2018-02-17

<clever> i should just plug the thing back in and record it for historical purposes, lol
<clever> that should help with the googles
<clever> in my case, it was an asus p4b motherboard
<clever> and the win98 cd has an idiot mode, that chainloads the hdd, because you cant remove a silly cd
<clever> but it can still boot from cdrom
<clever> and the bios forgets how to boot from ide :P
<clever> but if you speak too slowly, it takes up too much space
<clever> you can record your own messages in windows, and reflash the bios with the .wav files
<clever> that same bios, also lacks bounds checking on its reflashing utils
<clever> Dezgeg: one day while messing with overclocking, it said, "no cpu found"
<clever> Dezgeg: on bootup, it says things, in english, via the sound card, giving you progress updates
<clever> Dezgeg: this reminds me, one of my older motherboards, it must have a micro-controller on it somewhere
<clever> Dezgeg: ah yeah, the initial random state would have crc failures everywhere
<clever> sphalerite_: yeah, that just makes no sense at all
<clever> but yeah, you still have to deal with the original POST
<clever> sphalerite_: another benefit, is that you cant really brick the machine, since the original bios can just be told to not netboot anymore, then reflash the nic again
<clever> sphalerite_: then coreboot finishes the job
<clever> sphalerite_: then you tell the existing bios to network boot, and it hands control over to that boot rom
<clever> sphalerite_: i had an idea yesterday, could a coreboot image that doesnt deal with dram/pci initialzation, be jammed into the boot rom of a network card
<clever> in a way that obeys the efi specs and grants all efi programs usage of those FS's?
<clever> how complex would it be to write an EFI driver for ext4 or ZFS, stick it on the fat32, and chain-load a 2nd bootloader?
<clever> i wonder...
<clever> ottidmes: its mostly about chance, was something writing at that moment
<clever> fsync between the 2?
<clever> Dezgeg: but the file still wound up 0 bytes in size
<clever> Dezgeg: it is, it writes to a .tmp, then uses rename to move it
<clever> ambro718: zfs just rolls back the entire change, leading to the old version
<clever> ambro718: improper shutdowns can truncate files
<clever> ambro718: ext4 puts more focus on the metadata, over the data
<clever> ambro718: just delete it and see if that fixes things
<clever> ambro718: it must have been corrupted
<clever> ambro718: that file is how nix remembers the semi-random uid mappings, so when you delete a user, then re-add it, it gets the old uid again
<clever> ambro718: we have been looking at the wrong json the entire time, lol
<clever> 10 my $uidMapFile = "/var/lib/nixos/uid-map";
<clever> 11 my $uidMap = -e $uidMapFile ? decode_json(read_file($uidMapFile)) : {};
<clever> ambro718: your error says line 11, look at line 11 of the perl script
<clever> ambro718: oh
<clever> gentoo mode :D
<clever> but deepfire was running without any cache
<clever> if the binary cache is enabled, it can just grab .doc from there
<clever> and now system() fails
<clever> leaving you with a /bin/sh that cant find its own libc
<clever> but if you are rebuilding the .doc for other reasons, the .lib is silently dropped
<clever> so a glibc impurity is always added to the sandbox
<clever> the problem, is that the /bin/sh in the sandbox, depends on the .lib for glibc
<clever> so nix doesnt have to rebuild them later
<clever> which prevents them from being GC'd
<clever> srk: but nix doesnt know that, and blindly keeps those outputs around
<clever> srk: absolutely nothing
<clever> srk: ah, that old error :D
<clever> search for user-group
<clever> ambro718: look inside /nix/store/pfbjhdbf33fx36j939hwx1gxlzlv27px-nixos-system-nixos-router-17.09.git.f7ae5ae/activate
<clever> ambro718: one min
<clever> ambro718: that will both give you a working perl, and also give you the exact perl that is having the issue
<clever> ambro718: read the perl script from the error, and also reuse the perl in its #!
<clever> ambro718: maybe?
<clever> codygman: temporarily switching to the nixos-17.09-small channel should fix your problem
<clever> codygman: and howoldis says that the channel changed 1 hour ago, to a commit from 18 days ago
<clever> codygman: and your on a commit from 18 days ago, aha
<clever> codygman: the tip of the 17.09 branch is from 4 days ago
<clever> codygman: the fix is from 9 days ago, and is on the 17.09 branch of -channels...
