watchdog triggered auto-rollback

[Nathan Dehnel]

>Would others find this useful?
I would 100% use this.

>Where in the stack would this be solved?
I think there's two places for rollbacks with two different purposes

GRUB: https://www.gnu.org/software/grub/manual/grub/html_node/fallback.html
GRUB supports falling back to another boot entry if the machine fails
to boot. This could be integrated with guix so GRUB falls back to a
previous guix system generation. This covers the case of "we can't
start a watchdog service because the system won't boot".

SSH watchdog: a shepherd service that tests SSH connectivity, and then
executes "guix system roll-back && reboot". SSH access is a rough
approximation for "the system is working", as kernel, init, and all
manner of networking services, DHCP, DNS, VPN, etc. must work for SSH
to work. And if SSH works then it provides a means for a user to fix
their system anyways.

A paper about Plan 9 and Guix

[Nathan Dehnel]

Wow, that's incredible.

>Port number themselves stem from TCP emerging from earlier protocols (see the 
>early RFCs 322, 349, 433 and those that obsolete them), and a clean design 
>would probably elect to eschew them, leveraging a \(2^{128}\) address space to 
>allow process-to-process communication, instead of the route-to-host, then 
>route-to-process dance we do know.
>
>The host to process frontier should be an implementation detail on the 
>receiving end, not baked so deeply in the stack.
>This barrier may even change from request to request as new hosts come up or 
>down depending on load.
>This already happens anyway with e.g. kubernetes, but we would have less cruft 
>if it was baked into the protocol.

That sounds like some of the problems RINA was trying to solve.
https://en.wikipedia.org/wiki/Recursive_Internetwork_Architecture

The `channels' field of `operating-system' record

[Nathan Dehnel]

I don't think you're supposed to edit /etc/guix/channels.scm directly,
I think it's generated by guix system reconfigure.
https://gitlab.com/nonguix/nonguix/-/issues/33
I have ~/.config/guix/channels.scm generated by putting
home-channels-service-type in my guix home config.

Re: [RFC]: Skipping rust crate tests by default

[Nathan Dehnel]

As a developer, the majority of the package build failures I encounter
are from failed tests, so I agree with this proposal.

I also like the idea of clients testing their own packages instead of
trusting the substitute server.

And if the new tests would catch more packaging bugs, that would be great too.

Tvix 💛 Guix

[Nathan Dehnel]

That sounds cool. Sounds like they want to unify the backend for Nix
and Guix. O_o

Re: more than 1,800 dependent packages: website out of date

[Nathan Dehnel]

Yeah but that doesn't open the nicely formatted browser version of the
manual

On Thu, Sep 28, 2023, 01:36 Ricardo Wurmus  wrote:

>
> Nathan Dehnel  writes:
>
> > I feel there should be a "guix manual" command that opens the latest
> > version of your local copy in a new tab of whatever your XDG web
> > browser is
>
> Across the wider GNU system the command for accessing manuals is “info”
> followed by the name of the manual, e.g. “info guix” or “info
> guix-cookbook”.
>
> --
> Ricardo
>

Re: more than 1,800 dependent packages: website out of date

[Nathan Dehnel]

I feel there should be a "guix manual" command that opens the latest
version of your local copy in a new tab of whatever your XDG web
browser is

Re: The e(macs)lephant in the room and the Guix Bang

[Nathan Dehnel]

Which packages are those? I' ve only seen scheme-lsp-server, which
isn't merged yet


On Wed, Sep 27, 2023 at 1:44 PM Christine Lemmer-Webber
 wrote:
>
> Nathan Dehnel  writes:
>
> > 
> >
> >> Hi, for some reason emacs has become the elephant in the room of the
> >> discussion on contributing to guix.
> >>
> >> Regardless of one's opinion of emacs, I just want to add that this is
> >> itself strange.  I have contributed some (package definition) patches
> >> to guix, all without using emacs.
> >>
> >> I am not an emacs user, so emacs is not necessary for contributing to guix.
> >> For what it's worth, the emacs-motif package in Guix was my addition.
> >> I don't use it myself.
> >
> > I don't use emacs either (because it's so impenetrable), so I just use
> > kate instead, which isn't a great environment for me either. It has
> > rainbow parens, but it doesn't balance them, which is a hassle. I keep
> > using it though due to lack of time to browse through alternatives. I
> > heard about guile-studio, but it doesn't appear to have a dark mode,
> > and I imagine trying to add one would require a bunch of emacs-style
> > screwing around with it.
> >
> > https://archive.fosdem.org/2022/schedule/event/lispforeveryone/
> > This is the only setup for coding in lisp that has actually looked
> > attractive to me. (Coding in wisp with colored blocks that transpiles
> > to s-expressions) Though I haven't had the time (and probably
> > expertise) to set it up for myself.
>
> Happy to see this talk get some attention.  It does advocate a variety
> of possible approaches, one of them Wisp (and the wisp-mode colored
> block stuff is pretty awesome).
>
> If you like that approach and want to not have to do the
> parenthesis-balancing as much yourself, there's an interesting overlap
> between Wisp and parinfer, which automatically infers the parentheses
> from whitespace but keeps them in the actual source.  I have personally
> never tried using parinfer for serious tasks though.  It still requires
> an editor set up for those features.
>
> Since Spritely is also using Guile heavily, we have also spent a lot of
> time talking about possible directions for helping non-emacs-users get
> going with our tooling.  Personally I think the biggest path to success
> is likely to be seeing Guile support (starting with parenthetical Guile)
> also be very strong in mainstream editors.  A lot has changed in the
> programming editor world recently: LSP looks like a very promising
> direction for this.  (Anyway, there's no decisionmaking yet in terms of
> what we're doing, it just has come up quite a bit.)
>
> Has anyone tried using an LSP-like environment and seeing if they can
> get something approximating the comfort that Guile and Geiser users in
> emacs have, I wonder?  I have seen there are a couple of guile LSP
> packages but I have not personally tried them.
>
>  - Christine

