2018-01-27

<clever> Marks the object as requiring executable stack.
<clever> execstack
<clever> The recognized keywords are:
<clever> -z keyword
<clever> typetetris: i think i gave super and self backwards for line 7
<clever> Dezgeg: that will serialize all of the systemd state to a file, then execve("/sbin/init") or similar, to reload, then deserialize and resume itself as a new version
<clever> Dezgeg: systemctl daemon-reexec
<clever> Dezgeg: also, most init systems already have an RPC function to do this for you
<clever> Dezgeg: lol
<clever> sphalerite: id still need to do some systemd detection, and fallback to the improper shutdown when systemd is absent
<clever> sphalerite: ah
<clever> typetetris: you overwrote the memo-monad in its output, but not the memo-monad that it internally uses for other things
<clever> typetetris: i believe you want to do haskelll.packages.ghc822.override { overrides = super: self: { .... }; };
<clever> Dezgeg: the kernel wont let you attach to pid 1
<clever> sphalerite: yeah, but its not entirely clear how to make it boot a specific image, rather then its own, and i wanted it to work without relying on systemd
<clever> tilpner: if the filesystem is playing by the rules, sync should prevent any data loss
<clever> sphalerite: :D
<clever> tilpner: it could, but that would improperly shutdown the host
<clever> tilpner: such major changes cant be done with the system running
<clever> tilpner: the only time ive had to use that rescue boot so far, was to move /nix from the / mountpoint to its own partition, mounted at /nix
<clever> tilpner: that just takes the same kernel+initrd, throws them into /boot, and adds a menu option for it
<clever> tilpner: also, related to the kexec trick is https://github.com/cleverca22/nixos-configs/blob/master/rescue_boot.nix
<clever> tilpner: that does sound like a decent improvement
<clever> its handy to avoid making backups of /proc and /sys
<clever> du, cp, and ncdu have a similar one, -x
<clever> sphalerite: you would use it before the fs gets clobbered, to backup the important stuff
<clever> sphalerite: you can then use that to restore all metadata at a later point, and read any file that existed at the time of the dump, as long as it hasnt been overwritten by other future writes
<clever> sphalerite: dumpe2fs will dump all of the ext2/3/4 metadata, and only the metadata
<clever> sphalerite: oh, have you seen what dumpe2fs does?

2018-01-26

<clever> tilpner: is jack running?
<clever> ottidmes: one-shot systemd service is the simplest
<clever> iqubic: yeah
<clever> and it will load the default nix file
<clever> because you can then run nix-build -A other
<clever> and make a new other.nix, for whatever is depending on metakit
<clever> iqubic: then create a default.nix with the above expression
<clever> iqubic: rename the file for metakit, to metakit.nix
<clever> then nix-build thatfile.nix -A other
<clever> with import <nixpkgs> {}; rec { metakit = callPackage ./metakit.nix {}; other = callPackage ./other.nix { inherit metakit; }; }
<clever> iqubic: create a 2nd nix file, that does something like this
<clever> iqubic: look inside the result symlink
<clever> iqubic: because https://github.com/NixOS/nixpkgs/blob/master/pkgs/stdenv/generic/setup.sh#L1213 does a cd between unpack and patch
<clever> also try putting a pwd in there
<clever> try it in prePatch now
<clever> thats your source
<clever> iqubic: what do you see?
<clever> iqubic: put an ls in there instead
<clever> iqubic: preConfigurePhases is ran before preConfigure i believe
<clever> iqubic: autoreconfHook adds itself to the preConfigurePhases
<clever> iqubic: which is too late
<clever> iqubic: or preConfigure runs after the autoreconfHook
<clever> ottidmes: boot.initrd.supportedFilesystems = [ "zfs" ]; will add zfs support to the initrd
<clever> iqubic: try postUnpack instead of preConfigure
<clever> iqubic: what about preConfigure = "cd unix ; ls -l"; ?
<clever> iqubic: what does preConfigure = "ls -l" say?
<clever> iqubic: what error does it fail with?
