Re: Unresolable collision between ocaml packages

[Julien Lepiller]

Le 5 juin 2019 22:21:37 GMT+02:00, Brett Gilio  a écrit :
>Hi all,
>
>I like to make meta-packages that I can pass to `guix environment
>--ad-hoc` for development. I have the following meta package for ocaml
>
>(define-public meta-ocaml
>  (package
>   (inherit %meta-base)
>   (name "meta-ocaml")
>   (propagated-inputs
>`(("meta-emacs" ,meta-emacs)
>  ("darcs" ,darcs)
>  ("dune" ,dune)
>  ("emacs-tuareg" ,emacs-tuareg)
>  ("gcc-toolchain" ,gcc-toolchain)
>  ("m4" ,m4)
>  ("make" ,gnu-make)
>  ("mercurial" ,mercurial)
>  ("ocaml" ,ocaml)
>  ("ocaml-base" ,ocaml-base)
>  ("ocaml-core" ,ocaml-core)
>  ("ocaml-ctypes" ,ocaml-ctypes)
>  ("ocaml-findlib" ,ocaml-findlib)
>  ("ocaml-merlin" ,ocaml-merlin)
>  ("ocaml-ounit" ,ocaml-ounit)
>  ("oocaml-parsexp"
>   ,ocaml-parsexp)
>  ("ocaml-utop" ,ocaml-utop)
>  ("opam" ,opam)
>  ("rsync" ,rsync)
>
>
>When trying to use that in an environment, I am getting the following
>backtrace claiming there is a collision that I assume is not getting
>resolved in its usual fashion.
>
>Backtrace:
>   6 (primitive-load "/gnu/store/k45l4ph58xakp3f52kmridr9wyc…")
>In guix/build/profiles.scm:
>   157:2  5 (build-profile "/gnu/store/c2khaalrpy7cdyr8k4lawgqnbzs…" …)
>In unknown file:
>  4 (hash-for-each # …)
>  3 (hash-for-each # …)
>  2 (hash-for-each # …)
>  1 (hash-for-each # …)
>  0 (scm-error misc-error #f "~A ~S" ("union-build: col…" …) …)
>
>ERROR: In procedure scm-error:
>union-build: collision between file and directories ((files
>("/gnu/store/h1w5b2l1wny94cnfqm46w12nm3w8wz2k-ocaml-num-1.1/lib/ocaml/site-lib/stublibs"))
>(dirs
>("/gnu/store/93lp6k3d58dfc8gvx9zd70szapsb5kv6-ocaml-base-0.11.1/lib/ocaml/site-lib/stublibs"
>"/gnu/store/7vrg8apsnl6hg9vsszpgcq4ymvz9whap-ocaml-core-0.11.3/lib/ocaml/site-lib/stublibs"
>"/gnu/store/iz6wzz9sm4qnal2wlqi66blm8mb35zxv-ocaml-core-kernel-0.11.1/lib/ocaml/site-lib/stublibs"
>"/gnu/store/zrpcrfrmyanhqpvhxkclpgiq2sp7k1ip-ocaml-bin-prot-0.11.0/lib/ocaml/site-lib/stublibs"
>"/gnu/store/n70q0ypcv74vpwdd0354rjxi7mv9y1rf-ocaml-ppx-inline-test-0.12.0/lib/ocaml/site-lib/stublibs"
>"/gnu/store/q42ayh04wy70pl2xdm2yp2i0s8yh5g7b-ocaml-ppx-expect-0.12.0/lib/ocaml/site-lib/stublibs"
>"/gnu/store/cwijnaplps7zbby3xq21spjk4fgxpd35-ocaml-spawn-0.13.0/lib/ocaml/site-lib/stublibs"
>"/gnu/store/09b6pfbw3n1j2qqni822wjjixh48qwfp-ocaml-lambda-term-1.13/lib/ocaml/site-lib/stublibs"
>"/gnu/store/zlibrm9b6pa8hgwmjigzwm2cq3kb4y1r-ocaml-lwt-4.1.0/lib/ocaml/site-lib/stublibs"
>"/gnu/store/qzkydyr8rrbpfk2lfjynnhgdbavf4kh0-ocaml-ssl-0.5.7/lib/ocaml/site-lib/stublibs"
>"/gnu/store/sqkcaap13wgbjdqnjia8hi12rf2p5qf1-ocaml-dose3-5.0.1/lib/ocaml/site-lib/stublibs"
>"/gnu/store/wnl6maf9s6ksvszyy9q2bz0psiy1h15j-ocaml-mccs-1.1+9/lib/ocaml/site-lib/stublibs")))
>
>
>If formatting is bad in this email, here are plaintext pastes.
>
>meta-packages.scm : http://ix.io/1L1A
>
>backtrace : http://ix.io/1L1B

