<digitalmentat>
nix-hash's --to-base32 and --to-base16 are a little bit confusing to me, I cannot reproduce the values they produce with other libraries even a FROM b16 hash, conver to b32 (not the same as nix-hash) and conversion back to b16 (the same as what I started with) works just fine
<ToxicFrog>
Right, so, the problem with that is that it starts one up for every user, whether they use it or not
derjohn_mobi has quit [(Ping timeout: 252 seconds)]
<ToxicFrog>
I tried the same thing with syncthing and ended up with three syncthing daemons running, two of them (for root and sddm) spamming the journal with errors because they hadn't been configured because those users don't need and shouldn't be running that service.
<gchristensen>
that sounds like it may be a bug worth reporting
<gchristensen>
(re: sddm)
<ToxicFrog>
If I remove the default.target reverse-dependency, none of them start up and anyone who wants it has to remember to log in and 'systemctl --user start syncthing.service' on every boot
<ToxicFrog>
At minimum I want to be able to say "enable this service automatically for the following users and only those users", and ideally I'd like individual users to be able to toggle the service autostart on and off without being root.
<gchristensen>
maybe put user@1000.service in wantedBy?
<gchristensen>
where 1000 is their uid
<gchristensen>
I don't know if that works
<ToxicFrog>
I'll give it a try and report back.
<gchristensen>
I'm going to bed, good luck
<gchristensen>
FWIW: nixos's support for systemd's user daemon is generally unremarkable
nh2_ has joined #nixos
indi_ has joined #nixos
Fare has quit [(Quit: Leaving)]
nh2_ has quit [(Ping timeout: 258 seconds)]
_rht has quit [(Quit: Connection closed for inactivity)]
<ToxicFrog>
For the record: depending on user@<id>.service does not work.
<ToxicFrog>
s/depending/reverse-depending/
mbrgm has quit [(Ping timeout: 245 seconds)]
indi_ has quit [(Remote host closed the connection)]
filterfish has joined #nixos
indi_ has joined #nixos
mbrgm has joined #nixos
indi_ has quit [(Ping timeout: 268 seconds)]
indi_ has joined #nixos
digitalmentat has quit [(Ping timeout: 240 seconds)]
<NixOS_GitHub>
nixpkgs/master 7cd1a58 Michael Raskin: Merge pull request #21452 from sboosali/fix/pocketsphinx...
amarsman has quit [(Ping timeout: 246 seconds)]
amarsman has joined #nixos
eacameron has joined #nixos
eacameron has quit [(Ping timeout: 268 seconds)]
zagy has quit [(Quit: Leaving.)]
mkoenig has quit [(Read error: Connection reset by peer)]
_rht has joined #nixos
mkoenig has joined #nixos
thalll has quit [(Quit: leaving)]
rly has joined #nixos
cutu_chiqueno has joined #nixos
indi_ has quit [(Remote host closed the connection)]
indi_ has joined #nixos
mkoenig has quit [(Read error: Connection reset by peer)]
MichaelRaskin has quit [(Quit: MichaelRaskin)]
indi_ has quit [(Remote host closed the connection)]
mkoenig has joined #nixos
jgertm_ has joined #nixos
mkoenig has quit [(Read error: Connection reset by peer)]
mudri has joined #nixos
mkoenig has joined #nixos
amarsman has quit [(Ping timeout: 258 seconds)]
amarsman has joined #nixos
reinzelmann has joined #nixos
Wizek has joined #nixos
mkoenig has quit [(Read error: Connection reset by peer)]
mkoenig has joined #nixos
simendsjo has joined #nixos
nschoe has joined #nixos
indi_ has joined #nixos
proteusguy has joined #nixos
<dmj`>
Hi, have a new machine, put NixOS on it, loaded nvidia drivers and X11. But screen is still black. display-manager service seems to be running fine.
<dmj`>
unsure what to do
thc202 has joined #nixos
reinzelmann has quit [(Read error: No route to host)]
aj__ has quit [(Ping timeout: 264 seconds)]
reinzelmann has joined #nixos
<srhb>
Has anyone figured out a way to build haskell packages with complete static linking for distribution yet? Other than overriding each dependency manually with a static version. (ideally, overriding all of nixpkgs in one go)
mkoenig has quit [(Read error: Connection reset by peer)]
takle has quit [(Remote host closed the connection)]
systemfault has quit [(Quit: Bye!)]
systemfault has joined #nixos
mkoenig has joined #nixos
mkoenig has quit [(Read error: Connection reset by peer)]
amarsman has quit [(Quit: amarsman)]
amarsman has joined #nixos
mkoenig has joined #nixos
indi_ has quit [(Remote host closed the connection)]
indi_ has joined #nixos
<srhb>
Better question: Has anyone figured out a nice way to build derivations for binary distribution on other systems? Having to duplicate the entire build completely orthogonally to Nix is saddening.
newNixos has joined #nixos
<newNixos>
iv changed nixos-config and nixpkgs location. Now nixos-rebuild switch is trying to download everything again (same versions I have currently) .. what could be the problem?