Re: The e(macs)lephant in the room and the Guix Bang

[Nathan Dehnel]

>I'm sorry if my tone was too harsh, I now realise this is still
triggering old pain.

>Why is it still OK to for people to keep spreading negative anecdotes
about Emacs, and problematic to refute them or counter them with
positive anecdotes?

It was a mistake to say that. I felt the reflexive need to justify why
I don't use emacs, or else people would just tell me to use it anyways
as a result of talking about not knowing of a decent (alternative)
lisp editor.

>It's been me believing exactly such lies that scared me away from
starting with Emacs for years, lost years in a way; something I deeply
regret: this has to stop.

I want to clarify that I'm not just repeating rumors and I actually
have tried to use emacs.

On Sat, Sep 23, 2023 at 5:00 AM Janneke Nieuwenhuizen  wrote:
>
> paul writes:
>
> Dear Paul,
>
> > On 9/23/23 09:37, Janneke Nieuwenhuizen wrote:
> >> Nathan Dehnel writes:
> >>
> >>> I don't use emacs either (because it's so impenetrable)
> >> Emacs might be somewhat different from what you know, but this is utter
> >> bollocks.
> >
> > Thank you for your opinion but it's just that: a subjective judgement
> > based on your own episodic experience.
>
> I'm sorry if my tone was too harsh, I now realise this is still
> triggering old pain.
>
> Why is it still OK to for people to keep spreading negative anecdotes
> about Emacs, and problematic to refute them or counter them with
> positive anecdotes?
>
> It's been me believing exactly such lies that scared me away from
> starting with Emacs for years, lost years in a way; something I deeply
> regret: this has to stop.
>
> Greetings,
> Janneke
>
> --
> Janneke Nieuwenhuizen   | GNU LilyPond https://LilyPond.org
> Freelance IT https://www.JoyOfSource.com | Avatar® https://AvatarAcademy.com

Re: The e(macs)lephant in the room and the Guix Bang

[Nathan Dehnel]

Oh, thank you, that's lovely.

On Sat, Sep 23, 2023 at 4:59 AM Ricardo Wurmus  wrote:
>
>
> Nathan Dehnel  writes:
>
> > heard about guile-studio, but it doesn't appear to have a dark mode,
> > and I imagine trying to add one would require a bunch of emacs-style
> > screwing around with it.
>
> M-x modus-themes-toggle RET
>
> i.e. hold Alt, press x, then type “modus-themes-toggle” and hit the
> return key.
>
> We can add a little toggle button to Guile Studio that does this.
>
> --
> Ricardo

Re: The e(macs)lephant in the room and the Guix Bang

[Nathan Dehnel]

>Hi, for some reason emacs has become the elephant in the room of the
discussion on contributing to guix.

>Regardless of one's opinion of emacs, I just want to add that this is
itself strange.  I have contributed some (package definition) patches
to guix, all without using emacs.

>I am not an emacs user, so emacs is not necessary for contributing to guix.
For what it's worth, the emacs-motif package in Guix was my addition.
I don't use it myself.

I don't use emacs either (because it's so impenetrable), so I just use
kate instead, which isn't a great environment for me either. It has
rainbow parens, but it doesn't balance them, which is a hassle. I keep
using it though due to lack of time to browse through alternatives. I
heard about guile-studio, but it doesn't appear to have a dark mode,
and I imagine trying to add one would require a bunch of emacs-style
screwing around with it.

https://archive.fosdem.org/2022/schedule/event/lispforeveryone/
This is the only setup for coding in lisp that has actually looked
attractive to me. (Coding in wisp with colored blocks that transpiles
to s-expressions) Though I haven't had the time (and probably
expertise) to set it up for myself.

Re: Guidelines for pre-trained ML model weight binaries

[Nathan Dehnel]

That was fascinating, thanks for sharing.

