Disable nix-daemon before upgrading
I don't know if this is the place to post answers to unasked questions, but if anyone has the nix service installed and is stuck an error like `guix system: error: chown: Read-only file system` when running `guix system reconfigure`, restart the nix-daemon service before reconfiguring. It took me a while to figure this out from the guix git commit log (commit 797be0ea5c3703ad96acd32c98dca5f946cf5c95).
Re: Build and upgrade times for heavier packages on old hardware
Hi Oleander,
On 2/25/24 03:06, Oleander wrote:
Hi kiasoc5,
thank you.
Are substitutes in Guix System disabled by running `# guix-daemon
--no-substitutes`? How can I see whether they are enabled or not?
I don't know how to directly check the daemon, but you can see if `guix
build` would download source derivations or substitute derivations with
`guix build --dry-run ${some-pkg}`.
If substitutes aren't enabled, it should show several derivations with
compressed sources (store paths ending with *-src.tar.gz.drv or
*-src.tar.xz.drv), instead of paths not ending in .drv
Since you're running Guix System, you should configure the
guix-service-type to not use substitutes, like this I think:
(operating-system
;; modify services like in the manual
(services
(modify-services %desktop-services
(guix-service-type config =>
(guix-configuration
(inherit config)
(use-substitutes #f)))
Re: Build and upgrade times for heavier packages on old hardware
Hi Oleander, On 2/21/24 9:00 AM, Oleander via wrote: > Hello everyone, > I'm considering disabling substitutes on my current Guix system running on an old Thinkpad with an i5-2520M, 10GB of ram and an SSD. Build times will probably take a while if all substitutes are disabled because you (might?) have to bootstrap the compilers. > Considered that many of you might be running Guix on something similar due to the compatibility between coreboot/libreboot and old Thinkpads, how long would it take approximately to build and upgrade packages like: I don't have a Thinkpad but I'll predict the packages with the longest compile times. > linux-libre If you customize your kernel for unnecessary modules, this speed up quite a bit (on my machine I can theoretically cut the time by half). > icecat This will probably take the longest. 1. Depends on bootstrapping rust first. With 10GB of RAM I'd suggest using swap. 2. Is a "modern" browser. At least it should compile faster than chromium, once all the Rusts are built. > pandoc I'm not sure about this exactly, but it does depends on Haskell bootstrap. Hopefully it's faster than Rust. > alacritty Like icecat, requires Rust. The actual app should be relatively faster to compile. Personally to estimate compile times, I build binutils to get the Standard Build Unit and reference BLFS for relative build times: https://www.linuxfromscratch.org/blfs/
Re: nscd on Foreign Distro
Hi Andres, On 2023-10-09 02:37, Andres Moreno wrote: I installed Guix on Fedora 38 using a package in the COPR Fedora repository. Everything seems to be working great except that I found out that nscd is deprecated for Fedora. The manual states that this service needs to be enabled or else the system might crash. Is this still an issue? I did some web searches; messages posted around the time of the Fedora deprecation of nscd did not point a clear path forward. Should I worry? n=1, but I've run Guix on Arch Linux without nscd for several months and had no apparent issues. In fact, nscd was recently removed from Arch Linux, so alternatives to nscd should be mentioned if something like nscd is still required. For example I believe sssd was floated as a nscd replacement at some point.
Re: PSA for LUKS users
On 4/20/23 05:39, Attila Lendvai wrote: While recent grub2 finally has limited support for luks2, it only supports the weaker KDF (key derivation function) (PBKDF2?), as I understand it, though would be happy to be proven wrong! i have just spent half an hour reading the linked PR's and patch emails, and unfortunately you seem to be right. i don't see why progress is so slow on this. some of the patches are 5+ years old! and the submitters seem to be constructive and responsive. a good entry point that collects the relevant links: https://github.com/johnlane/grub/issues/21 Argon2 support was slated to be in the next release of Grub (2.12) but apparently this is not realistic: https://www.mail-archive.com/grub-devel@gnu.org/msg35370.html
Re: What are you doing for a screen locker?
On 1/21/23 13:44, Christine Lemmer-Webber wrote: I used to use xscreensaver. I kinda miss it. It's still broken, see bug #57919. But really, the lack of xscreensaver has made me move back to Gnome and recently Gnome started having weird bugs on my hardware, so then I wanted to move back to stumpwm. But I simply don't understand how to get screen locking to work right without xscreensaver, which at least had made it relatively easy. The cookbook contains some info on how to use session locking with xorg but it doesn't seem like complete information. I'd be interested if people would share their configurations. Thanks! xlockmore and slock are installed in %base-packages and should work out of the box on Xorg.