<newNixos>
im on throttled data so this is a problem
indi_ has quit [(Remote host closed the connection)]
ebzzry has joined #nixos
takle has joined #nixos
roconnor has quit [(Ping timeout: 248 seconds)]
zagy has joined #nixos
<newNixos>
ok seems to have been nixpkgs checked out at a different point
eacameron has joined #nixos
Seichi has joined #nixos
<newNixos>
is there a way to automate that?
mkoenig has quit [(Read error: Connection reset by peer)]
mkoenig has joined #nixos
indi_ has joined #nixos
mkoenig has quit [(Read error: Connection reset by peer)]
eacameron has quit [(Ping timeout: 248 seconds)]
<srhb>
newNixos: Automate what?
mkoenig has joined #nixos
<newNixos>
having my nixpkgs checked out with my nixos version
<NixOS_GitHub>
[nixpkgs] Mic92 closed pull request #21453: crystal: fix build in chroot environment, again (master...fix/crystal-lang) https://git.io/vMUjW
jensens has joined #nixos
dgn has joined #nixos
<NixOS_GitHub>
[nixpkgs] abbradar pushed 1 new commit to master: https://git.io/vMTmD
<NixOS_GitHub>
nixpkgs/master 1930176 Nikolay Amiantov: deluge: 1.3.12 -> 1.3.13
<srhb>
newNixos: As in, checking out channels/nixos-16.09 when you rebuild?
hotfuzz has quit [(Read error: Connection reset by peer)]
<newNixos>
yes
<NixOS_GitHub>
[nixpkgs] 7c6f434c pushed 2 new commits to master: https://git.io/vMTm7
<NixOS_GitHub>
nixpkgs/master 515573e danbst: pg_similarity: init at 1.0
<NixOS_GitHub>
nixpkgs/master 272322e Michael Raskin: Merge pull request #21220 from danbst/pg_simil...
<7YUAAY1PH>
[nixpkgs] 7c6f434c pushed 3 new commits to master: https://git.io/vMTmN
<7YUAAY1PH>
nixpkgs/master 1c3c59e Ricardo Ardissone: qwt6_qt4: init at 6.1.2
<7YUAAY1PH>
nixpkgs/master 662aa49 Ricardo Ardissone: gplates: init at 2.0.0
<7YUAAY1PH>
nixpkgs/master e65cccb Michael Raskin: Merge pull request #21221 from rardiol/gplates...
<NixOS_GitHub>
[nixpkgs] 7c6f434c pushed 2 new commits to master: https://git.io/vMTYL
<NixOS_GitHub>
nixpkgs/master 1c8cb70 Andrew Scott: mlocate: init at version 0.26
<NixOS_GitHub>
nixpkgs/master 400886f Michael Raskin: Merge pull request #19854 from andjscott/mlocate...
aj__ has joined #nixos
proteusguy has quit [(Ping timeout: 260 seconds)]
<lewo>
i'm compiling a go program and when a execute the binary, i get the following errror: relocation error: /nix/store/npfsi1d9ka8zwnxzn3sr08hbwvpapyk7-glibc-2.21/lib/libm.so.6: symbol __get_cpu_features, version GLIBC_PRIVATE not defined in file libc.so.6 with link time reference . Any idea/pointer about this kind of problems?
systemfault has quit [(Quit: Bye!)]
<NixOS_GitHub>
[nixpkgs] 7c6f434c pushed 4 new commits to master: https://git.io/vMTOT
<NixOS_GitHub>
nixpkgs/master 33d778a zraexy: qsyncthingtray: init at 0.5.5rc2
<NixOS_GitHub>
nixpkgs/master 9b0cec5 zraexy: qsyncthingtray: init at 0.5.5rc2
<gchristensen>
toogley: secondly, if there are two versions using generic.nix there are frequently several overrides for specific versions depending on the input... meaning it isn't that good of an abstraction anyway.
<gchristensen>
kmicu: because! :)
* kmicu
inserts here a joke about premature optimization.
<NixOS_GitHub>
[nixpkgs] ttuegel pushed 1 new commit to master: https://git.io/vMTCU
<NixOS_GitHub>
nixpkgs/master 04736ae Thomas Tuegel: kde5.plasma: 5.8.4 -> 5.8.5
<gchristensen>
yes!
