2019-10-16

<clever> tetdim: if its a single-user setup, then you should own everything under /nix/
<clever> tetdim: are you root? who owns profiles?
<clever> tetdim: dang impure distro!!
<clever> pbb: i use a squashfs in the initrd, over pxe
<clever> ivan: video playback works fine for me, but has some tearing

2019-10-15

<clever> ,howoldis
<clever> ive even seen it entirely stop you from logging in, because the binaries in plasma (qt based) conflict with the older versions in nix-env
<clever> then bad things happen
<clever> nix-env will silently pick one, and not warn you about the collision
<clever> duairc: also, if one package tries to propagatedUserEnvPkgs qt 5.9.0, and another does 5.9.1
<clever> duairc: but, then it wont work via nix-build && ./result/bin/foo
<clever> duairc: propagatedUserEnvPkgs is an ugly hack, that will force nix-env&friends to force-install the thing along side your thing
<clever> duairc: propagatedBuildInputs only gets added to the PATH of other derivations, during build time, and wont show up at runtime
<clever> duairc: most of the wrapProgram based things are problematic, because you have to force any program linking into your lib, to wrapProgram properly
<clever> duairc: that would be the best option i find
<clever> wormwood: it looks more like you just installed it with nix-env, without sudo
<clever> nix-env wont update when you nixos-rebuild
<clever> the nixos module installs the same version of both, to the system profile
<clever> the version of the drivers and client app must match
<clever> wormwood: remove it from nix-env, on all users
<clever> wormwood: thats the problem, you have 2 copies of vbox installed, and they are conflicting
<clever> wormwood: what happens if you run `type VirtualBox`?
<clever> evils: yeah, the problem is that debian config files break it
<clever> evils: on nixos or debian?
<clever> rossabaker: pam stuff usually also needs to be setuid root, most of the time, and nix cant easily do that on its own
<clever> rossabaker: or patch nixpkgs, to obey the debian pam configs
<clever> rossabaker: it reads everything in /etc/pam.d
<clever> rossabaker: blame debian for running a fork of pam that isnt compatible
<clever> rossabaker: so all pam based programs in nixpkgs will fail
<clever> rossabaker: nixos pam doesnt support @include, only debian based pam does
<clever> then `nix-channel --update` to apply the removal
<clever> gwen: you added a nixos channel to both your user and root, remove the duplicate with `nix-channel --remove nixos` (without sudo)
<clever> ,stateVersion
<clever> tokudan: is this on baremetal or a vm?
<clever> > builtins.attrNames builtins
<clever> tetdim: builtins.attrNames builtins
<clever> tetdim: what does your repl say 5-4 is?
<clever> tetdim: it shouldnt
<clever> > pkgs.fetchGit
<clever> tetdim: pkgs only exists if you `nix repl '<nixpkgs>'`
<clever> > pkgs.fetchgit
<clever> > builtins.fetchGit
<clever> tetdim: case sensitive
<clever> tetdim: Git vs git
<clever> tetdim: builtins.fetchGit vs pkgs.fetchgit
<clever> tetdim: fetchgit is from pkgs
<clever> tetdim: fetchGit is the builtin
<clever> tetdim: given what youve got built, the error may surprise you
<clever> tetdim: what is 5-4, in `nix repl`
<clever> tetdim: id say start with `nix repl` and see if the basics even exist then
<clever> tetdim: ?
<clever> tetdim: ninja is a tool to run the compiler, not a compiler, not a linker
<clever> tetdim: ldd isnt a linker
<clever> tetdim: is it being passed to the linker? which linker? what flags?
<clever> Squarism: 2019-10-15 15:29:49 < wucke13> PATH=/whatever/bin:$PATH
<clever> Squarism: then you just need to edit PATH in one of the hooks, like wucke13 said
<clever> Squarism: why does it want something under lib in PATH? wut?
<clever> wucke13: ah
<clever> wucke13: are you having /dev/random issues in qemu?
<clever> tetdim: your compiler may be noticing that nothing calls into that file, and is optimizing it away?
