Re: Bug in Guix? ... guix-command substitute' died unexpectedly

[jbranso]

April 6, 2024 at 6:49 AM, "Zelphir Kaltstahl"  
wrote:



> 
> Hello Guix developers!
> 
>  
> 
> Today I ran into a problem when running 'guix pull && guix package -u':

"problems" or "bugs" are normally best sent to bug-g...@gnu.org, which I've 
just added
to this email.  :)

> 
>  
> 
> start
> 
>  $ guix pull && guix package -u
> Updating channel 'guix' from Git repository at 
> 'https://git.savannah.gnu.org/git/guix.git'...
> Authenticating channel 'guix', commits 9edb3f6 to bfc6143 (4.470 new 
> commits)...
> Building from this channel:
>  guix https://git.savannah.gnu.org/git/guix.git bfc6143
> substitute: updating substitutes from 'https://ci.guix.gnu.org 
> https://ci.guix.gnu.org/ '... 100.0%
> substitute: updating substitutes from 'https://ci.guix.gnu.org 
> https://ci.guix.gnu.org/ '... 100.0%
> substitute: updating substitutes from 'https://ci.guix.gnu.org 
> https://ci.guix.gnu.org/ '... 100.0%
>  module-import 2KiB 39KiB/s 00:00 ▕██▏ 100.0%
>  module-import-compiled 1.2MiB 2.2MiB/s 00:01 ▕██▏ 100.0%
>  compute-guix-derivation 1.4MiB/s 00:00 | 1KiB transferred
> substitute: updating substitutes from 'https://ci.guix.gnu.org 
> https://ci.guix.gnu.org/ '... 100.0%
> substitute: updating substitutes from 'https://ci.guix.gnu.org 
> https://ci.guix.gnu.org/ '... 100.0%
> substitute: updating substitutes from 'https://ci.guix.gnu.org 
> https://ci.guix.gnu.org/ '... 100.0%
> substitute: updating substitutes from 'https://ci.guix.gnu.org 
> https://ci.guix.gnu.org/ '... 100.0%
>  guile-lib-0.2.8 346KiB 828KiB/s 00:00 ▕██▏ 100.0%
>  disarchive-0.6.0 463KiB 1.06GiB/s 00:00 ▕██▏ 100.0%
>  guile-bzip2-0.1.0 55KiB 142.9MiB/s 00:00 ▕██▏ 100.0%
>  libarchive-3.6.1 489KiB 1.13GiB/s 00:00 ▕██▏ 100.0%
> substitute: updating substitutes from 'https://ci.guix.gnu.org 
> https://ci.guix.gnu.org/ '... 100.0%
> substitute: updating substitutes from 'https://ci.guix.gnu.org 
> https://ci.guix.gnu.org/ '... 100.0%
> substitute: updating substitutes from 'https://ci.guix.gnu.org 
> https://ci.guix.gnu.org/ '... 100.0%
> substitute: updating substitutes from 'https://ci.guix.gnu.org 
> https://ci.guix.gnu.org/ '... 100.0%
> substitute: updating substitutes from 'https://ci.guix.gnu.org 
> https://ci.guix.gnu.org/ '... 100.0%
> substitute: updating substitutes from 'https://ci.guix.gnu.org 
> https://ci.guix.gnu.org/ '... 100.0%
> substitute: updating substitutes from 'https://ci.guix.gnu.org 
> https://ci.guix.gnu.org/ '... 100.0%
> substitute: updating substitutes from 'https://ci.guix.gnu.org 
> https://ci.guix.gnu.org/ '... 100.0%
> substitute: updating substitutes from 'https://ci.guix.gnu.org 
> https://ci.guix.gnu.org/ '... 100.0%
> substitute: updating substitutes from 'https://ci.guix.gnu.org 
> https://ci.guix.gnu.org/ '... 100.0%
> substitute: updating substitutes from 'https://ci.guix.gnu.org 
> https://ci.guix.gnu.org/ '... 100.0%
> substitute: updating substitutes from 'https://ci.guix.gnu.org 
> https://ci.guix.gnu.org/ '... 100.0%
>  graphviz-minimal-7.0.1-doc 967KiB 1.37GiB/s 00:00 ▕██▏ 100.0%
>  dbus-1.15.8 281KiB 441.1MiB/s 00:00 ▕██▏ 100.0%
>  guix-daemon-1.4.0-18.4c94b9e 282KiB 657.0MiB/s 00:00 ▕██▏ 
> 100.0%
>  pcre2-10.40 1.1MiB 2.45GiB/s 00:00 ▕██▏ 100.0%
>  po4a-0.69 2.0MiB 4.2MiB/s 00:00 ▕██▏ 100.0%
>  glib-2.78.0 2.7MiB 12.2MiB/s 00:00 ▕██▏ 100.0%
>  libgit2-1.7.2 711KiB 3.1MiB/s 00:00 ▕██▏ 100.0%
>  avahi-0.8 384KiB 1.9MiB/s 00:00 ▕██▏ 100.0%
>  gts-0.7.6 299KiB 1.6MiB/s 00:00 ▕██▏ 100.0%
>  guile-avahi-0.4.1 61KiB 202KiB/s 00:00 ▕██▏ 100.0%
>  graphviz-minimal-7.0.1 1.1MiB 4.7MiB/s 00:00 ▕██▏ 100.0%
>  guile-git-0.6.0 558KiB 1.00GiB/s 00:00 ▕▏ ▏ 22.9%
>  guile-git-0.6.0 558KiB 477KiB/s 00:01 ▕██▏ 100.0%
> substitute: updating substitutes from 'https://ci.guix.gnu.org 
> https://ci.guix.gnu.org/ '... 100.0%
> substitute: updating substitutes from 'https://bordeaux.guix.gnu.org 
> https://bordeaux.guix.gnu.org/ '... 100.0%
> The following derivations will be built:
>  /gnu/store/n9wx8dzx4lgqr3bk56z1974ihvkak3mp-profile.drv
>  /gnu/store/1g1p5wps2z068v6lhwn95gi804k7rk3k-guix-bfc614397.drv
>  /gnu/store/0p1y1xm009bhxpkkzmp106rnrmf2bnsx-guix-manual.drv
>  /gnu/store/8ccc09hj839apww8nzc46lhm8hspqimx-guix-daemon.drv
>  /gnu/store/d376vlr1h5vi6g2cs31i6makg0as918l-guix-command.drv
>  /gnu/store/qzkq8yvqhqdjh0rpsqf9mm9fyiy8vp4f-guix-module-union.drv
>  /gnu/store/l4jwdhj236yanfxy0kz0rra35918k40w-guix-bfc614397-modules.drv
>  /gnu/store/205yj5gn8qlbxj2wrncly7fsnvr95xcm-guix-extra-modules.drv
>  /gnu/store/a8sn3438iapflzxllh90s7d739pjg3hq-guix-extra.drv
>  /gnu/store/xspva7mmpa73n1vpghwffdqm2vx11yn1-guix-core-source.drv
>  /gnu/store/51wb3javbxil7i5wiqfglaj4f1nmjj37-guix-home-modules.drv
>  

Re: xz backdoor

[jbranso]

April 1, 2024 at 3:46 PM, "Reza Housseini"  wrote:



> 
> Hi Guixers
> 
> Just stumbled upon this recently discovered supply chain attack on xz, 
> 
> inserting a backdoor via test files [1, 2]. And it made me wondering, 
> 
> what would have been the effects on guix and how can we potentially 
> 
> avoid it?

It looks like the affected version is XZ XZ 5.6.0/5.6.1, and guix is
currently on 5.2.8.  The git repo is apparently not affected.  So we
could use the git repo and not the tarball.  Also it mainly seems to 
target systemd.  I'm basically reading phoronix's coverage:



The malicious injection present in the xz versions 5.6.0 and 5.6.1
libraries is obfuscated and only included in full in the download package
- the Git distribution lacks the M4 macro that triggers the build 
of the malicious code. The second-stage artifacts are present in 
the Git repository for the injection during the build time, in 
case the malicious M4 macro is present.

The resulting malicious build interferes with authentication in sshd via 
systemd. SSH is a commonly used protocol for connecting remotely to systems, 
and sshd is the service that allows access. Under the right circumstances this 
interference could potentially enable a malicious actor to break sshd 
authentication and gain unauthorized access to the entire system remotely.

Joshua

P.S. Here's guix's xz source code:

https://git.savannah.gnu.org/cgit/guix.git/tree/gnu/packages/compression.scm#n494

And the phoronix link:

https://www.phoronix.com/news/XZ-CVE-2024-3094

> 
> Stay safe!
> 
> Reza
> 
> [1] https://www.openwall.com/lists/oss-security/2024/03/29/4
> 
> [2] https://access.redhat.com/security/cve/cve-2024-3094#cve-cvss-v3
>

Re: Hang on 'sending 0 store items'

[jbranso]

March 26, 2024 at 11:58 AM, "Development of GNU Guix and the GNU System 
distribution."  wrote:



> 
> Hi,
> 
> When trying to 'deploy' the command hangs for one piece of my equipment
> with the perplexing message:
> 
>  guix deploy: sending 0 store items (0 MiB) to 'FQDN'...
> 
> Has anyone seen it before? Is there a cure? Thanks!

Questions about bugs are probably best sent to bug-g...@gnu.org,
which I have just done for you.

Thanks,

Joshua

> 
> Kind regards
> Felix
>

Re: Handling expensive packages

[jbranso]

Hey Peter!

Your patch found its way on onto the guix devel list!

Thanks for contributing to guix!  We want to add your patch, and we are 
wondering what your motivation was for sending this patch?  Is your patch a 
prerequisite for a package you want to add?  Or do you have some other reason?

Thanks,

Joshua
https://gnucode.me

March 11, 2024 at 3:06 PM, "Skyler Ferris"  wrote:



> 
> Hello,
>  
>  I am looking through the backlog of open patch submissions 
> https://issues.guix.gnu.org/search?query=is%3Aopen+tag%3Apatch  to see if any 
> are actionable on my end. One such patch is issue 55728 which updates 
> python-mock https://issues.guix.gnu.org/55728 . Based on the output of `guix 
> refresh --list-dependent python-mock | wc`, this will impact more than 2000 
> packages. While this submission is very old, neither the master nor 
> python-team branches have updated this package yet. In section 22.8.2 
> "Managing Patches and Branches" 
> https://guix.gnu.org/en/manual/devel/en/html_node/Managing-Patches-and-Branches.html
>  , there is a recommendation that changes which effect more than 300 
> dependents are added to a different branch for testing.
>  
>  These dependents presumably still work, as there are not 2000 build failures 
> or a flood of related bug reports. So I think it would make sense to first 
> ask the submitter for their motivation for sending the patch (for example, it 
> might be a prerequisite for a package they want to add and they did not send 
> it as a series for some reason). Depending on their response it might make 
> sense to do something other than apply the update as given (for example, by 
> providing both versions of the package so that a new package can be added 
> without impacting existing branches). But there also might be some reason why 
> it makes sense to apply the update everywhere (for example, if significant 
> optimizations in the update reduces build times for all of the dependent 
> packages).
>  
>  So my main question is whether or not people agree that it makes sense to 
> ask the submitter for more information and take no other action at this time. 
> And as a secondary question, if it does make sense to update the package 
> everywhere is there anything actionable on my end?
>  
>  Regards,
>  Skyler
>

Re: setting up a channel for pending package update patches

[jbranso]

March 2, 2024 at 4:53 PM, "Andy Tai"  wrote:



> 
> Hi, curious if anyone has done such a task: setting up a channel for
> the pending patches for package definitions.

I believe you are describing the guixrus channel.

https://sr.ht/~whereiseveryone/guixrus/

They will take WIP packages, and they help you to merge them upstream.

Joshua

> 
> Since pending patches for package updates take long time to process
> and merge. I wonder if anyone has set up a channel that contains the
> patches applied on top of the Guix git repo so such a channel would
> bring the pending changes to end users who use this channel before the
> official Guix git repo is updated (applying the package definition
> patches).
> 
> This is not about a permanent fork of the Guix repo or a special
> channel like guix games for some specific types of packages like say
> games.
> 
> Better yet, if anyone has set up a substitution server for this update
> channel, info on that would be even better.
> 
> This is assuming some risks, such as update patches may have errors,
> that may break things
> 
> Curious if anyone's experience in doing this, any issues running such
> setup, etc.
>

Re: cannot boot after installation on VPS (via rescue system)

[jbranso]

February 21, 2024 at 4:54 AM, "Giovanni Biscuolo"  wrote:



> 
> Hello,
> 
> following the good guidelines from (info "(guix-cookbook) Running Guix
> on a Kimsufi Server") and (info "(guix-cookbook) Running Guix on a
> Linode Server") I'm developing a shell script to automate the "manual"
> installation of Guix on bare metal and VPS, you can find it attached to
> this email as bootstrap-guix.sh or at this git repo URL:
> https://gitlab.com/softwareworkers/swws/-/blob/master/infrastructure/hosts/cornouiller/bootstrap-guix.sh?ref_type=heads
> 
> The main purpose of the script is to allow me to install Guix on
> machines (bare metal or virtual) hosted by vendors who do not offer Guix
> in their OS installation options, since almost all vendors provides a
> rescue system that can be used to "manually" set up the environment,
> partition the target disk and lastly "guix system init..."
> 
> I've extensively tested the script locally (on bare metal and QEMU VMs),
> both booting the machines via grml [1] and Guix install image and it
> works as expected; I've also used it to install Guix on some bare metal.
> 
> Now I'm trying to use it on two VPS from two different vendors, booted
> in rescue mode, but after the installation (via bootstrap-guix.sh) when
> I reboot the VPS I get the usual grub menu but the boot process suddenly
> fails with this error (manually copied from web console, sorry for
> possible typos):
> 

I just logged into my linode server...your script defaults to a btrfs
filesystem right?  When I tried to add an additional disk in linode
just now, the only supported filesystem was ext4.  Does linode support
btrfs?

Joshua 

> --8<---cut here---start->8---
> 
> Scanning for Btrfs filesystems
> ice-9/boot9.scm:1685:16: In procedure raise-exception:
> In procedure mount: No such file or directory
> GRUB loading...
> Entering a new prompt. Type ',bt' for a backtrace or ',q' to continue.
> [...]
> scheme@(guile-user)> ,bt
> In gnu/build/linux-boot.scm:
>  637:8 3 (_)
>  435:8 2 (mount-root-filesystem "/dev/sda3" "btrfs" # _ #:flags ?)
> In unknown file:
>  1 (mount "/dev/sda3" "/root" "btrfs" 0 "compress=zstd")
> In ice-9/boot9.scm:
>  1685:16: 0 (raise-exception _ #:continuable? _)
> 
> --8<---cut here---end--->8---
> 
> In particular, I don't understand why the boot script is trying to mount
> the root filesystem at "/root" and not at "/" as it should: am I missing
> something?
> 
> I suspect that the issue depends on how the rescue system root is
> mounted (overlay filesystem) but I'm not sure; I cannot find a solution.
> 
> I'm also attaching:
> 
> - bootstrap-config.scm: automatically generated by the script and used
> by "guix system init..."
> 
> - bootstrap-mount-points.txt: automatically collected during installation
> 
> You can find all the files also here:
> https://gitlab.com/softwareworkers/swws/-/tree/master/infrastructure/hosts/cornouiller?ref_type=heads
> 
> Any idea please? :-O
> 
> Happy hacking! Gio'
> 
> [1] https://grml.org/, a rescue system based on Debian
> 
> -- 
> Giovanni Biscuolo
> 
> Xelera IT Infrastructures
>

Re: Gaming on Guix

[jbranso]

February 11, 2024 at 6:26 AM, "Tobias Alexandra Platen" 
 wrote:



•••

> 
> I am a libre game developer and I plan to package my game that I am
>  currently working on for Guix. On the long term I also want to make a
>  scalable distribution service that one can self host and which allows
>  paying for games using GNU Taler. Once the user has payed they can get
>  substitutes, if they don't want to pay, they still have the freedom
>  to build the game from source. I propose the name GNUtris for this
>  service. 
>  
>  First I will make a home page using haunt for my game. Then I start
>  packaging ist dependencies, starting with libsurvive, which is needed
>  to use the Valve Index. Then I package the rest of the software,
>  needed to run the game. Finally I setup a sales/crowdfunding page,
>  this will be the harded part of my project. I heard that Taler will
>  soon go into production in the Euro zone.
>  
>  PS: I try to avoid Steam, Nonguix and the Guix Gaming Channels
>

I am definitely gave for chipping in for your crowdfunding campaign 
for this.  I think we should find a pay to pay libre developers, and
this sounds like a great idea!

Also, you can also license your game source code as GPL, but license
the game assets as proprietary.  This does not violate the GPL.

Joshua

Re: RFI: Guix XMPP service. paid service?

[jbranso]

I would like to pay $5 a month to have an xmpp account 
coolawesomeusern...@guix.gnu.org

Are there other interested parties?  It might be a possible way to generate $$ 
to continue developing guix.

We could even partner with JMP.chat.

My two cents,

Joshua

www.gnucode.me

Re: SSSD, Kerberized NFSv4 and Bacula OFF TOPIC PRAISE

[jbranso]

August 24, 2023 3:57 PM, "Martin Baulig"  wrote:

> Hello,
> 
> About 2–3 months ago, I got an initial prototype of Bacula working on GNU 
> Guix. I had the Bacula
> Director, two separate Storage Daemons and the Baculum web interface running 
> in a GNU Guix VM on my
> Synology NAS.

I had to look it up...Apparently Bacula is a way to back up computers on a 
network.  Sounds cool!
https://en.wikipedia.org/wiki/Bacula

> At some point, I would really love to upstream these changes, but it's quite 
> a complex
> configuration - and I also had to do quite a few refactorings and clean-ups 
> for this to pass my
> personal quality standards.
> 
> One issue I had to deal with is that Bacula heavily relies upon clear-text 
> passwords in its various
> configuration files. To communicate between its different components, it uses 
> TLS with Client
> Certificates in addition to passwords. So in addition to writing clear-text 
> passwords into various
> configuration files, the X509 private keys, DH parameters, etc. also need to 
> be installed into
> appropriate directories.
> 
> I came up with quite an elegant solution for this problem - and introduced 
> three new services and
> an extension.
> 
> * My "guix secrets" tool provides a command-line interface to maintain a 
> "secrets database"
> (/etc/guix/secrets.db) that's only accessible to root. It can contain simple 
> passwords, arbitrary
> text (like for instance X509 certificates in PEM format) and binary data.

I know guix has been wanting to figure out how to have services that need 
passwords in the configuration
file.  This sounds like it could work!  

> * The problem with the standard activation service is that it runs early in 
> the boot process and
> all activation actions are run in a seemingly random way, there isn't a way 
> to provide any real
> dependencies. Any failures could possibly prevent the system from fully 
> booting up.
> 
> I created a new "activation-tree-service-type" - currently experimental and a 
> bit in a refactoring
> stage. It creates a separate one-shot Shepherd service for each activation 
> action, and you can
> declare dependencies between them.
> 
> Since it's using normal Shepherd services underneath the hood, you could for 
> instance depend on
> user-homes and the network being up, so you could SSH in and use GNU Emacs to 
> fix any issues.
> 
> And any arbitrary Shepherd service could also depend on some of these actions 
> - such as for
> instance the various Bacula services.
> 
> * Then I created "service-accounts-service-type" that extends the standard 
> account creation with
> the ability to also create home directories, run and PID directories and the 
> log-file. It's mostly
> used under the hood.
> 
> * Finally, "secrets-service-type" depends on all of the above to do its work.
> 
> It takes a template file - which is typically interned in the store - 
> containing special "tokens"
> that tell it which keys to look up from the secrets database.
> 
> It uses the above mentioned service-accounts-service-type to specify where 
> the substituted
> configuration file should be installed, insuring that the directory has been 
> set up with
> appropriate permissions.
> 
> And then it substitutes the special tokens from the template file with the 
> actual secrets. For
> instance "@password:foo@" would be substituted with a password entry called 
> "foo". For arbitrary
> text or binary data, the template would contain something like "@blob:data@" 
> - this will be
> substituted with the full path name of a file where the actual data will be 
> written to.
> 
> * * * *
> 
> All of the above has been mostly working in early August, just one problem 
> remained:
> 
> I do not want to store any of the actual data inside the VM, but rather use a 
> folder on the NAS
> itself. Even the PostgreSQL database lives on a NFS-mounted volume. The 
> problem is quite simply
> that Synology's Virtual Machine Manager software does not provide any way of 
> exporting or importing
> volumes. You cannot even move them between VMs. And I really don't want to 
> tie my data to the
> lifecycle of the VM.
> 
> Using traditional NFS (either version 2 or 3) worked perfectly fine and since 
> this is a very
> locked-down environment, encrypting the NFS traffic really isn't needed. 
> Like, and attacker that
> got access to either the NAS or the VM running inside it would already have 
> all the data anyway.
> 
> However, I wanted to give it a try regardless and see whether I could get 
> SSSD working with GNU
> Guix.
> 
> And this is where the nightmares began!
> 
> Firstly, I had to make a few changes to GNU Guix itself, most of which I'd 
> like to upstream. The
> code is in my public GitLab repo, but it's a bit of a mess right now, and 
> I'll need at least a day
> or two to clean it up. But I also ran across a couple of questions and issues.
> 
> * GNU Guix is currently using nfs-utils 2.4.3, whereas 2.6.3 is currently the 
> latest 

Re: Relaxing the restrictions for store item names

[jbranso]

August 23, 2023 6:27 AM, "Eidvilas Markevičius"  
wrote:

> Hello Guix,
> 
> Another scenario where these artificial restrictions could be a
> potential cause of trouble is when we consider a possibility that Guix
> might be used for packaging and distributing not only software, but
> all kinds of non-executable data such as films, books, music,
> databases, historical documents, website archives, etc. [3]. 