[0x4A6F] has quit [(Ping timeout: 256 seconds)]
abrar has quit [(Ping timeout: 258 seconds)]
jgertm_ has joined #nixos
eacameron has joined #nixos
<LnL>
gchristensen: ooh, I just assumed it'd be a bit expensive for just some stickers
<gchristensen>
it is :)
<toogley>
gchristensen: do you have a solution for my initial problem?
<rly>
Do we have something to do binpacking in NixOS?
[0x4A6F] has joined #nixos
pi3r has quit [(Ping timeout: 248 seconds)]
<rly>
I saw that in 2013 some guy published a paper (which I can't actually download (haven't looked further yet)), but it seems that nobody has that implemented. What's the point of writing a paper if the impact on the world's efficiency is zero?
indi_ has quit [(Remote host closed the connection)]
<LnL>
viric: I've seen a lot of questions about that
nh2_ has joined #nixos
<NixOS_GitHub>
[nixpkgs] 7c6f434c pushed 2 new commits to master: https://git.io/vMTBm
<NixOS_GitHub>
nixpkgs/master 442623e Michael Raskin: qemu_28: init at 2.8.0; not updating the main Qemu expression yet because there were some claims about NixOS test fragility
<NixOS_GitHub>
nixpkgs/master 35e3ea0 Michael Raskin: dovecot: 2.2.25 -> 2.2.27
<viric>
LnL: about what?
<LnL>
the fact that man is missing
<viric>
I think it's something never heard.
<viric>
of other distros
mudri has quit [(Ping timeout: 265 seconds)]
<viric>
If we had an installation disk of one floppy...
<viric>
but we have a >400MB is
<viric>
iso
<hodapp>
...then maybe we'd even be able to fit 1/3 of the kernel on it!
<niksnut>
viric: for non-interactive machines like containers, you definitely don't need man
<viric>
niksnut: I thought the minimal iso was meant for users to install nixos
<viric>
for people.
indi_ has joined #nixos
<viric>
What is the measure of the drawback of having manpages?
<niksnut>
disk space
<viric>
yes, what amount is it
<niksnut>
don't remember
<viric>
I'll check
<musicmatze>
can someone teach me how to write a custom systemd target into my configuration.nix ?
<musicmatze>
I want to exec i3lock before sleep.target
<Dezgeg>
IIRC enabling manpages might also pull the html documentation (e.g. $out/share/doc)... that could be fixed with more multiple outputs I guess
<viric>
niksnut: I never used the 'graphical' iso, because I never needed anything graphical. But I do need man, and vi, at least. I guess that from a 400MB base that should be acceptable
estewei has joined #nixos
<LnL>
viric: I've also seen some people that are a bit upset that it doesn't have vi/vim
<viric>
LnL: I complain from time to time.
<LnL>
but I'm fine with having to run nix-shell -p vim
<Dezgeg>
linking busybox vi should be free from disk space POV :)
<LnL>
oh, perhaps it's just you then :p
<viric>
Well, setting up the network without man and vim may be quite hard
<viric>
LnL: your command will work if you have the network set up
<hodapp>
sometimes I forget that busybox provides vi already
<LnL>
yeah that's true
<niksnut>
viric: from my log of the closure size reduction work, it was ~14 MiB
<niksnut>
of the container config
<viric>
niksnut: what has that container to do with the iso people download to install nixos?
<niksnut>
viric: however the intent was not to disable man pages in the ISO
<niksnut>
so it could be re-enabled for the ISO
<viric>
ko
<viric>
ok
<viric>
so the profile 'minimal' is not only for the minimal iso
<niksnut>
yes
<viric>
Can we have vim in the iso, too?
<viric>
Noone will notice another +15MB
<niksnut>
that would be stretching minimal...
<niksnut>
the ISO gets bloated 15 MB at a time :p
<viric>
and will solve the nightmare of setting up networks
<Dezgeg>
I wonder if the minimal profile should not be used for the iso since it also does the 'dbus without x11 thing' which means rebuilding any graphical stuff from sources
<viric>
niksnut: can that be submitted to the vote of the people?
<ikwildrpepper>
I vote for nano
<viric>
Dezgeg: AAAAAH here it is!! I enabled xserver in the minimal iso and it started building gtk3 and qt
<ikwildrpepper>
(/me runs away)
<niksnut>
exactly, nano ftw
<ikwildrpepper>
best... editor... evahhh...
<viric>
Dezgeg: I planned to edit a libreoffice document while doing some HD change... and I couldn't get it in the minimal iso system without rebuilding all gtk+qt
<niksnut>
viric: surely you don't need to rebuild once the network is up?
* LnL
always gets frustrated when using nano
<viric>
niksnut: It's required to rebuild
<viric>
niksnut: it's what Dezgeg points
<niksnut>
gtk+qt?