Re: How to make audio devices available with guix shell --container
On 12/5/22 12:41, Elias Kueny wrote: Hello, I'm trying to run an online videoconferencing tool in chromium in a guix shell with a container, so I expose my system as little as possible. All is well without the --container option, but I'm not sure what to expose to make it work in the container too. I'm on guix system. I'm starting the software with: `guix shell --container -N -P --no-cwd --preserve='^DISPLAY$' --preserve='^XAUTHORITY$' --share=$XAUTHORITY --share=/dev/video0 ungoogled-chromium -- chromium --app="https://meet.jit.si"`. `--preserve='^DISPLAY$' --preserve='^XAUTHORITY$' --share=$XAUTHORITY` lets chromium open an X window and share the scren. `--share=/dev/video0` gives access to the webcam. What is the step to allow the microphone and speakers? About the sound, I believe you will need to expose the pulseaudio and/or pipewire sockets. You can reference bubblewrap configuration since it also works by sharing/exposing files. https://wiki.archlinux.org/title/Bubblewrap/Examples#Chromium I'm not particularly familiar with how audio devices are working. I read they are in /dev/snd, but sharing this or even the whole of /dev/ doesn't make the microphone and speakers available (although the browser is now asking me for the permission to access them, so it seems aware I have them). I also tried adding tinyalsa and pulseaudio to the container in case that's what's missing, but to no avail. I didn't explicitely install anything related to audio (but I have %desktop-services in my operating-system definition), so if it's a software that is missing, I don't know which one. I believe in the case of ungoogled-chromium that pulseaudio is part of the inputs already. Thank you in advance! It would be nice to have a tool for defining guix containers by permissions (with camera, with audio, etc) like bubblejail/firejail. That is a topic for a later mail.
Re: translation programm
On 11/19/22 08:52, Philip McGrath wrote: Hi, On Sat, Nov 19, 2022, at 7:55 AM, Wojtek Kosior via wrote: Is there a translation programm in Guix, you can use for offline translation? If you want to edit translation files in .po file format (as used by Guix), I prefer https://www.emacswiki.org/emacs/PoMode that gets mentioned in the Guix manual. Alternatively there exist other programs for PO files, like GNOME Translation Editor (“guix install gtranslator”). I think Francis is talking about something more like a combination of Google translation and bilingual dictionaries? If that's the case, I don't know of any options... Neither do I know any particularly good tool. There was some work on libre machine-learning-based translation engines, but the last time I checked, none of them was actually usable to me - none supported Polish and all had deps that were not available from APT (I was not yet using Guix at that time). On these lines, the best option I’m aware of is the relatively new Mozilla Translate: https://github.com/mozilla/translate I don’t think it’s been packaged for Guix yet, but I don’t know of any reason why it couldn’t be. The front-end demonstrated at https://mozilla.github.io/translate downloads language support files on-demand, but I think it could be patched to also package the models. Language support is not comprehensive, but it does include Polish. Some of the underlying work is grouped under the Bergamot project: https://browser.mt Much of the substantive source code seems to be at: https://github.com/browsermt/bergamot-translator I think it would be easy (but I haven’t tried) to write a front-end in GTK, Qt, or similar instead of the HTML+JS front-end. Philip Another option is libretranslate. There's a web version, and the source code is FOSS and suitable for Guix IMO. https://libretranslate.com/ https://github.com/LibreTranslate/LibreTranslate
Re: unbound variable
On 11/2/22 09:48, Felix Lechner via wrote: Hi Gottfried, On Wed, Nov 2, 2022 at 5:50 AM Gottfried wrote: If e.g. I have a different printer (e.g. from an other company), and I want to install it, That is a CUPS question. As you can imagine, there are lots of printers. I usually look at which format the printer speaks, and how it likes to communicate. Basic formats are PCL and Postscript, with PCL being faster but less cool. My favorite communication for networked printers is Port 9100, which I think used to be called JetDirect, but there are others. There is also USB (and parallel, if your printer is really old). My own printer is reasonably well supported by CUPS alone, although I might find a more capable PPD via hplip. RIght now, it's not worth my time to go further. You, too, may be looking at a compromise. For printers with their own data format, you may need Gutenprint, which I believe is not packaged in Guix. More importantly, I believe there are significant hurdles to packaging because there are so many paths to replace. Hope that helps. Kind regards Felix Lechner You might not need a driver, if your printer is new enough. Printers made after 2010 should support IPP Everywhere, which prints without drivers. https://www.pwg.org/ipp/everywhere.html
How to avoid downloading qtbase:debug
Dear Guix, =guix shell qtbase= downloads the entire debug output of qtbase even though I didn't write down qtbase:debug. That's hundreds of megabytes of bandwith I didn't want to use. How do I avoid downloading the debug output? Is this a bug? --
Re: How to open: Usb, hdd and other storage sata
On Fri, Oct 14 2022, 01:46:20 PM +0200 101ab--- via wrote: > Hello, excuse my English. Can you give me a hint? > I am new to guix. I have installed the OS but I have no idea how to > open my usb drives and my hdd? Lsusb shows my usb storage but file > manager is silent. I am using xfce. Since you are using xfce, I would check the Thunar settings. There should be something that lets Thunar automatically mount drives. --
Greetd autologin?