<clever> codygman: hmmm, wait, https://howoldis.herokuapp.com/ says thats an hour old...
<clever> codygman: i think the problem is the the http mirror
<clever> codygman: what does sudo nix-channel --update say now?
<clever> codygman: c1d9aff56e0 is what your on already, and thats too old
<clever> ottidmes: you could try programs.info.enable = false;
<clever> and it just doesnt turn it into an image, lol
<clever> srk: the VGA card in the guest has a block of ram that is filled with raw text, and the GPU is responsible for turning that into an image
<clever> srk: curses is a weird one, because it doesnt use the serial port of the guest
<clever> codygman: this is the revision you have
<clever> srk: the flags appear to be -nographic for serial, and -curses for curses
<clever> then find the pkgs/applications/networking/browsers/mozilla-plugins/flashplayer/default.nix file
<clever> codygman: if you keep digging, youll find the entire nixpkgs tree
<clever> codygman: next, check what your own files say, in ~/.nix-defexpr
<clever> codygman: yeah, that looks the same, it should be working
<clever> codygman: this is what the channel follows
<clever> codygman: oh, and the repo you linked doesnt follow the channel, one min
<clever> codygman: which channel are you on?
<clever> srk: the 2nd, will scrape the console text buffer, then use ncurses to reproduce it over stdin/out
<clever> srk: qemu also has 2 modes that work for that, the 1st just routes the serial port to stdin/stdout, so qemu becomes a console program
<clever> but qemu just ignores the NIC entirely, and you can screenshot
<clever> srk: and you have to reboot real hardware, that lacks copy/paste while debugging
<clever> srk: this also adds the justdoit script to the installer, so you type justdoit, and its done
<clever> so you can verify the installation works
<clever> srk: qemu_test2 then boots the same disk drive, without the kernel+initrd
<clever> srk: qemu_test1 will build the netboot image from <nixpkgs> and boot its kernel+initrd inside qemu with a dummy disk drive
<clever> codygman: first step would be to find the new URL to download flash from
<clever> srk: also, i have some scripts that help a lot with testing the netboot
<clever> codygman: the problem is that adobe deleted the file on us again, it wont be fixed until nixpkgs is modified by a maintainer
<clever> srk: the iso image can also benefit from the same changes: https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/installer/cd-dvd/iso-image.nix#L299-L319
<clever> phdoerfler: 3 packages provide a sendmail binary, youll need to pick the one you like the most
<clever> exim.out 0 s /nix/store/9a3gxna4qgwkfkg1cg633glrgy4nh201-exim-4.89/bin/sendmail
<clever> postfix.out 310,456 x /nix/store/pkix4gxx84py3197miaw9iw150nvjfz3-postfix-3.1.3/bin/sendmail
<clever> ssmtp.out 0 s /nix/store/r5sidvlw2jmajbdzwbkgaqyq1cmc7vjf-ssmtp-2.64/bin/sendmail
<clever> [clever@amd-nixos:~]$ nix-locate bin/sendmail
<clever> srk: that should work without the fstab manipulation
<clever> phdoerfler: that package doesnt exist
<clever> error: attribute ‘sendmail’ missing, at (string):1:1
<clever> nix-repl> pkgs.sendmail
<clever> dgpratt: gitFull includes tools like `git gui`, which depend on the X libs, causing it to take more disk space up
<clever> ambro718: ssh into the router, and run nix-store --verify --check-contents
<clever> next thing to check would be the store integrety
<clever> 856 is in the middle of this string, from the list of groups
<clever> "nixbld27"
<clever> ambro718: does it still fail at offset 856?
<clever> either should work, since the hash is identical
<clever> ambro718: ok, can you run nix-shell -p gist, then `gist -p /nix/store/6fgl4qj260hi1h7ly2kh09nxgn7s5r9x-users-groups.json`
<clever> yeah
<clever> ambro718: and does that new json file now exist on the router?
<clever> ambro718: ok, now try the deploy again
<clever> ambro718: ah, it was -C
<clever> nix-shell -p jq then cat /nix/store/6fgl4qj260hi1h7ly2kh09nxgn7s5r9x-users-groups.json | jq --color
<clever> ambro718: what about nixops deploy --build-only, what does it output?
