<clever>
davidak[m]: the last bit is identical to `ps: [ ps.Nikola ps.micawber ]`
<clever>
davidak[m]: and `ps: with ps; [Nikola micawber]` is a function that accepts a set of python packages, then puts all of them into scope for the list
<clever>
davidak[m]: withPackages wants a function as an argument
<clever>
thoughtpolice: part of the config to support that is in my github repos
<clever>
muzzy_: i just dont give up, lol
<clever>
thoughtpolice: there is some limited network boot support in the newer rpi's, but ive only gotten them to work if i had a bootcode.bin on the SD card
<clever>
thoughtpolice: the rpi still needs a /boot/ on the SD card
<clever>
thoughtpolice: there is only one minor problem with the network boot on rpi's right now
<clever>
muzzy_: so the computer your taking over, can borrow the wifi temporarily
<clever>
muzzy_: it treats the wifi card as the "modem", and the ethernet jack as the "local network"
<clever>
muzzy_: this module also sets up packet routing, in a weird direction
<clever>
type 'justdoit' into the shell, it wipes the hdd, and now nixos is installed
<clever>
you plug almost any machine into the ethernet jack, select network boot, and nixos boots up
<clever>
thoughtpolice: and over here, i practically turned nixos into a virus, lol
<clever>
muzzy_: so when grub tries to read the local hdd, it winds up reading the iSCSI driver instead
<clever>
muzzy_: but ipxe has a function in it called sanhook, which will hijack the legacy api between dos and the BIOS, for accessing the local hdd's
<clever>
muzzy_: nfs has given me trouble, and grub doesnt support it
<clever>
and the crazy part, is that grub didnt even know it was network booting
<clever>
thoughtpolice: so i could test nixos out on my laptop, before wiping the gentoo off of it
<clever>
thoughtpolice: and due to how simple nix is, i was able to take that module, almost un-altered, and boot an x86 laptop with it, lol
<clever>
thoughtpolice: i started it with my rpi's booting over iscsi, because its both larger and more reliable then an SD card
<clever>
muzzy_: it lets you connect to block devices over the network
<clever>
muzzy_: scsi over tcp
<clever>
and then nixos just automatically connects it at the initrd
<clever>
thoughtpolice: this module allows you to set fileSystems."/".iscsi = { enable = true; host = "192.168.2.15"; lun = "something"; };
<clever>
and now nobody else can use it until the file is deleted
<clever>
wilornel: thats a bug, the last user to run nix-shell used /tmp/env-vars and left it behind
<clever>
wilornel: nix-shell -p '(with import ./. {}).myHumanInterfacePackages' would just use your existing buildEnv, but its often a lot better to make a shell.nix with a dummy derivation, and put everything into its buildInputs
<clever>
so your doing better
<clever>
mfiano: my router is at 1.7gig
<clever>
wilornel: is there any reason you cant just use nix-shell instead of nix-env?
<clever>
wilornel: try "sudo -u alice -i"
<clever>
wilornel: how did you get a shell for the other users?
<clever>
wilornel: so $NIX_USER_PROFILE_DIR is unique for each user?
<clever>
null_: and then it will not care what the url contains
<clever>
null_: set the name attribute inside the fetchurl
<clever>
mfiano: that is weird
<clever>
bash shouldnt depend on dbus
<clever>
thats a bit odd
<clever>
nix will just start it again if it has to
<clever>
yes
<clever>
just removing auto-complete from vim did that, lol
<clever>
before: 3.0gig, after: 1.7gig
<clever>
my laptop has an entire win10 VM in virtualbox, which saves the disk images to $HOME
<clever>
mfiano: that wont even store half of my /home partition on the laptop
<clever>
i have bigger fish, no point in trying to purge the X :P
<clever>
boomshroom: it does, if you set fetchSubModules = true;
<clever>
Dezgeg: i cant find it in the source, but the article i remember reading claimed it happened that way
<clever>
ottidmes: sudo does have options to fully wipe the env vars
<clever>
so now you have 100% root
<clever>
ottidmes: and if you just play with ulimit, you can break fuse trying to read /proc/filesystems, causing it to falsely think you dont have fuse
<clever>
ottidmes: it didnt sanitize the env, and modprobe obeys an ENV variable for its config, and the config can say "run this instead of loading fuse"
<clever>
ottidmes: and if the kernel doesnt support fuse, it will automatically execute `modprobe fuse` as root
<clever>
ottidmes: fuse for example has a setuid binary to aid with mounting fuse FS's
<clever>
ottidmes: ive also seem that setuid and sudo can be very tricky to secure properly
<clever>
but that still gives them nearly root level access to a section of zfs
<clever>
i think if you chmod and chgrp /dev/zfs, you can run some zfs commands without root
<clever>
ah
<clever>
ottidmes: what background services need root ssh?
<clever>
ottidmes: when i leave home, take it out, and it becomes password based
<clever>
ottidmes: when i'm at home, leave the literal key in the laptop, and it boots without any prompt
<clever>
ottidmes: i also have an idea i want to experiment with, i'm thinking i can add a keyfile to my luks volume, and store that on an SD card in the SD reader of my laptop
<clever>
ottidmes: also, i luks every machine that is remotely portable
<clever>
ottidmes: so you can just delete the ~/.ssh/authorized_keys that gave nixops access, and use a password protected key in your agent
<clever>
ottidmes: nixops can work with an ssh agent
<clever>
mfiano: JBOD mode
<clever>
mfiano: oh, btrfs supports raid like features, what if you just make a 2gig swap partition, then delete it and raid it into the main volume to regain the space?
<clever>
ottidmes: nixos has to know which FS drivers to include into the initrd