Hi Guix, Is there a way to configure autologin for greetd yet?
Re: Dual booting
July 28, 2022 10:04 AM, "Paul Jewell via" wrote: > Looking at the > bootloader information in the documentation, it seems that > chainloader is not available as an option. Grub supports chainloading as of commit 1fc20e4c86697e9d112b9fed8079334c818dd78e You can probably add a menu entry to chainload /EFI/Microsoft/Boot/bootmgfw.efi or wherever the bootloader might be.
Re: easy firewalling ?
On Fri, Oct 07 2022, 06:44:02 PM + jbra...@dismail.de wrote: > October 4, 2022 3:58 AM, "jordi" wrote: > > > Hi, happy guix newbie here, > > > > usually i use ufw for easily managing firewalling, adding iptables > > rules etc... I see there is no ufw package available in guix. Aside > > from managing iptables manually, are there other easie alternatives > > i could use in guix ? > > I believe that you need to use iptables or nftables. > > I don't think guix supports anything easier. > > The arch wiki has an example config that may work for you: > > https://wiki.archlinux.org/title/Nftables > > > > > Thanks, thanks, thanks > > > > Fenix > There is a firewall service that allows opening and closing of ports in iptables: https://issues.guix.gnu.org/48975 It would be great for this to get into Guix, and if there was also an nftables version.
Exporting patches without prerequisite patch id
Hi Guix, I have some commits on my local guix repo like this: (master) HEAD -> A -> B -> C When I do `git format-patch -3 --base=auto` I get prerequisite patch ids in some of the patches. But I want to each patch to depend only on HEAD. In other words I want to export patches like so: HEAD -> A HEAD -> B HEAD -> C How do I do this?
Re: How to install guix system from existing linux with guix package manager?
Hi Giovanni, May 27, 2022, 10:06 AM, "Giovanni Biscuolo" mailto:g...@xelera.eu?to=%22Giovanni%20Biscuolo%22%20%3Cg%40xelera.eu%3E > wrote: > IMHO what you are trying to do is an interesting path to... ascension Ascension, that's a great way to put it! > For my desktop and laptop I'm still using Guix on top of a foreign > distro (Debian) because... I'm conservative :-D, so I'd very much like > to have a way to try to slowly switch to Guix System with the "safety > net" to be able to boot my current system if I'm in trouble; this way > also I can spare some cash avoiding to buy a new dedicated machine for > this experiments. > I plan to try it out in a VM first. The new Arch installer sets up btrfs subvolumes automatically so it will be good for testing. > I never tried this, but beware that the UID and GID of user(s) in > your new Guix System sould be the very same of the arch system to be > able to access homes, /including/ Guix profiles of users (stored in > /home/$USER...) Yes, I believe most Linuxes set the first created user to a UID and GID of 1000, so hopefully this is not an issue. > Important: if you want to be able to share the store between the two > systems you should also share the /status/ of Guix, stored in > LOCALSTATEDIR/guix/ (usually /var/guix), since it contains a lot of > useful data and AFAIU it must be kept in sync between the foreign distro > and the Guix System [1]. This is the most critical part about being > able to share Guix between two different host operating systems. Should I make /var/guix a subvolume as well? ALso the only directory in /gnu is /gnu/store right? So I could just have an @gnu subvolume mounted on /gnu instead of a @gnu-store subvolume mounted on /gnu/store? > Last but not least, once you have installed Guix System you have to > decide what manages your GRUB configuraton: Guix System or arch, you > cannot share the grub config between the two; Guix System have a > stateless GRUB config (and it' good and fair) so I suggest you to use it > for GRUB configuration, but if you decide to keep using arch this is a > good tip: https://yhetil.org/guix/20181031125428.GA814@doom/ Thanks for the tip. What if I install another bootloader on Arch like systemd boot? Then there will not be a bootloader conflict and I can select one with efibootmgr. May 28, 2022, 10:51 AM, "Giovanni Biscuolo" mailto:g...