<clever> ambro718: ssh into the remote machine and check the same json file
<clever> one min
<clever> hyper_ch: online?, no reboot?
<clever> and the 32bit variant of glibc likely includes it
<clever> 8 #endif
<clever> genesis: it only gets included if your not doing a 64bit build
<clever> 7 # include <gnu/stubs-32.h>
<clever> 6 #if !defined __x86_64__
<clever> ?
<clever> why?
<clever> hyper_ch: find supports -delete, stop wasting forks :P
<clever> lol, more just lazyness
<clever> i never throw shit out :P
<clever> no, spinning rust pata drive
<clever> i still have a 40mb and 80mb hdd
<clever> hyper_ch: i remember when a 300mb hdd was bit :P
<clever> hyper_ch: by not having 100's of gigs of data
<clever> DavidEGrayson: that also works
<clever> $NIX_REMOTE i mean
<clever> DavidEGrayson: ah, and openStore() can be ran with no args, it probably relies on $NIX_DAEMON, like all the tools
<clever> initNix(); initGC(); are involved in initializing the library
<clever> this function is involved in opening a connection to nix-daemon
<clever> DavidEGrayson: this function tells you if a path is valid
<clever> if (store->isValidPath(expectedStorePath))
<clever> DavidEGrayson: one min
<clever> DavidEGrayson: it would be better to use the nix bindings
<clever> lol
<clever> DavidEGrayson: unfinished builds should come up as invalid
<clever> DavidEGrayson: i think you can run `nix-store --query --size` on the output
<clever> DavidEGrayson: hmmm, one min
<clever> joepie91: ah, that will do it
<clever> joepie91: was /mnt/boot mounted before you ran nixos-generate-config?
<clever> lol
<clever> efi or legacy?
<clever> gpt or mbr?
<clever> it defaults to 50% of the ram
<clever> joepie91: you can still resize it, to allow it to consume more ram
<clever> joepie91: enabling swap can help, and you can resize the fs that has failed with mount /nix/.rw-store -o remount,size=3G
<clever> joepie91: its a bug in the current nixos-install

2018-02-16

<clever> LnL: we could make a nix-support file that says dont do this, and have nix-env test for it
<clever> LnL: :D
<clever> and like gcc, pkgconfig doesnt work if nix-env'd
<clever> zfs.out 0 s /nix/store/qfcw3a2v5pp9i459jcmr0i9d6hyw2kx8-zfs-user-0.6.5.9/lib/libzfs.so
<clever> [nix-shell:~/.daedalus]$ nix-locate libzfs
<clever> if you need a shell.nix, with import <nixpkgs> {}; stdenv.mkDerivation { name = "name"; buildInputs = [ cargo libzfs ]; }
<clever> if you need a shell.nix, with import <nixpkgs> {}; stdenv.mkDerivation { name = "name"; buildInputs = [ cargo ]; }
<clever> which gives you a shell with gcc and cargo
<clever> infinisil: you can also just nix-shell -p cargo
<clever> ;; nix-shell for Emacs.
<clever> Think of it as
<clever> and if emacs needs it, then you must run emacs inside the nix-shell
<clever> so you must run gcc inside nix-shell to make it work
<clever> and if you nix-env it, that doesnt happen
<clever> there are setup-hooks that nix-shell/nix-build run, which iterate over everything in $buildInputs, and add them to the -I path for gcc
<clever> infinisil: gcc breaks if you nix-env it
<clever> infinisil: use nix-shell
<clever> assertion should be safe
<clever> could be something else then
<clever> Lisanna: ive found that it does that if i ctrl+c an evaluation
<clever> and you could put any binary you want into the stage-1 script, possibly even Xorg, and it will happly jam the entire closure in, lol
<clever> and the initrd generator will then include the entire closure of those 4 files, at /nix/store/ inside the initrd
<clever> along with an mdadm.conf, and some modprobe configs
<clever> it configures the generator to create a /init symlink, pointing to the storepath of the stage-1 script
<clever> symphorien: here is the nix expression that generates the initrd
<clever> (also, nixos doesnt have a /bin/sh in the ramdisk)
<clever> but, there is also a rdinit=/bin/sh, which sets the ramdisk init
<clever> the stage-1.sh inside the initrd then chooses to obey it, and runs /bin/sh as pid 1, after mounting the rootfs to /
<clever> if you set init=/bin/sh, but are using an initrd, the kernel basically ignores it
<clever> booting via grub like i mentioned, would mount things for you
<clever> and that should drop you into a root shell with no systemd, then you can probably run /run/current-system/sw/bin/passwd to change the root pw
<clever> jmorriss[m]: you can also just hit E at grub, edit the init= to init=/bin/sh, then hit F10 to boot with those changes
<clever> Guest14344: you can also -I nixos-config=./configuration.nix
<clever> technically, nix-env does obey NIX_PATH, but it never tries to use it by default
<clever> or more, repeat the last one on every real channel!
