, we'd have to apply patches/changes in flags to only specific builds and that becomes a huge mess
<arianvp> better idea to fix for now. fetchgit shouldnt have a dependency on udev through ssh libfido
<arianvp> (maybe make an sshMinimal package?)
<arianvp> then at least these cycles with systemd aren't so easy to introduce
<andi-> talking about cycles.. I started building unbound with systemd support and that is one major cycle.. So we will likely have one "libunbound" and an "unbound" package while most consumers just want "libunbound" (I hope)
<arianvp> i was able to drop a few patches for systemd again btw
<arianvp> PR incoming... if master would actually not be broken :D
<andi-> did yo bisect master yet?
<andi-> otherwise I might start that while making my lunch
<arianvp> no i am first nix-build --keep-going to figure out what package actually isnt compiling
<andi-> `nixos/tests/systemd.nix` did fail?
<arianvp> yep
<andi-> it just finished on master for me
<arianvp> ah seems to be a flakey test in bash-completion derivation
<arianvp> recompiling worked
<arianvp> :/
<arianvp> I dont have the log of the failed build anymore though
<arianvp> some python stack-trace
<andi-> Yeah, I think we must do something about those.. I had them a lot in the past weeks
<andi-> Also it takes forever since the python tests aren't running in parallel
<andi-> arianvp: related(ish) :)
<{^_^}> #87189 (by andir, 4 minutes ago, open): bashCompletion: speed-up test execution by using xdist
<gchristensen> I was just talking to someone whose bash-completion would mysteriously stall for ~hours
<gchristensen> it made me dream of being able to (impurely) tell Nix to run it under `rr` or `strace`
<arianvp> I have a controversial RFC
<arianvp> I think we should move /run/current-system to /usr
<arianvp> :P
<arianvp> now that we have sandboxed builds; I really see no downsides
<arianvp> except for accidental runtime dependencies..
<arianvp> hmm nvm
<aanderse> arianvp: not sure what the benefit would be
<aanderse> also i took a peak at the repo you linked here
<aanderse> nixos for servers
<aanderse> that looks fun
<aanderse> :D
hmpffff_ has joined #nixos-systemd
hmpffff has quit [Ping timeout: 240 seconds]
hmpffff_ has quit [Ping timeout: 272 seconds]
hmpffff has joined #nixos-systemd
<aanderse> andi-: thanks for `isDefined` tip yesterday. this is my thought on how to use it:
<aanderse> throw that in the mysql module and long standing users of nixos won't default to /var/mysql anymore... they'll be asked to explicitly set a dataDir
<aanderse> the error message should tell users who already have mysql installed to use /var/mysql and new users to set to /var/lib/mysql
<andi-> nice :)
<arianvp> `oh lord
<arianvp> should _not_ pull in any of these targets
<arianvp> is a passive unit; not an active one
<arianvp> pulling it in with makes it completely meaningless