+1 on distributing films with guix.  I personally want to package the video 
lectures
for structure and interpretation of programs to guix.
 
> [0] https://issues.guix.gnu.org/64976
> [1] 
> https://git.savannah.gnu.org/cgit/guix.git/tree/nix/libstore/store-api.cc#n58
> [2] https://raštija.lt/liepa/paslaugos-vartotojams/narsytuvas
> [3] https://gitlab.com/guix-media-channels

Re: plasma desktop in guix

[jbranso]

July 26, 2023 2:23 PM, "Tobias Platen"  wrote:

> That looks good. Soon I'll try to get XRDesktop working on the Guix
> System, either with Gnome or with KDE. Still a long way to get it
> working on my Talos II. (I will have to upgrade my GPU to one from
> RED Semiconductor as the current one needs non-free firmware.)
 
Just out of curiosity, how decent is the libre RED Semiconductor GPU?

Is it mostly RYF?

Joshua

Re: Draft new Guix Cookbook section on Emacs

[jbranso]

June 5, 2023 2:13 AM, "Mekeor Melire"  wrote:

> Hello :)
> 
> I'd like to contribute to the Guix Cookbook.
> 
> The Cookbook is written in Texinfo format but as I'm not fluent in it, I 
> decided I'd first draft my
> contribution in Org-Mode which I'd later export as Texinfo and adapt 
> appropriately. I'm sorry that
> this also means that the hereby submitted draft does not come as a Git patch 
> for now.
> 
> Find below a first draft of a new chapter entitled "Emacs", including two 
> subchapters, "Beginners
> Guide to the Perfect Setup" and "Mu4e".
> 
> Regarding the Perfect Setup, I'm convinced that it makes sense to have a more 
> beginner-friendly
> tutorial supplementing the instructions which are already present in the Guix 
> manual. It's meant to
> have more background information and more, non-essential configuration tips, 
> as well as details on
> usage, including keybindings.
> 
> Regarding emails, in the long-term, I'd also like to contribute a new chapter 
> on how to use the
> mailing-lists, elaborating on how to get local maildir copies of the 
> mailing-lists with tools like
> isync/mbsync or public-inbox etc. But that's for the future!
> 
> I'm looking forward to your feedback.

My only question is should we mention emacs-guix?  I haven't tried using it in 
a long time.  Does it
still work?

Re: What's needed to get things building for i586-gnu (the hurd) post core-updates?

[jbranso]

May 5, 2023 11:02 AM, "Christopher Baines"  wrote:

> Josselin Poiret  writes:
> 
>> Christopher Baines  writes:
>>> I think the use of coreutils-boot0 in the source for gcc-boot0 is a
>>> problematic change introduced in core-updates [2], at least
>>> coreutils-boot0 fails to build.
>> 
>> Just to recap, as you mentioned on IRC, the coreutils configure phase
>> seems to miss hurd.h, even though it is included in the bootstrap glibc.
>> It might be due to the coreutils upgrade, since I don't see what else
>> could've changed this derivation. I don't have a childhurd at the
>> moment (because a cross-compiled Hurd fails to run), so I can't really
>> test native compilation as above :(
> 
> I think the first bit to look at here is not that coreutils-boot0 is
> failing, but why it's started being used, because I'm not even sure
> about that.

Fun fact of the day, the Debian GNU/Hurd is starting to build 64-bit
packages:

https://lists.gnu.org/archive/html/bug-hurd/2023-05/msg00073.html

Re: GOOPS-less Shepherd

[jbranso]

April 8, 2023 8:54 PM, "Ivan Sokolov"  wrote:

> Bodertz  writes:
> 
>> I don't have strong feelings either way, and the change won't really
>> affect me too much, but what benefit is there in breaking things? From
>> what I understand from your message, users' configs will stop working in
>> a few months when 1.0.x releases (or with the macro would "kinda work"),
>> which is at least a short-term con, so what's the long-term benefit of
>> this change? Is GOOPS so bad a thing to require?
> 
> If I understand correctly, that will allow Shepherd to run on GNU Mes,
> a Scheme interpreter written for Guix bootstraping.

So by removing the Shepherd's dependency on GNU Mes, the Guix project
benefits by simplying its bootstrapping process?

Re: Brainstorming ideas for define-configuration

[jbranso]

March 9, 2023 3:25 PM, "Liliana Marie Prikler"  
wrote:

> Hi,
> 
> Am Donnerstag, dem 09.03.2023 um 02:28 + schrieb Bruno Victal:
> 
> I smell bad code ahead.
> 
>> We could provide procedures that validate each record type within
>> define-configuration itself instead of validating the value at
>> runtime (i.e. within the body of the service-type).
>> 
>> --8<---cut here---start->8---
>> ;; the common case
>> (define-configuration foo-configuration
>> (name
>> string
>> "Lorem ipsum...")
>> 
>> ;; ...
>> 
>> (validator procname))
>> 
>> ;; [bonus] Simpler configurations that only care for mutually-
>> exclusive fields
>> (define-configuration foo-configuration
>> (name
>> string
>> "Lorem ipsum...")
>> 
>> (title
>> string
>> "Lorem ipsum..."
>> (conflicts 'name)))
>> --8<---cut here---end--->8---
> 
> Instead of providing both a name field and a title field, you might
> provide a field that can either be a name or a title or allow an even
> more powerful value type as long as it makes sense.

While I would agree that a guix service writer should avoid mutually
exclusive fieldnames and instead prefer mutually exclusive records
(and 95% of that time that will work), but may we examine it from a
user's perspective? How does the service writer differentiate from
a string title or string name?

Suppose that you want to respond to a king's rudeness. You can
secretly insult him or obviously insult him:

===Mutually exclusive records===, which are better from a maintainer's
perspective, but perhaps cause the user to write more scheme:

"..your traitor brother. Maybe I’ll feed him to wolves after I’ve
caught him. Did I tell you, I intend to challenge him to single
combat?"

(insult-configuration
  (response
(secret-insult-configuration
  (secret-insult “I should like to see that, Your Grace.”

OR

"You can't insult me."

(insult-configuration
  (response
(obvious-insult-configuration
  (obvious-insult "We've had vicious kings and we've had idiot kings,
but I don't know if we've ever been cursed with a vicious idiot for
a king!"

===Mutually exclusive fieldnames===

"I am the KING!"

(insult-configuration
  (secret-insult "Any man who must say, 'I am the king' is no
true king. I'll show you that after I've won your war.")))

OR

"You are Kingsguard!"

(insult-configuration
  (obvious-insult "...F*ck the King."

These examples are pretty wonky I will admit, but I really like
an option of having mutually exclusive fieldnames.  Having said all of this,
I will agree that that mutually exclusive fieldnames are a bit like "goto"
in C.  You really should never use them, unless you absolutely have to.

Thanks,

Joshua

P.S.  I thought about not sending this email, then realized that someone
might find it funny.  Sorry if it wastes your time.  :(

Re: Hoping to donate/sell a Talos II motherboard

[jbranso]

March 1, 2023 5:11 AM, "Toshaan Bharvani | VanTosh"  wrote:

> On 01/03/2023 03:37, Luke Kenneth Casson Leighton wrote:
> 
> On Tuesday, February 28, 2023,  > 
> wrote:
> Hello you fabulous developers!
> 
> My friend has a spare Talos II motherboard that is currently sitting > in his 
> house
> in Indiana USA collecting dust.
> 
> https://www.raptorcs.com/TALOSII 
> 
> I have convinced him to donate/sell it to an open source project or > 
> developer.
> 
> I reached out to Richard Stallman, and he agreed to take the board. > I am 
> certain that the
> FSF would put it to good use. My friend and I have not yet decided, > to whom 
> we will give
> the motherboard. Is it possible that I could give it to someone or > project, 
> such that all
> parties here would benefit?
>> i am reasonably certain that Toshaan Bharvani would be
>> prepared to do that although he would need to speak for
>> himself.
> 
> Yes, please, I am interested.
> I would use it for PowerEL, LibreBMC and LibreSOC.
> All open source projects.
> Is this just a board or also a CPU?

It is just the motherboard.  :)

> 
>> the other option would be to donate it to the University of
>> Oregon who already have POWER9 systems that are accessible
>> to FOSS projects via the "OpenPOWER Hub". cc'ing Sameer
>> as well.
>> (in case that wasn't clear: FOSS projects can *already*, right
>> now, apply for access to POWER9 systems, do i have that right,
>> Sameer?)
> 
> Is there any project or developer here that would be willing to take > this 
> motherboard and
>> create
> 
> virtual machines that other projects could have access to?
> 
> Thoughts?
> 
> Thanks,
> 
> Joshua Branson
> FOSS enthusiast
> https://gnucode.me 
> 
>> -- > ---
>> crowd-funded eco-conscious hardware: https://www.crowdsupply.com/eoma68 >
>> 
> 
> -- --
> Toshaan Bharvani
> +32-(0)476-66.70.55
> tosh...@vantosh.com
> @toshywoshy
> 
> __ __ _ _
> \ \ / /_ _ _ _|_ _|__ ___| |__
> \ \ / / _` | '_ \| |/ _ \/ __| '_ \
> \ V / (_| | | | | | (_) \__ \ | | |
> \_/ \__,_|_| |_|_|\___/|___/_| |_|
> 
> http://www.vantosh.com
> 
> --

So to summarize, my friend is donating/selling an Talos II motherboard.  
It does not have the CPU or RAM.  Our current options are:

Donate to debian
   Who will mostly help debian distributions run on Power9.

Donate to the FSF
   Who will probably set up a substitute server for guix and help guix
   run on Power9.  As well as hosting mailing lists and other stuff?
donate to the university of Oregon, whose contact is Toshaan Bharvani.
  Any any open source project can apply for virtual machines on it.

Donate to the OpenBSD foundation.
   Who will push the boundaries of software security, and whose daemons
   like openssh benefit everyone.

Any other options that I am missing?

I'll let me friend know these options, and I will encourage him to donate/sell
it by the end of March.  (He's on vacation for the next two weeks).

Thanks,

Joshua

Hoping to donate/sell a Talos II motherboard

[jbranso]

Hello you fabulous developers!

My friend has a spare Talos II motherboard that is currently sitting in his 
house 
in Indiana USA collecting dust.

https://www.raptorcs.com/TALOSII/

I have convinced him to donate/sell it to an open source project or developer.

I reached out to Richard Stallman, and he agreed to take the board.  I am 
certain that the
FSF would put it to good use.  My friend and I have not yet decided, to whom we 
will give 
the motherboard.  Is it possible that I could give it to someone or project, 
such that all 
parties here would benefit?

Is there any project or developer here that would be willing to take this 
motherboard and create 
virtual machines that other projects could have access to?

Thoughts?

Thanks,

Joshua Branson
FOSS enthusiast 
https://gnucode.me

Re: Oniro or Guix on Zephyr kernel?

[jbranso]

February 24, 2023 2:35 PM, "Tobias Geerinckx-Rice"  wrote:

> Hi,
> 
> On 2023-02-24 19:36, Mitchell Schmeisser wrote:
> 
>> I don't think the guix daemon is technically > required
>> for the shepherd to boot (being the daemon is a shepherd process
>> itself).
> 
> No, not at all. I think this is a common (and not unreasonable!) assumption 
> we Guixers forget
> exists.
> 
> The ‘Guix daemon’ is not required to run Guix software or Guix System, only 
> for store operations
> (building, GC'ing, …).
> 
> The name ‘guix-build-daemon’ would have been closer to the truth.

Thanks for clarifying.  So, guix system requires a shepherd daemon to be 
running correct?

That shepherd daemon starts at boot and runs as PID 1 and starts all system 
services.

Does the guix-build-daemon start lazily or only when needed?  So if I booted up 
my guix system laptop, and only browsed
the internet, never typed in any "guix " command, would the guix-build-daemon 
ever run?


> 
> Kind regards,
> 
> T G-R
> 
> Sent from a Web browser. Excuse or enjoy my brevity.

Re: Oniro or Guix on Zephyr kernel?

[jbranso]

February 24, 2023 10:41 AM, "Peter Polidoro"  wrote:

>> Actually, my new friend Mitchell just created a blog post about > using
>> GNU Guix for Zephyr kernels:
>> 
>> https://gnucode.me/building-toolchains-with-guix.html
> 
> Great blog post, thank you! It makes me a little hesitant about Zephyr if 
> they have just given up
> on other people building their SDK, but I am very glad all of you smart 
> people are working on a
> Guix alternative.
> 
> I am still curious if other parts of Guix System could be useful in embedded 
> environments if all of
> the packages are cross-compiled.
> 
> I am not sure of the detailed plans for Oniro, but I assume that it will 
> provide some sort of
> abstraction layer and user space on top of either the Linux kernel or the 
> embedded Zephyr kernel.
> Would it be possible to make some subset of Guix System into something 
> equivalent or is an entirely
> new operating system really necessary for that purpose? Are most of the 
> resource requirements for
> Guix System, 1 Gig of ram, etc, due to the package builder and Guix/Nix 
> daemon? If it was possible
> to declare an instance of Guix System that did not include those and only 
> used cross-compiled
> packages, could some portion of Guix System function in a similar way as 
> Oniro, or is that a
> nonsense question?

I'm probably not the best person to ask about that.  I am adding in Mitchell to 
the discussion.

Mitchell, what do you think?  Could we use a subset of guix system in embedded 
environments?

Thanks,

Joshua

Re: Guix Games Collection

[jbranso]

February 1, 2023 6:46 PM, "Csepp"  wrote:

> Tobias Platen  writes:
> 
>> I had submitted a talk for LibrePlanet called "Gaming on a Talos II -
>> how I avoid using Steam". Unfortunately, there were so many high
>> quality talks that it was impossible to fit them all in the program.
>> So I will do a lightning talk [1], about my work in progress Guix
>> Games Collection, a list of games that are playable on a freedom
>> respecting machine such as the Talos II or Thinkpad X200 (with
>> Libreboot) on the Guix System. I also plan to make a haunt page with
>> screenshots/videos for each game, similar to the Steam storepages.
>> 
>> [1]:
>> https://libreplanet.org/wiki/LibrePlanet:Conference/2023/Lightning_Talks
> 
> I guess we'll find out from the talk anyways, but I'm curious:
> do you only play games on it that are fully free (including assets,
> missions, etc) or are games where only the code is libre also allowed.
> Thinking of examples like Kandria, Quadrilateral Cowboy, etc, which have
> GPL codebases but you still need to buy the game to get the assets.

Fun fact of the day, I would play libre software games that have libre code, 
but proprietary assets.  :)

Re: Suggest improve emacs setting in 'The Perfect Setup'

[jbranso]

January 1, 2023 4:06 PM, "Feng Shu"  wrote:

> jbra...@dismail.de writes:
> 
>> That's a good idea! I think there is/was a guix developer trying to write an
>> emacs configuration specifically to hack on guix...
> 
> The below is my current guix emacs config, I do not know whether it is
> suitable for an example, maybe someone can try it :-)
> 
> If suitable, I will try to send a patch.

I would go ahead and send a patch to guix-patches.  It might be a good idea to 
review someone else' patch.  Guix is in need of patch reviewers.  :)

I should probably take my own advice and review someone else's patch too.  :)

Joshua

Re: Suggest improve emacs setting in 'The Perfect Setup'

[jbranso]

January 1, 2023 2:54 PM, "Feng Shu"  wrote:

> Joshua Branson  writes:
> 
>> Feng Shu  writes:
>> 
>>> Hello:
>>> 
>>> In 'The Perfect Setup', we suggest user to use the below emacs config:
>>> 
>>> ```
>>> ;; Assuming the Guix checkout is in ~/src/guix.
>>> (with-eval-after-load 'geiser-guile
>>> (add-to-list 'geiser-guile-load-path "~/src/guix"))
>>> ```
>>> 
>>> This config need user to deal with %load-path of guix, which seem to be
>>> a hard job for new guile user for many dirs of guix and other guix channels,
>>> why not suggest new user to use the below config:
>> 
>> How about you go ahead and make a patch on guix-patc...@gnu.org, that
>> way this issue is not forgotten?
> 
> Maybe we can add an example emacs config for develop guix in etc directory.

That's a good idea!  I think there is/was a guix developer trying to write an
emacs configuration specifically to hack on guix...

> 
>>> ```
>>> (setq geiser-guile-binary (list "guix" "repl"))
>>> ```
>>> 
>>> or:
>>> 
>>> ```
>>> (setq geiser-guile-binary (list "guix" "repl" "-L" 
>>> "/path/to/user-own-config-dir"))
>>> ```
>>> 
>>> when user just want to develop his own guix config, just run:
>>> 
>>> ```
>>> emacs
>>> ```
>>> 
>>> guix and other channels installed by 'guix pull' will be used properly.
>>> 
>>> when user want to develop in guix.git, he just run emacs like the below:
>>> 
>>> ```
>>> ./pre-inst-env emacs
>>> ```
>>> 
>>> The below is my guix emacs config, seem to work:
>>> 
>>> 
>>> 
>>> (require 'geiser)
>>> (require 'geiser-guile)
>>> (require 'guix)
>>> (require 'magit)
>>> 
>>> ;; ** My own guix config.
>>> (defvar eh-geeguix-dir (expand-file-name "~/geeguix"))
>>> 
>>> ;; ** Let geiser-guile use 'guix repl'
>>> (setq geiser-guile-binary (list "guix" "repl" "-L" eh-geeguix-dir))
>>> 
>>> ;; ** guix-devel-mode
>>> (add-hook 'scheme-mode-hook #'guix-devel-mode)
>>> 
>>> ;; ** Get guix dir installed by 'guix pull'.
>>> (defun eh-guix-dir ()
>>> (file-name-as-directory
>>> (cl-find-if
>>> (lambda (dir)
>>> (file-exists-p (expand-file-name "guix.scm" dir)))
>>> (directory-files
>>> (expand-file-name "~/.cache/guix/checkouts/")
>>> t
>>> 
>>> ;; ** copyright-update
>>> (when (eh-guix-dir)
>>> (let* ((dir (eh-guix-dir))
>>> (file (expand-file-name "etc/copyright.el" dir)))
>>> (when (file-exists-p file)
>>> (load-file file)
>>> ;; (add-hook 'after-save-hook 'copyright-update)
>>> (setq copyright-names-regexp
>>> (format "%s <%s>" user-full-name user-mail-address)
>>> 
>>> ;; ** tempel
>>> (when (eh-guix-dir)
>>> (let* ((dir (eh-guix-dir))
>>> (path (expand-file-name "etc/snippets/tempel/*" dir)))
>>> (add-to-list 'tempel-path path)))
>> 
>> I would also add:
>> 
>> (add-hook! 'scheme-mode-hook #'display-fill-column-indicator-mode)
>> 
>> This creates a vertical line that reminds you that your code should fit
>> inside 80 columns.
>> 
>> Possible also mention how to set up page break lines:
>> 
>> https://github.com/purcell/page-break-lines
> 
> --

Re: Some stats about the graph of dependencies

[jbranso]

December 9, 2022 12:32 PM, "zimoun"  wrote:

> Hi,
> 
> Preparing some Python stuff, I was toying with the package
> python-networkx. And Guix is awesome because it is easy to extract the
> graph of dependencies.
> 
> Here dependencies are just inputs, native-inputs and propagated-inputs.
> It could be interesting to also include build-system dependencies, I
> have been lazy. :-)
> 
> My initial question is to know what are the “essentials”? By essential,
> I mean the “important“ ones, the “hot” ones, etc. The ones which are
> “influencers” – yeah the world is a social network. :-)
> 
> First, let extract the graph with a tiny Scheme script:
> 
> $ guix repl -- packages-to-dict.scm > dod.py
> 
> Then, let import that into an IPython session:
> 
> $ guix shell python python-ipython \
> python-scipy python-matplotlib python-networkx -- ipython
> 
> and run another tiny Python script for plotting. See Figure attached.
> 
> We can compare a link analysis metrics [1] and a centrality measure
> [2]; say PageRank [3] and Eigenvector [4]. More the value is large and
> higher the package is “important“ (for this metrics).
> 
> And the Directed and Undirected graphs can be compared, using Networkx
> [5,6]. Well, Eigenvector centrality (or Katz centrality [7]) is failing
> because the power iteration does not converge but other metrics could be
> also considered. Here is just a first rough toy. :-)
> 
> According to PageRank applied to the Directed Graph, the 10 most
> “important” packages are:
> 
> --8<---cut here---start->8---
> [('pkg-config-0.29.2', 0.02418335991713879),
> ('perl-5.34.0', 0.015404032767249512),
> ('coreutils-minimal-8.32', 0.013240458675517012),
> ('zlib-1.2.11', 0.009107245584307803),
> ('python-pytest-6.2.5', 0.008413060648307678),
> ('ncurses-6.2.20210619', 0.007598925467605917),
> ('r-knitr-1.41', 0.00554772892485958),
> ('sbcl-rt-1990.12.19-1.a6a7503', 0.004884721933452539),
> ('bzip2-1.0.8', 0.004800877844001881),
> ('python-3.9.9', 0.00415536078558266)]
> --8<---cut here---end--->8---
> 
> And if we compare the 3 results (Undirected with PageRank and
> Eigenvector, and Directed with PageRank only, then 10 most “important”
> packages are:
> 
> --8<---cut here---start->8---
> ['pkg-config-0.29.2',
> 'glib-2.70.2',
> 'zlib-1.2.11',
> 'gtk+-3.24.30',
> 'perl-5.34.0',
> 'gettext-minimal-0.21',
> 'qtbase-5.15.5',
> 'libxml2-2.9.12',
> 'python-3.9.9',
> 'autoconf-2.69']
> --8<---cut here---end--->8---
> 
> Somehow, it means that these packages have an high influence on all the
> others. Now, we can roughly compare with the release-manifest.scm [8],
> 
> --8<---cut here---start->8---
> '("bootstrap-tarballs" "gcc-toolchain" "nss-certs"
> "openssh" "emacs" "vim" "python" "guile" "guix")))
> '("coreutils" "grep" "findutils" "gawk" "make"
> #;"gcc-toolchain" "tar" "xz")))
> '("xorg-server" "xfce" "gnome" "mate" "enlightenment"
> "openbox" "awesome" "i3-wm" "ratpoison"
> "emacs" "emacs-exwm" "emacs-desktop-environment"
> "xlockmore" "slock" "libreoffice"
> "connman" "network-manager" "network-manager-applet"
> "openssh" "ntp" "tor"
> "linux-libre" "grub-hybrid"
> '("coreutils" "grep" "sed" "findutils" "diffutils" "patch"
> "gawk" "gettext" "gzip" "xz"
> "hello" "zlib"
> --8<---cut here---end--->8---
> 
> Well, we could investigate more and play more with some graphs tools.
> For instance, include all the build-system dependencies and so on.
> 
> Some list about “statistically important” packages could help for
> improving the list of “essential” packages.
> 
> Although Python is great, I would like to run Guile. Any Guile library
> for manipulating graph is around?

https://packages.guix.gnu.org/packages/guile2.2-charting/0.2.0-1.75f755b/

Thought it may be guile 2 only...?

