Re: [Nix-dev] firefox package questions
On Mon, Jun 19, 2017, at 13:00, Roland Koebler wrote: > Hi, > > > > - Up to date versions: > > > Currently, NixOS only contains outdated Firefox-versions (53.0.3, > > > 52.1.2esr); > > > there are newer official versions since about 1 week. > > > How long does it usually take until the newest version gets packaged? > > > > Both the release branch and master carry firefox 54. Which channel are > > following? > > The default branch after installing NixOS: > # nix-channel --list > nixos https://nixos.org/channels/nixos-17.03 Unfortunately, the release channel has been blocked for a while; I failed to realize how much it is lagging behind the release branch. Unless you wish to pull nix expressions directly from the release branch, there's not much else to do than wait for the channel to catch up. That is, the updates are there, they are just not being disseminated, for reasons unrelated to firefox specifically. ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] firefox package questions
On Mon, Jun 19, 2017, at 12:25, Roland Koebler wrote: > Hi, > > [ ...] > - Up to date versions: > Currently, NixOS only contains outdated Firefox-versions (53.0.3, > 52.1.2esr); > there are newer official versions since about 1 week. > How long does it usually take until the newest version gets packaged? Both the release branch and master carry firefox 54. Which channel are following? ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Hydra and security updates
On Thu, Jun 1, 2017, at 23:32, Leo Gaspard wrote: > Hi all, > > [ ... ] I think this is relevant to your interests: https://github.com/NixOS/nixpkgs/pull/10851 On a side note, I don't know why anybody would actually run nixos-unstable; it gets stuck for long periods of time quite often ... I think sticking to the latest release channel or using the -small variant is better, depending on whether you want/need the latest bugs. ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] setuid wrappers permissions
On Sat, Sep 3, 2016, at 10:45 PM, Karn Kallio wrote: > > The new setuid-wrappers in /run cannot be executed by users due to: > > 1) the temporary directory does not allow access > 2) the /run is mounted nosuid > > The attached patch prepares the permissions and mount options so users > can execute the suid wrappers. I've tested this on a running system and against the misc test, it fixes both. Thank you! ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
[Nix-commits] [NixOS/nixpkgs]
Branch: refs/heads/revert-16980-sf-use-mirrors Home: https://github.com/NixOS/nixpkgs ___ nix-commits mailing list nix-comm...@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] 8745e4: mutt: 1.6.0 -> 1.6.2
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 8745e479091f21975d5777df9a8013d8e7d02cfd https://github.com/NixOS/nixpkgs/commit/8745e479091f21975d5777df9a8013d8e7d02cfd Author: rnhmjoj <michelegueriniro...@me.com> Date: 2016-07-09 (Sat, 09 Jul 2016) Changed paths: M pkgs/applications/networking/mailreaders/mutt/default.nix R pkgs/applications/networking/mailreaders/mutt/sidebar-compose.patch R pkgs/applications/networking/mailreaders/mutt/sidebar-delimnullwide.patch R pkgs/applications/networking/mailreaders/mutt/sidebar-dotpathsep.patch R pkgs/applications/networking/mailreaders/mutt/sidebar-new.patch R pkgs/applications/networking/mailreaders/mutt/sidebar-newonly.patch R pkgs/applications/networking/mailreaders/mutt/sidebar-utf8.patch M pkgs/applications/networking/mailreaders/mutt/sidebar.patch R pkgs/applications/networking/mailreaders/mutt/trash-folder.patch A pkgs/applications/networking/mailreaders/mutt/trash.patch Log Message: --- mutt: 1.6.0 -> 1.6.2 Commit: 99039235728c673291510c77bca9077abb16a1fb https://github.com/NixOS/nixpkgs/commit/99039235728c673291510c77bca9077abb16a1fb Author: joachifm <joach...