<clever> tetdim: https://github.com/NixOS/nix/blob/master/src/libexpr/primops/fetchGit.cc#L245 this line should be registering the primop
<clever> wucke13: when you boot in a vm, it can get less entropy
<clever> tetdim: along with every other primop in that dir
<clever> tetdim: ahh, you need to include https://github.com/NixOS/nix/blob/master/src/libexpr/primops/fetchGit.cc when building libexpr
<clever> tetdim: and where are you getting the error?
<clever> tetdim: the nix expression
<clever> tetdim: can you pastebin it?
<clever> tetdim: what nix expr are you using?
<clever> tetdim: you need to get a newer nix binary
<clever> tetdim: what builtins?
<clever> tetdim: yes
<clever> Squarism: then you need to add R to the nativeBuildInputs or buildInputs
<clever> Squarism: why do you need to add something to PATH?
<clever> i'm out of entropy!
<clever> wucke13: from /dev/random, its near 0, and only makes progress if i move the mouse, lol
<clever> ^C28GiB 0:00:05 [ 263MiB/s] [ <=> ]
<clever> [root@amd-nixos:~]# pv /dev/urandom > /dev/null
<clever> which resulted in 2d performance being horid, if 3d accel was enabled
<clever> so a deprecated fork of that module was still in use
<clever> simpson: but the xorg stuff in nixos, just blindly grabs every tar, and uses them all!
<clever> simpson: there was a module in xorg, that had since be merged into another
<clever> simpson: when i first switched to nixos, the amd drivers had horid performance
<clever> wucke13: 01:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Bonaire XTX [Radeon R7 260X/360]
<clever> yeah
<clever> AmandaC: for my amd gpu, simply unplugging a monitor from the card causes the entire machine to crash, hard
<clever> literon: builtins.path { path = ./.; name = "foo"; filter = ...; }
<clever> literon: c: builtins.path accepts a filter= argument!
<clever> literon: b: change ci to use a predictable name
<clever> literon: a: move that directory to a subdir of your repo, so the name is stable
<clever> AmandaC: ^^^
<clever> If this option is disabled, then no GPU devices will be added from the udev backend. Enabled by default. (May need to be disabled to setup Xinerama).
<clever> Option "AutoAddGPU" "boolean"
<clever> literon: use builtins.filterSource instead
<clever> AmandaC: you have no way to move a window between monitors, and little way to run an app on 2 monitors at once!
<clever> AmandaC: and you must mess with $DISPLAY to change which window an app opens on
<clever> AmandaC: with xinerama off, you have :0.0, :0.1, :0.2 and so on
<clever> AmandaC: i heavily suspect chromium is built without xinerama, because it cant share 1 monitor, it likely doesnt know where a monitor starts&ends
<clever> AmandaC: a window manager typically needs xinerama, to maximize to a single window
<clever> AmandaC: second, an application must use xinerama api's, to learn where the monitors are within :0.0
<clever> AmandaC: first, xorg treats all monitors as a single x11 display (just :0.0, no :0.1)
<clever> AmandaC: there are 2 parts to xinerama
<clever> AmandaC: xinerama is what lets you drag a window between 2 different monitors
<clever> back when xinerama was still new and not the default!
<clever> wucke13: ..... i memorized the xorg.conf options, before wayland was even an idea, lol
<clever> AmandaC: and i dont expect cmdline args on the 10th and 15th pages
<clever> AmandaC: what confused me though, is the nix man pages, it looks like several man pages just got mushed together, and so i skim the first page for cmd line args
<clever> wucke13: yeah, it would be nice to be able to toggle those options
<clever> wucke13: nixos has an option to toggle this, but hard-codes AllowMouseOpenFail to on
<clever> sequences have no special meaning and are passed to clients. Default: off.
<clever> This disallows the use of the Ctrl+Alt+Keypad-Plus and Ctrl+Alt+Keypad-Minus sequences. These sequences allows you to switch between video modes. When this option is enabled, those key
<clever> Option "DontZap" "boolean"
<clever> wucke13: unlike iqubic, i devour man pages for breakfast, and even a decade later, little options i never use (like AllowMouseOpenFail), stick around, lol
<clever> wucke13: nixos/modules/services/x11/xserver.nix: Option "AllowMouseOpenFail" "on"
<clever> wucke13: theres your problem!