> 
> All that to say, Guix is great! :-) And perhaps some of you have already
> some Guile code for analysing graphs. Maybe.
> 
> Well, comment or idea is welcome. :-)
> 
> 1: 
> 2: 
> 3: 
> 4: 
> 5: 
> 
> 6: 
> 
> 7: 
> 8: 
> 
> 
> Cheers,
> simon

Re: A Few Irc Logs

[jbranso]

October 28, 2022 6:09 PM, "jgart"  wrote:

> Does anyone know of any program that generates tags for irc logs?
> 
> Kind of like afew but for massive irc logs not unlike logs.guix.gnu.org
> 
> * https://github.com/afewmail/afew

You might get better answers in the help-guix list, which I am CC-ing now.

You might have some good luck asking this in #guix too.  :)

Re: https://guix.gnu.org/ is offline

[jbranso]

October 19, 2022 1:18 AM, "Brendan Tildesley"  wrote:

> https://guix.gnu.org doesn't load for me and another person in IRC
> 
> curl https://guix.gnu.org
> curl: (7) Failed to connect to guix.gnu.org port 443 after 1838 ms: No route 
> to host


Thanks for reporting!  I would encourage you to report this kind
of outages on IRC.  You'd probably get a response faster.  :)

Re: Creating an Emacs Home Configuration Service

[jbranso]

October 19, 2022 4:25 PM, "Zain Jabbar"  wrote:

> Aloha All,
> 
> Thank you for your insightful messages. Sorry my code did not work as
> smoothly as I would have liked. I have a =home-environment= definition
> that hopefully works for you. You can put everything into one
> configuration as you described. I do that in the following source
> block. For some reason I liked the idea of separate definitions of
> each package, so that Guile and Guix Home kind of acts like a
> =use-package= declaration. Though that was needless abstraction on my
> end.

I do not know if it is a needless abstraction.  I am just bouncing ideas
around with you.  :)

> 
> #+BEGIN_SRC scheme
> (use-modules (srfi srfi-1)
> (ice-9 pretty-print)
> (gnu home)
> (gnu packages)
> (gnu services)
> (gnu home services)
> (gnu services configuration)
> (guix gexp)
> (guix transformations))
> 
> (define file-likes? (list-of file-like?))
> 
> (define-configuration/no-serialization emacs-configuration
> (emacs-packages
> (file-likes (list (specification->package "emacs-next"))) "Files")
> (early-init
> (list '()) "Early-Init")
> (init
> (list '()) "Init"))
> 
> (define-public emacs-configuration-service
> (service-type (name (symbol-append 'emacs-configuration))
> (extensions
> (list (service-extension
> home-profile-service-type
> (lambda (config) (emacs-configuration-emacs-packages config)))
> (service-extension
> home-xdg-configuration-files-service-type
> (lambda (config)
> (list
> `("emacs/init.el" ,(scheme-file "init.el"
> (emacs-configuration-init config)
> #:splice? #:t))
> `("emacs/early-init.el" ,(scheme-file "early-init.el"
> (emacs-configuration-early-init config)
> #:splice? #:t)))
> (default-value (emacs-configuration))
> (description "Configures Emacs init.el")))
> 
> (define-public minimal-home-environment
> (home-environment
> (services
> (list
> (service emacs-configuration-service
> (emacs-configuration
> (emacs-packages
> (list
> (specification->package "bash")
> (specification->package "emacs-next")
> (specification->package "emacs-debbugs")
> (specification->package "emacs-evil")
> (specification->package "emacs-paredit")
> (specification->package "emacs-anzu")))
> (init '((evil-mode 1)
> ;; Please add more config here
> ;; Begining of emacs init configuration after evil-mode 1
> 
> ;; End emacs init configuration
> ))
> (early-init '((setq warning-suppress-log-types '((comp) (comp)))
> (setq warning-suppress-types '((comp) (comp))) ; A
> serious stack of pringles here
> 
> minimal-home-environment
> #+END_SRC
> 
> I saved this file to =minimal-working-example.scm= and ran a container using
> =guix home -N --share=/tmp container ./minimal-working-example.scm=.
> This should spawn a shell in which you can run =emacs= (as terminal).
> Furthermore we can also run the info help command and get to the
> debbugs page.
> 
> The =init= and =early-init= configuration options take in
> S-Expressions not files. Under the hood the service uses =scheme-file=
> which takes in an expression. I am open to suggestions for other file
> mechanisms, like if, for example, G-Expressions are more natural here.
> I found that I did not know how to naturally append G-Expressions
> together and that the S-Expressions can "bleed" into the config using
> backquotes. So I chose just sticking in a list of expressions for
> Emacs. Something Andrew Tropin taught me, if you are working in a
> =*.scm= file and you want to evaluate elisp, use =M-x eval-region= or
> =M-x edit-indirect-region= (with the usual stipulation that if you do
> this very often we can bind it to a key).

I would say when you submit your service to guix-devel others will give
you some options too.  I like the idea of S-expressions though.

 
> If my interpretation of 13.1 Declaring the Home Environment is
> correct, we should expect an error associated with XDG_RUNTIME_DIR as
> the necessary variables will be set via the Operating-System
> declaration. The next error I believe is emacs wanting to make a file
> where the home container does not have read or write permissions. My
> =guix home= declaration with the =share= parameter should hopefully
> help with this error. Oddly enough if we do not specify the
> installation of =bash=, Emacs says it cannot uncompress the info
> manuals because there is no =sh=. That is why I included =bash= into
> the emacs packages list. I do think a lot of these "solutions" will be
> unncessecary if users were to use =guix home reconfigure= rather than
> user the container. Though it's nice to debug them there.

Thanks for the explanation!

Re: Creating an Emacs Home Configuration Service

[jbranso]

October 18, 2022 3:42 PM, "Zain Jabbar"  wrote:

> Here is a minimal reproducible(-ish needs change in module name)
> example configuration which installs =emacs-debbugs= (and not much
> else).

Cool I am CC-ing guix devel.

> #+BEGIN_SRC scheme
> (define-module (zaijab minimal-working-example)
> #:use-module (srfi srfi-1)
> #:use-module (ice-9 pretty-print)
> #:use-module (gnu home)
> #:use-module (gnu packages)
> #:use-module (gnu services)
> #:use-module (gnu home services)
> #:use-module (gnu services)
> #:use-module (gnu services configuration)
> #:use-module (guix gexp)
> #:use-module (guix transformations))
> 
> (define file-likes? (list-of file-like?))
> 
> (define-configuration/no-serialization emacs-configuration
> (emacs-packages
> (file-likes (list (specification->package "emacs-next"))) "Files")
> (early-init
> (list '()) "Early-Init")
> (init
> (list '()) "Init"))
> 
> (define debuggs-configuration
> (emacs-configuration
> (emacs-packages (list (specification->package "emacs-debbugs")
> 
> (define-public total-emacs-configuration
> (fold (lambda (config-1 config-2) (emacs-configuration
> (init (append (emacs-configuration-init config-1)
> (emacs-configuration-init config-2)))
> (early-init (append (emacs-configuration-early-init config-1)
> (emacs-configuration-early-init config-2)))
> (emacs-packages (append (emacs-configuration-emacs-packages config-1)
> (emacs-configuration-emacs-packages config-2)
> (emacs-configuration)
> 
> (filter emacs-configuration?
> (map variable-ref
> (filter variable-bound?
> (hash-map->list (lambda (x y) y) (struct-ref (current-module) 0)))
> 
> (define-public emacs-configuration-service
> (service-type (name (symbol-append 'emacs-configuration))
> (extensions
> (list (service-extension
> home-profile-service-type
> (lambda (config) (emacs-configuration-emacs-packages config)))
> (service-extension
> home-xdg-configuration-files-service-type
> (lambda (config)
> (list
> `("emacs/init.el" ,(scheme-file "init.el"
> (emacs-configuration-init config)
> #:splice? #:t))
> `("emacs/early-init.el" ,(scheme-file "early-init.el"
> (emacs-configuration-early-init config)
> #:splice? #:t)))
> (default-value (emacs-configuration))
> (description "Configures Emacs init.el")))
> 
> (define-public minimal-home-environment
> (home-environment
> (services (list (service emacs-configuration-service
> total-emacs-configuration)
> 
> minimal-home-environment
> #+END_SRC

I wonder why you do the define total-emacs-configuration...is it possible
to define an emacs-configuration something like this?

Forgive the possibly wrong syntax, I don't use guix home

(services
(service emacs-configuration-service
(emacs-configuration
(packages
(list emacs-debbugs
emacs-evil
emacs-paredit
emacs-anzu))
(init (text-file "init-file.el"
"(evil-mode 1)\n
;; other configuration stuff")

> I tested this using =guix home container -N
> minimal-working-example.scm=. Typing =M-x debbugs-gnu= gives a menu of
> bugs. I made sure the debbugs configuration is necessary by commenting
> it out, re-running =guix home container= and seeing that =M-x debb
> [TAB]= pulls up nothing. I think it works. Woo-hoo!

When I tested the home container via terminal foot I get a weird error:

warning: XDG_RUNTIME_DIR doesn't exists, on-first-login script
won't execute anything. You can check if xdg runtime directory exists,
XDG_RUNTIME_DIR variable is set to appropriate value and manually execute the
script by running '$HOME/.guix-home/on-first-login'-bash-5.1$ emacs
emacs: Terminal type foot is not defined.
If that is not the actual type of terminal you have,
use the Bourne shell command 'TERM=...; export TERM' (C-shell:
'setenv TERM ...') to specify the correct type. It may be necessary
to do 'unset TERMINFO' (C-shell: 'unsetenv TERMINFO') as well.

That's probably just foot being weird.

In lxterminal, emacs started fine. However, doing a M-x info RET

m Debbugs RET

I get this error in emacs:

"Creating file with prefx: No such file or directory /tmp/jka-com"

Anyway, definitely go ahead and send it to guix-patches!

> Thank you for telling me about the =,build= meta command. It looks
> very useful! I will need to figure out how to use it from =M-x
> geiser-guile=. I have built this code by doing the following:
> - open VTerm
> - guix repl
> - ,use (guix)
> - ,use (MODULE-NAME) ;; in my case this was (zaijab minimal-working-example)
> - ,build minimal-home-environment

Once you get geiser set up and clone the git repo, and compile everything...
inside the guix-src code...whatever file you are currently working on
C-c C-a opens up that file in the repl.  It's super awesome to be able to 
throw in some code evaluate it on the fly.

https://video.hardlimit.com/c/the_gnu_guy/videos

> I will be learning how to use the Git patching system soon. I will add
> more documentation when I submit the patch. I'll be sure to CC you as
> well. Thank you for your assistance.
> 
> On Tue, Oct 18, 2022 at 8:42 AM  

Re: Creating an Emacs Home Configuration Service

[jbranso]

October 17, 2022 7:12 PM, "Zain Jabbar"  wrote:

> Aloha Guix Development Team,
> 
> Thank you for this email. Your advice was directed very kindly and is
> very helpful. I have tried to revise the code based on your email. I
> also checked the setting for plaintext mode in GMail; I hope this
> makes the email easier to read.
> 
> First, I define a configuration (without serialization currently).
> 
> #+BEGIN_SRC scheme
> (define file-likes? (list-of file-like?))
> 
> (define-configuration/no-serialization emacs-configuration
> (emacs-packages
> (file-likes (list (specification->package "emacs-next"))) "Files")
> (early-init
> (list '()) "Early-Init")
> (init
> (list '()) "Init"))
> #+END_SRC
> 
> Then, I define an =emacs-configuration-service= that takes in a
> configuration. This service will add packages in the =emacs-packages=
> to the profile, and append the S-Expressions in =early-init= and
> =init= to $XDG_CONFIG_HOME/emacs/early-init.el and
> $XDG_CONFIG_HOME/emacs/init.el respectively. The service has
> definition,
> 
> #+BEGIN_SRC scheme
> (define-public emacs-configuration-service
> (service-type (name (symbol-append 'emacs-configuration))
> (extensions
> (list (service-extension
> home-profile-service-type
> (lambda (config) (emacs-configuration-emacs-packages config)))
> (service-extension
> home-xdg-configuration-files-service-type
> (lambda (config)
> (list
> `("emacs/init.el" ,(scheme-file "init.el"
> (emacs-configuration-init config)
> #:splice? #:t))
> `("emacs/early-init.el" ,(scheme-file "early-init.el"
> (emacs-configuration-early-init config)
> #:splice? #:t)))
> (default-value (emacs-configuration))
> (description "Configures Emacs init.el")))
> #+END_SRC
> 
> This version of the service is one big service that only takes in one
> configuration file. So in order to configure bits and pieces of Emacs,
> for example evil-mode and vertico we can append emacs-configurations
> into one big configuration. I do this as follows.
> 
> #+BEGIN_SRC scheme
> (define evil-configuration
> (emacs-configuration
> (emacs-packages (list (specification->package "emacs-evil")))
> (init '((evil-mode 1)
> 
> (define vertico-configuration
> (emacs-configuration
> (emacs-packages (list (specification->package "emacs-vertico")))
> (init '((vertico-mode 1)
> 
> (define-public total-emacs-configuration
> (fold (lambda (config-1 config-2) (emacs-configuration
> (init (append (emacs-configuration-init config-1)
> (emacs-configuration-init config-2)))
> (early-init (append (emacs-configuration-early-init config-1)
> (emacs-configuration-early-init config-2)))
> (emacs-packages (append (emacs-configuration-emacs-packages config-1)
> (emacs-configuration-emacs-packages config-2)
> (emacs-configuration)
> (list evil-configuration vertico-configuration)))
> #+END_SRC
> 
> We can actually go crazy with this idea. The next source block is a
> generalization of the last one. Rather than declaring the list of
> configurations, we have Guile figure out all of the bound
> =emacs-configurations= in the current module and append them that way.
> 
> #+BEGIN_SRC scheme
> (define-public total-emacs-configuration
> (fold (lambda (config-1 config-2) (emacs-configuration
> (init (append (emacs-configuration-init config-1)
> (emacs-configuration-init config-2)))
> (early-init (append (emacs-configuration-early-init config-1)
> (emacs-configuration-early-init config-2)))
> (emacs-packages (append (emacs-configuration-emacs-packages config-1)
> (emacs-configuration-emacs-packages config-2)
> (emacs-configuration)
> 
> (filter emacs-configuration?
> (map variable-ref
> (filter variable-bound?
> (hash-map->list (lambda (x y) y) (struct-ref (current-module) 0)))
> #+END_SRC
> 
> What further improvements could I add to this system? The end goal
> (hopefully) is to help add another home service to Guix. I was
> inspired by David Wilson's call to action during his Guix Home talk at
> the 10 year anniversary event.
> 
> On Mon, Oct 17, 2022 at 12:09 PM  wrote:
> 
>> October 17, 2022 2:38 AM, "Zain Jabbar"  wrote:
>> 
>> Aloha Guix Development Team,
>> 
>> Running =guix home search emacs= returns nothing. I also could not find an 
>> email using =C-u M-x
>> debbugs-gnu= about an Emacs configuration service.
>> 
>> This is my first email to this mailing address. Please give me pointers on 
>> formatting and further
>> improvements.
>> 
>> I think you sent an html email. Generally you want to send plain text 
>> emails. :)
>> 
>> I have attempted to make an =emacs-home-service-type= so that it is possible 
>> to configure Emacs
>> using Guix home. This code is extremely preliminary hence I don't even think 
>> it is worth sending as
>> a patch. Also I have never worked on a multi person Git project before and 
>> do not know how to solve
>> the keyring error I get when using guix pull. I will outline what my code 
>> does and what features I
>> would like to add.
>> 
>> #+BEGIN_SRC scheme
>> (define* 

Re: Add earlyoom service to %desktop-services?

[jbranso]

October 17, 2022 7:24 AM, "Pkill9"  wrote:

> I think that the earlyoom service is a necessity for a Guix system
> desktop.
> 
> For those who don't know what it does, EarlyOOM (early out-of-memory)
> is a daemon that kills applications when the amount of memory available
> falls below a certain percentage of the maximum, by default 10%. There
> is already an OOM killer in the kernel, but it's too lax and
> applications that consume too much memory can cause the system to
> freeze.
> 
> I've used this for a while and many times it has kicked in and works
> well for my laptop. I think adding it to the default desktop services
> will give Guix System on desktop greater stability, which would
> encourage adoption of Guix System on the desktop
> 
> What do you, reader, think?

+1

Applications to kill: icecat, chromium, firefox, chromium, blender,
 etc.

I would recommend that we do include "firefox" and "chromium" as
applications that we would kill.  I use nongnu for firefox, and 
I bet there are others that use stock chromium or things like it.

Just me 2 cents.

Joshua

Re: Creating an Emacs Home Configuration Service

[jbranso]

October 17, 2022 2:38 AM, "Zain Jabbar"  wrote:

> Aloha Guix Development Team,
> 
> Running =guix home search emacs= returns nothing. I also could not find an 
> email using =C-u M-x
> debbugs-gnu= about an Emacs configuration service.
> 
> This is my first email to this mailing address. Please give me pointers on 
> formatting and further
> improvements.