@xelera.eu?to=%22Giovanni%20Biscuolo%22%20%3Cg%40xelera.eu%3E > wrote: > Actually I'm using a shared store AND "LOCALSTATEDIR/guix/" (usually > /var/guix) between my host OS and all my LXC containers, it's something > I learned by adapting Ludo' and Ricardo notes on installing Guix on a > cluster; please see this message (it was Feb 2019, I forgot I wrote > that) for details and pointers to the relevant documentation: > > https://yhetil.org/guix/87h8d8dl6d@roquette.mug.biscuolo.net/ > > In your case the "store and state sharing" systems are not running and > at the same time like on a cluster, but from a systemistic point of view > it's (almost) the same thing some of us are already doing in their > setup. Interesting, this does have some parallels. > As a side note, you could also consider to switch to Guix System and > keep your foreign distro running as an LXC container sharing store and > state with the host, but you have to be familiar with LXC tooling [1] > AND know how to "convert" a "physical" machine to an LXC container [2], > giving the guests acces to the host GPU [3] for graphical applications > or using remote dektop applications like SPICE or VNC... it's a little > bit complex but pure fun! Would an LXC approach require two graphics cards? I only have an integrated GPU. Thanks, kiasoc5
How to install guix system from existing linux with guix package manager?
How would I install Guix system from an existing Linux that has the guix package manager on it (aka from a foreign distro)? Specifically I have Guix installed on Arch Linux on an encrypted btrfs ssd. I have a @home subvolume mounted on /home. Currently /gnu/store is not a subvolume, but I'd like to reuse it for guix system. I also have the efi system partition for uefi boot. What I'd like to do is install Guix system and boot from a subvolume. Ideally the guix fstab would be like this: @guix-root is mounted on / on guix system @gnu-store is mounted on /gnu/store on guix system and shared between arch and guix @home is mounted on /home and shared between arch and guix So I think the steps are as follows: 0. backup data (just in case) 1. move /gnu/store to subvolume 2. install Guix system manually with the following file systems: (mapped-devices (list (mapped-device (source (uuid "my-uuid")) (target "cryptroot") (type luks-device-mapping (file-systems (append (list (file-system (device (file-system-label "cryptroot")) (mount-point "/") (type "btrfs") (options "subvol=@guix-root") (dependencies mapped-devices)) (file-system (device (file-system-label "cryptroot")) (mount-point "/gnu/store") (type "btrfs") (options "subvol=@gnu-store") (dependencies mapped-devices)) (file-system (device (file-system-label "efi")) (mount-point "/boot/efi") (type "vfat"))) %base-file-systems)) 3. configure uefi to boot guix grub by default WDYT? any tips/suggestions?
Comparing Guix containers and firejail
Hi Guix, Someone on firejail Github discussions [1] wants to know the difference between guix containers and firejail. 1. How does guix shell --container compare to firejail in terms of sandboxing/security? Are guix containers intended to be secure? 2. Containers are still experimental, are there any features that could be added to increase security? Thanks! [1] https://github.com/netblue30/firejail/discussions/5057
How to define custom hardened gcc?
Dear Guixers, I want to build gcc with --enable-default-ssp and --enable-default-pie, and have all packages built with gcc to be built by my hardened gcc, since Guix does not have a hardened toolchain yet. How might I define a custom gcc that I can recompile all my packages with? I have this in mind but am not sure if it works. (define-public gcc (package (inherit gcc) (arguments (substitute-keyword-arguments (package-arguments gcc) ((#:configure-flags flags `(append (list "--enable-default-ssp" "--enable-default-pie") ,flags))) Thanks, kiasoc5