<clever> nixos/modules/services/x11/xserver.nix: Option "AllowMouseOpenFail" "on"
<clever> wucke13: i think this is the main option that would prevent such failures
<clever> This tells the mousedrv(4) and vmmouse(4) drivers to not report failure if the mouse device can't be opened/initialised. It has no effect on the evdev(4) or other drivers. Default: false.
<clever> Option "AllowMouseOpenFail" "boolean"
<clever> iqubic: this shows the flow from one program to another, when things are configured normally
<clever> iqubic: let me pastebin some stuff...
<clever> iqubic: gnome-session IS a desktop manager
<clever> iqubic: then you need to learn what the display-manager was doing, and replicate that
<clever> this then runs the desktop manager
<clever> ah, correction, that runs the display manager
<clever> iqubic: things tend to break if you dont enable xserver, but do enable a desktop manager
<clever> iqubic: try it!
<clever> iqubic: you mus still set services.xserver.desktopManager.gnome3.enable=true; to install all of gnome3
<clever> iqubic: try what wucke13 gave you first
<clever> wucke13: then it will just hard fail, rather then leaving you in a trap
<clever> wucke13: usually, xorg will suicide if it cant find any input devices
<clever> wucke13: the nixos config you gave iqubic
<clever> iqubic: did you try it?
<clever> 2019-10-11 20:36:37 <@clever_> 2019-10-11 20:35:15 < AmandaC> clever: ... I may have stumbled upon how to make your qemu stuff work again. I did the wrong flag when I did the `-D...` change -- it wants `-Ddefault_library` instead of `-Ddefault-library` -- it seems to
<clever> gchristensen: nice
<clever> nakkle: if things are signed by a key the remote end trusts, then you dont need to be a trusted user, but signing can be more tricky to configure
<clever> gchristensen: nice, can clearly see how long it took to build, shutdown, and boot up again
<clever> nakkle: remote builders typically also need hydra to push inputs the remote end lacks, and pushing those inputs needs trust or signing
<clever> nakkle: by default, all users can build things
<clever> then its not PATH issues
<clever> nakkle: what happens if you manually run `ssh user@build-slave nix-store --version` ?
<clever> nakkle: any other errors nearby?
<clever> nakkle: are you reading the jorunal for hydra-queue-runner?
<clever> which means my `top` like app no loner works, it cant see other processes!
<clever> modern android uses containers and namespacing
<clever> each app in its own uid
<clever> old android did it purely with unix permissions
<clever> jophish: thats basically what android does
<clever> mwelt: which is usually managed by nix-channel
<clever> mwelt: $NIX_PATH
<clever> mwelt: in <nixpkgs>

2019-10-14

<clever> inkbottle: that will also expose nesting sudo, sh, and bash
<clever> inkbottle: both nix-shell and nix run increment $SHLVL, so you could use an alternate PS1 that reveals $SHLVL
<clever> and a whitelist shouldnt allow -1, so no issue there
<clever> a lot of users are near-root power, and a blacklist is just a plain bad idea
<clever> that just seems like a dumb way to set it up
<clever> __red__: ahhh, its for when you allow somebody to run x as anybody-but-root
<clever> for me, it asks for the normal pw before running the thing as root
<clever> selfsymmetric-pa: automake now
<clever> ,locate bin aclocal
<clever> selfsymmetric-pa: ~/.stack/config.yaml can make nix the default
<clever> stack only obeys that if you use `stack --nix`
<clever> shell.nix is only loaded it the stack.yaml points to it
<clever> selfsymmetric-pa: can you pastebin the shell.nix and stack.yaml files too?
<clever> selfsymmetric-pa: i would just use a pure nix build, stack just has too many issues
<clever> then it kept building more things
<clever> oh, way up there, line 38
<clever> selfsymmetric-pa: nothing in that error complains about a lack of autoconf
<clever> selfsymmetric-pa: can you pastebin the entire build output?