SSSD, Kerberized NFSv4 and Bacula

[Nathan Dehnel]

I once tried setting up kerberized nfsv4 and ended up falling down an
endless rabbit hole and eventually gave up. Instead, I encrypted nfs
using wireguard.
https://alexdelorenzo.dev/linux/2020/01/28/nfs-over-wireguard.html
Very impressive post though!

Relaxing the restrictions for store item names

[Nathan Dehnel]

What you could do is implement percent encoding:
https://en.wikipedia.org/wiki/Percent-encoding
-Allows you to store package titles in any language in an encoded form
-Allows the titles to be typed on latin keyboards
-Allows the packages to be accessed through URIs in the future without
causing problems

Re: Binary descriptors for OpenCV

[Nathan Dehnel]

>You can always check what kind of data the program gives to the neural
network as the program is free software. If the data is valid runtime
input it is also valid training data.

That's not necessarily true. Like an image generating program will be
trained on image + caption pairs, but running it involves giving it
just the captions. Thus, running the model doesn't inherently show you
how to retrain the model.

>You can't exactly *know* that any extra training doesn't break the model
but the same holds for editing the original training data.

You can know with more certainty that it doesn't break the model.

On Tue, Aug 1, 2023 at 11:46 PM Saku Laesvuori  wrote:
>
> > >If you know how to convert the blob to weights in the neural network
> > >(something the program has to do to make any use of the blob) and know
> > >the error function, you can continue the training with new data.
> >
> > Yeah, I get that, but you don't necessarily know what the weights
> > mean. Let's charitably assume you know the blob works on image data
> > (instead of audio data or whatever). Do you know if it needs to be
> > trained on images of a particular size, or color depth, or encoding,
> > or color format, etc.? And what about models for more complex data
> > than images like genetic data?
>
> You can always check what kind of data the program gives to the neural
> network as the program is free software. If the data is valid runtime
> input it is also valid training data.
>
> > How do you know you're not going to end up with a network that spews
> > out invalid garbage if you re-train it with things that are
> > incompatible with the original training dataset? And how do you know
> > that, beyond trial and error, unless you have the original dataset?
>
> You can't exactly *know* that any extra training doesn't break the model
> but the same holds for editing the original training data. It is only
> very likely that training with new data improves the model, but you
> can't know it before you try.
>
> In this specific case we also do have access to the training data. We
> just don't want to spend the computing resources on training the model
> from scratch.

Re: Binary descriptors for OpenCV

[Nathan Dehnel]

>If you know how to convert the blob to weights in the neural network
(something the program has to do to make any use of the blob) and know
the error function, you can continue the training with new data.

Yeah, I get that, but you don't necessarily know what the weights
mean. Let's charitably assume you know the blob works on image data
(instead of audio data or whatever). Do you know if it needs to be
trained on images of a particular size, or color depth, or encoding,
or color format, etc.? And what about models for more complex data
than images like genetic data? How do you know you're not going to end
up with a network that spews out invalid garbage if you re-train it
with things that are incompatible with the original training dataset?
And how do you know that, beyond trial and error, unless you have the
original dataset?

On Tue, Aug 1, 2023 at 3:37 PM Saku Laesvuori  wrote:
>
> > Is this even practically possible? How do you re-train a blob you know
> > nothing about? To me this sounds similar to saying a compiled binary
> > is free software if the license allows you to decompile it and
> > deobfuscate it.
>
> If you know how to convert the blob to weights in the neural network
> (something the program has to do to make any use of the blob) and know
> the error function, you can continue the training with new data.
>
> This is not any different from training the model from scratch. In both
> cases we begin with some set of initial weights for a huge polynomial,
> take a sample of our training data, compute the polynomial for it and
> tweak the weights a bit if the result was not what we wanted. The only
> difference is that when training from scratch we begin with very bad
> guesses for all the weights. When we are tuning the blob we begin with
> much better guesses that are closer to the values we would actually
> want.
>
> The difference to a compiled binary program is that you would want to
> edit it in the source code form. You really would not want to edit the
> neural network by editing the original training data and retraining the
> entire network from scratch. The data set probably contains thousands,
> tens of thousands or even more random pictures that you would have to go
> through and see if they represent the data and results you want. It
> would be much easier to test whether the network gives the correct
> results and train it with new data that you know describes your problem
> better.

Re: Binary descriptors for OpenCV

[Nathan Dehnel]

>No idea whether this is FSF's official stand but in a talk[0] Richard
Stallman said that the training data is not relevant as long as the
network can be tweaked by retraining, i.e. the weights are licesenced so
that modifications are allowed.

Is this even practically possible? How do you re-train a blob you know
nothing about? To me this sounds similar to saying a compiled binary
is free software if the license allows you to decompile it and
deobfuscate it.

Binary descriptors for OpenCV

[Nathan Dehnel]

Perhaps such greyzone objects that can't be fully regenerated should
be put in their own channel so users know where they are and it
doesn't become a mystery how many they have installed on their
systems.

Re: Guidelines for pre-trained ML model weight binaries (Was re: Where should we put machine learning model parameters?)