<clever> and you can even do all 3, just add 3 channels to the test dir
<clever> or import (builtins.fetchurl foo) to grab things
<clever> you can also just import <nixpkgs> to obey $NIX_PATH
<clever> so nix-env -iA foo.cargo grabs it from the nixpkgs in ~/apps/nixpkgs
<clever> foo is the name of the channel
<clever> test is an invisible category, it just gives me a dir i can play in, where nix wont mess with things
<clever> import /home/clever/apps/nixpkgs
<clever> [clever@amd-nixos:~]$ cat .nix-defexpr/test/foo/default.nix
<clever> also, you can trivially add custom things
<clever> and yes, its weird, nix-env is the only tool in the entire toolbox to use defexpr
<clever> this one will obey nix_path
<clever> nix-env -f '<nixpkgs>' -iA cargo
<clever> yep
<clever> infinisil: that looks in ~/.nix-defexpr/ for the nixos entry
<clever> infinisil: that command totally ignores $NIX_PATH
<clever> infinisil: what nix-env command did you run?
<clever> prooftechnique: you can then use that symlink in the config file and whatever else you want
<clever> prooftechnique: nix-build '<nixpkgs>' -A hello -o ~/hello will create a symlink at ~/hello that points to the resulting build
<clever> Guest14344: you can use config.nix or overlays to add new packages
<clever> Lisanna: neat
<clever> Lisanna: nix doesnt know which characters refer to a given derivation
<clever> nhill: i prefer using tab completion with nix-repl '<nixpkgs>'
<clever> sphalerite_: your dots randomly shrink? lol
<clever> sphalerite_: have you been touching lua? lol
<clever> and if you want a random package from hackage, nix-shell -p 'haskellPackages.ghcWithPackages (ps: with ps; [ shake ])' --run ghci
<clever> fragamus: nix-shell -p 'haskellPackages.ghcWithPackages (ps: with ps; [])' --run ghci
<clever> fragamus: you must use stack --nix mode
<clever> fragamus: /bin/bash doesnt exist on nixos
<clever> lejonet: here are some defaults that get merged with what you specify: https://github.com/NixOS/nixpkgs/blob/release-17.09/nixos/modules/system/boot/systemd.nix#L238-L248
<clever> lejonet: https://nixos.org/nixos/options.html#systemd.services.%3Cname%3E.path
<clever> lejonet: yes
<clever> Aleksejs: ^^
<clever> !library
<clever> sphalerite_: i modeled toxvpn on the feature-set that hamachi provided
<clever> sphalerite_: yep, that was it
<clever> lejonet: or put the private key into the nix store!