<viric>
niksnut: the hashes are not those of the channel
<viric>
niksnut: yes
bgamari has quit [(Ping timeout: 256 seconds)]
<gchristensen>
also emacs please ;)
<niksnut>
to rebuild what?
<viric>
niksnut: I added services.xserver.enable = true, and libreoffice to systemPackages, and that rebuilt gtk+qt on "nixos-rebuild switch" in the iso
<viric>
of course there was network
<niksnut>
yes, then you should remove the inclusion of minimal.nix
<viric>
niksnut: that's already advanced nixos: taking out something that is there for unrelated reasons
<viric>
:)
<niksnut>
but uhm, the minimal ISO is not really intended for running libreoffice :-)
<viric>
I didn't know there was so much magic in that minimal-iso
<niksnut>
the graphical ISO is better suited
<viric>
but it's huge
<viric>
niksnut: without man, 386MB. With man, 394MB
<viric>
mh no, forget the numbers
bgamari has joined #nixos
jgertm_ has quit [(Quit: WeeChat 1.6)]
<niksnut>
ideally, we would use some multiple-outputs magic to have a single dbus package, but iirc that's not so easy
<NixOS_GitHub>
[nix] zimbatm opened pull request #1165: Document the common --no-build-hook option (master...document-no-build-hook) https://git.io/vMTRc
jgertm_ has joined #nixos
<viric>
oh, here it is zfs. 8GB of RAM, and I only have 1GB free/available
<viric>
I can't run nix-build.
<LnL>
lol, I've never run into something like that
<viric>
total used free shared buff/cache available
<viric>
LnL: I thought zfs_arc_max had to be set up on boot. changing it online won't have effect
<viric>
LnL: "When Solaris is booting, such ARC parameters as p, c, c_min and c_max are initialized, and subsequent changes to zfs_arc_max have no direct effect. "
<LnL>
oh, I've not tried but I'm pretty sure I read somewhere you could update it with sysctl
<aristid>
that change makes no sense
<LnL>
unless that was something different
<aristid>
it symlinks the LAST library in glob order to tinfo
<aristid>
wtf
<viric>
LnL: I changed it, but I can't see the effect yet
<viric>
LnL: ah, now. ok
<LnL>
viric: zfs needs a bit of time to flush the cache
<viric>
LnL: a stackoverflow question says that the memory will be returned if "appications" request more ram
<viric>
let's see. I'm still learning
<aristid>
LnL: i think i know how to fix it while keeping it os x compatible
<LnL>
aristid: great, if you create a pr I can look at it after work
mudri has joined #nixos
<viric>
niksnut: I just tried. x86_64 (without man, dbus without x11) 394MB. With man and dbus with x11, 399MB
<viric>
still without vim :)
<viric>
^ Dezgeg
<Dezgeg>
go for it, I'd say
<viric>
5MB, it's ridiculous.
<Dezgeg>
and some busybox-vi derivation that only has vi linking to buysbox or something
indi_ has quit [(Remote host closed the connection)]
<viric>
BUT! I have more news. niksnut, if I add "-comp xz" to mksquashfs, it becomes 352MB. With man and dbus-with-x11
indi_ has joined #nixos
<viric>
That gives me a pretext to put even vim
<viric>
for LESS space
<viric>
bwahaha.
nh2_ has joined #nixos
indi_ has quit [(Ping timeout: 245 seconds)]
<viric>
I'll tune it differently, let's see
mkoenig has quit [(Read error: Connection reset by peer)]
<NixOS_GitHub>
[nix] domenkozar pushed 2 new commits to master: https://git.io/vMTua
<NixOS_GitHub>
nix/master 45ed6e7 zimbatm: Document the common --no-build-hook option
<NixOS_GitHub>
nix/master 00d93b6 Domen Kožar: Merge pull request #1165 from zimbatm/document-no-build-hook...
<aristid>
LnL: i can also just commit it myself :P
<LnL>
oh that also works, unless you want me to test it on darwin first
<NixOS_GitHub>
nixpkgs/release-16.09 8845b74 Franz Pletz: curl: add upstream patch to fix HTTP2 performance issues...
<NixOS_GitHub>
nixpkgs/release-16.09 d68873d Domen Kožar: curl: backport all changes to fix #20639
testuser_ has joined #nixos
Shou has joined #nixos
<testuser_>
hi, is it possible to add a security.polkit.extraConfig to a package, rather than system wide. I would like to write the authorizion rules for the package in order for the package to be able to execute a privileged operation, however I'm now sure where the declaraiton should go into the package's nix file ?
sellout- has joined #nixos
<ronny>
testuser_: i beleive you would need to provide a system wide option to enable the pacakge and its rules
<ronny>
similar to how other things are enabled
<NixOS_GitHub>
[nixpkgs] dezgeg pushed 1 new commit to master: https://git.io/vMTw7
<NixOS_GitHub>
nixpkgs/master 45338a3 Tuomas Tynkkynen: fuse: Minor cleanup
<ronny>
(like enabling the x server, ro enabling a webserver)
<testuser_>
ronny, so the package should still be installed as it is, but an additional configuration needs to be put into the global configuration.nix to enable the polkit authorization rules?
indi_ has joined #nixos
<ronny>
testuser_: the other way around, adding the configuration to enable the package, should install it and add the rules
<ronny>
sosomething like programs.myprogram.enable = true;
<ronny>
and then it gets installed and the rules
<testuser_>
ronny, can you provide an example of that ... possibly in a form of .nix package on github?