[Nathan Dehnel]

 a) Bit-identical re-train of ML models is similar to #2; other said
that bit-identical re-training of ML model weights does not protect
much against biased training.  The only protection against biased
training is by human expertise.

Yeah, I didn't mean to give the impression that I thought
bit-reproducibility was the silver bullet for AI backdoors with that
analogy. I guess my argument is this: if they release the training
info, either 1) it does not produce the bias/backdoor of the trained
model, so there's no problem, or 2) it does, in which case an expert
will be able to look at it and go "wait, that's not right", and will
raise an alarm, and it will go public. The expert does not need to be
affiliated with guix, but guix will eventually hear about it. Similar
to how a normal security vulnerability works.

 b) The resources (human, financial, hardware, etc.) for re-training is,
for most of the cases, not affordable.  Not because it would be
difficult or because the task is complex, this is covered by the
point a), no it is because the requirements in term of resources is
just to high.

Maybe distributed substitutes could change that equation?

On Tue, Apr 11, 2023 at 3:37 AM Simon Tournier  wrote:
>
> Hi Nathan,
>
> Maybe there is a misunderstanding. :-)
>
> The subject is “Guideline for pre-trained ML model weight binaries”.  My
> opinion on such guideline would to only consider the license of such
> data.  Other considerations appear to me hard to be conclusive.
>
>
> What I am trying to express is that:
>
>  1) Bit-identical rebuild is worth, for sure!, and it addresses a class
> of attacks (e.g., Trusting trust described in 1984 [1]).  Aside, I
> find this message by John Gilmore [2] very instructive about the
> history of bit-identical rebuilds. (Bit-identical rebuild had been
> considered by GNU in the early 90’s.)
>
>  2) Bit-identical rebuild is *not* the solution to all.  Obviously.
> Many attacks are bit-identical.  Consider the package
> ’python-pillow’, it builds bit-identically.  But before c16add7fd9,
> it was subject to CVE-2022-45199.  Only an human expertise to
> produce the patch [3] protects against the attack.
>
> Considering this, I am claiming that:
>
>  a) Bit-identical re-train of ML models is similar to #2; other said
> that bit-identical re-training of ML model weights does not protect
> much against biased training.  The only protection against biased
> training is by human expertise.
>
> Note that if the re-train is not bit-identical, what would be the
> conclusion about the trust?  It falls under the cases of non
> bit-identical rebuild of packages as Julia or even Guile itself.
>
>  b) The resources (human, financial, hardware, etc.) for re-training is,
> for most of the cases, not affordable.  Not because it would be
> difficult or because the task is complex, this is covered by the
> point a), no it is because the requirements in term of resources is
> just to high.
>
> Consider that, for some cases where we do not have the resources, we
> already do not debootstrap.  See GHC compiler (*) or Genomic
> references.  And I am not saying it is impossible or we should not
> try, instead, I am saying we have to be pragmatic for some cases.
>
>
> Therefore, my opinion is that pre-trained ML model weight binaries
> should be included as any other data and the lack of debootstrapping is
> not an issue for inclusion in this particular cases.
>
> The question for inclusion about this pre-trained ML model binary
> weights is the license.
>
> Last, from my point of view, the tangential question is the size of such
> pre-trained ML model binary weights.  I do not know if they fit the
> store.
>
> Well, that’s my opinion on this “Guidelines for pre-trained ML model
> weight binaries”. :-)
>
>
>
> (*) And Ricardo is training hard! See [4] and part 2 is yet published,
> IIRC.
>
> 1: 
> https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdf
> 2: 
> https://lists.reproducible-builds.org/pipermail/rb-general/2017-January/000309.html
> 3: 
> https://git.savannah.gnu.org/cgit/guix.git/tree/gnu/packages/patches/python-pillow-CVE-2022-45199.patch
> 4: https://elephly.net/posts/2017-01-09-bootstrapping-haskell-part-1.html
>
> Cheers,
> simon

Re: Guidelines for pre-trained ML model weight binaries (Was re: Where should we put machine learning model parameters?)

[Nathan Dehnel]

>From my point of view, the tackle of such biased weights is not via
re-learning because how to draw the line between biased weights,
mistakes on their side, mistakes on our side, etc. and it requires a
high level of expertise to complete a full re-learning.
This strikes me as similar to being in the 80s, when Stallman was
writing the GPL, years before Nix was invented, and saying "the
solution to backdoors in executables is not access to source code due
to the difficulty of compiling from scratch for the average user and
due to the difficulty of making bit-reproducible binaries." Like, bit
reproducibility WAS possible, it was just difficult, so practically
speaking users had to use distro binaries they couldn't fully trust.
So some of the benefits of the source code being available were rather
theoretical for a while. So this argument strikes me as pre-emptively
compromising one's principles based on the presumption that a new
technology will never come along that allows one to practically
exploit the benefits of said principles.

