2017-05-16

<clever> joepie91: i have heard about an irc client written in bash
<clever> and then ~/bundler/bin/bundle lock
<clever> you can also "nix-build '<nixpkgs>' -A bundler -o ~/bundler"
<clever> but if you only want the $PATH changes and dont care about the rest
<clever> so changing the shell out would usualy break that
<clever> its meant to give you access to all of the bash functions that the stdenv has
<clever> but that may not always be an easy thing
<clever> so vim can use it without having to install it globally
<clever> ah, for edge cases like that, i would usualy compile a vimrc file that embeds the absolute path of gotools
<clever> so once the shell has been quit, its basicaly gone
<clever> Judson1: that will put bundler at the start of $PATH, and not install it to any profile
<clever> dhess`: ah, but if you setup hardeningDisable, then gcc will allow it
<clever> rather then in the derivation
<clever> dhess`: oh, then that env variable needs to be set when ghc runs gcc
<clever> dhess`: you need to set hardeningDisable=["pie"] in the derivation
<clever> and probably the same for bundler, just "nix-shell -p bundler"
<clever> gotools sounds like something i wouldnt even install, only ever use under nix-shell
<clever> ah
<clever> Judson1: what 2 packages are colliding, and on what binary?
<clever> Judson1: it has to be installed before you can set a priority on it
<clever> write a nix package!
<clever> so i wouldnt care about docs
<clever> i would only use that as a bootstrap to do a proper nixpkgs build of ghc
<clever> yeah
<clever> dhess`: ah, then ${stdenv.cc}/bin/gcc is probably what you want
<clever> dhess`: why do you need its path?
<clever> acertain: skype and teamspeak are other examples
<clever> pulse also makes use of dbus to find the server
<clever> 'env' will print them all out, then you can export things one by one in the --pure shell until it recovers
<clever> oh, i could see --pure clearing env vars it needs to find pulseaudio
<clever> add this to ~/.nixpkgs/config.nix, chromium.pulseSupport = true; inside the top level { and }
<clever> are you installing chromium with nix-env or nixos-rebuild?
<clever> vandenoever: i have chromium.pulseSupport = true; in my nixpkgs config
<clever> vandenoever: do you see chromium in "pavucontrol" ?
<clever> vandenoever: is pulseaudio working?
<clever> and also, nix cleans all env variables up, so the NIX_SSL_CERT_FILE you set isnt reaching wget
<clever> kiloreux: line 40 is trying to use wget inside a build
<clever> and all other attempts are blocked
<clever> basicaly, every network access must go thru a function that starts with "fetch"
<clever> that one is allowed to access the network
<clever> kiloreux: builtins.fetchurl will let you impurely fetch something, it returns a path to the file it fetched
<clever> kiloreux: nix will try to disable all network access inside a normal nix build
<clever> kiloreux: change the name in the stdenv.mkDerivation
<clever> kiloreux: and for testing, you would just do "nix-build ~/another-directory && ls result/ -l"
<clever> kiloreux: so "nix-env -f ~/another-directory -i" will install transloadit
<clever> kiloreux: oh right, that will only be able to install that 1 derivation
<clever> kiloreux: yeah
<clever> kiloreux: nix-env -f ~/another-directory -iA hello
<clever> kiloreux: yes
<clever> you need to put this in its own directory, and leave the nixpkgs intact
<clever> kiloreux: thats your problem, line 25 imports <nixpkgs>, which is itself
<clever> kiloreux: did you put that into the root of a nixpkgs copy?
<clever> kiloreux: can you update the gist to include all the comments, the line numbers in the --show-trace dont match up
<clever> shosti`: try deleting it and then using nix-env again
<clever> shosti`: it appears to be a 0 byte file, can you confirm that?
<clever> kiloreux: answer the question, does ~/.nixpkgs/config.nix exist?
<clever> it should be, but weird things in config.nix can break it
<clever> ls -lh ~/.nixpkgs/config.nix
<clever> it wont be there
<clever> kiloreux: which nixpkgs dir did you look in?
<clever> kiloreux: oh, is there anything in config.nix?
<clever> kiloreux: can you do it again with --show-trace ?
<clever> kiloreux: there is no line 50 on that gist
<clever> matthewbauer: yeah, but there are no logs of what commits a channel has been on
<clever> matthewbauer: nope
<clever> matthewbauer: the binary cache has no garbage collection
<clever> ah
<clever> why do you need static libs?