<clever> ottidmes: the rootfs is mounted at /mnt during the postMountCommands
<clever> iqubic: give it a wrong hash, then read the error message
<clever> Biappi: try to avoid running that one as root
<clever> Biappi: genericBuild
<clever> Biappi: you have to run unpackPhase to unpack the source of the program, then cd into the directory it made
<clever> look at the branch history on github
<clever> its case sensitive
<clever> iqubic: autoreconfHook
<clever> iqubic: run nix-build against it
<clever> joko: try both lib.attrValues and lib.attrNames
<clever> iqubic: so you need to know what variables have an effect on every program being ran at build time
<clever> iqubic: part of the issue there, is that every attribute you give to it, just becomes an env variable during the build
<clever> puffnfresh: no need to bring in the nixos module framework
<clever> puffnfresh: https://github.com/NixOS/nixpkgs/issues/18038 is solved by adding iana-etc to the contents of the docker image
<clever> maybe they just never stumbled upon that solution
<clever> gilligan_: you need to add iana-etc to the contents of the docker image, line 29 of my example
<clever> taohansen: nix-repl '<nixpkgs>' and then callPackage ./foo.nix {}
<clever> gilligan_: the docker expression i just linked does pretty much exactly that, it runs a haskell program in a docker image
<clever> eacameron: as long as it has a grub config file in /boot, i would expect it to survive
<clever> yeah
<clever> tilpner: there is no other version of fmod available in nixpkgs
<clever> tilpner: exactly
<clever> rprospero: yep
<clever> one option is to properly put it into nixpkgs
<clever> thats just a place where i have been throwing a lot of random experimental things
<clever> its to recover the hardware if you find yourself unable to control it, and the hoster doesnt have a force reboot button
<clever> tilpner: your supposed to `systemctl stop autoreboot.timer` once you get in, i need to document that better
<clever> tilpner: oh, thats the safety
<clever> rprospero: but you can use preFixup if the fixup phase is still active, it runs after install
<clever> rprospero: lines 1015 and 1035 are responsible for running the pre/post hooks, and are often lost when you override the installPhase
<clever> just make sure to provide a password hash in the input config
<clever> tilpner: so if you toggle the mutable users setting, it wont ask for a password
<clever> tilpner: it currently asks for a password on stdin, but thats just normal nixos-install logic
<clever> tilpner: nope
<clever> rprospero: so you either have to append to the old installPhase in overrideDerivation, or cheat with another later phase
<clever> rprospero: that breaks pre/post install
<clever> rprospero: was installPhase specified in the derivation in nixpkgs?
<clever> tilpner: this bash script is pre-installed in that kexec image, you literally run "justdoit" over ssh, and it nukes the hdd and installs nixos
<clever> tilpner: the justdoit script helps automate it further
<clever> you are free to format whatever you want
<clever> tilpner: basically, you compile a tarball with nix-build, upload it to any linux machine with scp, unpack it to /, and run /kexec_nixos, and now nixos is running from ram
<clever> but it could create a file that disables future runs
<clever> every boot
<clever> tilpner: and if you use my kexec trick instead, you can just format the entire drive, rather then keeping the original FS
<clever> tilpner: that could be done by a systemd one-shot unit as well, after booting
<clever> kexec might work better there, but ive not tried it on hetzner
<clever> ah
<clever> sphalerite, Baughn: also maybe of use: https://github.com/cleverca22/nixos-configs/blob/master/rescue_boot.nix
<clever> genesis: there is also the evince program, which is an open-source pdf reader
<clever> plakband: this can also help some
<clever> "/nix/store/7rk6ik1vxh2rvg3ny0rk6kkfdiqzbz5w-nixos-18.03pre125026.f607771d0f5/nixos/pkgs/applications/editors/vim/common.nix:24"
<clever> nix-repl> vim_configurable.meta.position
<clever> plakband: that region of all-packages.nix, and the path it refers to should have more context
<clever> 17332 vim_configurable = vimUtils.makeCustomizable (callPackage ../applications/editors/vim/configurable.nix {
<clever> { column = 3; file = "/nix/store/7rk6ik1vxh2rvg3ny0rk6kkfdiqzbz5w-nixos-18.03pre125026.f607771d0f5/nixos/pkgs/top-level/all-packages.nix"; line = 17332; }
<clever> nix-repl> builtins.unsafeGetAttrPos "vim_configurable" pkgs
<clever> instead of pkgs
<clever> bulldog_: then use pkgs2 for the fetch and runCommand
<clever> bulldog_: you may need to do pkgs2 = import <nixpkgs> { config = {}; overlays = {}; }; in a let block
<clever> bulldog_: pkgs.runCommand
<clever> i dont see any
<clever> bulldog_: nix sets $out to the path it wants the expression to output things to
<clever> FareTower: its part of pkgs, so just add it to line 1 with all your other deps
<clever> bulldog_: one min
<clever> FareTower: thats what nix-shell is for
<clever> FareTower: builtInputs = map makeStaticLibraries [ lib1 lib2 lib3 ];
<clever> FareTower: your not really supposed to install libraries, dynamic or static
<clever> bulldog_: nix doesnt make mistakes like that
<clever> bulldog_: the packages passed as the pkgs argument of the module should include those overlays
<clever> kingofthepirates: dd it to the root of the usb drive
<clever> kingofthepirates: the iso image already contains all the formating, just dd it directly to the root of the device and that will format everything
<clever> so ./result/bin/something
<clever> if you used nix-build, it will make a result symlink pointing to $out
<clever> yeah
<clever> bulldog: put in an obviously wrong hash and then look at the error, thats the simplest way
<clever> taohansen: it seems to have found nix just fine, are you mixing different terminals?