>Instead, it
should come from the ML community that should standardize formal methods
for verifying that the training had not been biased, IMHO.
What "formal methods" for that are known? As per the article, the
hiding of the backdoor in the "whitebox" scenario is cryptographically
secure in the specific case, with that same possibility open for the
general case.

On Fri, Apr 7, 2023 at 5:53 AM Simon Tournier  wrote:
>
> Hi,
>
> On ven., 07 avril 2023 at 00:50, Nathan Dehnel  wrote:
>
> > I am uncomfortable with including ML models without their training
> > data available. It is possible to hide backdoors in them.
> > https://www.quantamagazine.org/cryptographers-show-how-to-hide-invisible-backdoors-in-ai-20230302/
>
> Thanks for pointing this article!  And some non-mathematical part of the
> original article [1] are also worth to give a look. :-)
>
> First please note that we are somehow in the case “The Open Box”, IMHO:
>
> But what if a company knows exactly what kind of model it wants,
> and simply lacks the computational resources to train it? Such a
> company would specify what network architecture and training
> procedure to use, and it would examine the trained model
> closely.
>
> And yeah there is nothing new ;-) when one says that the result could be
> biased by the person that produced the data.  Yeah, we have to trust the
> trainer as we are trusting the people who generated “biased” (*) genomic
> references.
>
> Well, it is very interesting – and scary – to see how to theoretically
> exploit “misclassify adversarial examples“ as described e.g. by [2].
>
> This raises questions about “Verifiable Delegation of Learning”.
>
> From my point of view, the tackle of such biased weights is not via
> re-learning because how to draw the line between biased weights,
> mistakes on their side, mistakes on our side, etc. and it requires a
> high level of expertise to complete a full re-learning.  Instead, it
> should come from the ML community that should standardize formal methods
> for verifying that the training had not been biased, IMHO.
>
> 2: https://arxiv.org/abs/1412.6572
>
> (*) biased genomic references, for one example among many others:
>
> Relatedly, reports have persisted of major artifacts that arise
> when identifying variants relative to GRCh38, such as an
> apparent imbalance between insertions and deletions (indels)
> arising from systematic mis-assemblies in GRCh38
> [15–17]. Overall, these errors and omissions in GRCh38 introduce
> biases in genomic analyses, particularly in centromeres,
> satellites, and other complex regions.
>
> https://doi.org/10.1101/2021.07.12.452063
>
>
> Cheers,
> simon

Guidelines for pre-trained ML model weight binaries (Was re: Where should we put machine learning model parameters?)

[Nathan Dehnel]

I am uncomfortable with including ML models without their training
data available. It is possible to hide backdoors in them.
https://www.quantamagazine.org/cryptographers-show-how-to-hide-invisible-backdoors-in-ai-20230302/

Re: Can zig-build-system be an alternative to the gnu-build-system?

[Nathan Dehnel]

Would this Guixy build system store build artifacts in /gnu/store?
This could allow, for example, reproducible incremental builds.

IDEA: Give Our Generations a Name

[Nathan Dehnel]

I like it.

GMP GCC C++ Hurd cross-build failure on core-updates

[Nathan Dehnel]

You could try seeing what they're doing here to cross-build
https://github.com/flavioc/cross-hurd
It worked last time I ran it (which was admittedly a while ago)

Re: Status of hibernation (suspend to disk) in Guix

[Nathan Dehnel]

> 2. Does hibernation work in case of a swap-file inside a
 root-partition inside a luks-encrypted device?

Just posting to confirm that this does work (with BTRFS as well;
single drive only, not RAID).

Fwd: git guix checkout automation for contributors

[Nathan Dehnel]

-- Forwarded message -
From: Nathan Dehnel 
Date: Mon, Sep 26, 2022 at 3:52 AM
Subject: git guix checkout automation for contributors
To: 


It would be cool if you provided "guix edit " with the path
to an empty directory and it automatically created a local channel in
that directory and copied the package to it and then opened that up in
your editor. (Maybe channels.scm could specify the location for your
default "guix edit" channel so you don't have to specify it every
time.)

Idea: Function composition to declare operating-system

[Nathan Dehnel]

Very cool!

nix installed with guix on a foreign distro

[Nathan Dehnel]

I just installed the nix package provided by the host distro (not
guix). Seems to work fine.

Re: Rust in the kernel

[Nathan Dehnel]

>BTW, what's the
status of Viengoos?

The author put it on indefinite hiatus and no one else has the
expertise (and/or interest) to continue to work on it.

Re: Rust in the kernel

[Nathan Dehnel]

>GNU Mach, which is what the Hurd runs on.  Is slower that Linux.
There was an attempt to port the Hurd to L4 before.  It is
deemed not possible by the current hurd developers.

This was done with an older L4 (Pistachio, I think) that lacked
capabilities in the kernel. Doing it with SEL4 has not been thoroughly
investigated.

Wiki && Re: [feature request] merge sxml->html from (haunt html) into guile?

[Nathan Dehnel]

>I have some free time for the next month, and should be able to knock out a 
>basic wiki system in this time (I found what looks like a nice book about 
>wikis that I could read and use as a guide for implementing it).