I think you sent an html email.  Generally you want to send plain text emails.  
:)
 
> I have attempted to make an =emacs-home-service-type= so that it is possible 
> to configure Emacs
> using Guix home. This code is extremely preliminary hence I don't even think 
> it is worth sending as
> a patch. Also I have never worked on a multi person Git project before and do 
> not know how to solve
> the keyring error I get when using guix pull. I will outline what my code 
> does and what features I
> would like to add.
> 
> #+BEGIN_SRC scheme
> (define* (emacs-configuration-service name #:key (init '()) (early-init '()) 
> (emacs-packages '()))
> (service-type (name (symbol-append 'emacs- name '-configuration))
> (extensions
> (list (service-extension
> home-profile-service-type
> (lambda (config) emacs-packages))
> (service-extension
> home-files-service-type
> (lambda (config)
> (list
> `(,(string-append
> ".config/emacs/services/" (symbol->string name) ".el")
> ,(scheme-file (string-append (symbol->string name) ".el")
> init #:splice? #t))
> `(,(string-append
> ".config/emacs/early-services/" (symbol->string name) ".el")
> ,(scheme-file (string-append "early-" (symbol->string name) ".el")
> early-init #:splice? #t)))
> (default-value #f)
> (description "Configures Emacs init.el")))
> 
> (define-public emacs-init-service-type
> (service-type (name 'home-emacs)
> (extensions
> (list (service-extension
> home-profile-service-type
> (lambda (config) (list emacs-next)))
> (service-extension
> home-files-service-type
> (lambda (config)
> (list
> `(".config/emacs/early-init.el"
> ,(scheme-file
> "early-init.el"
> '((mapc
> 'load (file-expand-wildcards
> "~/.config/emacs/early-services/*.el")))
> #:splice? #t))
> `(".config/emacs/init.el"
> ,(scheme-file
> "init.el"
> '((mapc
> 'load (file-expand-wildcards
> "~/.config/emacs/services/*.el")))
> #:splice? #t)))
> (default-value #f)
> (description "Configures Emacs init.el")))
> #+END_SRC
> 
> I define a general configuration service generator which takes in four things:
> 1. The =name= of the service
> 2. The configuration to be ran in =init.el=
> 3. The configuration to be ran in =early-init.el=
> 4. The packages in Guix to be added to the =home-profile=.
> 
> After giving the =name=, =packages=, and =config.el= files we get a new 
> service type that we can
> add to our home declaration. This service will then add a file in
> =~/.config/emacs/services/emacs-{NAME}-configuration.el=. I then have another 
> service that places
> an =init.el= which loads everything in the service directory.
> 
> If we want to install and configure =evil-mode= using this =home-service= we 
> may define the
> following somewhere.
> 
> #+BEGIN_SRC scheme
> (define-public emacs-evil-service-type
> (emacs-configuration-service
> 'evil #:emacs-packages (list emacs-evil)
> #:init '((evil-mode 1
> #+END_SRC
> 
> Within our =home-environment= we may add the service using:
> 
> #+BEGIN_SRC scheme
> (home-environment
> ;; ...Things in the home-environment...
> (services
> (list
> ;; ...Other Services...
> (service emacs-evil-service-type
> #+END_SRC
> 
> There are some missing features I want to add.
> 
> 1. Have the =home-emacs-*-service-type= service-types add to the =init.el= 
> directly rather than
> within a folder to be loaded. I couldn't add two files with the same name to 
> the store. So I have
> emacs-evil.el in the store to be placed separately later rather than 
> appending to the existing
> init.el file.
> 
> 2. Have Emacs update whenever the =home-environment= is updated. Meaning, if 
> I did not add
> =(service emacs-evil-service-type)= in my =home-environment= then obviously 
> =M-x evil-mode= should
> not work. But after adding the service then I want =M-x evil-mode= to work 
> without having to
> restart Emacs. I do not understand the Emacs loading system on Guix well 
> enough to know why it does
> not work. Skipping all of the =home-service= stuff, running =guix install 
> emacs-evil-mode= then
> =(guix-emacs-autoload-packages)= does not let emacs know that =evil-mode= is 
> installed. I would
> need to close Emacs and start Emacs again for Emacs to know about =evil-mode= 
> being installed.
> 
> 3. Use configurations somehow. I have completely neglected this feature in my 
> system. I do not know
> what would be useful there.

I believe that you are referring to using scheme records to configure the emacs 
service.  :)

I would recommend using (define-configuration ...) procedure.

(There is a define-record-type* as well, but I think the consensus is that 
define-configuration* is a little easier to 

Re: Why linux-libre-bpf?

[jbranso]

October 8, 2022 8:18 PM, "kiasoc5"  wrote:

> AFAIK Guix is the only distro with a separate kernel (linux-libre-bpf)
> that has the following turned on:
> 
> CONFIG_BPF_JIT_ALWAYS_ON=y
> CONFIG_BPF_JIT=y
> 
> Why is this not the default in regular linux-libre?
> 

I just did a quick internet search for the ebpf vulnerabilities.

A few came up.  Maybe it's a security feature.  :)



> --

Re: Progress with automating testing of patches

[jbranso]

October 1, 2022 1:08 PM, "Ludovic Courtès"  wrote:

> Hello!
> 
> As discussed in Paris, I’m a big fan of qa.guix.gnu.org! I like that it
> shows all the information relevant to packagers and reviewers in a
> concise way.
> 
> I wonder if it’s due to recent changes since I last looked, but I’m a
> bit confused by the numbers in this example:
> 
> https://qa.guix.gnu.org/issue/58186
> 
> The numbers before/after patches don’t match and the lint warnings (nice
> addition!) appear to unrelated to the patch at hand.
> 
> Any idea what’s going on?
> 
> Conversely,  looks fine, for
> example.
> 
> BTW, Emacs users, I have this key binding that I find useful:
> 
> --8<---cut here---start->8---
> (defun ludo-jump-to-guix-qa-url ()
> "Jump to the QA page of the Debbugs issue at point."
> (interactive)
> (let ((url (concat "https://qa.guix.gnu.org/issue;
> (number-to-string (debbugs-gnu-current-id)
> (browse-url url)))
> 
> (define-key debbugs-gnu-mode-map (kbd "C-M-j") 'ludo-jump-to-guix-qa-url)
> --8<---cut here---end--->8---

Would it make sense to add something like this to debbugs?

I just created a debbugs-guix.el file in debbugs.  The update should be
available on elpa by now.

https://issues.guix.gnu.org/56987

> 
> Thanks!
> 
> Ludo’.

Re: Hostile takeover of the matrix room

[jbranso]

September 28, 2022 2:44 PM, "Jacob Hrbek"  wrote:

> 
> On the subject of Tobias Geerinckx-Rice (nckx) and context to why i refuse to 
> use #guix on IRC and
> actively avoid any interection with this invidual:
> 
> He's been harassing me since I joined guix with far-right rhetoric against me 
> and my country
> (Czechia) and trying to abuse his moderation status on IRC to threten me that 
> i either ask him for
> permission to who i am allowed to talk with and how or i get banned from the 
> IRC channel.
> During this time nckx vandalized my group 'GNU Guix Community' on libreplanet 
> created to maintain
> the community wiki on https://guix.miraheze.org and spam-reported the wiki so 
> that it would be
> flagged for removal multiple times until miraheze fixed the issue while 
> removing any mention of the
> wiki from guix website so that it wouldn't be available to the community.
> 
> I've reported his behaviour towards me to The GNU Project regarding 
> enforcement of safe space
> policy which was ignored so I took the IRC ban and been using matrix since.
> 
> Thanks for your understanding,
> -- Jacob "Kreyren" Hrbek

Just to throw my two cents in.  Tobias (nckx) is probably one of the 
friendliest people
that I have ever met on irc.  He's helped me several times with various random 
issues that
I have had.  He is and has been my main source of help on #guix and other irc 
channels.
I even privately chatted to him in irc, and bared my soul once.  It was a 
pretty personal issue, and he was very kind throughout the 20+ text-based chat. 
 He then
followed up and asked how I was doing a week or two later.  As far as I can 
tell, he's 
a real stand up guy.  He probably spends his free time adopting kittens 
that have been abandoned in sub 0 blizzard weather, though that is speculation 
of course...  

:)

Joshua

Re: What happens when you build a Guix package at every step?

[jbranso]

September 25, 2022 3:18 PM, "david larsson"  
wrote:

> On 2022-09-25 19:28, jgart wrote:
> 
>> What would be the best way to illustrate the levels of nesting and code
>> paths that get traversed when building a Guix package?
>> I'd like to make some sequence diagram notation or something else to
>> better understand what happens in a visual way.
>> wdyt
> 
> I like your idea! I'm probably not the most qualified person to answer it, 
> since I am (also?)
> mainly using guix as a sparetime "hobby", but still very interested in 
> learning more about it on a
> deeper level, which is a challenge. Some visual aids would definitely be 
> helpful.
> 
> I think a shell of an answer would be to link together the following things 
> in such a diagram:
> 
> 1. gexps
> 2. the store
> 3. derivations
> 4. build systems
> 5. a package
> 
> Building a package in the repl, kind of illustrates the code paths via code 
> modules used:
> 
> scheme@(guix-user)> ,use (guix gexp)
> scheme@(guix-user)> ,use (guix store)
> scheme@(guix-user)> ,use (guix derivations)
> scheme@(guix-user)> ,use (gnu packages bash)
> 
> However, in my opinion, the reason we look for the diagram is partially bcs 
> of that the concepts of
> the related things are relatively high level so that it takes a while to 
> grasp them, just like
> monads or maybe higher order functions.
> 
> However, to continue the repl example:
> 
> scheme@(guix-user)> (define (sh-symlink)
> (gexp->derivation "sh"
> #~(symlink (string-append #$bash "/bin/bash")
> #$output)))
> scheme@(guix-user)> (build-derivations (open-connection) `(,(run-with-store 
> (open-connection)

I think you can also do a
,build derivation

This link has more info:

https://issues.guix.gnu.org/56114

> (sh-symlink
> $1 = #t
> 
> Now if you run just the (run-with-store (open-connection) (sh-symlink)) you 
> will see the derivation
> path output, and if you then open a new terminal you can cat
> /gnu/store/shcvi6d1vgry26sq1i3qdmgsmh0n6wmi-sh.drv to see the build script 
> without building it.
> 
> Now, to build a "package" after above code is loaded:
> scheme@(guix-user)> ,use (guix packages)
> scheme@(guix-user)> (build-derivations (open-connection) 
> `(,(package-derivation (open-connection)
> bash)))
> substitute: updating substitutes from 'https://ci.guix.gnu.org'... 100.0%
> fetching path `/gnu/store/vk4r0x7baig8jnmsqrgrqpyq8qxr4gm3-bash-5.0.16-doc'...
> Downloading 
> https://ci.guix.gnu.org/nar/lzip/vk4r0x7baig8jnmsqrgrqpyq8qxr4gm3-bash-5.0.16-doc...
> bash-5.0.16-doc 290KiB 750KiB/s 00:00 [##] 100.0%
> $2 = #t
> 
> And to only "inspect" it (so you can cat the /gnu/store/paths):
> scheme@(guix-user)> (package-derivation (open-connection) bash)
> $4 = # =>
> /gnu/store/vk4r0x7baig8jnmsqrgrqpyq8qxr4gm3-bash-5.0.16-doc
> /gnu/store/v1xc4405s7xilmwhhkdj8z55wa2wlr8y-bash-5.0.16-include
> /gnu/store/87kif0bpf0anwbsaw0jvg8fyciw4sz67-bash-5.0.16 7fc3d283e500>
> 
> Concepts:
> - code staging or "delayed evaluation" concepts
> - what is the store and what is a build environment
> - what is a derivation
> - and finally build systems (normal build steps) and a package (incl. 
> dependency graphs).
> 
> The start reference point: 
> https://guix.gnu.org/manual/en/html_node/Defining-Packages.html
> 
> I hope above helps.
> 
> Best regards,
> David

Re: debbugs irritation Was: [WIP Patch] Adding an FHS container to guix shell

[jbranso]

August 18, 2022 11:01 AM, "zimoun"  wrote:

> Hi,
> 
> On Thu, 21 Jul 2022 at 22:22, Csepp  wrote:
> 
>> Mumi and Debbugs have different search interfaces and seem to use
>> different ordering.
> 
> Hum, I am confused because from my understanding, there is one Debbugs
> instance – which is quickly said some Perl scripts managing mailing
> lists and thus implementing a bug tracker database. This database is
> then manipulated via SOAP-interface.
> 
> This Debbugs instance is out of the control of the Guix project, AFAIK.
> 
> On the top of this instance, various front-ends are implemented:
> 
> + historical one running at: https://debbugs.gnu.org
> + Mumi running at: https://issues.guix.gnu.org
> + emacs-debbugs running locally
> 
> And even Debian folks provide many others, as python3-debianbts or
> reportbug coming with the CLI tool bts, mailscripts, etc.
> 
> https://git.spwhitton.name/mailscripts/tree
> 
>> IMHO these papercuts add up. Browsing and cross-referencing issues and
>> patches is way harder than it is with other forges.
> 
> Well, harder depends on the point of view. :-)
> 
> Indeed, you need more than just type bug#12345 to cross-link. Using a
> descent mailreader, it appears to me easy to have helper. For instance,
> using Emacs, I have a custom function [1] “M-x my/guix-issues“ which
> adds to the kill-ring an URL. Recently, Ricardo added Message-ID to
> Mumi which helps too; using emacs-notmuch, just "ci” for stashing and
> then pasting elsewhere.
> 
> 1: 
> 
> 
> About browsing, Mumi needs more love. :-)
> 
>> Not saying we need to switch, maybe it's easier to just add the missing
>> functionality. Or maybe it doesn't matter to anyone else.
> 
> Well, the GNU instance of Debbugs has many flaws. But the project will
> not switch from it, IMHO. That’s why Mumi as front-end tries to improve
> the situation by adding the missing functionalities.

I am actually working on a patch to emacs-debbugs that will provide:

debbugs-gnu-my-open-bugs   

https://issues.guix.gnu.org/56987

(I'm also fairly slow at submitting patches, so please be patient).  :)

Will show you the bugs, which you submitted that are still open.

At least the emacs guys seem fairly interested in improving emacs-debbugs.

:)

> 
> Cheers,
> simon

Re: Test US mirror for bordeaux.guix.gnu.org and slow downloading of sub

[jbranso]

July 31, 2022 8:22 AM, "Philip McGrath"  wrote:

> Hi,
> 
> On Tue, Jul 12, 2022, at 1:34 PM, John Kehayias wrote:
> 
>> Hi Chris,
>> 
>> Thanks for setting up some more mirrors, here is what I just got (in a
>> previous run the main Bordeaux server was a bit slower, more like 18
>> MB/s) on a wired connection that maxes out at about 320 Mbps.
> 
> I also get a nice speedup: results below.
> 
> I wondered why, given that, I still seemed to be getting substitutes 
> primarily from
> https://ci.guix.gnu.org, until someone just mentioned on IRC
> () that:
> 
>> you also need to make sure that the public key is authorised,
>> or Guix will not trust the server even if present in the list of URLs.
>> This is unfortunately the case with bordeaux if you installed from
>> 1.3.0. If ‘grep 7D602902D3 /etc/guix/acl’ returns nothing, you're
>> missing out on FREE substitutes included in your subscription,
>> and you should add it
> 
> I checked, and it was indeed missing! Somehow I thought it was updated 
> automatically when it was
> added to `%default-authorized-guix-keys`. Not only was this true on the 
> foreign system where I
> installed manually about a year ago, the key also was missing on a machine 
> where I more recently
> installed using the Debian (well, Kubuntu 22.04) package.
> 
> Just thought I'd mention it in case anyone else was as confused as I was.
> 
> -Philip
> 

Looks like this page has the public key and code to help you set it up.

https://bordeaux.guix.gnu.org/


> philip@bastet:/tmp/subs$ wget
> https://bordeaux.guix.gnu.org/nar/lzip/078vr3r8mn3yrwzwxw64hmcyshic9p3q-stellarium-0.21.0
> --2022-07-31 07:58:16--
> https://bordeaux.guix.gnu.org/nar/lzip/078vr3r8mn3yrwzwxw64hmcyshic9p3q-stellarium-0.21.0
> Resolving bordeaux.guix.gnu.org (bordeaux.guix.gnu.org)... 185.233.100.56, 
> 2a0c:e300::58
> Connecting to bordeaux.guix.gnu.org 
> (bordeaux.guix.gnu.org)|185.233.100.56|:443... connected.
> HTTP request sent, awaiting response... 200 OK
> Length: 208615205 (199M) [text/plain]
> Saving to: ‘078vr3r8mn3yrwzwxw64hmcyshic9p3q-stellarium-0.21.0’
> 
> 078vr3r8mn3yrwzwxw64h 100%[==>] 198.95M 8.17MB/s in 27s
> 
> 2022-07-31 07:58:44 (7.45 MB/s) - 
> ‘078vr3r8mn3yrwzwxw64hmcyshic9p3q-stellarium-0.21.0’ saved
> [208615205/208615205]
> 
> philip@bastet:/tmp/subs$ wget
> https://bordeaux-us-east-mirror.cbaines.net/nar/lzip/078vr3r8mn3yrwzwxw64hmcyshic9p3q-stellarium-0.2
> .0
> --2022-07-31 07:58:51--
> https://bordeaux-us-east-mirror.cbaines.net/nar/lzip/078vr3r8mn3yrwzwxw64hmcyshic9p3q-stellarium-0.2
> .0
> Resolving bordeaux-us-east-mirror.cbaines.net 
> (bordeaux-us-east-mirror.cbaines.net)... 5.161.49.48
> Connecting to bordeaux-us-east-mirror.cbaines.net
> (bordeaux-us-east-mirror.cbaines.net)|5.161.49.48|:443... connected.
> HTTP request sent, awaiting response... 200 OK
> Length: 208615205 (199M) [text/plain]
> Saving to: ‘078vr3r8mn3yrwzwxw64hmcyshic9p3q-stellarium-0.21.0.1’
> 
> 078vr3r8mn3yrwzwxw64h 100%[==>] 198.95M 25.2MB/s in 8.5s
> 
> 2022-07-31 07:59:00 (23.4 MB/s) - 
> ‘078vr3r8mn3yrwzwxw64hmcyshic9p3q-stellarium-0.21.0.1’ saved
> [208615205/208615205]
> 
> philip@bastet:/tmp/subs$ wget
> https://ci.guix.gnu.org/nar/lzip/078vr3r8mn3yrwzwxw64hmcyshic9p3q-stellarium-0.21.0
> --2022-07-31 07:59:25--
> https://ci.guix.gnu.org/nar/lzip/078vr3r8mn3yrwzwxw64hmcyshic9p3q-stellarium-0.21.0
> Resolving ci.guix.gnu.org (ci.guix.gnu.org)... 141.80.181.40
> Connecting to ci.guix.gnu.org (ci.guix.gnu.org)|141.80.181.40|:443... 
> connected.
> HTTP request sent, awaiting response... 200 OK
> Length: 208615205 (199M) [application/octet-stream]
> Saving to: ‘078vr3r8mn3yrwzwxw64hmcyshic9p3q-stellarium-0.21.0.2’
> 
> 078vr3r8mn3yrwzwxw64h 100%[==>] 198.95M 6.39MB/s in 27s
> 
> 2022-07-31 07:59:53 (7.34 MB/s) - 
> ‘078vr3r8mn3yrwzwxw64hmcyshic9p3q-stellarium-0.21.0.2’ saved
> [208615205/208615205]

Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic

[jbranso]

July 15, 2022 7:23 AM, "Csepp"  wrote:

> Vagrant Cascadian  writes:
> 
> 
> If the goal is to produce highly secure servers than I'd like to suggest
> unikernels once again. No Guix running on the deployed server, but the
> server image is built by and possibly deployed by Guix.
> Of course the downside is that they do a whole lot less than OpenBSD or
> Linux. But if your use case is already covered, that's actually a
> positive, since no extra features means smaller attack surface.
> MirageOS could be a good starting point, since we already have a good
> chunk of Ocaml tooling integrated into Guix.
> http://unikernel.org/projects
> There was a Nix project with similar aims that sadly fizzled out, so
> it's probably not exactly an easy task to tackle, but it's much easier
> than porting Guix to a new kernel and packaging a userland for that
> kernel.

Thanks for the suggestion!  That would be a really secure server!

Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic

[jbranso]

July 14, 2022 11:38 AM, "Vagrant Cascadian"  wrote:

> On 2022-07-14, zimoun wrote:
> 
>> Well, dreaming about science fiction, it appears me more approachable to
>> have Guix running on something as Debian/kfreeBSD – it could be an
>> interesting project with the help of Debian folks. Other said, “just”
>> replace the Linux kernel by a variant of the FreeBSD one running with
>> GNU GLibc.
> 
> Well, guile-3.0 does not build on Debian GNU/kFreeBSD, so that would be
> a bit of a blocker for a GNU Guix port:
> 
> https://buildd.debian.org/guile-3.0
> 
> But guile-2.2 built fine:
> 
> https://buildd.debian.org/guile-2.2
> 
> It is a rough port, I have toyed with it now and again ... requires lots
> of patches to code that assume userland based on running kernel; patches
> that upstreams are hesitant to take, etc. It is great as a grueling test
> of coding assumptions, though!

Does guile 3.0+ compile on the GNU/Hurd?  