<clever> taohansen: can you run nix-info?
<clever> taohansen: yeah, thats right
<clever> iqubic: add the proper callPackage to all-packages.nix, and maybe move fmod into its own directory
<clever> taohansen: and ls -lh /nix/store/4vyccksxkbn0kky1bh6g847yrz749cbk-nixpkgs-18.03pre126020.931a0b8be80/nixpkgs
<clever> taohansen: thats normal
<clever> iqubic: because its not in pkgs.fmod
<clever> taohansen: that is a list of several paths, you cant just ls $NIX_PATH
<clever> taohansen: ls -lh /home/taohansen/.nix-defexpr/channels/nixpkgs
<clever> soembody can file an issue to fix it
<clever> iqubic: yeah, because the last guy to add it, did it wrong
<clever> and now you have infinite recursion
<clever> bulldog: and pkgs relies on the value of overlays being loaded
<clever> bulldog: the value of fetchFromGitHub relies on having pkgs loaded
<clever> callPackage <nixpkgs/pkgs/games/zandronum/fmod.nix> {} is one way
<clever> with the correct relative path
<clever> you need to callPackage it, like like 8 did
<clever> iqubic: somebody hacked it in, and never added a top-level fmod, so its been in nixpkgs for over a year, but its just not visible
<clever> taohansen: and what is the value of $NIX_PATH?
<clever> taohansen: what does `nix-instantiate --find-file nixpkgs` say?
<clever> just rev alone is enough to lock that in
<clever> ah yeah
<clever> bulldog: its also over https, so the attacker would have to break ssl first
<clever> so it just wont run the tests
<clever> iqubic: it defaults to false
<clever> and you want it to fail then :P
<clever> bulldog: then the contents can only change if your being haxed
<clever> bulldog: also specify a specific revision
<clever> but you can set checkTarget to change that
<clever> iqubic: the default checkPhase will basically just run `make check`
<clever> bulldog: you can specify the sha256 in the fetchFromGitHub
<clever> iqubic: the default checkPhase is on line 994, but you can also replace it by doing checkPhase = '' .... ';
<clever> iqubic: if doCheck is set to true, it runs the checkPhase
<clever> bulldog: nixpkgs.overlay = [ (import "${(import <nixpkgs> { config={}; overlays=[]; }).fetchFromGitHub { ... } }/firefox-overlay.nix}) ]; i think
<clever> iqubic: in general, yes
<clever> that just brings the variables into scope, so the buildInputs can then refer to them
<clever> iqubic: that defines a nix function, that expects 2 arguments, stdenv and fetchurl
<clever> TimePath: if its compressed or encrypted, yes
<clever> iqubic: nix will scan $out to see what you reference, and those become runtime deps
<clever> iqubic: everything you depend on at build time
<clever> doing custom things that arent automated as well as ninja
<clever> yeah
<clever> it just grabs all of level3, and uses that
<clever> nix doesnt care how deep you go
<clever> its just a path
<clever> iqubic: try src = ./path/to/source/level1/level2/level3; ?
<clever> the ninja setup hook handles passing the right value to -j
<clever> its just simpler and more stable to use the tools that already do everything for you
<clever> correct
<clever> cmake and qmake do that as well
<clever> lines 29 and 49 replace the make commands with ninja commands
<clever> just do buildInputs = [ ninja ]; and it will alter what the stdenv does for you
<clever> ninja includes a setup hook
<clever> one minute
<clever> src = ./path/to/source;
<clever> src = fetchFromGitHub { ... };
<clever> it will detect that its a directory and just not unpack
<clever> to unpack the source tarball
<clever> tar, configure, make
<clever> builds everything in the world
<clever> usually you want to just use the one that the stdenv provides
<clever> depends heavily on what you want to build and how much customization you need
<clever> you had already disconnected before that
<clever> i didnt see that on this end
<clever> 2018-01-25 21:41:26 -!- iqubic [~user@2601:602:8a00:1bd7:f1f1:c5b0:3b92:231a] has quit [Ping timeout: 252 seconds]
<clever> 2018-01-25 21:39:41 -!- iqubic` [~user@c-24-17-226-146.hsd1.wa.comcast.net] has joined #nixos
<clever> thats well after you reconnected
<clever> wasnt sure what you saw when you ping timeout'd
<clever> 2018-01-25 21:37:13 < clever> iqubic: which just unpacks $src, and runs ./configure && make && make install
<clever> 2018-01-25 21:36:54 < clever> iqubic: its using the default builder for the stdenv
<clever> iqubic`: hello
<clever> then it uses the right compiler always
<clever> ah, $CC will fix that
<clever> also try doing a pwd ; ls -ltrh in the buildPhase, you can likely use a shorter path
<clever> the stdenv comes with gcc