Sounds interesting, what's the name of the book?

Re: Hardened toolchain

[Nathan Dehnel]

>People shouldn't have to take extra steps and burn extra CPU cycles for
security. If I have to recompile everything to harden my system, I
likely won't bother.
>Pretty much everyone benefits from hardening, but not everyone has the
resources and know how to do it manually. Just choosing what to harden
is already not a trivial question.

Then have hardened be the default and have --hardened=off be the
package transform option?

The Shepherd on Fibers

[Nathan Dehnel]

Hooray!

respawn? #t doesn't do anything?

[Nathan Dehnel]

Guix's wireguard service is flawed because it will try to start before
DNS is ready, causing it to fail. I tried to fix this by adding
respawn? #t to the service to make it restart until it succeeds.

https://guix.gnu.org/manual/en/html_node/Shepherd-Services.html#Shepherd-Services

;;definition
(define (wg-quick-shepherd-service config)
  (match-record config 
(wg-quick interface)
(let ((wg-quick (file-append wg-quick "/bin/wg-quick"))
  (config (wg-quick-configuration-file config)))
  (list (shepherd-service
 (requirement '(networking))
 (provision (list
 (symbol-append 'wg-quick-
(string->symbol interface
 (start #~(lambda _
   (invoke #$wg-quick "up" #$config)))
 (stop #~(lambda _
   (invoke #$wg-quick "down" #$config)))
 (documentation "Run the Wireguard VPN tunnel")
 (respawn? #t))

;;config
(service wg-quick-service-type
 (wg-quick-configuration
  (interface "test")
  (addresses '("10.9.0.3/24"))
  (private-key "")
  ;;(dns '("10.9.0.1"))
  (peers
   (list
(wg-quick-peer
 (name "")
 (endpoint "")
 (public-key "")
 (allowed-ips '("10.0.0.0/24")))


When booted, the service fails, and does not respawn, even though it
says it is configured to respawn. Why is it not respawning?

[#] ip link add test type wireguard
[#] wg setconf test /dev/fd/63
Name or service not known: `:51820'
Configuration parsing error
[#] ip link delete dev test
failed to start service 'wg-quick-test'


This is the GNU system.  Welcome.
guixtest login: root
This is the GNU operating system, welcome!

root@guixtest ~# herd status wg-quick-test
Status of wg-quick-test:
  It is stopped.
  It is enabled.
  Provides (wg-quick-test).
  Requires (networking).
  Conflicts with ().
  Will be respawned.
root@guixtest ~# herd status
Started:
 + console-font-tty1
 + console-font-tty2
 + console-font-tty3
 + console-font-tty4
 + console-font-tty5
 + console-font-tty6
 + file-system-/dev/pts
 + file-system-/dev/shm
 + file-system-/sys/firmware/efi/efivars
 + file-system-/sys/kernel/debug
 + file-systems
 + guix-daemon
 + loopback
 + mcron
 + networking
 + nscd
 + ntpd
 + root
 + root-file-system
 + ssh-daemon
 + syslogd
 + term-console
 + term-tty1
 + term-tty2
 + term-tty3
 + term-tty4
 + term-tty5
 + term-tty6
 + udev
 + urandom-seed
 + user-file-systems
 + user-processes
 + virtual-terminal
Stopped:
 - wg-quick-test
One-shot:
 * host-name
 * sysctl
 * user-homes

Upstreaming my Android channel

[Nathan Dehnel]

Exciting!

[RFC PATCH] doc: Add Writing Service Configuration section.

[Nathan Dehnel]

Thank you, I really needed this.

p2p distributed substitutes; Swarm

[Nathan Dehnel]

I'm not involved, but this guy submitted a patch series you might find
interesting:
https://lists.gnu.org/archive/html/guix-patches/2021-12/msg00770.html

Re: How to test modified shepherd services

[Nathan Dehnel]

Thanks, that worked.

On Mon, Dec 20, 2021 at 4:00 AM Attila Lendvai  wrote:
>
> i have just finished my first Guix service. for now it's a PR for that other 
> channel, so i'll copy-paste some stuff from it:
>
> Run with something like this:
>
> $(guix system --no-graphic vm path/to/swarm.scm) -m 2048
>
> $(./pre-inst-env guix system --no-graphic vm /path/to/swarm.scm) -m 2048
>
> this will build and boot an operating-system object in a Qemu VM, in the same 
> terminal.
>
> the file should return a simple-operating-system object, optionally wrapped 
> into a marionette-operating-system if you also want to write/run automated 
> tests.
>
> i'll send you the link to the actual code in a private email.
>
> - attila
> PGP: 5D5F 45C7 DFCD 0A39
>

How to test modified shepherd services

[Nathan Dehnel]

I modified a shepherd service to accept a new field from config.scm
and I was wondering how to test that it works correctly. Do I need to
make a VM from my modified guix repo with pre-inst-env?