<ronny>
testuser_: not off hand, i never did something like that myself
arianvp2 has joined #nixos
<arianvp2>
is there an easy way to extend an existing module?
<arianvp2>
lets say
<arianvp2>
"my-nginx.nix"
indi_ has quit [(Ping timeout: 260 seconds)]
<arianvp2>
that adds some extra config options to nginx
<NixOS_GitHub>
[nixpkgs] peti pushed 2 new commits to master: https://git.io/vMTrS
<NixOS_GitHub>
nixpkgs/master 49ba174 William Casarin: elm-export: jailbreak
<NixOS_GitHub>
nixpkgs/master 93fc428 William Casarin: hackage2nix.yaml: update jb55's packages
<lewo>
arianvp2, arf sorry, this doens't answer the question :/
testuser_ has quit [(Quit: Leaving)]
proteusguy has quit [(Remote host closed the connection)]
proteusguy has joined #nixos
rly has quit [(Ping timeout: 250 seconds)]
mw_ has joined #nixos
spion has quit [(Ping timeout: 260 seconds)]
<kier>
is it possible to use a local directory as the 'src' argument to mkDerivation?
mw_ has quit [(Client Quit)]
<kier>
it looks like fetchurl { url = "file:///path/to/directory"; } would work, but only with absolute paths. is there a way to use relative paths instead?
spion has joined #nixos
mw_ has joined #nixos
erasmas has joined #nixos
<LnL>
kier: just src = ./.; should work
ebzzry has joined #nixos
<kier>
LnL: indeed it does, thanks
<kier>
for some reason I thought it required a derivation
digitalmentat has joined #nixos
indi_ has quit [(Remote host closed the connection)]
<simpson>
kier: Nope, just a path to a place. fetchurl works by making a directory in the Nix store and copying stuff from that URL into the store.
<musicmatze>
I am not sure whether I want to try it or not :-P
Sonarpulse has joined #nixos
meloc has quit [(Changing host)]
meloc has joined #nixos
<digitalmentat>
deepfire, use `stack --nix ...`
rardiol has joined #nixos
<digitalmentat>
also, in your global user stack config, enable nix
<digitalmentat>
ala
<digitalmentat>
in ~/.stack/config.yaml
<digitalmentat>
nix: enable: true
<digitalmentat>
obv formatted for yaml
jensens has quit [(Ping timeout: 245 seconds)]
edapa has joined #nixos
<edapa>
Does anyone know the right way to change fonts in virtual consoles? It looks like the i18n package has something to do with it, but I'm not sure exactly how to configure it.
<kier>
edapa: I use i18n.consoleFont = "Lat2-Terminus16"; in my configuration.nix, if that's the kind of thing you're looking for
<edapa>
Yeah
slack1256 has joined #nixos
<musicmatze>
updaaaates! again! yes! That's what I call rolling release! \m/
<edapa>
Thanks kier
proteusguy has quit [(Ping timeout: 246 seconds)]
dgn has quit [(Ping timeout: 248 seconds)]
edapa has quit [(Remote host closed the connection)]
m0rphism has joined #nixos
SovereignBleak has joined #nixos
proteusguy has joined #nixos
reinzelmann has joined #nixos
<fpletz>
nathan7: yeah, I'm here, currently at the nixos assembly
<fpletz>
trying to get my container bindmount stuff ready
mguentner2 is now known as mguentner
mudri has quit [(Ping timeout: 268 seconds)]
Shou has quit [(Ping timeout: 246 seconds)]
ambro718 has joined #nixos
<deepfire>
digitalmentat: thanks a lot!
<deepfire>
this gets intero one step further towards workingness
<digitalmentat>
intero works great for me after I made the user-global stack config change
Shou has joined #nixos
* hodapp
stabs Adobe Flash in the face
<gchristensen>
what'd flash ever do to you? :)
<hodapp>
IT NEVER FUCKING WORKS RIGHT EVER
indi_ has quit [(Remote host closed the connection)]
<hodapp>
one of the few pages left using Flash happens to be a page I need to use, so I installed Pepper Flash in Chromium, and various Flash tests work okay...