<clever> it still makes shared libs
<clever> MoreTea: and the devicemapper configure script ignores those flags
<clever> MoreTea: internally, it just passes --disable-shared --enable-static to configure and tells nixpkgs not clean things up
<clever> [root@amd-nixos:~]# nix-build -E 'with import <nixpkgs>{}; devicemapper.override { stdenv = makeStaticLibraries stdenv; }'
<clever> nix-repl> devicemapper.override { stdenv = makeStaticLibraries stdenv; }
<clever> danbst: ah, nice
<clever> how did it get this late?
<clever> crap, lol
<clever> same, its now 5am
<clever> but those are harder to patch in
<clever> -f flags would probably be faster, since it wont carry down to every child without limit
<clever> the env wont be that bloated, if you limit each var to the programs that need it
<clever> and for apps the user runs, wrapProgram
<clever> and then set the env in the systemd unit
<clever> it seems simple enough to patch the source to getenv("FOO_CFG") or "/etc/foo"
<clever> or pass absolute paths via env variables
<clever> so only the writeable remain, and there is no need for setup-etc.pl
<clever> every read-only part of /etc can go
<clever> but nearly everything else can go!
<clever> ehh, things like resolv.conf can stay in /etc
<clever> though if i was feel a little more crazy, i would just patch all the things, and just get rid of /etc!!
<clever> yeah
<clever> dont think that would work if it was a symlink into the store, or an overlay of the store
<clever> and if i dont embed host private keys into the store, they change constantly, and the ssh client makes things difficult
<clever> so it gets factory-reset on every boot
<clever> not-os has no persistant writable mountpoints
<clever> and ssh complains that the host keys are changing constantly
<clever> it has no root disk, so the activation script has to recreate /etc on every boot
<clever> i was putting them in the store for faster testing in not-os
<clever> sshd says similiar things about its private key files
<clever> setup-etc.pl copies it over, and does a chmod to make sudo happy
<clever> MichaelRaskin: but nix says all files in the store must be world readable
<clever> MichaelRaskin: some programs like sudo incist that /etc/sudoers isnt world-readable
<clever> LnL: that saved 26mb
<clever> MichaelRaskin: there is also an edge-case that setup-etc.pl handles that i dont think i see in your pseudo-system.nix
<clever> lol
<clever> hyper_ch: 16.03 was over a gig with xfce enabled
<clever> hyper_ch: i had to disable xorg to even get the 16.03->17.08 upgrade to fit
<clever> ah, i see
<clever> hyper_ch: i currently have the entire nixos closure down to 619mb, and i have 1.3gig free, thats enough to fit ~3 copies of nixos
<clever> hyper_ch: the hdd isnt replacable, raw NAND flash chips soldered directly to the motherboard, 4gig total
<clever> MichaelRaskin: ah yeah, i saw that in an issue somewhere recently, what was the link?
<clever> hyper_ch: my netbook barely has enough disk space for 2 full nixos generations, so a glibc change causes any attempt at upgrading to run out of space
<clever> MichaelRaskin: i have done that in not-os, but it still needs perl for setup-etc.pl
<clever> almost down 80mb fro where i started
<clever> programs.info.enable=false; shaved another 19mb off the closure
<clever> closure size on-disk
<clever> turning man and the manual off saved another 26mb
<clever> MichaelRaskin: it looks like he started out by making it optional with proper optional calls and a ?null, but then missed a spot, and made the PR
<clever> that was there from the first commit that added pcsclite
<clever> programs.man.enable and services.nixosManual.enable
<clever> oh yeah, man pages
<clever> if all the python is purged
<clever> and thats going to get me maybe 46mb
<clever> scratch that, the guy that originaly added pcsclite only wrote half the code to make it optional
<clever> somebody broke the optional-ness
<clever> well, was
<clever> and its already optional
<clever> so i can sign into wpa with a hardware auth token
<clever> ah, pcsclite is for smartcards
<clever> just push it off to a machine with more space
<clever> FRidh: build slaves and nixops could eliminate that usage
<clever> wpa_supplicant does something with pcsclite, which has a python #!
<clever> makefu: wow, python actualy has a chance of being purged, only in use by git, wpa_supplicant, and zfs-user (grub shouldnt be using that)
<clever> wpa_supplicant
<clever> wait no, misread
<clever> python somehow is in the closure of glibc
<clever> makefu: and systemd-boot pulls in python instead
<clever> 36mb saved!