<clever> also, dont put gcc into the buildInputs
<clever> oh
<clever> and that bash script obeys the nix options
<clever> your not calling gcc, your calling a bash script with the name `gcc`
<clever> yeah
<clever> but for dlopen(), you will probably want to symlink the libraries, not copy them
<clever> no need to play with -I
<clever> but the stdenv already adds every buildInput to the -I path for you
<clever> yeah
<clever> CapsAdmin: oh, you also dont even need `-I${lib.getDev assimp}`, adding assimp to the buildInputs handles that for you
<clever> CapsAdmin: instead, do this: gcc -xc -E -P -I${lib.getDev assimp} -c ${/home/caps/goluwa/goluwa/framework/lua/build/assimp/temp.c} -o temp.p or similiar
<clever> CapsAdmin: also, the path you have on line 7 isnt pure, gcc -xc -E -P -I${lib.getDev assimp} -c /home/caps/goluwa/goluwa/framework/lua/build/assimp/temp.c -o temp.p
<clever> iqubic: which just unpacks $src, and runs ./configure && make && make install
<clever> iqubic: its using the default builder for the stdenv
<clever> the errors should also include line numbers
<clever> you need to use ${lib.getLib assimp}
<clever> assimp doesnt have a .lib
<clever> find ${assimp.lib}/lib/;
<clever> rather then all of that ==] mess
<clever> also, you may want to switch to using json and more nix to do the generation
<clever> and stdenv is within pkgs
<clever> mkDerivation is part of stdenv
<clever> nope
<clever> can you gist the output of that generation code?
<clever> so lib just works
<clever> line 1 brings all of pkgs into scope
<clever> can you gist your current expression?
<clever> and a few other places
<clever> its also at stdenv.lib and pkgs.lib
<clever> 3 of them
<clever> lib.getBin lib.getDev lib.getLib
<clever> .dev i mean
<clever> "/nix/store/dw0b5i35vw3z4qmw02fhgnhimj6ri01q-assimp-4.1.0"
<clever> nix-repl> "${lib.getDev assimp}"
<clever> "/nix/store/s3cy1qvbczvzwx131k38kb5x3qzlv49i-freetype-2.7.1-dev"
<clever> nix-repl> "${lib.getDev freetype}"
<clever> CapsAdmin: there is a function in lib that will get .out if .lib doesnt exist
<clever> CapsAdmin: its just ${assimp}/include
<clever> yep
<clever> CapsAdmin: you may also want to look into appimage and nix bundle
<clever> yay
<clever> CapsAdmin: nixos also does similar, to make the initrd

2018-01-25

<clever> again, its not pure
<clever> sphalerite: the package may also rely on its own propagated inputs being in the profile
<clever> but you can also just rollback when your done
<clever> i suspect that having those QT packages in systemPackages wont cause an issue
<clever> switching to another user may help
<clever> it isnt pure and makes such things imposible
<clever> sphalerite: thats why the QT stuff needs an overhaul
<clever> sphalerite: the only way to fix the QT problem you have, is to upgrade all QT using apps to be built from the same nixpkgs
<clever> sphalerite: i am in this photo: https://twitter.com/InputOutputHK/status/955409451200253952
<clever> sphalerite: iohk meetup, whole company
<clever> sphalerite: and if 2 different versions wind up in the same profile, it fails
<clever> sphalerite: qt is in the propagated inputs of all packages using qt
<clever> sphalerite: yeah, i was over in lisbon
<clever> sphalerite: what does ls -l ~/.nix-profile/lib/ say?
<clever> the very problem nix was meant to solve has returned :P
<clever> sphalerite: you have 2 different versions of QT in your nix profile
<clever> LnL: that should probably go into one of the nix pills or something
<clever> let me find that gist...
<clever> nix silently ignores unused --arg's
<clever> and each could accept different arguments, with zero overlap
<clever> so foo, bar, and baz can all be functions
<clever> for every element in the -A foo.bar.baz, it will check if its a function, and auto-call it with every --arg
<clever> Sonarpulse: also, --arg does things you didnt think it did
<clever> Sonarpulse: --arg crossSysstem '{ config = "aarch64-unknown-linux-gnu"; }'
<clever> judson: gist the entire tail end of the output, from failure to getting your shell back
<clever> chisui: its mainly meant as a work-around for when nothing else works right
<clever> so it will boot the same way as the usb stick
<clever> chisui: efiInstallAsRemovable tells grub to treat the internal drive as if it was a removable usb one
<clever> and if you allow IFD, that means downloading the source of a dozen packages as well
<clever> TimePath: `nix-env -q` evaluates every single derivation, to find its .name
<clever> you may also want to try removing the usb stick after the shutdown