<hodapp>
but this page thinks I don't have Flash
<gchristensen>
ugh
indi_ has joined #nixos
<Sonarpulse>
deepfire: btw was it you that posted in /r/haskell a few months ago about getting haskell running on bare metal?
<hodapp>
so I'm not sure what I can do - hack up the JS source code and try to run a local version?
<hodapp>
can I even do that?
<NixOS_GitHub>
[nixpkgs] vcunat pushed 1 new commit to master: https://git.io/vMT1h
<NixOS_GitHub>
nixpkgs/master 5ac7da9 Vladimír Čunát: tzdata: 2016f -> 2016j
<deepfire>
Sonarpulse: wow, that sounds really, really cool!
aj__ has quit [(Ping timeout: 260 seconds)]
<Sonarpulse>
deepfire: I'm confident that sometime in the next few years these things will be sorted out
<Sonarpulse>
g2g plane
<deepfire>
Sonarpulse: 33c3?
<deepfire>
we need separation kernels below the conventional OS
<deepfire>
digitalmentat: from your interest in QubesOS, I guess you could be sympathetic to the idea..
<deepfire>
I'm put off by the complexity of Xen, though -- and yes, I know of the Odyssey framework
[0x4A6F]1 has joined #nixos
<digitalmentat>
deepfire, yeah that is interesting, I tried QubesOS for my laptop for a while and it was pretty rough but I think it's the Right Idea if executed well
Sonarpulse has quit [(Ping timeout: 260 seconds)]
<deepfire>
yes, and Joanna is somebody I can trust, ideologically
<deepfire>
but we really, really, need a much simpler separation kernel than the horrendous approximation that is Xen
sellout- has quit [(Ping timeout: 252 seconds)]
<digitalmentat>
yeah, it felt wayyyyy too heavy
<deepfire>
heavy is one side to it
<deepfire>
the absolute impossibility to ensure its security is another
<deepfire>
have you heard of CertiKOS?
<digitalmentat>
and arguably more important
<digitalmentat>
I actually haven't
<deepfire>
it is a very very recent breakthrough in the area of TCB
<digitalmentat>
though I've been really interested in verified kernels for a long time; EROS and Coyotos
takle has quit [(Remote host closed the connection)]
<deepfire>
Zhong Shao, sorry
<deepfire>
digitalmentat: you only need to certify the TCB, that is, the separation kernel
<digitalmentat>
this is very cool work, this is sorely needed in the world of Internet Connected Devices (the shit show that is IoT)
<deepfire>
also, "separation" in "separation logic" is different from "separation kernel"
<deepfire>
digitalmentat: the only meaningfully proximate thing that came before was SeL4, but it was 1) non-concurrent (single-core), and 2) a monolithic proof
<deepfire>
digitalmentat: I guess you wouldn't be surprised by the people primarily interested in the uptake of this: opencatalog.darpa.mil/HACMS.html
<deepfire>
what Positive Technologies wanted, is to make this available to general public
<simpson>
deepfire: Any relation to KeyKOS?
<digitalmentat>
deepfire, yeah, that doesn't surprise me at all
<digitalmentat>
this kind of technology is very sorely needed in IoT though
uralbash1 has joined #nixos
<flxw>
Hi. For the minimal install cd of nixos, is there a kernel commandline paramter to prevent the rogue dungeon crawling game from startin?
<digitalmentat>
well, it's needed everywhere, one could argue, but most importantly inside of devices that are difficult to even reflash or inspect
<yorick>
how's the ccc assembly going?
<digitalmentat>
I built the Plum Lightpad and can easily say that IoT scares me because even well-meaning engineers who *care* about making something as safe as possible don't have nearly enough resources to do so for the methods that we *understand*, let alone the methods and solutions that need to be discovered...
takle has joined #nixos
<simpson>
digitalmentat: Do you happen to know about object-capability ("ocap") theory?
takle has quit [(Remote host closed the connection)]
<NixOS_GitHub>
nixpkgs/rocksdb 219c703 Domen Kožar: Revert "rocksdb-haskell: just compile rocksdb statically to fix #21215"...
takle has joined #nixos
<NixOS_GitHub>
[nixpkgs] stepcut opened pull request #21473: netbpm: tell config.mk where to find JPEGLIB and JPEGHDR_DIR or jpegtopnm and friends will not be built (master...netpbm-fix-libjpeg-paths) https://github.com/NixOS/nixpkgs/pull/21473
jgertm_ has joined #nixos
<LnL>
gchristensen: is it ok to bump openssh or sould we try to patch the current version?
sellout- has joined #nixos
cjhowe has joined #nixos
<toogley>
can i install a specific emacs version via configuration.nix?
jgertm_ has quit [(Quit: WeeChat 1.6)]
<LnL>
I think we only have 24 and 25, if you want an other version it might be tricky
pi3r has quit [(Ping timeout: 246 seconds)]
jgertm_ has joined #nixos
<toogley>
i currently seem to have both emacs-24.5 and emacs-25.1 installed - but i want 25.1 to be the default version of everything. currently it is 24.5.