<clever> swapping out the git build reduced the closure from 696m to 660m
<clever> makefu: no EFI support on the machine
<clever> or runCommandNoCC did its job
<clever> it had to redownload make, but not gcc
<clever> i think something is wrongly holding a reference to gcc at runtime though
<clever> and now the nixos config will figure that out on its own
<clever> (if config.services.xserver.enable then gitAndTools.gitFull else git)
<clever> but now that i purged xorg, i cant use git gui
<clever> which lacks 'git gui'
<clever> fetchgit, and the main 'git' attribute use a more slimmed down git build
<clever> correct
<clever> /nix/store/pjj9npd844a0byw7rvynhr8lzds73fsp-git-2.13.0/libexec/git-core/git-instaweb:PerlPassEnv GIT_DIR
<clever> gitAndTools.gitFull
<clever> LnL: oh god, the whole switch script for changing nixos builds at runtime is perl!!
<clever> nixos-generate-config
<clever> texinfo
<clever> git (it can probably be turned off)
<clever> nixos-container
<clever> perl is also pulled in via man-db -> groff -> perl
<clever> if those 3 get rewritten in c/c++, we will be 1 step closer to purging all perl code from nixos
<clever> any time your booting from a potentialy different generation
<clever> LnL: that doesnt feel safe, setup-etc.pl is required to boot
<clever> makefu: its used by the grub install script, setup-etc.pl, and the user/group scripts
<clever> still 2 even in the top 20
<clever> only 2 things in the top 10 have a hope of being removed, git(35mb) and svn(17mb)
<clever> LnL: the biggest thing in the system profile cant just be removed
<clever> 109M /nix/store/r9dbza2lhsnmj0078p46p7ql3cvrhn9z-glibc-locales-2.25
<clever> turning xorg off let me shrink the current profile just enough, after a full nix-collect-gabrage -d
<clever> yeah
<clever> LnL: yep, i have 3 servers and a desktop setup for auto-gc
<clever> MichaelRaskin: i had to disable xorg and GC just to update it
<clever> MichaelRaskin: i have a netbook that doesnt have enough hdd space to hold even 2 generations
<clever> 90
<clever> [root@amd-nixos:~]# zfs list -t snapshot | wc -l
<clever> but i do have automatic snapshots on
<clever> not on the machine that had the problem
<clever> so maybe the import is being a little async?
<clever> but there is no ability to run things in parallel in stage-1
<clever> oh, lets yeah, search for EBUSY in all related files
<clever> mount_nodev takes a function pointer, and also calls dget
<clever> ive memorized the github url for linux
<clever> i think mount_nodev is part of the kernel, to handle mounting a filesystem that lacks a blockdevice
<clever> simukis_: yeah, thats looking pretty close
<clever> we need to go deeper!
<clever> i think this is userland code
<clever> simukis_: oh, line 206, openat()
<clever> simukis_: it will probably also return -EBUSY, which the userland may translate to "Device or resource busy"
<clever> simukis_: that error may only go to dmesg
<clever> simukis_: i believe this the code handling the mount
<clever> let me check something else
<clever> not that i know of
<clever> simukis_: but i did have the shell enabled, and had no trouble manualy calling mount after it failed
<clever> simukis_: i prefer to just never reboot, so i dont get a chance to debug it often
<clever> which is over in stage-1
<clever> simukis_: it also didnt print any . so line 301 never ran
<clever> simukis_: so if the first import works, it never sleeps for 0.25
<clever> simukis_: that 0.25 sleep on line 300, is after the first zpool import on line 299
<clever> but networkmanager says wifi shouldnt be enabled
<clever> installation-device says that wifi should be enabled
<clever> oh, i see the same one here
<clever> mellowmaroon: can you pastebin the full error?
<clever> -I nixos-config should stop that
<clever> mellowmaroon: oh, and that directory will be read-only, so you need to add "-o ~/result" to make it write the output elsewhere
<clever> mellowmaroon: just "cd /nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs/nixos" then run it
<clever> mellowmaroon: yeah, one second
<clever> oh, i think i see it
<clever> mellowmaroon: which path is it saying doesnt exist?
<clever> but --list wont show roots channels
<clever> mellowmaroon: it will use root's channels automaticaly
<clever> mellowmaroon: nope
<clever> mellowmaroon: and does /nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs exist?
<clever> mellowmaroon: what does 'echo $NIX_PATH' say?
