<clever>
and because you see the shell of an hdmi adapter on the wire, you think its just hdmi, and it cant dma you
<clever>
gchristensen: that line then ran to a box with an external pcie card, that did dma attacks against the host
<clever>
gchristensen: one demo, involved cutting apart a thunderbolt->hdmi adapter, and just running the thunderbolt wire right thru it, so the user thinks its just hdmi, but its really thunderbolt
<clever>
gchristensen: ive seen some pretty crazy thunderbolt hacks
<clever>
gchristensen: ive unseated the GPU before when plugging in a monitor, and the system just locked up solid
<clever>
mbrgm: the wiki mentions that u-boot is one of the things that was being used to test cross-compiles
<clever>
gchristensen: i so have a fairly large project i plan to test more fully with nixos, first step is to get the entire thing booting on a fresh nixos with zero manual config
<clever>
nice
<clever>
yeah
<clever>
ah
<clever>
gchristensen: hard to see what exactly its doing without some more context
<clever>
gchristensen: yeah
<clever>
i need to get around to another upgrade
<clever>
c74d: i'm running a version of nixos-instable from dec 7th
<clever>
it has versions going back as far as 3.10
<clever>
c74d: there is a linuxPackages_4_4 attribute, so id say yes
<clever>
c74d: this follows the 4.9 branch on nixos-unstable
<clever>
LnL: yeah, but you also want setgroups and setgid, and to read /etc/group with getpwnam or it will not work as you expect
<clever>
sophiag: and what is the error?
<clever>
LnL: yeah, i should be able to implement it
<clever>
LnL: since it already has root when you start it, there is no need for setuid
<clever>
LnL: it should be as simple as calling setgroups, setgid, and setuid
<clever>
LnL: i'll look into the perl runner script some more when i get a chance
<clever>
jabb: nix-shell -p make --run make
<clever>
yep
<clever>
servilio: and look into nix-store --query --tree
<clever>
servilio: you can also inspect the environment of any process, /proc/self/environ is a \0 seperated list of key=value pairs
<clever>
sophiag: ive had it work by not even setting the efi mount point, as long as /boot was a fat filesystem
<clever>
yeah
<clever>
so some stuff only works right when installed system wide
<clever>
some things in nixpkgs are patched to look for plugins in /run/current-system/sw, which can only be managed via systemPackages in configuration.nix
<clever>
then no tool will ever refuse again
<clever>
you are also free to set allowUnfree = true; in 3 places (configuration.nix, /root/.nixpkgs/config.nix, /home/sophiag/.nixpkgs/config.nix)
<clever>
yeah
<clever>
but you can set the exact same values under nixpkgs.config = { ... }; of configuration.nix, for the same effect
<clever>
nixos-rebuild will never read config.nix
<clever>
config.nix is only read by nix-env and nix-build
<clever>
the entire nixpkgs.config tree works exactly the same as the config.nix file
<clever>
you can set nixpkgs.config.allowUnfree = true;
<clever>
sophiag: i do like the idea of just putting EVERYTHING into configuration.nix, so i can recreate or update the system with a single command, but sometimes i want to just install 1 thing without waiting for the entire os to update, so i do that via nix-env
<clever>
sophiag: but you can do nixpkgs config for nixos, by setting nixpkgs.config in configuration.nix
<clever>
sophiag: nixos-rebuild will only ever use the things referenced in configuration.nix, so it wont be affected by ~/.nixpkgs/config.nix
<clever>
jophish: my battery wouldnt last long enough to build chromium,lol
<clever>
[root@amd-nixos:~]# nix-build '<nixpkgs/nixos>' -A config.systemd.services.sshd.runner
<clever>
that lets you start the service without systemd or nixos
<clever>
gchristensen: nope, it converted a systemd config entry in nixos into a perl script
<clever>
LnL: i need to document these things better, its not within the first 15 pages of my gist history
<clever>
LnL: let me find the gist i had with the good example
<clever>
LnL: have you seen the perl script for testing nixos modules?
<clever>
but i never finished that one
<clever>
copumpkin: i was working on a similar PR at one point, a build hook that pretty much just did find $out -type f > $filelist, and outputs = [ "out" "filelist" ];
<clever>
Shados: usualy you just switch to using UUID's so the exact path doesnt matter
<clever>
and a reboot is the simplest way to clear it all
<clever>
i think you probably missed something that is still keeping the disk open and doing things we arent expecting
<clever>
id say reboot and try it again
<clever>
sophiag: oh, what does "swapon --show" say?