<deepfire>
toogley: do you even need the 24.5 version?
<LnL>
m3tti: interesting, so that's like a dns blacklist but for /etc/hosts
<toogley>
m3tti: i guess you can use networking.localCommands = " "; (see the manual) to write to a hosts file
<m3tti>
LnL: yes it is it is also used for adblocking. I've used adaway on my android phone and got interested and now i love that host files better than the adblock plus plugin stuff :-D
<m3tti>
toogley: i'll take a look thanks
Itkovian has joined #nixos
<LnL>
m3tti: you might also be able to use environment.etc."hosts" directly, I'm not sure if there's a separate module for that
<toogley>
m3tti: but i'm interested in your problem, so if you want, you can report what worked best for you :)
<LnL>
m3tti: networking.extraHosts
<m3tti>
LnL: where do you find that properties
<m3tti>
???
<m3tti>
:-D
<LnL>
man configuration.nix
<NixOS_GitHub>
[nixpkgs] dtzWill opened pull request #21476: Add top-level attr for lldb. (master...feature/top-level-attr-lldb) https://github.com/NixOS/nixpkgs/pull/21476
<LnL>
nixos-option networking.extraHosts is also useful
<m3tti>
damn thats neat
<toogley>
ah, nice
<LnL>
or just search through the repo with search.nix.gsc.io or grep :)
<NixOS_GitHub>
nixpkgs/master 2d82189 Nikolay Amiantov: Merge pull request #21477 from rardiol/openmw...
cjhowe has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
kuznero has joined #nixos
<kuznero>
Hi All!
rardiol has joined #nixos
<flxw>
is there a boot parameter by which I can force the nixos install iso to just drop into ashell after kernel startup? In a previous live, it was always possible to do init=/bin/sh if one didn't like the init scripts. :)
<flxw>
but, there is systemd ...
<flxw>
s/but/but now/
<kuznero>
Is there any way to install some packages from `environment.systemPackages` into a different store than `/nix/store`? The reason I want this is that I have pretty slim SSD drive on my 5 yo laptop and after I got texlive, I miss disk space quite often....
cjhowe has joined #nixos
<mguentner>
flxw: add systemd.unit=rescue.target to the kernel command line
cjhowe has quit [(Client Quit)]
<flxw>
this is what I tried, but it didn't change anything.
pi3r has quit [(Ping timeout: 264 seconds)]
<flxw>
(I added it to the second boot option by pressing tab and appending it)
simendsjo has quit [(Remote host closed the connection)]
<sboosali>
hi, I got a "collision" error when trying to install a config.nix with nix-env -i -A ~/.nixpkgs/config.nix: http://pastebin.com/7rXPhLph (I'm new to nixos, and am trying to go from "imperative" to "declarative" installation via ~/.nixpkgs/config.nix). id already installed the packages that have conflicts, but I don't know how I should get rid of them, or what exactly is going on (as the error at the GHC level or the nix level or
<stepcut>
sboosali: it's trying install into the global environment a system where those packages and their dependencies are available. But somehow you are ending up a situation where the same packages are built, but with different dependencies. So it can't tell which version you really want installed
<stepcut>
sboosali: I don't know the best way to figure out how to get a consistent package set -- I don't even try. I just use nix-shell for everything and don't install any ghc packages globally
<stepcut>
sboosali: there is probably some way to do what you are trying to do, but I am not experienced in that situation
hotfuzz has quit [(Quit: WeeChat 1.6)]
<sboosali>
stepcut: okay, thanks! so, to work in a pure shell, does shell.nix input ghc and cabal too?
<sboosali>
stepcut: also, i tried uninstalling things The way I installed them, nix-env -u -A haskellPackages.cabal-install, But I still get the errors
<stepcut>
only if it you tell it to
petar has quit [(Remote host closed the connection)]
indi_ has joined #nixos
<gchristensen>
Dezgeg: ping re: ceph
hotfuzz has joined #nixos
<stepcut>
for uninstall you might do, nix-env -q, to find the name, and then nix-env -u <name>, to uninstall -- since I don't use install and uninstall I am not really sure
petar has joined #nixos
<Unode>
hi all, is there any way to search on hydra (or elsewhere) for which packages provide a certain binary?