<clever> thats how you override 99.9% of all nix packages
<clever> fresheye1: nix.package = pkgs.nix.overrideAttrs (old: { src = pkgs.fetchFromGithub { owner = "nh2"; repo = "nix"; rev = "fixme"; sha256 = "fixme"; });
<clever> > pkgs.nix
<clever> fresheye1: the problem is on the client side, so you need to set that option to a derivation with the override, on the client machine
<clever> fresheye1: or override it, to change the src to that rev
<clever> fresheye1: the issue you linked already has a fix
<clever> And the problem disappeared.
<clever> Commented out the lines:
<clever> fresheye1: http over a vpn?
<clever> fresheye1: the murder victim did make use of that flag
<clever> logfiles.2519:prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
<clever> that might be it
<clever> and the file format doesnt allow a :, so you must use a name, and then use ~/.ssh/config to override the port/host on that name
<clever> AmandaC: aimed at 127.0.0.1:2200
<clever> AmandaC: you need to add an i686-linux build slave to /etc/nix/machines
<clever> AmandaC: you also have to `systemctl start sshd` inside the qemu window, i need to flip that back to auto
<clever> AmandaC: it uses port 2200 of 127.0.0.1
<clever> fresheye1: on the client, not the server
<clever> fresheye1: the time when you last reproduced the problem
<clever> you can also get times with `journalctl -t kernel`
<clever> fresheye1: a command, you run it
<clever> fresheye1: what does `dmesg` say at around this time?
<clever> fresheye1: nope, it was already dead by then!
<clever> 56249 kill(2519, SIGKILL) = 0
<clever> 50554 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=2519, si_uid=0, si_status=SIGKILL, si_utime=2, si_stime=0} ---
<clever> logfiles.2412:kill(2519, SIGKILL) = 0
<clever> by 2412
<clever> and ssh was murderized
<clever> 541 +++ killed by SIGKILL +++
<clever> so, it got an epipe, while writing to the stdin of ssh
<clever> which was then mapped to stdin of ssh
<clever> 12 is likely a pipe, that leads to 10
<clever> logfiles.2516:pipe2([10, 12], O_CLOEXEC) = 0
<clever> where did it open fd 12?
<clever> we then have to go backwards
<clever> the 12th open file
<clever> pid 2528 failed to write to fd 12, due to a broken pipe
<clever> logfiles.2528:write(12, "\3\0\0\0\0\0\0\0@\0\0\0\0\0\0\0/nix/store/ymkn6"..., 80) = -1 EPIPE (Broken pipe)
<clever> fresheye1: delete the logs and start over as root
<clever> fresheye1: the logs are useless, you didnt run it as root, so nix-daemon did all the work
<clever> ah, i was doing a case sensitive search for broken, but its Broken!
<clever> fresheye1: on which line#?
<clever> fresheye1: what about the most recent files strace made, from when it failed?
<clever> fresheye1: check the last-mod timestamps on them, and look for ECONNREFUSED
<clever> fresheye1: can you pastebin the strace and sshd logs from the same time?
<clever> and repeat until the error happens
<clever> fresheye1: try again, with strace on the copy-closure
<clever> everything is normal there
<clever> red[m]: cmakeFlags = [ "-Dsomething=yes" ];
<clever> fresheye1: leave the journalctl open, and wait for it to fail again
<clever> what is interesting?
<clever> 2019-10-14 14:37:27 < clever> `journalctl -f -u sshd` on the .1.10 machine
<clever> keep watching the sshd journal, and see if anything happens when things are failing
<clever> yeah, that should just work
<clever> fresheye1: which machine is that from?
<clever> fresheye1: can you pastebin the contents of /proc/net/arp ?
<clever> fresheye1: unlikely
<clever> watch it closely, is it failing?
<clever> `journalctl -f -u sshd` on the .1.10 machine
<clever> and no other mac appeared, ever?
<clever> yes
<clever> fresheye1: can you pastebin the whole output?