Looks like ocaml-num's stubslib is a file, but it should be a directory. I'll 
investigate, thanks for reporting this!

Re: Version of package fontforge

[ison]

Assuming it would be ok to just set the date to the package version date, which
sounds reproducible to me, then using the date produced by:
date -u -d "20190317" +'%s'
gives: 1552780800

I did a quick test to set the configure-flags with this value:

  (arguments
(append (package-arguments fontforge)
'(#:configure-flags (list "SOURCE_DATE_EPOCH=1552780800"

And with that, if I run fontforge --version I get:

  Copyright (c) 2000-2018 by George Williams. See AUTHORS for Contributors.
   License GPLv3+: GNU GPL version 3 or later 
   with many parts BSD . Please read LICENSE.
   Based on sources from 00:00 UTC 17-Mar-2019-ML-D.
   Based on source from git with hash: 
  fontforge 00:00 UTC 17-Mar-2019
  libfontforge 20190317

Which looks like the desired output.
However, the best solution would probably be to programmatically obtain
1552780800. I'm not sure what the best way would be to do that. I'm looking at
some of the available date commands inside SRFI-19 and I don't see anything for
converting a string like "20190317" to seconds.

Unresolable collision between ocaml packages

[Brett Gilio]

Hi all,

I like to make meta-packages that I can pass to `guix environment
--ad-hoc` for development. I have the following meta package for ocaml

(define-public meta-ocaml
  (package
   (inherit %meta-base)
   (name "meta-ocaml")
   (propagated-inputs
`(("meta-emacs" ,meta-emacs)
  ("darcs" ,darcs)
  ("dune" ,dune)
  ("emacs-tuareg" ,emacs-tuareg)
  ("gcc-toolchain" ,gcc-toolchain)
  ("m4" ,m4)
  ("make" ,gnu-make)
  ("mercurial" ,mercurial)
  ("ocaml" ,ocaml)
  ("ocaml-base" ,ocaml-base)
  ("ocaml-core" ,ocaml-core)
  ("ocaml-ctypes" ,ocaml-ctypes)
  ("ocaml-findlib" ,ocaml-findlib)
  ("ocaml-merlin" ,ocaml-merlin)
  ("ocaml-ounit" ,ocaml-ounit)
  ("oocaml-parsexp"
   ,ocaml-parsexp)
  ("ocaml-utop" ,ocaml-utop)
  ("opam" ,opam)
  ("rsync" ,rsync)


When trying to use that in an environment, I am getting the following
backtrace claiming there is a collision that I assume is not getting
resolved in its usual fashion.

Backtrace:
   6 (primitive-load "/gnu/store/k45l4ph58xakp3f52kmridr9wyc…")
In guix/build/profiles.scm:
157:2  5 (build-profile "/gnu/store/c2khaalrpy7cdyr8k4lawgqnbzs…" …)
In unknown file:
   4 (hash-for-each # …)
   3 (hash-for-each # …)
   2 (hash-for-each # …)
   1 (hash-for-each # …)
   0 (scm-error misc-error #f "~A ~S" ("union-build: col…" …) …)