<gchristensen>
Unode: command-not-found should do it
<gchristensen>
$ command-not-found mysql outputs a message about how to get mysql
reinzelmann has quit [(Quit: Leaving)]
jgertm_ has joined #nixos
<sboosali>
btw command-not-found crashes for me:
<sboosali>
command-not-found
<sboosali>
DBI connect('dbname=/nix/var/nix/profiles/per-user/root/channels/nixos/programs.sqlite','',...) failed: unable to open database file at /run/current-system/sw/bin/command-not-found line 13.
<sboosali>
cannot open database `/nix/var/nix/profiles/per-user/root/channels/nixos/programs.sqlite' at /run/current-system/sw/bin/command-not-found line 13.
indi_ has quit [(Ping timeout: 260 seconds)]
<sboosali>
<Unode>
same error here
<LnL>
sboosali: Unode: does it work with sudo?
<sboosali>
i tried that no
<Unode>
nope
<Unode>
the file simply doesn't exist
<LnL>
wait that looks strange
<sboosali>
im on the vm image, and i dont even know what the root pwd is, if relevant
<sboosali>
(but obv i can sudo with my own)
<Unode>
LnL: is there any way to recreate it?
<LnL>
oh, that file does exist for me
<LnL>
nix-channel --update?
hiratara has quit [(Remote host closed the connection)]
<sboosali>
i think i tried updating yesterday
<sboosali>
I'll do it again now
ejr_ has quit [(Ping timeout: 265 seconds)]
<Unode>
that worked
kini has joined #nixos
<Unode>
hum seems like the binary I'm looking for isn't provided
ejr has joined #nixos
<Unode>
I was looking specifically for adb the android debug bridge
<pstn>
I'm editing steam/runtime-wrapped.nix, but when I build the new steam package with nix-build it doesn't check whether this file has changed. How can I fix that?
cp3t has joined #nixos
<LnL>
sboosali: what nixos-rebuild basically does is nix-env -p "$profile" --set "$(nix-build ...)"
<sboosali>
LnL: Thanks! So, to learn more about this stuff, How can I evaluate my current system configuration? I tried:
<sphaleri1e>
Are there any existing efforts to get nix on and with Android? Would be so nice to be able to configure my apps declaratively...
sphaleri1e is now known as sphalerite
ebzzry has joined #nixos
Sonarpulse has joined #nixos
<sboosali>
LnL: Thanks. the following seems to work, but I don't know if it's the exact parameters that were given to the configuration of the currently running system:
<sboosali>
eg c.environment.systemPackages is the same
<LnL>
yes but config is ~/.nixpkgs/config.nix in this case, not the module configuration
<viric>
funny zfs... It seems I cannot really forecast how long a "git annex info ." will take. In some boots it took 4 minutes. In some others, 40 minutes.
<LnL>
sboosali: but that might be fine for what you're trying to do
<viric>
(testing after boot)
<mpickering>
It seems using nested nix-shell's doesn;t work as I expected. Will have to investigate tomorrow
<Profpatsch>
> let f = { a ? 5, ... }@args: args; in f { b = 1; }
<Profpatsch>
{ b = 1; }
<sphalerite>
Is that somehow reated to laziness?
cp3t has left #nixos ["I will look into that tomorrow..."]
<Profpatsch>
No, it’s a very … interesting implementation decision.
<Profpatsch>
I was hoping someone could give an explanation.
<sboosali>
LnL: thanks again
<sphalerite>
oh right
<viric>
Profpatsch: args contains only the '...' part, no?
<gchristensen>
:( nobody is a officially a maintainer of gstreamer
<mpickering>
bennofs: Do you know if anyone has worked on a type system for nix expressions?
<gchristensen>
it has been mentioned on the ML a few times
Shou has quit [(Quit: 🛏)]
sboosali has quit [(Ping timeout: 256 seconds)]
joepie91 has joined #nixos
jgertm_ has quit [(Ping timeout: 252 seconds)]
<Dezgeg>
gchristensen: I don't know anything about ceph
<NixOS_GitHub>
[nixpkgs] globin pushed 1 new commit to master: https://git.io/vMktG
<NixOS_GitHub>
nixpkgs/master d8ef63f Robin Gloster: crowd module: fix OpenID server
pi3r has joined #nixos
<LnL>
gchristensen: do you have any idea if it's important to have cmake dynamically linked against nix versions of libcurl, ... instead of statically linked against vendored versions?
Fare has joined #nixos
<gchristensen>
LnL: I have literally no idea
<LnL>
literally nobody seems to understand cmake :p
m3tti has quit [(Ping timeout: 264 seconds)]
<LnL>
I have a feeling like I should just give up on my stdenv changes
FareTower has joined #nixos
fare__ has joined #nixos
<Dezgeg>
is the bootstrap cmake on darwin the same as the final cmake? if not, presumably that could be build differently
<gchristensen>
LnL: I don't really know much of cmake andfriends, I'm pretty novice at that level of stuff.