> 
> My guess is you would have the same sort of problems with porting GNU
> Guix to any of the *BSD.
> 
> Definitely the sort of project that would take someone highly motivated
> over many years...
> 
> live well,
> vagrant

Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic

[jbranso]

July 14, 2022 9:06 AM, "zimoun"  wrote:

> Hi Tobias, All,
> 
> (French Bastille Day is a day off, so a day for trolling. ;-))
> 
> On Thu, 14 Jul 2022 at 10:40, Tobias Geerinckx-Rice  wrote:
> 
>> https://www.hyperbola.info/news/announcing-hyperbolabsd-roadmap
> 
> Thanks for the link. It is helpful for understanding. :-)
> 
>> Far from 'recent' in my book.
> 
> Indeed, the announcement is from 2019-12-21. :-)
> 
> Quoting:
> 
> This will not be a "distro", but a hard fork of the OpenBSD
> kernel and userspace
> 
> Not being a new distro means using the venerable pkg_* package manager,
> right? Well, I am confused by the aim…

They want to use pacman apparently.  :)

> 
>>> If you run OpenBSD kernel and OpenBSD userland, why not just run an
>>> OpenBSD system? :-)
>> 
>> Because it contains blobs. HyperbolaBSD doesn't, by definition (see above).
> 
> …because HyperboladBSD seems a new distro as gnewSense is a new distro
> free from problematic parts but based on an existing other one. Well,
> since it had been announced on late 2019 and we are in 2022, it could be
> interesting to know the status on this project.
> 
>> Whatever my opinion on WSL, Darwin, and the Hurd, I must concede that they 
>> at least exist.
>> 
>> Porting Guix to something that doesn't is a poor investment in comparison.
> 
> Just to be sure to understand, the initial question is to port Guix to
> HyperbolaBSD which is a variant of OpenBSD (kernel and userland).
> 
> Therefore, correct me if I misunderstand something, it means:
> 
> 1. port Guix to a new kernel not using the GLibc
> 2. package all the (free) userland OpenBSD managed by Guix
> 
> Bah I wish all the best for people who would tackle this. :-)
> 
> Well, dreaming about science fiction,

Thanks for speaking plainly.  I did not realize how difficult this project
would be.  :)

> it appears me more approachable to
> have Guix running on something as Debian/kfreeBSD – it could be an
> interesting project with the help of Debian folks. Other said, “just”
> replace the Linux kernel by a variant of the FreeBSD one running with
> GNU GLibc.
> 
> However, doing so, the point #2 (BSD userland) is lost.
> 
> My understanding is: #1 and #2 require more work than the union of the
> Guix community *and* the other kernel community could provide, IMHO.
> Assuming both communities would be interested in. :-)
> 
> Cheers,
> simon

Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic

[jbranso]

July 14, 2022 6:24 AM, "zimoun"  wrote:

> Hi,
> 
> On Mon, 11 Jul 2022 at 18:44, Joshua Branson  wrote:
> 
> Well, I am missing where it is announced. Could you be more specific?

Someone else already provided the link, but someone on irc did ask me
where the source code for HyperbolaBSD  is?  I can't find it, and that
is a bit troubling...

> 
> If you run OpenBSD kernel and OpenBSD userland, why not just run an
> OpenBSD system? :-)

I love that Guix is the Emacs of distros!  It's cool to customize it!
And easy!  But OpenBSD "seems to be more secure" than GNU/Linux. And 
Linux is huge!  And OpenBSD has some awesome software: pf, spamd, httpd,
and some other stuff that their marketing tells me is good.

Maybe a good first step would be for guix to provide a hardened linux
package.  

> Well, Debian is working (maybe the project is stalling?) on running GNU
> userland using GLibc on the top of a FreeBSD kernel. The conclusion is:
> it is a piece of work. :-)
> 
> https://www.debian.org/ports/kfreebsd-gnu
> 
> What I miss with your proposal is: are you interested by OpenBSD
> userland software and you would like them running on a Linux kernel? Or
> are you interested by specific OpenBSD kernel feature and you would like
> be able to run GNU software on it?

I would love to use a secure, extensible, microkernel/exokernel that has a
universal guixy configuration language.  Guix GNU/Hurd System vm is probably 
the best candidate for this, but my understanding is that the "childhurd"  
(a GNU/Hurd running on top of GNU/Linux) is not very stable.  Possibly because
the vm image does not have a swap space.  There was an open bug report for it
but I cannot find it.

Has anyone here had a good experience with a childhurd?  Not a criticism,
I just have not heard many people say that the childhurd is stable/awesome.

> 
> I think, similar as Josselin, that it requires a lot of work because
> many low-level features are kernel dependant. Therefore, it appears to
> me more being worth to focus on smoothing the WSL2 experience, focus on
> the Hurd, or to attempt something on the Darwin kernel.
> 
> Cheers,
> simon

Re: Rust in the kernel

[jbranso]

July 5, 2022 11:36 AM, "Akib Azmain Turja"  wrote:

> jbra...@dismail.de writes:
> 
>> July 5, 2022 12:48 AM, "Akib Azmain Turja"  wrote:
>> 
>>> jbra...@dismail.de writes:
>> 
>> July 4, 2022 1:36 PM, "Akib Azmain Turja"  wrote:
>> 
>> Ludovic Courtès  writes:
>> 
>> Hi!
>> 
>> Leo Famulari  skribis:
>> The effort to use the Rust programming language within the Linux kernel
>> is progressing and may be realized in the next few months:
>> 
>> https://lwn.net/SubscriberLink/899182/6c831b90eaee015e
>> https://www.memorysafety.org/blog/memory-safety-in-linux-kernel
>> 
>> Within Guix, we'll need to adapt our kernel build processes in order to
>> support this.
>> 
>> Although I help with updating and configuring the kernel builds, I won't
>> be able to participate in the "Rust in the kernel" effort for Guix.
>> 
>> Understood…
>> So, interested volunteers should begin organizing :)
>> 
>> Yup!
>> 
>> Now, concretely, how long will it take before key parts of the kernel
>> are written in Rust? Hopefully a long time, no? Per the article above,
>> it’s starting small, with Rust usage in well-defined locations.
>> 
>> This is not to say that we shouldn’t start organizing, but rather that
>> we still have a bit of time ahead.
>> 
>> (During that time, interested readers can also take a stab at improving
>> support for the Hurd, which relies on that revolutionary technology
>> called “address spaces” to ensure Memory Safety™ among other things!)
>> 
>> Ludo’.
>> "Address spaces"! What's that? Sorry for asking without searching the
>> internet first, but the Hurd designers are so creative that a few
>> understand the concepts and join the community, so there is a little
>> chance (if any) that I'll find any useful information on that.
>> 
>> From the Hurd wiki: https://www.gnu.org/software/hurd/advantages.html
>> 
>> The Hurd is built in a very modular fashion. Other Unix-like kernels
>> (Linux, for example) are also modular in that they allow loading
>> (and unloading) some components as kernel modules, but the Hurd goes
>> one step further in that most of the components that constitute the
>> whole kernel are running as separate user-space processes and are thus
>> using different address spaces that are isolated from each other.
>> This is a multi-server design based on a microkernel. It is not
>> possible that a faulty memory dereference inside the TCP/IP stack
>> can bring down the whole kernel, and thus the whole system, which
>> is a real problem in a monolithic Unix kernel architecture.
>> 
>> Some visual explantions:
>> 
>> https://en.wikipedia.org/wiki/Microkernel#/media/File:OS-structure.svg
>> 
>> The Hurd is on the right in this image.
>>> Thanks, now I understand Ludo' was saying about virtual address space,
>>> achieved using paging.
>> 
>> Essentially, if your fileserver somehow gets hacked, the attacker
>> cannot magically access your TCP/IP stack, because your TCP/IP is not
>> in the some "software zone" as your fileserver. So microkernels like
>> the Hurd are usually considered more secure and better designed
>> than monolithic kernels like Linux. However, monolithic kernels
>> will usually be faster than microkernels.
>>> I know microkernels are theorically slow due to the heavy use IPC. But
>>> is it really impossible for well written microkernel to beat a well
>>> written monolithic kernel? L4 is super-fast, is it still slower than
>>> Linux?
>> 
>> Probably a little, but I am not an expert in that area.
>> 
>> GNU Mach, which is what the Hurd runs on. Is slower that Linux.
>> There was an attempt to port the Hurd to L4 before. It is
>> deemed not possible by the current hurd developers.
> 
> Yes, I know that Mach is one of the slowest kernels. BTW, what's the
> status of Viengoos?

I believe that Viengoos is essentially dead.  I do not believe
that anyone is actively working on it.  

More info is available here:

http://www.gnu.org/software/hurd/history/port_to_another_microkernel.html

> 
>>> 
>> 
>> --
>> Akib Azmain Turja
>> 
>> This message is signed by me with my GnuPG key. It's fingerprint is:
>> 
>> 7001 8CE5 819F 17A3 BBA6 66AF E74F 0EFA 922A E7F5
>>> --
>>> Akib Azmain Turja
>>> 
>>> This message is signed by me with my GnuPG key. It's fingerprint is:
>>> 
>>> 7001 8CE5 819F 17A3 BBA6 66AF E74F 0EFA 922A E7F5
> 
> --
> Akib Azmain Turja
> 
> This message is signed by me with my GnuPG key. It's fingerprint is:
> 
> 7001 8CE5 819F 17A3 BBA6 66AF E74F 0EFA 922A E7F5

Re: Rust in the kernel

[jbranso]

July 5, 2022 12:48 AM, "Akib Azmain Turja"  wrote:

> jbra...@dismail.de writes:
> 
>> July 4, 2022 1:36 PM, "Akib Azmain Turja"  wrote:
>> 
>>> Ludovic Courtès  writes:
>> 
>> Hi!
>> 
>> Leo Famulari  skribis:
>>> The effort to use the Rust programming language within the Linux kernel
>>> is progressing and may be realized in the next few months:
>>> 
>>> https://lwn.net/SubscriberLink/899182/6c831b90eaee015e
>>> https://www.memorysafety.org/blog/memory-safety-in-linux-kernel
>>> 
>>> Within Guix, we'll need to adapt our kernel build processes in order to
>>> support this.
>>> 
>>> Although I help with updating and configuring the kernel builds, I won't
>>> be able to participate in the "Rust in the kernel" effort for Guix.
>> 
>> Understood…
>>> So, interested volunteers should begin organizing :)
>> 
>> Yup!
>> 
>> Now, concretely, how long will it take before key parts of the kernel
>> are written in Rust? Hopefully a long time, no? Per the article above,
>> it’s starting small, with Rust usage in well-defined locations.
>> 
>> This is not to say that we shouldn’t start organizing, but rather that
>> we still have a bit of time ahead.
>> 
>> (During that time, interested readers can also take a stab at improving
>> support for the Hurd, which relies on that revolutionary technology
>> called “address spaces” to ensure Memory Safety™ among other things!)
>> 
>> Ludo’.
>>> "Address spaces"! What's that? Sorry for asking without searching the
>>> internet first, but the Hurd designers are so creative that a few
>>> understand the concepts and join the community, so there is a little
>>> chance (if any) that I'll find any useful information on that.
>> 
>> From the Hurd wiki: https://www.gnu.org/software/hurd/advantages.html
>> 
>> The Hurd is built in a very modular fashion. Other Unix-like kernels
>> (Linux, for example) are also modular in that they allow loading
>> (and unloading) some components as kernel modules, but the Hurd goes
>> one step further in that most of the components that constitute the
>> whole kernel are running as separate user-space processes and are thus
>> using different address spaces that are isolated from each other.
>> This is a multi-server design based on a microkernel. It is not
>> possible that a faulty memory dereference inside the TCP/IP stack
>> can bring down the whole kernel, and thus the whole system, which
>> is a real problem in a monolithic Unix kernel architecture.
>> 
>> Some visual explantions:
>> 
>> https://en.wikipedia.org/wiki/Microkernel#/media/File:OS-structure.svg
>> 
>> The Hurd is on the right in this image.
> 
> Thanks, now I understand Ludo' was saying about virtual address space,
> achieved using paging.
> 
>> Essentially, if your fileserver somehow gets hacked, the attacker
>> cannot magically access your TCP/IP stack, because your TCP/IP is not
>> in the some "software zone" as your fileserver. So microkernels like
>> the Hurd are usually considered more secure and better designed
>> than monolithic kernels like Linux. However, monolithic kernels
>> will usually be faster than microkernels.
> 
> I know microkernels are theorically slow due to the heavy use IPC. But
> is it really impossible for well written microkernel to beat a well
> written monolithic kernel? L4 is super-fast, is it still slower than
> Linux?

Probably a little, but I am not an expert in that area.

GNU Mach, which is what the Hurd runs on.  Is slower that Linux.
There was an attempt to port the Hurd to L4 before.  It is
deemed not possible by the current hurd developers.


> 
>>> --
>>> Akib Azmain Turja
>>> 
>>> This message is signed by me with my GnuPG key. It's fingerprint is:
>>> 
>>> 7001 8CE5 819F 17A3 BBA6 66AF E74F 0EFA 922A E7F5
> 
> --
> Akib Azmain Turja
> 
> This message is signed by me with my GnuPG key. It's fingerprint is:
> 
> 7001 8CE5 819F 17A3 BBA6 66AF E74F 0EFA 922A E7F5

Re: Rust in the kernel

[jbranso]

July 4, 2022 1:36 PM, "Akib Azmain Turja"  wrote:

> Ludovic Courtès  writes:
> 
>> Hi!
>> 
>> Leo Famulari  skribis:
> 
> The effort to use the Rust programming language within the Linux kernel
> is progressing and may be realized in the next few months:
> 
> https://lwn.net/SubscriberLink/899182/6c831b90eaee015e
> https://www.memorysafety.org/blog/memory-safety-in-linux-kernel
> 
> Within Guix, we'll need to adapt our kernel build processes in order to
> support this.
> 
> Although I help with updating and configuring the kernel builds, I won't
> be able to participate in the "Rust in the kernel" effort for Guix.
>> Understood…
> 
> So, interested volunteers should begin organizing :)
>> Yup!
>> 
>> Now, concretely, how long will it take before key parts of the kernel
>> are written in Rust? Hopefully a long time, no? Per the article above,
>> it’s starting small, with Rust usage in well-defined locations.
>> 
>> This is not to say that we shouldn’t start organizing, but rather that
>> we still have a bit of time ahead.
>> 
>> (During that time, interested readers can also take a stab at improving
>> support for the Hurd, which relies on that revolutionary technology
>> called “address spaces” to ensure Memory Safety™ among other things!)
>> 
>> Ludo’.
> 
> "Address spaces"! What's that? Sorry for asking without searching the
> internet first, but the Hurd designers are so creative that a few
> understand the concepts and join the community, so there is a little
> chance (if any) that I'll find any useful information on that.

>From the Hurd wiki: https://www.gnu.org/software/hurd/advantages.html

The Hurd is built in a very modular fashion. Other Unix-like kernels
(Linux, for example) are also modular in that they allow loading
(and unloading) some components as kernel modules, but the Hurd goes
one step further in that most of the components that constitute the
whole kernel are running as separate user-space processes and are thus
using different address spaces that are isolated from each other.
This is a multi-server design based on a microkernel. It is not
possible that a faulty memory dereference inside the TCP/IP stack
can bring down the whole kernel, and thus the whole system, which
is a real problem in a monolithic Unix kernel architecture.

Some visual explantions:

https://en.wikipedia.org/wiki/Microkernel#/media/File:OS-structure.svg

The Hurd is on the right in this image.

Essentially, if your fileserver somehow gets hacked, the attacker
cannot magically access your TCP/IP stack, because your TCP/IP is not
in the some "software zone" as your fileserver. So microkernels like
the Hurd are usually considered more secure and better designed
than monolithic kernels like Linux. However, monolithic kernels
will usually be faster than microkernels.

> --
> Akib Azmain Turja
> 
> This message is signed by me with my GnuPG key. It's fingerprint is:
> 
> 7001 8CE5 819F 17A3 BBA6 66AF E74F 0EFA 922A E7F5

Re: U.S. Midwest based build farm

[jbranso]

June 11, 2022 4:00 PM, "Maxime Devos"  wrote:

> jbra...@dismail.de schreef op za 11-06-2022 om 16:06 [+]:
> 
>> What's good and/or bad about this idea?
> 
> A positive point: extra resources, could be useful for reproducibility
> testing, ...?

That's actually a good idea.  I could give limited ssh access to a few
guix developers.  Those guix developers could use my old and hopefully 
more powerful machines to quickly compile software.  Rust takes ages
to compile...

> 
> A negative point: extra points through with malware can be introduced
> (->compromises). Can be solved by reproducible builds and variation of
> "guix challenge". Unfortunately, "guix challenge" is inherently racy.
> "guix substitute" currently only checks that the narinfo has a _single_
> authorised signature, maybe it can be adjusted to allow the user to
> ask: ‘only consider a substitute to be authorised if the same hash is
> signed by N different authorised keys’?
> 

Thanks for the feedback.  We could also use the machines as a mirror
or an additional substitute server.  

> Other points: ...?
> 
> Greetings,
> Maxime.

U.S. Midwest based build farm

[jbranso]

Hey guix,

I live near a big university that sells old Dell 7020 optiplex machines. So 
each desktop machine costs about $200 - $250, depending on how the current 
market rate is for hard drive and RAM. My current landlord has an unused 
basement. It should be somewhat easy to get an ethernet cord to the basement, 
plugged up to 2+ desktop machines. My ISP is metronet, which is usually pretty 
friendly to self-hosting things. If guix is interested in paying for some of 
the ISP bills, electric bills, and/or renting my landlord's basement, I think 
it would be pretty cool to try to set up another build farm.

Why I am the best candidate for this role:

I'm not. I have a pretty bad track record for being lazy. I have still not 
finished my opensmtpd configuration for the opensmtpd service.

What do you all think?

What's good and/or bad about this idea?
Thanks,

Joshua

Re: proposal: guix-ment...@gnu.org list/alias

[jbranso]

June 2, 2022 4:00 AM, "Ricardo Wurmus"  wrote:

> zimoun  writes:
> 
>> Ah sorry, I overcomplicate the discussion. :-)
> 
> Hah, no worries! It’s worth discussing this before we implement a
> workflow that ends up being *more* confusing than the status quo.
> 
>> To me, it could be nice to have a tiny script (or Guix extension or
>> subcommand), maybe in etc/ which simplifies the workflow; something
>> similar to ’etc/committer.scm’.
>> 
>> The workflow would be:
>> 
>> $ edit code
>> $ git commit
>> $ etc/mentoring.scm
>> 
>> where etc/mentoring would generate the patch(es), add X-Debbugs-CC and
>> send; assuming a correct ~/.gitconfig. And maybe this script could
>> provide a simple hint for configuring git-send-email.
>> 
>> Even, we could imagine that this tiny script would hint the user to run
>> “guix lint” or “guix style” before pressing yes at the send step.
> 
> All good ideas, though I think setting up “git send-email” is a pretty
> big problem for many people — myself included! Would be nice if that
> could be simplified, too.

I always use this website to remind myself how to use git send-email:
https://git-send-email.io/

We could out that information in the guix manual or link to it.  :)

> 
>> From my experience, the most confusing is the “wait from Debbugs ID”
>> part, i.e., check your inbox or spam. And I do not know how it could be
>> simplified.
> 
> Yes, on top of that comes the gray-listing, which increases the waiting
> time.
> 
> Perhaps… we shouldn’t use Debbugs directly. I have a couple of
> annoyances with Debbugs, including the fact that we cannot configure the
> contents of the emails it sends out. Maybe it is time to implement a
> friendlier email-based frontend…
> 
> --
> Ricardo

Re: Hardened toolchain

[jbranso]

April 14, 2022 3:00 PM, "Development of GNU Guix and the GNU System 
distribution."
 wrote:

> Mar 29, 2022, 10:15 by l...@gnu.org:
> 
>> Hi,
>> 
>> Maxim Cournoyer  skribis:
> 
> Maxime Devos  writes:
>> zimoun schreef op ma 21-03-2022 om 14:34 [+0100]:
> 
> * gcc can be compiled with `--enable-default-ssp --enable-default-
> pie`
> to enforce ssp and pic
>> You wrote [1]:
>> 
>> --8<---cut here---start->8---
>> (define-public gcc
>> (package
>> (inherit gcc)
>> (arguments
>> (substitute-keyword-arguments (package-arguments gcc)
>> ((#:configure-flags flags
>> `(append (list "--enable-default-ssp" "--enable-default-pie")
>> ,flags)))
>> --8<---cut here---end--->8---
>> 
>> I think it would be a lot simpler to just add this to the 'standard'
>> gcc configure flags, in (gnu packages gcc), given that probably the
>> idea is to do this hardening for all packages? Needs a world-rebuild
>> though.
> 
> +1. The whole distribution can probably benefit from this hardening.
>> That’s something worth trying in a branch off ‘core-updates’.
>> 
>> Stack smashing protection (SSP) may incur measurable run-time overhead
>> though so enabling that one by default may be less consensual.
> 
> We could do it like how NixOS does it [1]. There can be a `harden?` list in 
> the build system that
> contains a default set of flags. Packages that need to have less hardening 
> for performance or other
> reasons can modify that list. I believe this was discussed in an old email 
> (not this thread).