Re: gnu-build-system not handling pkg-config properly in package definition

[Nathan Dehnel]

>However, if you need/want a working Guix bcache-tools package
ASAP, I have to admit I've been sitting on the attached patch for
so long I that forgot it wasn't upstream yet.
Thanks, I will try it out.

>Sounds useful.  What does this patch do?  Is it related to Guix
(perhaps our blkid)?
I don't actually know. It was taken from gentoo. I was trying to see
if it would fix the build error.
https://gitweb.gentoo.org/repo/gentoo.git/tree/sys-fs/bcache-tools/files/1.0.8_p20140220
https://gitweb.gentoo.org/repo/gentoo.git/tree/sys-fs/bcache-tools/files/1.1


On Thu, Dec 24, 2020 at 8:19 AM Tobias Geerinckx-Rice  wrote:
>
> Nathan,
>
> Nathan Dehnel 写道：
> > (define-public bcache-tools
>
> So... if you want to learn how to write and submit packages to
> Guix -- please do!  And don't let me distract you.  Your patch
> looks good, if incomplete :-)
>
> However, if you need/want a working Guix bcache-tools package
> ASAP, I have to admit I've been sitting on the attached patch for
> so long I that forgot it wasn't upstream yet.
>
> > (patches (search-patches "bcache-tools-noprobe.patch"))
>
> Sounds useful.  What does this patch do?  Is it related to Guix
> (perhaps our blkid)?
>
> > (synopsis "These are the userspace tools required for
> > bcache.")
> >(description "Bcache patches for the Linux kernel allow one
> >to use
> >SSDs to cache other block devices. It's analogous to L2Arc for
> >ZFS,
> >but Bcache also does writeback caching (besides just write
> >through
> >caching), and it's filesystem agnostic. ")
>
> I think The GNU Way is ‘user space’, ‘file system’, ‘write-back’
> etc.  Be sure to double-space prose sentences; ‘guix lint
> bcache-tools’ will warn you about this and other possible surface
> issues.
>
> This description sounds out of date (it's been upstream since the
> 3.x days) and the ZFS comparison is presumably meaningful only to
> a small minority of ZSF-on-Linux-Libre users.  IMO try to describe
> packages in first-class terms so users don't get sent on a rabbit
> chase.
>
> Feel free to snarf my description but don't feel obligated either.
>
> Kind regards,
>
> T G-R
>

gnu-build-system not handling pkg-config properly in package definition

[Nathan Dehnel]

https://www.mail-archive.com/bug-guix@gnu.org/msg00180.html
According to this,  if you use gnu-build-system, all packages added to
inputs get added to PKG_CONFIG_PATH, but for some reason it's not
happening for util-linux, which causes a build error. During the build
PKG_CONFIG_PATH ends up not containing any of the util-linux packages.
Does anyone know how to fix this? Package below:

(define-module (gooby-channel packages bcache-tools)
  #:use-module (guix licenses)
  #:use-module (guix packages)
  #:use-module (gnu packages)
  #:use-module (guix build-system gnu)
  #:use-module (guix git-download)
  #:use-module (gnu packages linux)
  #:use-module (gnu packages pkg-config))

(define-public bcache-tools
  (package
(name "bcache-tools")
(version "1.1")
(source
 (origin
   (method git-fetch)
   (uri
(git-reference
 (url (string-append
"https://git.kernel.org/pub/scm/linux/kernel/git/colyli/"; name
".git"))
 (commit (string-append name "-" version
   (file-name (git-file-name name version))
   (sha256
(base32
 "1vfqm3asx7h1sjwyq45dki4wk7lkipqrx2pw2hnqm4xir85qf67h"))
   (patches (search-patches "bcache-tools-noprobe.patch"
(build-system gnu-build-system)
(arguments
 `(;;#:tests? #f  ; no "check" target
   #:make-flags
 (list (string-append "PREFIX=" (assoc-ref %outputs "out")))
   #:phases
 (modify-phases %standard-phases
  (delete 'configure
(inputs
 `(("util-linux" ,util-linux)))
(native-inputs
 `(("pkg-config" ,pkg-config)))
(home-page "https://bcache.evilpiepirate.org/";)
(synopsis "These are the userspace tools required for bcache.")
(description "Bcache patches for the Linux kernel allow one to use
SSDs to cache other block devices. It's analogous to L2Arc for ZFS,
but Bcache also does writeback caching (besides just write through
caching), and it's filesystem agnostic. ")
(license gpl2)))

Issues with packaged programs

[Nathan Dehnel]

I have packaged "cadence" and its dependencies. There are a couple
issues with it, though.