ERROR: In procedure scm-error:
union-build: collision between file and directories ((files
("/gnu/store/h1w5b2l1wny94cnfqm46w12nm3w8wz2k-ocaml-num-1.1/lib/ocaml/site-lib/stublibs"))
(dirs
("/gnu/store/93lp6k3d58dfc8gvx9zd70szapsb5kv6-ocaml-base-0.11.1/lib/ocaml/site-lib/stublibs"
"/gnu/store/7vrg8apsnl6hg9vsszpgcq4ymvz9whap-ocaml-core-0.11.3/lib/ocaml/site-lib/stublibs"
"/gnu/store/iz6wzz9sm4qnal2wlqi66blm8mb35zxv-ocaml-core-kernel-0.11.1/lib/ocaml/site-lib/stublibs"
"/gnu/store/zrpcrfrmyanhqpvhxkclpgiq2sp7k1ip-ocaml-bin-prot-0.11.0/lib/ocaml/site-lib/stublibs"
"/gnu/store/n70q0ypcv74vpwdd0354rjxi7mv9y1rf-ocaml-ppx-inline-test-0.12.0/lib/ocaml/site-lib/stublibs"
"/gnu/store/q42ayh04wy70pl2xdm2yp2i0s8yh5g7b-ocaml-ppx-expect-0.12.0/lib/ocaml/site-lib/stublibs"
"/gnu/store/cwijnaplps7zbby3xq21spjk4fgxpd35-ocaml-spawn-0.13.0/lib/ocaml/site-lib/stublibs"
"/gnu/store/09b6pfbw3n1j2qqni822wjjixh48qwfp-ocaml-lambda-term-1.13/lib/ocaml/site-lib/stublibs"
"/gnu/store/zlibrm9b6pa8hgwmjigzwm2cq3kb4y1r-ocaml-lwt-4.1.0/lib/ocaml/site-lib/stublibs"
"/gnu/store/qzkydyr8rrbpfk2lfjynnhgdbavf4kh0-ocaml-ssl-0.5.7/lib/ocaml/site-lib/stublibs"
"/gnu/store/sqkcaap13wgbjdqnjia8hi12rf2p5qf1-ocaml-dose3-5.0.1/lib/ocaml/site-lib/stublibs"
"/gnu/store/wnl6maf9s6ksvszyy9q2bz0psiy1h15j-ocaml-mccs-1.1+9/lib/ocaml/site-lib/stublibs")))


If formatting is bad in this email, here are plaintext pastes.

meta-packages.scm : http://ix.io/1L1A

backtrace : http://ix.io/1L1B

Re: Noob issues with maintaining a guix laptop system

[Divan Santana]

Julien Lepiller  writes:

> Le 4 juin 2019 08:17:11 GMT+02:00, ison  a écrit :
>>Just to be clear, when a reconfigure fails you can make any necessary
>>changes
>>and run it again. Guix operations are atomic so it doesn't actually
>>change the
>>state of your system in any way until it finishes.
>>
>>But, if you're asking about rolling back the "guix pull" so that you
>>can run
>>reconfigure with the older versions as if you had never ran "guix pull"
>>in the
>>first place, then I think you could try this:
>>guix describe
>>which should print out the "commit" used when you last reconfigured the
>>system.
>>Then you could try the following command with  replaced
>>with the
>>value you got above:
>>guix pull --commit=
>>That should make sure your package data matches what was used last time
>>you
>>successfully reconfigured.

Cool, I'll note for next time it happens and report back if I get stuck.

Thanks a lot

> That's a good suggestion, except guix describe will tell you the connit of 
> the currently installed guix, which is the one you've guix pull'ed to.
>
> I thenk you can use guix package to manage the guix pull profile, like so:
>
> guix package -p /var/guix/profiles/per-user/current-guix --list-generations
>
> You can also use --roll-back or switch directly to an older generation.
>
> But in general I think it would be better for you to report your failure(s) 
> so we can help and fix them :)
>
>>
>>As for the swapfile, it should work exactly how you showed.
>>That error makes me think the problem is with how you set up the
>>swapfile. Did
>>you run "dd" to allocate space for the swapfile?
>
> And run mkswap on it?