I like this idea.  I propose we make harden? default to #t.  That way 
practically most packages will be built with
hardened features.  Let's face it, I am a bit lazy, if I submit a package to 
guix, I am usually going to be it the easy way.  If the easy way is harden? #f, 
then that's is how I will submit it.  :)

> 
>> There are other things that could be done in this area, often with no or
>> little overhead, such as building with -D_FORTIFY_SOURCE. Doing that
>> transparently (without changing build systems) is a bit of a challenge
>> though.
>> 
>> Ludo’.
> 
> Where and how should the default make and ldflags be set? I guess they could 
> be set in the
> build-system/*.scm.
> 
> [1] https://blog.mayflower.de/5800-Hardening-Compiler-Flags-for-NixOS.html

Re: Video Conference

[jbranso]

April 2, 2022 12:26 AM, "Yasuaki Kudo"  wrote:

> Hi,
> 
> 2 years ago, I joined meet.coop , a video conference service cooperative and 
> explored the business
> potential in Japan.
> 
> The coop hosted BBB but the gap I discovered was that the potential customers 
> in Japan would not be
> interested unless the service is customized to their exact needs - otherwise 
> they preferred Zoom
> and Google meet.
> 
> So ability to to take the video conference service into minimalist components 
> and then reassembling
> is very important 
> 

Sounds like a worthwhile project.  You can always reach out to the BBB or jitsi 
developers
and see what they think of your proposal.

> -Yasu
> 
>> On Apr 2, 2022, at 03:59, jbra...@dismail.de wrote:
>> 
>> March 31, 2022 7:53 PM, "Yasuaki Kudo"  wrote:
>> 
>>> Hello,
>>> 
>>> From time to time, I think about audio/video mixer (.i.e. video conference 
>>> software like BBB or
>>> Jitsi) , with the intension of making it highly modular that it can be 
>>> freely remixed and
>>> reinvented by volunteer participants.
>>> 
>>> Is anyone interested? Or is can you think about something that already 
>>> exists?
>> 
>> Your proposal sounds a little vague. What are you hoping to accomplish that 
>> BBB or Jitsi
>> does not already do?
>> 
>>> Cheers,
>>> Yasu

Re: Video Conference

[jbranso]

March 31, 2022 7:53 PM, "Yasuaki Kudo"  wrote:

> Hello,
> 
> From time to time, I think about audio/video mixer (.i.e. video conference 
> software like BBB or
> Jitsi) , with the intension of making it highly modular that it can be freely 
> remixed and
> reinvented by volunteer participants.
> 
> Is anyone interested? Or is can you think about something that already exists?

Your proposal sounds a little vague.  What are you hoping to accomplish that 
BBB or Jitsi 
does not already do?

> 
> Cheers,
> Yasu

Re: Fwd: [Libre-soc-dev] CLEAR, Open Source FPGA

[jbranso]

March 28, 2022 1:02 PM, "Tobias Platen"  wrote:

> If they succeed the free toolchain can be packaged in guix.

I am not so well versed in hardware...Why is this exciting?

It only has 3kb of RAM.  This could power an mp3 player?   maybe?

Re: About mate-1.26 patchs status.

[jbranso]

March 3, 2022 9:55 PM, "tumashu"  wrote:

> Hello:
> 
> I have sent some patchs about mate-1.26 to guix-patches, but seem to no 
> response for a week，
> I would like to know its status :-)

This is a guix community bottleneck.  The guix maintainers are overwhelmed.  
Theres lots
of patches that need need reviewing.  :)  I myself have one such patch for 
endlessh. 1

I suggest you and I do the following:

We should review one of the open issues.  We should check to see if the latest 
patch works.
Or perhaps we could merge two issues.  That would be a good way to help the 
maintainers.

:)

Thanks,

Joshua
https://gnucode.me


1. https://issues.guix.gnu.org/39136
> 
> 1. https://issues.guix.gnu.org/54166
> 2. [my develop repo]: https://github.com/tumashu/guix
> 
> Thanks!

Re: What are the specs for your guix server?

[jbranso]

March 2, 2022 2:22 AM, "Julien Lepiller"  wrote:

> It's relatively small. 8 cores, 8 GB of RAM, 1 TB of disk and good bandwidth 
> for 150€/year. Serving
> the videos just require some bandwidth, no processing. I don't really have 
> numbers for that, but I
> would be surprised if more than two people downloaded videos at the same time.

I am really surprised at how cheap your server is.  That sounds like a pretty 
good deal.  I guess 
I underestimate how much computing power a tiny server can do.

> 
> On March 2, 2022 12:36:04 AM GMT+01:00, jbra...@dismail.de wrote:
> 
>> March 1, 2022 5:36 PM, "Julien Lepiller"  wrote:
>> 
>>> Thanks, I changed the default format and published the .ass file on my 
>>> server. Not sure about the
>>> other files.
>> 
>> I was pretty impressed that you were able to serve/host those videos. How
>> powerful is your server? May I ask how much it costs you?
>> 
>> Thanks,
>> 
>> Joshua
>> 
>>> On March 1, 2022 11:08:50 PM GMT+01:00, Tanguy LE CARROUR 
>>>  wrote:
>>> 
 Hi Julien,
 
 Quoting Julien Lepiller (2022-03-01 15:36:19)
 
> I'm looking for volunteers to create English subtitles for the Guix Days
> talks. […] Please send me the subtitles once
> they are completed, I'll add them with the videos.
 
 It's my first time, so thank you for your indulgence! :-)
 
 I'm attaching my humble contribution:
 
 - `.txt` the transcription ;
 - `.ass` the file created by Aegisub ; and
 - `.sub` an attempt to export it to sub format.
 
 I have to admit that is pretty bad "punctuation-wise", because I was not
 sure were the sentences started and ended. Sorry!
 
 Just let me know if I have to fix anything.
 
 Regards,
 
 --
 Tanguy

What are the specs for your guix server?

[jbranso]

March 1, 2022 5:36 PM, "Julien Lepiller"  wrote:

> Thanks, I changed the default format and published the .ass file on my 
> server. Not sure about the
> other files.

I was pretty impressed that you were able to serve/host those videos.  How 
powerful is your server?  May I ask how much it costs you?

Thanks,

Joshua

> 
> On March 1, 2022 11:08:50 PM GMT+01:00, Tanguy LE CARROUR 
>  wrote:
> 
>> Hi Julien,
>> 
>> Quoting Julien Lepiller (2022-03-01 15:36:19)
>> 
>>> I'm looking for volunteers to create English subtitles for the Guix Days
>>> talks. […] Please send me the subtitles once
>>> they are completed, I'll add them with the videos.
>> 
>> It's my first time, so thank you for your indulgence! :-)
>> 
>> I'm attaching my humble contribution:
>> 
>> - `.txt` the transcription ;
>> - `.ass` the file created by Aegisub ; and
>> - `.sub` an attempt to export it to sub format.
>> 
>> I have to admit that is pretty bad "punctuation-wise", because I was not
>> sure were the sentences started and ended. Sorry!
>> 
>> Just let me know if I have to fix anything.
>> 
>> Regards,
>> 
>> --
>> Tanguy

Re: How to run a command before shutdown.

[jbranso]

February 20, 2022 5:53 AM, "tumashu"  wrote:

> Hello:
> 
> I want to run "rmmod mt7921e" before shutdown, how to setup in guix system?
> 
> Thanks!

I recommend you ask this question in "help-g...@gnu.org".  You'll probably
find more help there!

Thanks!

Joshua

Re: unbound-service-type

[jbranso]

February 11, 2022 6:43 AM, "Josua Stingelin"  wrote:

> Hei Guix!
> 
> As far as I can see there's no service type to run unbound. A local, 
> recursive,
> caching DNS server.
> 
> I've tried to create it - but it doesn't quite work.
> 
> In order to be pushed upstream I'd like to add the configuration of the 
> options
> easily using the unbound-configuration-type.
> 
> For now I'd just like to get it up and running to start playing around with
> more configuration options.
> 
> I'd like unbound to run in a chroot and with the user unbound.
> 
> So I started with the user account.
> 
> (define %unbound-accounts
> (list (user-account
> (name "unbound")
> (group "nogroup")
> (system? #t)
> (comment "unbound daemon user")
> (home-directory "/etc/unbound")
> (shell (file-append shadow "/sbin/nologin")
> 
> Then I defined the unbound-configuration record type. Later on I want to 
> expand
> that. (Allow configuring of the user, group and directly set properties 
> instead
> of copying the configuration file)
> 
> (define-record-type* 
> unbound-configuration make-unbound-configuration
> unbound-configuration?
> (package unbound-configuration-package
> (default unbound))
> (pid-file unbound-configuration-pid-file
> (default "/etc/unbound/unbound.pid")))
> 
> Next there is the shepherd-service configuration.
> 
> (define unbound-shepherd-service
> (match-lambda
> (($  package pid-file)
> (list (shepherd-service
> (provision '(unbound))
> (documentation "Run the unbound DNS server.")
> (requirement '(networking))
> (start #~(make-forkexec-constructor
> '(#$(file-append package "/sbin/unbound")
> "-d"
> "-c" "/etc/unbound/unbound.conf")
> #:pid-file #$pid-file))
> (stop #~(make-kill-destructor)))
> 
> Based on these definitions I can now create the unbound-service-type.
> 
> (define unbound-service-type
> (service-type
> (name 'unbound)
> (extensions
> (list (service-extension shepherd-root-service-type unbound-shepherd-service)
> (service-extension account-service-type (const %unbound-accounts
> (default-value (unbound-configuration))
> (description "Run the unbound DNS server")))
> 
> However when I add these to my operating-system configuration, and copy the
> configuration file using the etc-service-type it doesn't run on start.
> 
> (operating-system
> ...
> (services (append (list
> (simple-service 'unbound-service
> etc-service-type
> `(("unbound/unbound.conf", (local-file "unbound/unbound.conf"))
> ("unbound/root.hints", (local-file "unbound/root.hints"))
> ("unbound/root.key", (local-file "unbound/root.key"
> (service unbound-service-type))
> %base-services)))
> 
> As /etc/unbound is owned by root and a symlink to /etc/static/unbound that
> isn't surprising.
> 
> How would I configure such a service under Guix (point me to an example 
> maybe?)
> and which directory should be used for the chroot? /etc/unbound doesn't feel
> quite right.

I made some online videos of me a while ago trying to compliment the existing 
opensmtpd-service
that guix has.  It might not be a specific answer to your problem but perhaps 
you could get some
ideas workflow suggestions:

the videos are here: https://video.hardlimit.com/w/p/bmbYAkQ84BBfF4aAZNAPcR

> 
> Kind Regards
> Josua a.k.a Joshua/Josh

Re: Clarifying blog post licensing

[jbranso]

January 27, 2022 12:59 AM, "Jan Nieuwenhuizen"  wrote:

> Ludovic Courtès writes:
> 
>> With a few exceptions, our blog posts do not have a license, which is
>> not great
> 

I agree.

Joshua Branson.


> --
> Jan Nieuwenhuizen  | GNU LilyPond http://lilypond.org
> Freelance IT http://JoyofSource.com | Avatar® http://AvatarAcademy.com

Re: GNU Shepherd config contribution

[jbranso]

January 16, 2022 8:06 PM, "Adam Faiz"  wrote:

> On 16/01/2022 16:41, jbra...@dismail.de wrote:
> 
>> Hey, Adam thanks for this submission!
>> I think it's great that you can give examples of shepherd services! I don't 
>> really know
>> much about how to define shepherd services. Maybe you could teach me 
>> sometime.
>> Since, you are wanting to submit code, we recommend that you paste your code 
>> to
>> guix-patc...@gnu.org.
>> https://guix.gnu.org/manual/en/html_node/Submitting-Patches.html#Submitting-Patches
>> Where do you want your code snippets/documentation to go? Do you want to add 
>> to the cookbook?
>> Or do you want to add to the manual?
>> Thanks,
>> Joshua
> 
> I think the code snippets should go in the "Service Examples" section of the 
> GNU Shepherd manual.

Sounds like a plan.  I encourage you to send a git patch to 
guix-patc...@gnu.org.

You can also see me do some documentation things for guix here:

https://video.hardlimit.com/w/p/1QcKYmwsbAptwmizJDsxSD?playlistPosition=27=true

This is a good guide for how to use git send-email.

https://git-send-email.io/

Re: GNU Shepherd config contribution

[jbranso]

Hey, Adam thanks for this submission!

I think it's great that you can give examples of shepherd services!  I don't 
really know 
much about how to define shepherd services.  Maybe you could teach me sometime.

Since, you are wanting to submit code, we recommend that you paste your code to
guix-patc...@gnu.org.

https://guix.gnu.org/manual/en/html_node/Submitting-Patches.html#Submitting-Patches

Where do you want your code snippets/documentation to go?  Do you want to add 
to the cookbook?

Or do you want to add to the manual?

Thanks,

Joshua

January 15, 2022 10:56 AM, "Adam Faiz"  wrote:

> Hello! I would like to contribute examples of Shepherd services, by sending 
> my Shepherd system
> configuration file that I use. Attached is the configuration file.
> 
> I hope this will help add more detailed examples to the GNU Shepherd manual.

help with my opensmtpd-records.scm file

[jbranso]

Hey guix!

I am still working on extending guix's current opensmtpd-service with (guix 
records). 

I am getting fairly close to realizing that goal. For example this works:

(display (opensmtpd-configuration->mixed-text-file
 (let ([interface "wlp2s0"]
 [creds (opensmtpd-table
 (name "creds")
 (values
 (list
 (cons "joshua"
 
"$6$Ec4m8FgKjT2F/03Y$k66ABdse9TzCX6qaALB3WBL9GC1rmAWJmaoSjFMpbhzat7DOpFqpnOwpbZ34wwsQYIK8RQlqwM1I/v6vsRq86."]
 [receive-action (opensmtpd-action-local-delivery-configuration
 (name "receive")
 (method (opensmtpd-maildir-configuration
 (pathname "/home/%{rcpt.user}/Maildir")
 (junk #t)))
 (virtual "vusers"))]
 [smtp.gnucode.me (opensmtpd-pki
 (domain "smtp.gnucode.me")
 (cert "opensmtpd.scm")
 (key "opensmtpd.scm"))])
 (opensmtpd-configuration
 (mta-max-deferred 50)
 (queue
 (opensmtpd-queue-configuration
 (compression #t)))
 (smtp
 (opensmtpd-smtp-configuration
 (max-message-size "10M")))
 (srs
 (opensmtpd-srs-configuration
 (ttl-delay "5d")))
 (listen-ons
 (list
 ;; this forum help suggests that I listen on 0.0.0.0 and NOT eth0
 ;; https://serverfault.com/questions/726795/opensmtpd-wont-work-at-reboot
 ;; this listens for email from the outside world
 (opensmtpd-listen-on
 (interface interface)
 (port 25)
 (secure-connection "tls")
 (pki smtp.gnucode.me)
 )
 ;; this lets local users logged into the system via ssh send email
 (opensmtpd-listen-on
 (interface "lo")
 (port 25)
 (secure-connection "tls")
 (pki smtp.gnucode.me))
 (opensmtpd-listen-on
 (interface interface)
 (port 465)
 (secure-connection "smtps")
 (pki smtp.gnucode.me)
 (auth creds)
 ;;(filter )
 )
 (opensmtpd-listen-on
 (interface interface)
 (port 587)
 (secure-connection "tls-require")
 (pki smtp.gnucode.me)
 (auth creds)
 )))
 (matches (list
 (opensmtpd-match
 (action (opensmtpd-action-relay-configuration
 (name "send")))
 (for (opensmtpd-match-option-configuration
 (option "for any")))
 (from (opensmtpd-match-option-configuration
 (option "from any")))
 (auth (opensmtpd-match-option-configuration
 (option "auth"
 (opensmtpd-match
 (action receive-action)
 (from (opensmtpd-match-option-configuration
 (option "from any")))
 (for (opensmtpd-match-option-configuration
 (option "for domain")
 (value "gnucode.me"))
 ;;FIXME/TODO put in a table  here
 ;;"for domain "
 ))
 (opensmtpd-match
 (action receive-action)
 (for (opensmtpd-match-option-configuration
 (option "for local"))

;; and it outputs:
smtp max-message-size 10M
srs ttl 5d
queue compression

mta max-deferred 50

pki smtp.gnucode.me cert "opensmtpd.scm"
pki smtp.gnucode.me key "opensmtpd.scm"

listen on wlp2s0 tls port 25 pki smtp.gnucode.me
listen on lo tls port 25 pki smtp.gnucode.me
listen on wlp2s0 smtps port 465 pki smtp.gnucode.me auth 
listen on wlp2s0 tls-require port 587 pki smtp.gnucode.me auth 

action "send" relay
action "receive" maildir "/home/%{rcpt.user}/Maildir" junk virtual  

match from any for any auth action "send"
match from any for domain gnucode.me action "receive"
match for local action "receive"
My question has to do with how I am handling the opensmtpd filters...Some of 
the opensmtpd filter
commands execute programs. I would like to get some advice about how to let 
some of the
's fieldnames be gexps. My current opensmtpd.scm file 
does so:

https://notabug.org/jbranso/linode-guix-system-configuration/src/master/opensmtpd.scm
 
(https://notabug.org/jbranso/linode-guix-system-configuration/src/master/opensmtpd.scm)

(though I am getting some errors with the procedure

create-etc-dkimsign-key-file. I should probable use the guix's 
etc-service instead). Anyway, Right now I am using a LOT of code like  
(mixed-text-file (string-append variable (string-append (function 
(string-append (another-function ...

I suppose I should instead change this to

(define my-list (list (function ...) (function ...) (list (function (list 
(function ...) (function ...

(mixed-text-file (apply string-append (flatten my-list))) 
BUT that doesn't quite answer my issue. It would be helpful to allow some 
's
fieldnames accept gexps. How would I allow go about doing that?

I think that the answer would be to use guix's mixed-text-file*, but I am not 
sure how to do that elegantly...

My current code is here:

https://notabug.org/jbranso/linode-guix-system-configuration/src/master/opensmtpd-records.scm
 
(https://notabug.org/jbranso/linode-guix-system-configuration/src/master/opensmtpd-records.scm)

Perhaps a more targeted question would be how do I modify the current procedure

opensmtpd-filter-proc-exec->string record to accept gexps?  

Suggestions are most welcome.

My thoughts about the service are here: 

https://notabug.org/jbranso/linode-guix-system-configuration/src/master/opensmtpd.org
 
(https://notabug.org/jbranso/linode-guix-system-configuration/src/master/opensmtpd.org)
Thanks,

Joshua

Re: Time for a request-for-comments process?

[jbranso]

October 27, 2021 6:51 PM, "Katherine Cox-Buday"  
wrote:

> Ludovic Courtès  writes:
> 
>> I think a major goal of the process would be to formalize a minimum
>> and a maximum duration under which an RFC is under evaluation, and a
>> mechanism to determine whether it’s accepted or withdrawn.
> 
> I think it's a good idea. The only contribution I can give is that I would 
> not have known =guix
> shell= was coming had I not been watching the patches list. So in addition to 
> formalizing what
> you've mentioned, I suggest we also formalize a location to watch (guix-devel 
> seems logical?).
 
That's why I didn't see guix shell coming.  I don't follow guix patches...

> --
> Katherine

Re: Time for a request-for-comments process?

[jbranso]

October 27, 2021 5:23 PM, "Ludovic Courtès"  wrote:

> Hello Guix!
> 
> The recent ‘guix shell’ addition is almost anecdotal technically yet
> important for the project because users interact with Guix primarily
> through the CLI. Adding a new command is a commitment (our users must
> trust it won’t change overnight), and getting the details wrong could
> make us fail to honor that commitment.
> 
> For ‘guix shell’ I left time for comments and repeatedly asked people to
> comment; yet pushing it was a bit stressful: Did I make a mistake? Did
> everyone with a stake in this really have a chance to comment?

I absolutely love the new guix shell! "-ad-hoc" was a bit confusing to
understand.  I know more about guix shell in 5 minutes than I did with
a few years of guix environment!  

> That makes me think it’s perhaps time for a formalized
> request-for-comments (RFC) kind of process for such “major changes”. We
> could draw inspiration from one of the many existing processes: Python’s
> PEPs, Scheme’s SRFIs, Nix’s RFCs, Rust’s MCPs, etc. I think a major
> goal of the process would be to formalize a minimum and a maximum
> duration under which an RFC is under evaluation, and a mechanism to
> determine whether it’s accepted or withdrawn.

I'm all for a RFC!  Somehow I missed any communication about this new
guix shell, and I normally follow the mailing lists like a 11th grade
stalker (not that I have any experience with stalking...I can't really
discuss it until the lawsuit is over...).

But then again my comments are perhaps not as weighty as others?  I have
only really been the occasional guix documentation writer.  

> Thoughts? Anyone with experience with such a process?
> 
> Ludo’.

Re: Public guix offload server

[jbranso]

October 21, 2021 12:44 PM, "Tobias Geerinckx-Rice"  wrote:

> Joshua Branson 写道：
> 
>> I've got an old Dell Optiplex 7020 with 30 gigs of RAM with a
>> 3TB
>> hard-drive just sitting around. My landlord and ISP is ok with
>> me
>> running a server. I just set everything up. Would this be
>> powerful/interesting to some?
> 
> Well, not going to lie: yes.
> 
> I've heard that US power is relatively cheap, but are you sure?
> :-)
 
I guess we'll find out how expensive it gets...if I can't get enough 
donations to keep it running, I could always shut it off.

> Kind regards,
> 
> T G-R

Re: I just got my pinephone.