<clever>
sophiag: you need to run fdisk -l on the device, like "fdisk -l /dev/sda" if you want to see the partitions within it
<clever>
and gparted will automaticaly format each partition with the correct tool (mkswap, mkfs, and so on)
<clever>
if your using the gui cd, you can also use gparted
<clever>
and aim mkswap at the swap partition
<clever>
yeah
<clever>
sophiag: you can run commands like "blkid /dev/sd*" and "fdisk -l /dev/sda" to inspect what is left
<clever>
that should be in the manual
<clever>
you need to mount the hdd to /mnt/ and boot to /mnt/boot/ before you run commands like nixos-generate-config or nixos-install
<clever>
sophiag: what is the output of "mount" ?
<clever>
sophiag: and how is the rootfs mounted?
<clever>
yeah, the root is missing, try "nixos-generate-config --root /mnt" to regenerate it
<clever>
you can install an irc client onto the cd using "nix-env -iA nixos.irssi"
<clever>
can you pastebin the hardware config?
<clever>
sophiag: i dont see a rootfs defined in configuration.nix, so hardware-configuration.nix has to be doing that
<clever>
you can also use "nixos-rebuild build" to test things without applying them
<clever>
try commenting that out and see if it changes the result
<clever>
something within the services.xserver block is probably the problem
<clever>
its unable to compute the kdmrc config
<clever>
while evaluating the attribute ‘config’ of the derivation ‘kdmrc’ at /tmp/root/nix/store/8a4674xm6sv5b33yjbfy1i7x59rlkj3a-nixos-16.09.1608.7ae9da4/nixos/nixos/modules/services/x11/display-managers/kdm.nix:58:5:
<clever>
sophiag: looks like an issue with the xorg settings, reading it more...
<clever>
sophiag: can you rerun that with --show-trace and pastebin the full backtrace
<clever>
sophiag: and what was the full error message?
<clever>
sophiag: can you pastebin your configuration.nix?
<clever>
l
<clever>
its as simple as re-mounting everything, and running nixos-instal
<clever>
yep
<clever>
luigy: so you can apply your new configuration.nix while using the CD's wifi drivers
<clever>
luigy: simplest answer is to boot from the cd and re-run nixos-install, that is just a script that runs "nixos-rebuild" under a chroot for you
2017-02-01
<clever>
gchristensen: ah neat
<clever>
gchristensen: how did you do "click to expand" in github? :O
<clever>
peti: ive switched one of my services over to openid, and thats a very common problem
<clever>
peti: are both browsers signed into the same google account?
<clever>
and the inode list wont have duplicates
<clever>
rather then traversing the directory tree
<clever>
i would expect fs level dedup to operate directly on the inode list
<clever>
which scanner?
<clever>
so removing .links wont speed it up any
<clever>
ertes: they would also slowly go away if you just stop running --optimize
<clever>
ertes: all .links does is act as a central index of extra hardlinks, to speed the process up
<clever>
ertes: even if you delete .links, the actual duplicates are still hardlinked to eachother
<clever>
ah
<clever>
ertes: i think that would mess up some of the optimize logic, why do you want to delete it?
<clever>
re-run the nix-build on each channel, and compare the outputs
<clever>
and also anything usb related in "lsmod"
<clever>
youll want to check for things that i listed above
<clever>
so you know exactly which modules actualy wind up in the initrd
<clever>
pikajude: this will build the module set for the initrd and drop it in result, then list the modules off
<clever>
# find -L result/
<clever>
# nix-build '<nixpkgs/nixos>' -A config.system.build.bootStage1.modulesClosure
<clever>
ToxicFrog: and then the rpath of those plugins comes into play, and i see
<clever>
ToxicFrog: ah, only the plugins are being loaded via /run/current-system
<clever>
can you pastebin the strace log?
<clever>
what does ldd say?
<clever>
RPATH i what matters
<clever>
it shouldnt care about whats in /run/current-system
2017-01-29
<clever>
hyphon81: not directly, but you can use -I nixpkgs=foo to redirect any other nix tool to a given path or tar
<clever>
gchristensen: i have had to try and fix multicast stuff before, and when you lack the docs, its pretty imposible
<clever>
only other improvement i can think of is multi-cast, but that requires special lan setup, and it lacks packet retry, so you would have to add that in yourself
<clever>
ah
<clever>
gchristensen: oh, and related, socat supports ssl, and could be used to authenticate this kind of thing
<clever>
gchristensen: looks like your plumbing files around the place?
<clever>
gchristensen: i have recently been switching another project over to github and been interested in the github hooks
<clever>
gchristensen: neat
2017-01-28
<clever>
"password-store-1.6.5"
<clever>
nix-repl> pkgs.pass.name
<clever>
madonius: nix-env is a weird tool, and will search the name attributes on things by default