I thought I did that, but perhaps not.

Either way, your guys advise helped, it's working now, after a mkswap. Thanks!

Guix and intrusion detection (was Re: Help with writing custom boot-loader configuration)

[Giovanni Biscuolo]

Hello Raghav,

Raghav Gururajan  writes:

[...]

> It works. Was curious about other alternatives. Btw, is it possible make guix 
> to
>  automatically GPG-Sign the "grub.cfg" it generates during "guix system init" 
> or
> "guix system reconfigure" ??

I cannot (still) help patching guix this way, but from a security POV
this is interesting, providing you explain what you are trying to
achieve :-)

Anyway:

1. to sign, guix should have a secret key and that key may be easily
stolen (modulo encryption but that's another story...)

2. to verify a list of system admins signatures guix just needs public
keys and that's easy to provide, the not so easy part is patching guix I
guess

3. signature of "grub.cfg" - or other store items - should be done on
*another* machine and items deployed to the host (there is some POC and
custom code around in guix-devel for this)

Could GPG signature *verification* of selected core parts (bootloader,
initrd, kernel... guix itself) of our reproducible system make us
confident that instrusions via physical access to hardware are
automatically detected and notified by guix? [1]

...or I'm exagerating here and Guix already provides a good path to do
effective intrusion detection, even with remote hosts potentially
available to physical instrusion?

Thoughts?

[...]

Thanks! Gio'.


[1] let's call it Trusting Remote Trust problem

-- 
Giovanni Biscuolo

Xelera IT Infrastructures


signature.asc
Description: PGP signature

Re: Help with writing custom boot-loader configuration

[Raghav Gururajan]

> Heh.  I didn’t see this before.  Sorry for sending you code you already
> had!

That's okay. No worries.

> I’m not quite sure what you are asking, since Guix does not use
> “grub-mkconfig”.  It has its own way of generating a GRUB configuration
> file.  The “#~(const #t)” trick is the Guix version of running
> “grub-mkconfig” and not “grub-install”.  Is it working for you?

It works. Was curious about other alternatives. Btw, is it possible make guix to
 automatically GPG-Sign the "grub.cfg" it generates during "guix system init" or
"guix system reconfigure" ??

> Is it that you want to use “grub-mkconfig” instead of Guix’s normal
> method?  To be honest, it may be possible, but it’s only for the brave
> of heart (or at least for those who can tolerate a lot of annoying
> difficulties).  :)  The easiest way to do that would be to install GRUB
> and run “grub-mkconfig” manually.

Thanks for the suggestion.

Regards,
RG.

Re: Starting emacs as a daemon

[Tobias Geerinckx-Rice]

Marlin,

Marlin wrote:
Hi! I'm currently running the guix system, and would like to 
start

the emacs daemon/server at boot. How can i do this? Not used to
shepherd yet.


Unless you mean ‘at boot’ literally, this is best handled ‘at 
log-in’ through a separate (user) instance of El Shep. 
Unfortunately, this mode isn't currently integrated with Guix 
System and still underdocumented.


Here's my set-up, which I thought I'd posted here before but can't 
find in the archives:


~ λ cat /home/nckx/.config/shepherd/services.scm
(define emacs
 (make 
   #:provides '(emacs)
   #:requires '()
   #:start (make-system-constructor "emacs --daemon")
   #:stop (make-system-destructor
   "emacsclient --eval \"(kill-emacs)\"")))
;; Other services (gpg, ibus, …) snipped.