[jbranso]

October 2, 2021 11:40 AM, "Christine Lemmer-Webber"  
wrote:

> jbra...@dismail.de writes:
> 
>> October 1, 2021 6:56 PM, "Christine Lemmer-Webber"  
>> wrote:
>> 
>>> I think the easiest step to first testing would be to install Guix
>>> (userspace package manager) from Debian on Mobian. I've been meaning to
>>> do that, haven't tried yet...
>> 
>> WeirdlyI'm not certain that I want guix on my pinephone. Specifically
>> I got my Pinephone, because I was tired of google's spyware. AND I wanted
>> a life phone, which is a phone that is so boring to use, you put it down
>> and go live a life instead. :)
>> 
>> I've actually installed Mobian, removed the user "mobian" from the
>> suoders list, and had my mom change the root password on my phone.
>> So, my phone by design does not have firefox or tootle installed...
>> 
>> If I installed guix system, I could re-install those annoying apps
>> that drain my life away. It would be nice if guix system could
>> create a user that is not allowed to install applications, or had
>> only a whitelist of applications that he could install.
>> 
>> That's my two cents. :)
> 
> Well I understand. For years I've kept all the social stuff off my
> phone to not be too sucked into it. I use a browser, but in read-only
> mode...!

Also what's read-only mode?  A web browser that doesn't support images/video ?

Re: I just got my pinephone.

[jbranso]

October 2, 2021 11:40 AM, "Christine Lemmer-Webber"  
wrote:

> jbra...@dismail.de writes:
> 
>> October 1, 2021 6:56 PM, "Christine Lemmer-Webber"  
>> wrote:
>> 
>>> I think the easiest step to first testing would be to install Guix
>>> (userspace package manager) from Debian on Mobian. I've been meaning to
>>> do that, haven't tried yet...
>> 
>> WeirdlyI'm not certain that I want guix on my pinephone. Specifically
>> I got my Pinephone, because I was tired of google's spyware. AND I wanted
>> a life phone, which is a phone that is so boring to use, you put it down
>> and go live a life instead. :)
>> 
>> I've actually installed Mobian, removed the user "mobian" from the
>> suoders list, and had my mom change the root password on my phone.
>> So, my phone by design does not have firefox or tootle installed...
>> 
>> If I installed guix system, I could re-install those annoying apps
>> that drain my life away. It would be nice if guix system could
>> create a user that is not allowed to install applications, or had
>> only a whitelist of applications that he could install.
>> 
>> That's my two cents. :)
> 
> Well I understand. For years I've kept all the social stuff off my
> phone to not be too sucked into it. I use a browser, but in read-only
> mode...!

Thanks for understanding Chris.  For some reason I expected people to be
annoyed with me for not wanting guix on my phone...  :)

>> 
>> Thanks,
>> 
>> Joshua
>> 
>> 1. https://postmarketos.org/source-code
>> 2. https://jmp.chat

Re: I just got my pinephone.

[jbranso]

October 1, 2021 6:56 PM, "Christine Lemmer-Webber"  
wrote:

> I think the easiest step to first testing would be to install Guix
> (userspace package manager) from Debian on Mobian. I've been meaning to
> do that, haven't tried yet...

WeirdlyI'm not certain that I want guix on my pinephone.  Specifically 
I got my Pinephone, because I was tired of google's spyware.  AND I wanted
a life phone, which is a phone that is so boring to use, you put it down
and go live a life instead.  :)

I've actually installed Mobian, removed the user "mobian" from the 
suoders list, and had my mom change the root password on my phone.  
So, my phone by design does not have firefox or tootle installed...

If I installed guix system, I could re-install those annoying apps 
that drain my life away.  It would be nice if guix system could 
create a user that is not allowed to install applications, or had
only a whitelist of applications that he could install. 

That's my two cents.  :)

> 
> from there we can look at what's necessary to go full distro
> 
> Kaelyn  writes:
> 
>> Hi Guix!
>> 
>> I just received my pinephone this morning, so I'm going to be
>> interested in bringing Guix to the pinephone as well. I hope to have
>> the capacity to help with the efforts, even if it's just the
>> occasional testing.
>> 
>> Cheers,
>> Kaelyn
>> 
>> Sent with ProtonMail Secure Email.
>> 
>> ‐‐‐ Original Message ‐‐‐
>> 
>> On Wednesday, September 1st, 2021 at 12:39 PM, Joshua Branson 
>>  wrote:
>> 
>>> Hey Guix!
>>> 
>>> I just got my phinephone. It's currently running postmarketOS (1). I
>>> 
>>> usually work nights two nights a week 10pm-6am (EST) Sunday night and
>>> 
>>> Monday night. If a guix developer would like ssh access to it during
>>> 
>>> those times, then please let me know. If I should use Mobian instead
>>> 
>>> to help port guix to it, then I would be willing to switch.
>>> 
>>> I'd be happy to help out! Also jmp.chat (2) works really well with
>>> 
>>> chatty.
>>> 
>>> Thanks,
>>> 
>>> Joshua
>>> 
>>> 1. https://postmarketos.org/source-code
>>> 2. https://jmp.chat

Re: PATCH: clarify some of the Guix Linode recipe

[jbranso]

September 8, 2021 4:37 PM, "Ludovic Courtès"  wrote:

> Hi Grant,
> 
> Grant Shoshin Shangreaux  skribis:
> 
>> Hello! I hope I'm not double posting, but I think the email I intended
>> to send before never made it out of my outbox. I recently set up GuixSD
>> on Linode following the cookbook. I hit a few snags along the way where
>> I either missed something or misunderstood, so I thought I'd offer a
>> patch with a few clarifications to the article. Some of it is likely due
>> to changes in the Linode UI. Hopefully this patch is helpful.
> 
> Looks like this message fell through the summer cracks…
> 
>> From 446bf79c3733936306e9fd95c46cbfd495f6bc2a Mon Sep 17 00:00:00 2001
>> From: Grant Shangreaux 
>> Date: Mon, 23 Aug 2021 22:47:05 -0500
>> Subject: [PATCH] doc: add clarifications to Linode cookbook recipe
>> 
>> * doc/guix-cookbook.texi: clarify Linode recipe
>> 
>> Reword paragraph about adding the Guix device disk to Debian config.
>> Improve example commands for sftp-ing files to the server.
>> Minor wording fixes
> 
> This looks like a welcome improvement, so I went ahead and applied it.
> (Cc’ing Joshua, who originally wrote this section.)

Thanks Ludo!  You're 10x as productive as me!

> 
> Thanks!
> 
> Ludo’.

PackaginCon

[jbranso]

Hey Guix,

Apparently there is going to be a virtual Packaging Conference this year:

https://packaging-con.org/

On the 9th and 10th of November 2021.

An excerpt from the website:

Our mission is to bring different software ecosystems together: from
Python’s pip to Rust’s cargo to Julia’s Pkg, from Debian apt
over to Nix to conda and mamba, and from vcpkg to spack,
and even to npm, we hope to have many different approaches to
package management at the conference.

Thanks,

Joshua

P.S.

Important Dates
* Submissions open: 20 July 2021 
* Submissions close: 31 August 2021 
* Notifications: 13 September 2021 
* Conference date: 9 & 10 November 2021

Fwd: Hurd Security vulnerabilities, please upgrade!

[jbranso]

So this email from the Hurd developers just came through about recent GNU/Hurd
vunerabilities.  :)

 Forwarded message ---
From: "Samuel Thibault" 
To: debian-h...@lists.debian.org, hurd-...@gnu.org
Sent: August 9, 2021 10:04 PM
Subject: Hurd Security vulnerabilities, please upgrade!
Hello,

In the past months, Sergey Bugaev has been working on fixing some
Hurd security vulnerabilities. This is now fixed in the latest Debian
packages, so please upgrade and reboot!

hurd >= 1:0.9.git20210404-9
libc0.3 >= 2.31-13+hurd.1
gnumach-image-1.8-* >= 2:1.8+git20210809-1

(A libc0.3 2.31-13+hurd.2 upload will also happen tomorrow, but that
will only be intended to fix builds)

Samuel
-BEGIN PGP SIGNATURE-

iQIzBAABCgAdFiEEi6MnFvk67auaclLJ5pG0tXV4H2IFAmER3joACgkQ5pG0tXV4
H2KQcQ//Yfx8v9/oYqeDtUmgbkjtFXhglqColqThFowKsRnzbJxZ4wEDMULZG7Mc
b7JNMgEaknc6xazzwbCF4ZwyOxjRbh1QOVL56cXrGj862WyUbn/tvcFJShV8/qsI
ImhsO6TBaPgQ67XJOQl/yFo7PWkXfQa8Kbv/xONClB2/aHGCfVlqJCMcQv3+vwj8
yZIvCPtLRMbeAt0yrs395o4GVI3Q6w1BnPy/yXqWLZ10QAeh5RnlCX+rU1zQEvIN
wtZa3WYqbxq4DvU3d2JkhiH7EO/tLAiKm4fU97DAQniFIdjzi63R8x1QRcw6ESEM
TUn2rG2z7eKHaM9CUHZ79XkOjQylX+2zh3dw/k9t+ktQIibil8nL0468lJ6CF6wE
WFpMAO+46RPaeUv3YZ/VSK5YnMGN2UHy82vG737zgifkn1IYcDEUggAhfTHOVLrY
2BJWRL3Bm5SBqgxVOm3PKCsr1FQOwwWe/vGsZWaqDMdcMnm08iwZMP9YOACfJaT5
oQOwn8R6tLSBcnlw9zMsVOK+bA2WPsPXWuKQEpK7TKLKNj28IoAOalgwVAMP5oS9
zo6wGv+/kWItUFzxCIeK5r7jhOd4US8WSIgb2b3P5PD4dbJ09RWorTPVDxiul45y
zQ+rXLPzmmrlZKL1LBB8Mq6l2HDwa3iY00AnE6U13UELTYgZuc0=
=CmA8
-END PGP SIGNATURE-

Re: Early feedback on Guix Home

[jbranso]

June 24, 2021 8:14 AM, "Xinglu Chen"  wrote:

> On Wed, Jun 23 2021, Ludovic Courtès wrote:
> 
> Alternatively, one can also use it as a channel:
> 
> (channel
> (name 'rde)
> (url "https://git.sr.ht/~abcdw/rde;))
> (introduction
> (make-channel-introduction
> "257cebd587b66e4d865b3537a9a88cccd7107c95"
> (openpgp-fingerprint
> "2841 9AC6 5038 7440 C7E9 2FFA 2208 D209 58C1 DEB0"

Maybe I'm doing it wrong...my ~/.config/guix/channels.scm

;; Add variant packages to those Guix provides.
(append
(list
(channel
(name 'guix-packages)
(url "https://notabug.org/jbranso/guix-packages;))
(channel
(name 'rde)
(url "https://git.sr.ht/~abcdw/rde;)
(introduction
(make-channel-introduction
"257cebd587b66e4d865b3537a9a88cccd7107c95"
(openpgp-fingerprint
"2841 9AC6 5038 7440 C7E9 2FFA 2208 D209 58C1 DEB0")
%default-channels)

$ guix pull
Updating channel 'guix-packages' from Git repository at
'https://notabug.org/jbranso/guix-packages'...
Updating channel 'rde' from Git repository at 'https://git.sr.ht/~abcdw/rde'...
Updating channel 'guix' from Git repository at 
'https://git.savannah.gnu.org/git/guix.git'...
Authenticating channel 'guix', commits 9edb3f6 to 8553f00 (3 new commits)...
Building from these channels:
guix https://git.savannah.gnu.org/git/guix.git 8553f00
rde https://git.sr.ht/~abcdw/rde 6d32c23
guix-packageshttps://notabug.org/jbranso/guix-packages d4b6f35

$ guix build home.scm
$ guix pull

I suppose for now I will use Ludo's suggestion:

  git clone https://git.sr.ht/~abcdw/rde
  guix git authenticate \
"257cebd587b66e4d865b3537a9a88cccd7107c95" \
"2841 9AC6 5038 7440 C7E9  2FFA 2208 D209 58C1 DEB0" \
-k origin/keyring
  ./pre-inst-env guix home reconfigure /path/to/home-config.scm

Failed to execute process './pre-inst-env'. Reason:
exec: Exec format error
The file './pre-inst-env' is marked as an executable but could not be run by 
the operating system.


Eventually I'll be able to get it to work!  But I do like the concept!

#+BEGIN_SRC scheme
(use-modules (gnu home)
 (gnu home-services)
 (gnu home-services ssh)
 (gnu home-services shells)
 (gnu home-services files)
 (gnu services)
 (gnu packages admin)
 (guix gexp)
 (my-home packages) ;; %defines %my-packages
 )


(home-environment
 (home-directory "/home/joshua")
 ;; (symlink-name ".guix-home-env")
 (packages %my-packages)
 (services
  (list
   (service home-bash-service-type
(home-bash-configuration
 (guix-defaults? #t)
 (bash-profile '("\ export 
HISTFILE=$XDG_CACHE_HOME/.bash_history;\n"
 "if [[ -z $DISPLAY ]] && [[ $(tty) = /dev/tty3 ]]; 
then\n"
 "# this may fix a bug that I have with termite 
confusing backspace as space in guix environment\n"
 "# export TERM=linux\n"
 "# shepherd -c 
/home/joshua/.config/shepherd/init.scm &\n"
 "export MOZ_ENABLE_WAYLAND=1;\n"
 "export 
GUIX_PACKAGE_PATH=/home/joshua/prog/gnu/guix/guix-packages/;\n"
 "export 
XDG_DATA_DIRS=/var/lib/flatpak/exports/share:/home/joshua/.local/share/flatpak/exports/share:$XDG_DATA_DIRS;\n"
 "exec dbus-run-session sway;\n"
 "fi"
 ))
 (bashrc
  '("alias lamora='ssh -p 63355 lamora'"

   (simple-service 'termite-config
   home-files-service-type
   (list `("config/termite/config"
   ,(local-file "config-files/termite-config"
"config"

   (simple-service 'sway-config
   home-files-service-type
   (list `("config/sway/config"
   ,(local-file "config-files/sway-config"
"config"

   (simple-service 'sway-config
   home-files-service-type
   (list `("config/sway/status.sh"
   ,(local-file "config-files/sway-status.sh"
"status.sh"
   
   )))

#+END_SRC

Is Guix vulnerable to this polkit CVE?

[jbranso]

I just found this article on polkit having a CVE:

https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/
 
(https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/)
It looks pretty nasty...

" The vulnerability enables an unprivileged local user to get a root shell on 
the system. It’s easy to exploit with a few standard command line tools, as you 
can see in this short video (https://youtu.be/QZhz64yEd0g). In this blog post, 
I’ll explain how the exploit works and show you where the bug was in the source 
code. "
In the hacker news comments it is fixed in:
https://news.ycombinator.com/item?id=27462247 
(https://news.ycombinator.com/item?id=27462247)

Polkit version 0.119 fixes it, here's the diff: 
https://gitlab.freedesktop.org/polkit/polkit/-/commit/a04d13... 
(https://gitlab.freedesktop.org/polkit/polkit/-/commit/a04d13affe0fa53ff618e07aa8f57f4c0e3b9b81)
You all awesome devs have probably already fixed it, but I am just emailing to 
make sure.

Thanks!

Joshua

"Aim for stars...because even if you'll fall at least you'll fall on Uranus."

Re: Hurd substitute availability (27.5%) and next steps?

[jbranso]

I'd be happy to reformat this as a guix blog post, unless you'd rather
I not.  

Thanks,

Joshua

March 8, 2021 4:57 PM, "Christopher Baines"  wrote:

> Hey,
> 
> So I finally got around to trying the Guix Build Coordinator agent on
> the Hurd [1], and builds have been happening on the guix.cbaines.net
> build farm that I've been using to test the Guix Build Coordinator when
> building things for substitutes.
> 
> 1: https://lists.gnu.org/archive/html/guix-devel/2021-02/msg00223.html
> 
> The tooling I've got for looking at how far things have progressed isn't
> great, but either there are blocking builds or some that have got stuck,
> as the agents aren't particularly active currently. Anyway, currently
> for one recent revision (1462a11dbb3d2256c8693e56a583cfd100e27609) I
> tried, guix weather reports 27.5% of substitutes are available. [2]
> 
> → guix weather --system=i586-gnu --substitute-urls=https://guix.cbaines.net 
> computing 10,415 package derivations for i586-gnu...
> looking for 10,811 store items on https://guix.cbaines.net...
> updating substitutes from 'https://guix.cbaines.net'... 100.0%
> https://guix.cbaines.net
> 27.5% substitutes available (2,977 out of 10,811)
> 4,589.5 MiB of nars (compressed)
> 18,975.5 MiB on disk (uncompressed)
> 0.214 seconds per request (2,313.6 seconds in total)
> 4.7 requests per second
> (continuous integration information unavailable)
> 
> The Guix Build Coordinator does have a rudimentary feature to find
> "blocking" builds, and it reports these as the top derivations that are
> failing, and blocking the highest number of builds (in order from top to
> bottom), there are more failures than this, but this is just the top
> few.
> 
> /gnu/store/xrinbhmmsyyxbr755f4b9xiwi1x4lna8-util-linux-2.35.1.drv
> /gnu/store/sgs5vq0y49xhjpc3avi3zpvawzda2j55-tcl-8.6.10.drv
> /gnu/store/nzn4iq4pj65ll0k9c1hkmq83v6czxb3n-zstd-1.4.4.drv
> /gnu/store/cvcra95jcy42s9z99r9mkv6kiqkhr8s3-tcsh-6.22.02.drv
> /gnu/store/qpd0sa86slxz6gb8lzlsybsk8fcd8wzm-valgrind-3.16.1.drv
> /gnu/store/23pw46xhzvnghi6ycpcmj7jz01sz7vaz-apr-1.6.5.drv
> /gnu/store/cq1kpfb8f76rss3kcc5jkaqagcmrf832-ruby-2.6.5.drv
> /gnu/store/jrmm3v34rnsynh59fxjgpi6vkip3slx4-jemalloc-5.2.1.drv
> /gnu/store/lry6i5280aryvmr92jalb5drfd7bj912-libcap-2.31.drv
> /gnu/store/qbf27f3ymxli367nl82cq2z3xh71frm0-elfutils-0.182.drv
> /gnu/store/zfz9hglpn87hwwdf3n3izrrwksb35kl0-kmod-27.drv
> /gnu/store/0lgxyqiaxc5hxyfmkyzzfb2sa5ac9g93-alsa-lib-1.2.4.drv
> /gnu/store/s3zn4wzyi88vyj0cjd8vvpph1ldzg361-libxshmfence-1.3.drv
> /gnu/store/b5awhhqsvgf4c2mxanq2p06nmq1vsgf0-gsl-2.6.drv
> /gnu/store/zqbpy5668wmhpjx6pcdyj1vc6w5iz4n1-linux-pam-1.5.1.drv
> /gnu/store/h0h1yvq4crcbi9rf9cpn95hkdxaigb7h-openblas-0.3.9.drv
> /gnu/store/72b2k49d4kqmnrf0dbjf3bp78nj038d2-jemalloc-4.5.0.drv
> /gnu/store/gvnhx587vsh8l32gq0gfpr8czh2fvzqm-nspr-4.29.drv
> /gnu/store/qfcgw634621gjwswpcq0c8vi5y2rn435-libcap-2.45.drv
> /gnu/store/dzfhypl0vdil3d6kp0w0zcarijbr6shi-flac-1.3.3.drv
> /gnu/store/5cv7sbimd774j6zck18v0pazlh200fb6-libaio-0.3.112.drv
> /gnu/store/0n6fxczd0asf50daznzm4c8m2rw9yk1n-mrustc-0.9.drv
> /gnu/store/3x86mmnf8l2hj1rf74hm8ljbzihj7br0-mtdev-1.1.6.drv
> /gnu/store/l4c3jw3225nwd1q66snhxszgjqa8ir35-libtirpc-1.2.5.drv
> /gnu/store/gcf220qpz1pjk56qp6pxvi302mg7l185-cdparanoia-10.2.drv
> 
> You can find details about packages and builds from this Guix Data
> Service instance [2], the builds can be found on this page for example
> [3].
> 
> 2: https://data.guix-patches.cbaines.net
> 3:
> https://data.guix-patches.cbaines.net/revision/1462a11dbb3d2256c8693e56a583cfd100e27609/builds?build
> server=3=i586-gnu=none_results=50
> 
> The util-linux and tcl failures are both test related, and I believe
> building without the tests works. With this data, given a package which
> isn't build for the Hurd, say git as an example, it's possible to find
> out which relevant builds are failing [4].
> 
> 4:
> https://data.guix-patches.cbaines.net/build-server/3/build?build_server_build_id=4ebf32a7-5b1e-425f-
> 9e9-cd3933875da3
> 
> So, what are the next steps for Hurd stuff in Guix?
> 
> In terms of getting more packages building, and substitute availability,
> personally I think it would be useful to disable tests for packages for
> i586-gnu if that gets packages building. It's not ideal to not run the
> tests, but it's also difficult to investigate the failures and develop
> patches if you don't have substitutes for the software you need to do
> that (like Git for example).
> 
> More generally, I also know of a few important Hurd related issues:
> 
> guix gc support:
> https://issues.guix.gnu.org/42047
> 
> chroot for builds:
> https://issues.guix.gnu.org/43857
> 
> decisions around what's in the build environment:
> https://guix.gnu.org/en/blog/2020/childhurds-and-substitutes
> 
> I had a go at getting a childhurd with a swap partition, but didn't get
> that far:
> 
> https://issues.guix.gnu.org/46726
> 
> I have reliability issues with the childhurd VMs running Guix Build
> 

Re: I've rebased wip-ppc64le onto core-updates

[jbranso]

March 1, 2021 2:14 PM, "Tobias Platen"  wrote:


> In my recent talk about the guix port to POWER9,
> I also mentioned the libre-soc project.
> Unlike POWER9 and maybe POWER8, libre-soc and microwatt do not implement VSX.
> The libre-soc project instead has SVP64, and also plans to extend the POWER 
> ISA
> to support GPU like instructions. Since I work mostly on the libre-soc I will 
> have
> less time to contribute to the GUIx project.
> 
> The relevant bug report to GUIX is
> https://bugs.libre-soc.org/show_bug.cgi?id=602

This looks like an annoying bug.  I'll copy the relevant bit from the bug 
report below:

any OpenPOWER Compliant systems that choose not to implement the Optional 
SIMD 
as per the Linux Compliancy Subset in v3.0C such as Microwatt, A2O, A2I and 
LibreSOC 
are accidentally and unintentionally completely excluded from being able to 
run major
modern distros, and with ABI changes taking estimated 3 to 5 years to 
propagate, there 
are very few options. 