<clever> simukis_: once the import is done, it should just work
<clever> simukis_: zfs filesystems dont have a normal block device, so device-mapper shouldnt come into play at all
<clever> mellowmaroon: and it can go almost anywhere, as long as its not after -A or -I
<clever> mellowmaroon: that path doesnt need an argument
<clever> simukis_: if nixos finds a filesystem with fsType = "zfs" it will do that for you
<clever> simukis_: i dont see a need to set boot.kernelModules to zfs, nixos will figure that out on its own
<clever> simukis_: interesting, i had that exact failure yesterday
<clever> yep
<clever> and you may wnat to check to see if nix-channel is already setup, nix-channel --list
<clever> either add a channel with nix-channel and use '<nixpkgs/nixos>', or clone nixpkgs from git
<clever> or pass it '<nixpkgs/nixos>'
<clever> the nixos subdir of it
<clever> that has to be ran in a directory where you cloned nixpkgs
<clever> mellowmaroon: what error did it fail with?

2017-05-15

<clever> dhess`: yep
<clever> gchristensen: about point #1, i believe the PS3 has a crypto key in the cpu die, that is used to handle harddrive encryption
<clever> and unpack the .deb directly to there
<clever> though you could also just mkdir $out; cd $out at the start
<clever> and also destroys the source so you cant do this kind of thing
<clever> mv may be faster then cp, for some filesystems
<clever> dhess`: then on line 53, you patch everything in .
<clever> dhess`: on line 50, you copy everything from . to $out
<clever> dhess`: found the problem
<clever> yeah, it will probably work the same on arm
<clever> that at least makes testing faster
<clever> ah, looks like its currently aimed at patchelf'ing the 64bit x86 ghc?
<clever> and then gist the output of nix-build
<clever> try adding a "set -x" to your installPhase before you run patchelf
<clever> just "nix-build force-patchelf.nix" and then ./result <some-elf-file>
<clever> dhess`: i heard about a bug like that a while ago, try running it twice with the same args
<clever> so you could unpack the .deb to $HOME and patch it with this, until it at least partialy runs
<clever> you can then run that bash script on any elf file to just fix it (assuming you put the libs into the nix file ahead of time)
<clever> dhess`: if you run nix-build on one of these, it will generate a bash script containing a patchelf invocation
<clever> dhess`: there is also a util i made a while ago that may help: https://gist.github.com/cleverca22/8cae5bc9c02c12099a3bf5e20e75161f
<clever> try running file against the binary inside installPhase, before and after patchelf
<clever> can you gist the expression and i can test it on my pi?
<clever> this should automaticaly find the right path for you
<clever> --interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)"
<clever> it should start with /nix
<clever> dhess`: what does 'file' say about the binary?
<clever> dhess`: 'not found' means you forgot to set the interperter
<clever> weird
<clever> manveru: why do you need it in a derivation?
<clever> bisect doesnt handle those kinds of problems well
<clever> any time i hit the binary cache, it broke, any time i missed, it built it locally and worked
<clever> at the time i had sandboxing off, and was trying to git bisect nixpkgs
<clever> building it with a nix sandbox broke everything
<clever> i have run into a complex problem with net-snmp before in nixpkgs
<clever> aanderse: https://gist.github.com/cleverca22/53b51b694a9d72ce80b1f8ca3f354fcf running "nix-shell --pure example.nix" should load up everything listed on line 10
<clever> bennofs: or rather, it did at one time, i think it was fixed a month ago
<clever> bennofs: nix-shell -p uses stdenvNoCC by default
<clever> aanderse: you may need to add gcc to the nix-shell flags as well
<clever> aanderse: do you have a github link for the project?
<clever> it is a bit odd that it couldnt find <GL/gl.h>
<clever> mesa.out 0 s /nix/store/nppbk91gbdnys2950grrl9zbpssx4iyg-mesa-17.0.3/include/GL/gl.h
<clever> checking things on this end...
<clever> "nix-shell -p cmake mesa --run kdevelop" will probably work
<clever> so ; wont work
<clever> run kdevelop under the shell nix-shell creates
<clever> and then run cmake under that
<clever> aanderse: to start with, try "nix-shell -p cmake mesa"
<clever> aanderse: you must write a proper package or use nix-shell to load mesa
<clever> aanderse: nix goes out of its way to ignore include files when you put packages into systemPackages
<clever> aanderse: is mesa in the buildInputs list?
<clever> ij: and that tells ld.so where to search
<clever> ij: the lib folder for every dependency gets put into the rpath, a field in the elf headers
<clever> so it acts as a prefetch
<clever> i was thinking accept null, but always treat the hash as wrong
<clever> misread it then
<clever> oh
<clever> probably so you dont have to insert clearly wrong hashes just to get it to even build
<clever> there was also a recent change to nix master, i believe it will now accept null as a "valid" hash
<clever> but if the name is different, it wont reuse the old output