<clever> lejonet: i have to use socat to proxy it over
<clever> lejonet: that also makes it imposible to share the agent with the nixbld users on a case by case basis
<clever> lejonet: if you chmod the socket, and try to use the agent from the wrong user, it just flat out refuses to work
<clever> lejonet: ssh-agent does some neat things with those powers
<clever> lejonet: unix sockets can also query the pid and uid of the remote peer
<clever> lejonet: which allows users to audit the part needing root
<clever> lejonet: then a closed-source blob that doesnt directly need root, and does the VPN magic
<clever> lejonet: the VPN in question, had an open-source daemon, that shares /dev/tun handles via the unix socket, and manages configuring the IP on the interface
<clever> lejonet: its possible to pass an open file handle via a unix socket
<clever> lejonet: something else ive seen used by a vpn program ages ago, was a way to get a /dev/tun handle, without ever aquaring root directly
<clever> yeah
<clever> lejonet: and modprobe obeys env vars for the config, causing it to execute stuff the user supplied
<clever> lejonet: for example, fusermount is setuid root, and a few months ago, it was discovered that it will automatically `modprobe fuse` for you
<clever> lejonet: simiarly with setuid root binaries
<clever> lejonet: there are countless ways sudoers can be abused if your not 100% perfect
<clever> sphalerite_: i tend to go overboard and import <nixpkgs> { config={}; overlays=[]; }
<clever> sphalerite_: which may impact the fetchurl code
<clever> sphalerite_: now you have an impurity based on the config.nix in the current $HOME
<clever> gchristensen: lol
<clever> :D
<clever> gchristensen: :C
<clever> gchristensen: https://github.com/NixOS/nixpkgs/pull/35038 ofborg says its a partial log, but its a complete log!
<clever> sphalerite_: resulting in infinite recursion
<clever> sphalerite_: pkgs depends on config._module.args.pkgs, which depends on the entire imports tree
<clever> sphalerite_: i dont think imports can refer to pkgs
<clever> yeah
<clever> hyper_ch: in the old days, NIC cards came with a dos program on a floppy that handled this task
<clever> nope, still nothing
<clever> 03:00.0 Ethernet controller [0200]: Qualcomm Atheros QCA8171 Gigabit Ethernet [1969:10a1] (rev 10)
<clever> 00:19.0 Ethernet controller [0200]: Intel Corporation 82566DM Gigabit Network Connection [8086:104a] (rev 02)
<clever> let me check some older machines
<clever> same for my laptop
<clever> 02:00.1 Ethernet controller [0200]: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller [10ec:8168] (rev 12)
<clever> but none of those cards are supported
<clever> which are visible in the list of supported devices in flashrom
<clever> [nix-shell:~]$ flashrom -L | grep -i 10ec
<clever> that shows the vendor and product id at the end
<clever> hyper_ch: use lspci -nn
<clever> 03:00.0 Ethernet controller [0200]: Intel Corporation 82583V Gigabit Network Connection [8086:150c]
<clever> and because the original bios does all the hard work of booting, it will be more portable
<clever> configure the second bios to efi with a zfs based EFI boot partition :P
<clever> configure the original bios to network boot
<clever> hyper_ch: then flash that into the NIC
<clever> hyper_ch: and in theory, i could make a coreboot image, that assumes the pci/dram has been pre-configured, but has its own EFI implementation
<clever> hyper_ch: many network cards have a flash chip where you can store a network boot rom
<clever> hyper_ch: i just had an idea, what about jamming a partial coreboot into the NIC's boot rom?
<clever> then your config, and kernel/initrd
<clever> with core.img and ext2.mod, grub is able to open /boot/grub, and load the rest of itself
<clever> which is another 6kb
<clever> -rw-r--r-- 1 root root 5.8K Sep 20 16:05 /boot/grub/i386-pc/ext2.mod
<clever> core.img is also concat'd with the driver for /boot
<clever> and the LBA address of core.img is written to a magic location inside the boot.img copy
<clever> and then copy this file to the 2nd location
<clever> -rw-r--r-- 1 root root 26K Sep 20 16:05 /boot/grub/i386-pc/core.img
<clever> grub-install will then inteligently merge this file with the partition table in sector 0
<clever> -rw-r--r-- 1 root root 512 Sep 20 16:05 /boot/grub/i386-pc/boot.img
<clever> hyper_ch: for GPT disks, thats the dedicated "bios boot partition"
<clever> hyper_ch: i think for legacy booting, you need ~27kb of space for the "grub core", for MBR disks, thats between sector 0 and partition 1
<clever> hyper_ch: and then i would just put the kernel&initrd on that
<clever> hyper_ch: systemd-boot is EFI based, and must live on a filesystem that the bios supports (fat32 typically)
<clever> hyper_ch: grub with an ext4 /boot
<clever> so reads may be corrupt if you improperly shutdown
<clever> grub also does zero journal activity, on any journaled filesystem
<clever> and /nix/store makes that massively slower
<clever> so it has to iterate thru every single file in a directory
<clever> grub has poor zfs support, ive heard that it doesnt support the tree based directory structure at all