You won't be able to run GNU/Linux on the libreSOC?  That sounds annoying.

> 
> --
> Tobias Platen 

Re: Possible bug in configuration-system?

[jbranso]

I volunteer as tribute to send a patch to fix the manual!

January 26, 2021 11:31 AM, "Mikhail Tsykalov"  wrote:

> Hi Raghav,
> 
> Example in the manual is wrong, it should say 'targets' instead of 'target'.
> 
> Regards,
> Mikhail.
> 
> On 26.01.2021 20:35, Raghav Gururajan wrote:
> 
>> Hi Mikhail!
>> 
>> I just noticed the commit >
>> https://git.savannah.gnu.org/cgit/guix.git/commit/?id=a9a2fdaabcc78e7a54d9a6bcfa4ee3de308e9a90.
>> 
>> Do you have any clue regarding the following issue?
>> 
>>> As mentioned in this page of manual >>
>>> (http://guix.gnu.org/manual/en/html_node/Mapped-Devices.html), for >> 
>>> lvm-device-mapping, I did the
>>> following in my config.scm:
>>> 
>>> ```
>>> (mapped-devices
>>> (list
>>> (mapped-device
>>> (source
>>> (uuid "47bb32fe-da7f-4eb6-a11d-ae07a3a2e6f8"))
>>> (target "secondary")
>>> (type luks-device-mapping))
>>> (mapped-device
>>> (source "secondary")
>>> (target (list "secondary-root" "secondary-home"))
>>> (type lvm-device-mapping
>>> ```
>>> 
>>> When I did `guix system reconfigure`, I got the following error:
>>> 
>>> ```
>>> Backtrace:
>>> In ice-9/boot-9.scm:
>>> 1736:10 19 (with-exception-handler _ _ #:unwind? _ # _)
>>> 1731:15 18 (with-exception-handler #> ic…> …)
>>> In guix/scripts/system.scm:
>>> 1391:8 17 (_)
>>> In guix/status.scm:
>>> 780:4 16 (call-with-status-report _ _)
>>> In guix/scripts/system.scm:
>>> 1219:4 15 (_)
>>> In ice-9/boot-9.scm:
>>> 1736:10 14 (with-exception-handler _ _ #:unwind? _ # _)
>>> In guix/store.scm:
>>> 636:37 13 (thunk)
>>> 1305:8 12 (call-with-build-handler #> g…> …)
>>> 2062:24 11 (run-with-store # …)
>>> In guix/scripts/system.scm:
>>> 1243:15 10 (_ _)
>>> 813:9  9 (perform-action reconfigure #< >> kerne…> …)
>>> In gnu/system.scm:
>>> 1312:26  8 (operating-system-bootcfg #< >> kernel:…> …)
>>> 574:14  7 (operating-system-bootloader-crypto-devices #<)
>>> In unknown file:
>>> 6 (filter #> gnu/system.scm:551…> …)
>>> In gnu/system.scm:
>>> 552:26  5 (_ _)
>>> 528:17  4 (mapped-device-users #< source: >> "second…> …)
>>> In srfi/srfi-1.scm:
>>> 586:17  3 (map1 (("secondary-root" "secondary-home")))
>>> In unknown file:
>>> 2 (string-append "/dev/mapper/" ("secondary-root" "seco…"))
>>> In ice-9/boot-9.scm:
>>> 1669:16  1 (raise-exception _ #:continuable? _)
>>> 1669:16  0 (raise-exception _ #:continuable? _)
>>> 
>>> ice-9/boot-9.scm:1669:16: In procedure raise-exception:
>>> In procedure string-append: Wrong type (expecting string): >> 
>>> ("secondary-root" "secondary-home")
>>> ```
>>> 
>>> When I do the following in my config.scm, system reconfigure works fine:
>>> 
>>> ```
>>> (mapped-devices
>>> (list
>>> (mapped-device
>>> (source
>>> (uuid "47bb32fe-da7f-4eb6-a11d-ae07a3a2e6f8"))
>>> (target "secondary")
>>> (type luks-device-mapping))
>>> (mapped-device
>>> (source "secondary")
>>> (target "secondary-root")
>>> (type lvm-device-mapping
>>> ```
>>> 
>>> So seems like listing more than one target causes the error. Is this >> a 
>>> bug?
>> 
>> Regards,
>> RG.

Re: Removing/replacing “Guix in action” video from the home page?

[jbranso]

I'm ok with that.  I guess I'm not certain how to go about scripting this sort 
of thing.  :(

October 31, 2020 5:56 PM, "Ludovic Courtès"  wrote:

> Hi Joshua,
> 
> jbra...@dismail.de skribis:
> 
>> I've got a two minute video now. How's this one?
>> 
>> https://video.hardlimit.com/videos/watch/5d2cd193-4734-44c4-9455-1778e084a130
> 
> Thanks again for taking the time! I like this one better. It still has
> slightly annoying artifacts like --max-jobs > 1, starting from a
> non-empty profile, details like that.
> 
> But really, I think we should find a way to script that (including the
> typing) so we can record the actual output of the command, and have a
> reproducible way to redo it.
> 
> WDYT?
> 
> Thanks,
> Ludo’.

Re: Guix Front End (GUI) and making it more mainstream, popular in scientific community.

[jbranso]

Can you link us to any code?  Or is it a bit too premature?

October 29, 2020 2:38 PM, "Pierre Neidhardt"  wrote:

> Hi!
> 
> As part of the NLNet grant, I am planning on working on a (probably GTK
> based) GUI for Guix.
> 
> The bad news: I had to put the grant on the side for the better part of
> the year due to lack of time.
> 
> The good news: I recently got the opportunity to work on the internals
> of the GUI. Most of the work that remains to be done is to plug it to a
> GTK interface in Guile, possibly using guile-gi or g-golf.
> 
> Stay tuned, more is coming, hopefully soon :)
> 
> -- 
> Pierre Neidhardt
> https://ambrevar.xyz

Re: Guix Front End (GUI) and making it more mainstream, popular in scientific community.

[jbranso]

There is an Emacs interface in install Guix packages, but at present there is 
not a working GUI for installing packages with guix. :(

I think there may have been a web interface to install packages at some point? 
maybe?

For those interested in creating such a GUI, they might like to look at 
guile-gi, which will eventually let you build GUIs from guile code.

Thanks,

Joshua
https://gnucode.me

October 29, 2020 12:44 PM, "Aniket Patil" mailto:aniket112.pa...@gmail.com?to=%22Aniket%20Patil%22%20)>
 wrote:
Hi all,
I am a researcher in the field of AI. Many of the people in the field of AI are 
inclining towards GNU/Linux operating systems. Particularly I would say they 
use Ubuntu. In general, they can also use LinuxMint or any other GNU/Linux 
distro of their choice. What I noticed in these people (researchers) they tend 
to be more focused on mathematical aspects and scientific programming. If we 
build a GUI frontend then we can attract more people who don't identify 
themselves with CLI users. As such there are many people like writers, Graphic 
Designers, General users, etc. who don't bother about CLI, will love to see 
such a package manager. And considering the fact GUIX lets rollback to the 
previous version of the package it will be very helpful in the scientific 
community, to maintain and work with different versions of packages. 
For example, the LAMBDA ( consist of TensorFlow, PyTorch, Keras, NVIDIA Cuda, 
Ubuntu) stack is very popular in the field of AI. Now if a person with a fresh 
install of GNU/Linux wants to install the stack and work immediately, through 
GUI he can search for the recipe of LAMBDA and install it. Not only that if it 
doesn't exist, but they can also create and share their own recipe with other 
guix users or to the main server/repo. E.g Linus Torvalds shares the recipe of 
building a Linux kernel environment. User finds it, installs it, and start 
working on the development of the Linux kernel immediately. 
P.S: I don't know whether GUI for Guix exists or not, to my knowledge it 
doesn't. If I am mistaken please enlighten me on this topic. 
Regards, 
Aniket.

Re: Removing/replacing “Guix in action” video from the home page?

[jbranso]

I've got a two minute video now.  How's this one?

https://video.hardlimit.com/videos/watch/5d2cd193-4734-44c4-9455-1778e084a130

October 28, 2020 8:59 AM, "Tobias Geerinckx-Rice"  wrote:

> Joshua Branson 写道：
> 
>> So I've spent an hour today making a new video. It's about 10
>> minutes
>> long.
> 
> Thank you!
> 
>> I'll cut out some bits of it via video editors.
> 
> I can't recommend one myself but I've heard good things in general
> of Kdenlive & OpenShot. Both in Guix. Probably working.
> 
> Kind regards,
> 
> T G-R

Re: Using #true and #false everywhere?

[jbranso]

I use "f" for followup.  That works for me.  :)

October 16, 2020 6:08 PM, "Miguel Ángel Arruga Vivas"  
wrote:

> I didn't send this to the list... I must start using S L always instead
> of R and changing the headers manually, sorry. :o)
> 
> ---
> Hi Ludo,
> 
> Ludovic Courtès  writes:
> 
>> Hello Guix!
>> 
>> As discussed on IRC recently, several of us think that using “#true” and
>> “#false” instead of “#t” and “#f” throughout or documentation and code
>> would probably make it easier for newcomers to decipher that.
>> 
>> WDYT?
> 
> I think that it could help to the reader.
> 
>> This syntax is supported since Guile 2.0. ‘write’ still uses the
>> abbreviations, but the good thing is that it means we can change all of
>> gnu/packages without triggering a single rebuild.
> 
> This is even better. :)
> 
>> As for the manual, I’m afraid it’ll make every msgid that contains
>> @code{#t} stale. So maybe now’s not a good time to make this change?
> 
> It may be a big issue with a release in one week, but on the other hand
> the msgids would break just after releasing...
> 
> Maybe other translators have a say.
> 
> Happy hacking!
> Miguel

Re: Removing/replacing “Guix in action” video from the home page?

[jbranso]

I do share Luis' sentiments that perhaps the video should mention that the 
install commands may take some time to complete, but in the interest of brevity,
we can always cut those bits out of the video.

Do you know what that means!?  I get to learn video editing!  SILLY SALTY 
SALAMANDERS THAT'S AWESOME!  :)

Do ya'll have any video editors that you'd recommend?

October 16, 2020 11:27 AM, "Luis Felipe"  wrote:

> ‐‐‐ Original Message ‐‐‐
> On Friday, October 16, 2020 10:36 AM, zimoun  wrote:
> 
>> Hi,
>> 
>> On Fri, 16 Oct 2020 at 12:28, Ludovic Courtès l...@gnu.org wrote:
>> 
>>> https://video.hardlimit.com/videos/watch/c0dfb36a-a84b-4363-8b1b-17aeadd4aaaf
>> 
>> Thanks! I think 7 minutes is too long; IMO we should aim for ~1mn–1.5mn
>> at most as is currently the case. Also full screen, large enough fonts,
>> no “guix pull” warnings, ‘--max-jobs=1’ on the daemon side to reduce
>> verbosity. Slick and to-the-point! :-)
>> 
>> The video is really long mainly because each command takes literally
>> ages. Well the "XDG mine" step to be precise; maybe Joshua you have
>> something misconfigured.
> 
> If the slowness at the end can be avoided by configuring something, I'd like 
> to know, because that
> slowness is always the case in my experience. For example, installing the 
> program Joshua mentioned
> earlier, wf-recorder, which is quite small, took ~7 minutes in my computer 
> (Intel® Core™ i3-8100
> CPU @ 3.60GHz × 4, 4 GiB RAM, 1 TB HDD).
> 
> Also, in my case, it is common for guix commands to take long seconds to 
> display any feedback when
> called. Actually, the current video shows guix working at a speed I've never 
> experienced myself.
> 
> So I wonder if the video should include these inconveniences, which people 
> will find once they
> install the software. I wouldn't like the video or anything in the website to 
> feel like false,
> mainstream advertising.

Re: Removing/replacing “Guix in action” video from the home page?

[jbranso]

Ahh.  Thanks for reminding me!  I forgot about those "guix pull warnings".  
I have a local guix channel.  I can disable that for the video.  I will 
also add --max=jobs=1 to the daemon side for the video.

I do agree with you that the video is too long, because the XDG mime step 
takes some time to finish.  I wonder what I have mis-configured...I'm using 
Guix system on a Librebooted T400.  ext4.   

I can always remove the audio.  :)

I'll remake said video removing the guix pull errors, and maybe the commands
will not take so long to finish.

Thanks,

Joshua

October 16, 2020 6:36 AM, "zimoun"  wrote:

> Hi,
> 
> On Fri, 16 Oct 2020 at 12:28, Ludovic Courtès  wrote:
> 
>> https://video.hardlimit.com/videos/watch/c0dfb36a-a84b-4363-8b1b-17aeadd4aaaf
>> 
>> Thanks! I think 7 minutes is too long; IMO we should aim for ~1mn–1.5mn
>> at most as is currently the case. Also full screen, large enough fonts,
>> no “guix pull” warnings, ‘--max-jobs=1’ on the daemon side to reduce
>> verbosity. Slick and to-the-point! :-)
> 
> The video is really long mainly because each command takes literally
> ages. Well the "XDG mine" step to be precise; maybe Joshua you have
> something misconfigured.
> And from my point of view, something without voice seems better.
> 
> All the best,
> simon

Re: Installer script on Fedora doesn't work properly

[jbranso]

I'm guessing that the systemd service to start the guix daemon failed...

Is there a way that you can manually enable & start the systemd daemon that 
guix ships with?

June 29, 2020 6:05 PM, "Jan Wielkiewicz"  
wrote:

> Hello,
> 
> I'm trying to install Guix on Fedora using the install script, but
> something is not right.
> I ran the script as root, it installed everything properly, but running
> "guix pull" ends up with an error message: "guix pull: failed to connect
> to `/var/guix/daemon-socket/socket': No such file or directory".
> I tried rebooting a few times, running "systemctl enable guix-daemon",
> "systemctl start guix-daemon", but with the same result.
> Any idea what's wrong?
> I think the installer script should *just work at all times* - this is
> crucial to make Guix popular on other distros.
> My suggestion: if it's not already done, consider adding automated
> tests, checking whether the installer script works on major
> distributions (on a VM) and if Guix works there. This should be checked
> every release.
> 
> P.S. I'm going to resume my work on Jami soon, I've been busy with my
> exams lately :P
> 
> Jan Wielkiewicz

Re: Plan for a release!

[jbranso]

Well I re-installed guix again just now, so that I could test Xfce and MATE. 
(1) Since I knew that
gnome worked just fine, I decided not to include the gnome service in my 
config. I also decided not
to include the enlightenment environment.

tl;dr  Xfce worked fine, and MATE failed to launch any applications.

The first oddity, was GDM. It worked just smoothly, but the default drop down 
shows that by default
I am going to boot into Gnome. I don't even have the gnome service in the 
config. That's a bit odd.

Xfce worked just fine. It took about 15+ seconds for the desktop background to 
appear, but it
appears to be running smoothly. However, there does not appear to be a browser 
installed by
default. Clicking on the browser icon gives me a pop up message "Choose 
Preferred Application". The 
drop down does not list any programs. I manually installed icecat. Perhaps the 
manual should mention 
that we have not packaged firefox. Instead we have icecat. Also, I used to have 
problems with my mouse 
only moving up and down in guix when I use an apple laptop. This appears to be 
resolved. Nice work guys!

After Icecat was installed, clicking on the browser button allowed me to choose 
icecat as my default browser, and I was able to browse the internet just fine.  
I logged out of Xfce.

Mate started just fine.  I did get a pop-up message 

"Authenticate".

Authentication is needed to run mat-power-backlight-helper.  I put in my 
password, and the dialog went away.  I did not seem to be able to launch icecat 
with the Application menu.  The Icecat logo was in the applications menu, but a 
popup said "Could not launch GNU Icecat Web Browser".  The error message is 
"Failed to execute child process "gio-launch-deskop" (No such file or 
directory).  I also could not launch mate terminal for the same reason.  
Actually very few applications could launch.  I could get the file browser 
(thunar?) to open, but not much else.  Since MATE did not seem to work so well, 
I logged out.

Thanks,

Joshua

1. I wish I knew how I could have reconfigured my laptop instead of 
reinstalling everything. I
tried this.

chroot /mnt;
guix system reconfigure /mnt/etc/config.scm;

I got an error that said that guix could not access the build daemon inside the 
chroot. I wasn't
sure how to fix that.

Re: Plan for a release!

[jbranso]

Well I finally got around to doing some testing on my Macbook Pro circa 2008.  
I built the installer image just today with 

 guix system disk-image --file-system-type=iso9660 \
   gnu/system/install.scm


joshua@dobby ~$ guix describe
Generation 45   Mar 03 2020 23:16:24(current)
  jmacs 54f8408
repository URL: https://notabug.org/jbranso/guix-packages.git
branch: master
commit: 54f84080d7459e74cd33cf434c1077c082ce6508
  guix 4b759d3
repository URL: https://git.savannah.gnu.org/git/guix.git
branch: master
commit: 4b759d3c548270eba348521669bae15c9e5b72bc

In the past, I had to run open the grub command promt and run "configfile 
(hd0,msdos)/boot/grub/grub.cfg".  Guix's installer does now allow me to see the 
"EFI boot" option when I hold down the "option" key on start up.  That is an 
improvent.


I had to test the manual installation method.  The graphical installer does not 
work on my macbook.  It just flickers on and then off.  Shortly after grub 
boots into the installer, I briefly see a blue screen, then black, then blue, 
then black, etc.  I can switch to a virtual console and proceed with the 
installation that way.  Perhaps, we should try to start the graphical installer 
only 5 times.  If it fails, then just produce an error message and suggest the 
user switch to another virtual console and try the manual install.


Manual install worked.  I had a weird issue when I made the btrfs filesystems.  
"mkfs.btrfs -L my-root /dev/sd3" gave me an error like "failed to execute 
/gnu/store/eudev/santsnthsnthau32psu/lib/udev ID_BTRFS_READY=0", and it 
repeated on every boot.   The error message on each bot looked like:

udevd failed to execute /gnu/store/eudev/santsnthsnthau32psu/lib/udev 
ID_BTRFS_READY=0

I configured EFI boot with 1 btrfs partition.  I enabled gnome, mate, xfce, and 
enlightenment services.  The install took about an hour.  In the past, I 
configured a minimal install with no desktop services or window manager 
services.  I have found that trying to install a desktop service fails halfway 
through.  However, this time,  the install worked just fine.

GDM started just fine.  It even recognized my dvorak layout.  It did not in the 
past.  Progress.

I first tested Gnome.  Gnome took a long time to fully load.  I had a mouse 
that could move around for 5+ minutes with no background image before the 
"Welcome to Gnome" screen popped up.  I navigated through the default gnome 
setup easily.  No issues.  Gnome appeared to be working just fine.

Next I tried testing Enlightenment, which started just fine.  The Enlightenment 
welcome dialog started first.  I clicked through a few screen, but it appeared 
to get stuck picking default mouse bindings.  The dialog box said,  
"Enlightenment sets default mouse bindings for objects".  It hanged on that 
screen after I clicked "Alt" for 10+ minutes.  I did a hard reboot, which is 
what really screwed me.  I should have switched to a virtual console and tried 
to shut off that way.

Anyway, after hard rebooting, grub attempted to load my OS.  The grub screen 
went away, and the boot process showed a cursor, but no text.  I waited for 5 
minutes before hard rebooting.  I got the same issue.  So my Macbook Pro 
currently has no OS on it.  :(  But my ThinkPad T400 works just fine!

Thanks,

Joshua

P.S.  If anyone has any suggestions of where I can look for errors, please let 
me know.  I would be happy to try installing again.