~ λ cat /home/nckx/.config/shepherd/init.scm
(load "services.scm")
(register-services emacs gpg-agent ibus-daemon jackd)
(action 'shepherd 'daemonize) ; send shepherd into background
(for-each start (list emacs)) ; services to start automatically

~ λ grep -A1 shepherd /home/nckx/.xsession
shepherd # user service manager
exec dbus-launch --exit-with-session ssh-agent i3

Kind regards,

T G-R


signature.asc
Description: PGP signature

Re: Version of package fontforge

[Ricardo Wurmus]

Hi Tilman,

> when I tried to compile lilypond, I had some problems with the package
> fontforge. In Guix it is listed as version 20190317, but when I do "fontforge
> --version", i get:
>
> Copyright (c) 2000-2018 by George Williams. See AUTHORS for Contributors.
>  License GPLv3+: GNU GPL version 3 or later 
>  with many parts BSD ;;. Please read 
> LICENSE.
>  Based on sources from 00:00 UTC  1-Jan-1970-ML-D.
>  Based on source from git with hash:
> fontforge 00:00 UTC  1-Jan-1970
> libfontforge 19700101

We may need to patch fontforge.  The version is derived from the current
date at build time:

fontforge-20190317/configure.ac:FONTFORGE_VERSIONDATE="$(date -u 
$FONTFORGE_DATE_OPTS +'%Y%m%d')"
fontforge-20190317/configure:#define FONTFORGE_VERSIONDATE_RAW 
$FONTFORGE_VERSIONDATE

And that’s what’s used in fontforge-20190317/fontforge/start.c.

We don’t run “date” during the configuration; during builds
SOURCE_DATE_EPOCH is set:


fontforge-20190317/configure.ac:FONTFORGE_DATE_NOW=${SOURCE_DATE_EPOCH:-$(date 
+'%s')}

We may need to patch fontforge so that these values are properly defined.

--
Ricardo

Re: Guix Cuirass - Continuous Integration - Crash Error

[Ricardo Wurmus]

Hi Reza,

> I want to setup a CI build server using _Cuirass_ to build a series of custom 
> packages for Guix. but I receive following error and cuirass-service crashes, 
> could anyone help me on this? 
>
> ```
> 2019-06-03T18:50:59 fatal: uncaught exception 'git-error' in 'build' fiber!
> 2019-06-03T18:50:59 exception arguments: (#< code: -14
> message: "the index is locked; this might be due to a concurrent or
> crashed process" class: 10>)

Try erasing the cache directories containing the git repositories.

-- 
Ricardo

Re: Help with writing custom boot-loader configuration

[Timothy Sample]

Hi Raghav,

Raghav Gururajan  writes:

>> 
>> My first thought after reading your question was 
>> . 
>
> Yes, I was looking for a method other than using (const ~#t).

Heh.  I didn’t see this before.  Sorry for sending you code you already
had!

>> However, I guess you need something else, but I'm not sure what it is. Can 
>> you explain more what you're trying to do? Thanks!
>
> I was looking for a way to directly alter the behaviour of grub-installer. The
> two of all functions of grub-installer are "grub-install" and "grub-mkconfig".
> The former install grub binaries on disk and the latter generates grub
> configuration file inside root partition under boot directory. I was thinking 
> if
> there is a straight-forward way to make the grub-installer to invoke ONLY 
> "grub-
> mkconfig" and NOT "grub-install"??

I’m not quite sure what you are asking, since Guix does not use
“grub-mkconfig”.  It has its own way of generating a GRUB configuration
file.  The “#~(const #t)” trick is the Guix version of running
“grub-mkconfig” and not “grub-install”.  Is it working for you?

Is it that you want to use “grub-mkconfig” instead of Guix’s normal
method?  To be honest, it may be possible, but it’s only for the brave
of heart (or at least for those who can tolerate a lot of annoying
difficulties).  :)  The easiest way to do that would be to install GRUB
and run “grub-mkconfig” manually.


-- Tim

Re: conkeror superseded by icecat, why?

[Ricardo Wurmus]

Hi,

> “guix package -i conkeror” tells me:
>  guix package: package 'conkeror' has been superseded by 'icecat'
>
> Why? These are two very different browsers.

Conkeror is longer developed as its upstream has disappeared, and with a
heavy heart we decided to remove it from Guix.

You might be happier with the Next Browser as a replacement.

--
Ricardo