<clever> fresheye1: run the arping again, and leave it running for a few minutes, then pastebin the whole output
<clever> fresheye1: the problem has fixed itself again
<clever> but arping says you didnt
<clever> it can only get routed to the wrong machine, if you gave 2 machines that ip
<clever> fresheye1: do the strace nix-copy-closure again, and look in the logs for another connect(
<clever> even if they conflict
<clever> fresheye1: that does absolutely nothing to stop you from setting a static ip on any machine
<clever> fresheye1: and your sure you havent given that ip to several machines?
<clever> fresheye1: is the machine at .1.10 using a static ip?
<clever> all the evidence points towards it having been offline
<clever> fresheye1: maybe sshd wasnt running?
<clever> fresheye1: nothing makes any sense then, its both offline and not
<clever> fresheye1: is it showing 1 mac addr or 2 macs?
<clever> interface names dont have a / in them
<clever> `ifconfig`
<clever> fresheye1: what does `arping 192.168.1.10` return?
<clever> fresheye1: what does `ssh nix-ssh@192.168.1.10 -vvvv` output?
<clever> fresheye1: and is ssh running on 192.168.1.10?
<clever> fresheye1: connect(3, {sa_family=AF_INET, sin_port=htons(22), sin_addr=inet_addr("192.168.1.10")}, 16) = -1 ECONNREFUSED (Connection refused)
<clever> tetdim: why is it trying to run /usr/bin/bash? that shouldnt exist when nix is being used
<clever> tetdim: what error are you getting?
<clever> fresheye1: pastebin all 3
<clever> fresheye1: then pastebin all of the logfiles
<clever> fresheye1: run that same nix-copy-closure, as root, under `strace -ff -o logfiles`
<clever> cinimod`: yeah, look at the machotool example
<clever> fresheye1: if you do `nix-copy-closure --from user@host /nix/store/foo`, does it fail?
<clever> // is what breaks things
<clever> cinimod`: you must use haskellPackages.override { packageOverrides = self: super:
<clever> cinimod`: the whole reason you have the mess on lines 62-67, is becaue the overlay above it is doing nothing
<clever> so you have to do things in the right order
<clever> so you cant then .override { ghc = ... ; }
<clever> but .extend strips off .override
<clever> .extend does add
<clever> pikajude: then you replace the entire overlay, not add to it
<clever> so you cant give it a list
<clever> pikajude: haskellPackages.override only accepts a single overlay
<clever> cinimod`: but haskell overlays cant compose together, due to how you apply them
<clever> cinimod`: and you dont even need the nixpkgs overlay, look at this example: https://github.com/cleverca22/machotool/blob/master/default.nix
<clever> cinimod`: its just adding an attribute to pkgs.haskell, which does nothing
<clever> cinimod`: the nixpkgs overlay is being used, but the haskell overlay isnt
<clever> cinimod`: and line 3, i dont think thats applying any overlays
<clever> cinimod`: line 9, do { sundials_arkode = self.sundials; };
<clever> cinimod`: and you can use it to override any param
<clever> cinimod`: the {} at the end, functions just like the {} in callPackage
<clever> fresheye1: what does that output?
<clever> AmandaC: is the size of trash going down?
<clever> cinimod`: http://bash.org/?244321
<clever> cinimod`: time to change your passowrd again, may i sudjest hunter2?
<clever> fresheye1: what about the nix-store -r command i gave yesteray?
<clever> fresheye1: what about the client?
<clever> duairc: the ghc envs are a bit special and harder to combine together
<clever> fresheye1: nix path-info --json /nix/store/1b49nd2qzlxninc9pibnn0kkfh6japyl-ghc-8.6.5 | jq
<clever> fresheye1: in the sqlite db
<clever> duairc: ah, you cant easily combine the .env's together, because each one has its own ghc
<clever> fresheye1 verify all the things!
<clever> direnv just automates changing things when you cd, to obey each shell.nix
<clever> duairc: yeah
<clever> devalot: then make a shell.nix in each subdir, that basically does (import ../).foo.env
<clever> devalot: create a default.nix, that overlays haskellPackages, and uses callCabal2nix to initialize every library
<clever> devalot: only when the package isnt updating to the "latest" version of libraries