-the ladish gui doesn't build because it can't find boost
-cadence builds, but errors with "python not found" when run

I was wondering if someone more knowledgeable could help figure it
out. It's attached below, and also hosted here:
https://github.com/Gooberpatrol66/gooby-channel

(define-module (cadence)
  #:use-module (guix licenses)
  #:use-module (guix packages)
  #:use-module (gnu packages)
  #:use-module (guix build-system gnu)
  #:use-module (guix build-system meson)
  #:use-module (guix build-system waf)
  #:use-module (guix git-download)
  #:use-module (guix download)
  #:use-module (gnu packages audio)
  #:use-module (gnu packages qt)
  #:use-module (gnu packages python-xyz)
  #:use-module (gnu packages pulseaudio)
  #:use-module (gnu packages linux)
  #:use-module (gnu packages glib)
  #:use-module (gnu packages xml)
  #:use-module (gnu packages python)
  #:use-module (gnu packages gtk)
  #:use-module (gnu packages pkg-config)
  #:use-module (gnu packages base)
  #:use-module (gnu packages gettext)
  #:use-module (gnu packages graphviz)
  #:use-module (gnu packages gnome)
  #:use-module (gnu packages boost)
  #:use-module (gnu packages guile)
  #:use-module (gnu packages perl))

(define-public cadence
  (package
(name "cadence")
(version "0.9.1")
(source
 (origin
   (method git-fetch)
   (uri
(git-reference
 (url "https://github.com/falkTX/Cadence.git";)
 (commit (string-append "v" version
   (file-name (git-file-name name version))
   (sha256
(base32
 "07z8grnnpkd0nf3y3r6qjlk1jlzrbhdrp9mnhrhhmws54p1bhl20"
(build-system gnu-build-system)
(arguments
 `(#:tests? #f  ; no "check" target
   #:make-flags
 (list (string-append "PREFIX=" (assoc-ref %outputs "out")))
   #:phases
 (modify-phases %standard-phases
  (add-before 'build 'fix-xdg-path
   (lambda _
(substitute* "Makefile"
 (("/etc/") (string-append (assoc-ref %outputs "out") "/etc/")
  (add-after 'install 'wrap-executables
   (lambda* (#:key outputs #:allow-other-keys)
 (let ((out (assoc-ref outputs "out")))
   (wrap-script (string-append out "/bin/cadence")
`("PYTHONPATH" ":" prefix (,(getenv "PYTHONPATH"
   #t)))
  (delete 'configure
(inputs
 `(("jack2" ,jack-2)
   ("a2jmidid" ,a2jmidid)
   ("jack_capture" ,jack_capture)
   ("pulseaudio" ,pulseaudio)
   ("python" ,python)
   ("ladish" ,ladish)
   ("python-pyqt" ,python-pyqt)
   ("python-wrapper" ,python-wrapper)
   ("python-dbus" ,python-dbus)
   ("qtbase" ,qtbase)
   ;; For WRAP-SCRIPT above.
   ("guile" ,guile-2.2)))
(native-inputs
 `(("pkg-config" ,pkg-config)))
(home-page "https://kx.studio/Applications:Cadence";)
(synopsis "Collection of tools useful for audio production")
(description "Includes Cadence, Cadence-JackMeter,
Cadence-JackSettings, Cadence-Logs, Cadence-Render, Cadence-XY
Controller, Catarina, Catia, Claudia, Claudia-Launcher")
(license gpl2)))

(define-public a2jmidid
  (package
(name "a2jmidid")
(version "9")
(source
 (origin
   (method git-fetch)
   (uri
(git-reference
 (url "https://github.com/linuxaudio/a2jmidid.git";)
 (commit version)))
   (file-name (git-file-name name version))
   (sha256
(base32
 "1x6rcl3f4nklnx4p5jln9a7fpj9y7agjxs9rw7cccmwnski7pnsq"
(build-system meson-build-system)
(inputs
 `(("alsa-lib" ,alsa-lib)
   ("jack2" ,jack-2)
   ("dbus" ,dbus)))
(native-inputs
 `(("pkg-config" ,pkg-config)))
(home-page "https://github.com/linuxaudio/a2jmidid";)
(synopsis "ALSA sequencer to JACK MIDI bridging (for jack2)")
(description "This project aims to ease the usage of legacy, non
JACK enabled applications, in a JACK MIDI enabled system, when using
jack2.")
(license gpl2)))

(define-public jack_capture
  (package
(name "jack_capture")
(version "0.9.73")
(source
 (origin
   (method git-fetch)
   (uri
(git-reference
 (url "https://github.com/kmatheussen/jack_capture.git";)
 (commit version)))
   (file-name (git-file-name name version))
   (sha256
(base32
 "0jcqky96q8xgya6wqv1p8pj9fkf2wh7ynl67ah7x5bn3basgfclf"
(build-system gnu-build-system)
(arguments
 `(#:tests? #f  ; no "check" target
   #:make-flags
(list (string-append "PREFIX=" (assoc-ref %outputs "out")))
   #:phases
(modify-phases %standard-phases
 (delete 'configure
(inputs
 `(("libsndfile" ,libsndfile)
   ("jack2" ,jack-2)))
(native-inputs
 `(("pkg-config" ,pkg-config)
   ("which" ,which

Is there a reason why guix-devel isn't listed here?

[Nathan Dehnel]

https://savannah.gnu.org/mail/?group=guix