@users.noreply.github.com> Date: 2016-07-12 (Tue, 12 Jul 2016) Changed paths: M pkgs/applications/networking/mailreaders/mutt/default.nix R pkgs/applications/networking/mailreaders/mutt/sidebar-compose.patch R pkgs/applications/networking/mailreaders/mutt/sidebar-delimnullwide.patch R pkgs/applications/networking/mailreaders/mutt/sidebar-dotpathsep.patch R pkgs/applications/networking/mailreaders/mutt/sidebar-new.patch R pkgs/applications/networking/mailreaders/mutt/sidebar-newonly.patch R pkgs/applications/networking/mailreaders/mutt/sidebar-utf8.patch M pkgs/applications/networking/mailreaders/mutt/sidebar.patch R pkgs/applications/networking/mailreaders/mutt/trash-folder.patch A pkgs/applications/networking/mailreaders/mutt/trash.patch Log Message: --- Merge pull request #16805 from rnhmjoj/mutt mutt: 1.6.0 -> 1.6.2 Compare: https://github.com/NixOS/nixpkgs/compare/9aa3e78ab206...99039235728c___ nix-commits mailing list nix-comm...@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] 129c17: youtube-dl: 2016.07.03.1 -> 2016.07.09.2
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 129c17b222725c1ab37c0c21fda57ddf8a4d186a https://github.com/NixOS/nixpkgs/commit/129c17b222725c1ab37c0c21fda57ddf8a4d186a Author: Márton Boros <martonbo...@gmail.com> Date: 2016-07-10 (Sun, 10 Jul 2016) Changed paths: M pkgs/tools/misc/youtube-dl/default.nix Log Message: --- youtube-dl: 2016.07.03.1 -> 2016.07.09.2 Commit: 7135dfd541f1651bd08cd59278c2f2241723d3af https://github.com/NixOS/nixpkgs/commit/7135dfd541f1651bd08cd59278c2f2241723d3af Author: joachifm <joach...@users.noreply.github.com> Date: 2016-07-12 (Tue, 12 Jul 2016) Changed paths: M pkgs/tools/misc/youtube-dl/default.nix Log Message: --- Merge pull request #16836 from brainrape/update-youtube-dl youtube-dl: 2016.07.03.1 -> 2016.07.09.2 Compare: https://github.com/NixOS/nixpkgs/compare/4620221a5187...7135dfd541f1___ nix-commits mailing list nix-comm...@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] f854c7: gtk-gnutella: 1.1.5 -> 1.1.9
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: f854c7d4f4bdbae7ba182955e453070f5343678e https://github.com/NixOS/nixpkgs/commit/f854c7d4f4bdbae7ba182955e453070f5343678e Author: Kranium Gikos Mendoza <kran...@gikos.net> Date: 2016-07-10 (Sun, 10 Jul 2016) Changed paths: M pkgs/tools/networking/p2p/gtk-gnutella/default.nix Log Message: --- gtk-gnutella: 1.1.5 -> 1.1.9 Commit: 3df7f3cbc303a6c867245d5faa37a4989f0982eb https://github.com/NixOS/nixpkgs/commit/3df7f3cbc303a6c867245d5faa37a4989f0982eb Author: joachifm <joach...@users.noreply.github.com> Date: 2016-07-12 (Tue, 12 Jul 2016) Changed paths: M pkgs/tools/networking/p2p/gtk-gnutella/default.nix Log Message: --- Merge pull request #16831 from womfoo/fix-bump/gtkgnutella-1.1.9 gtk-gnutella: fix build and 1.1.5 -> 1.1.9 Compare: https://github.com/NixOS/nixpkgs/compare/7135dfd541f1...3df7f3cbc303___ nix-commits mailing list nix-comm...@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] defdbd: geany: 1.27 -> 1.28
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: defdbdb08b22c9eb8f770d86533f615e17efc530 https://github.com/NixOS/nixpkgs/commit/defdbdb08b22c9eb8f770d86533f615e17efc530 Author: Frank Lanitz <fr...@frank.uvena.de> Date: 2016-07-10 (Sun, 10 Jul 2016) Changed paths: M pkgs/applications/editors/geany/default.nix Log Message: --- geany: 1.27 -> 1.28 Commit: 4620221a5187d2a467a62a1ef684fb7e37a13f76 https://github.com/NixOS/nixpkgs/commit/4620221a5187d2a467a62a1ef684fb7e37a13f76 Author: joachifm <joach...@users.noreply.github.com> Date: 2016-07-12 (Tue, 12 Jul 2016) Changed paths: M pkgs/applications/editors/geany/default.nix Log Message: --- Merge pull request #16839 from frlan/Update/Geany/1.28 geany: 1.27 -> 1.28 Compare: https://github.com/NixOS/nixpkgs/compare/03a7fa910465...4620221a5187___ nix-commits mailing list nix-comm...@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] 00f35e: leatherman: 0.7.0 -> 0.7.5
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 00f35e6653a30fc2c90db96d1f50ac3e04160575 https://github.com/NixOS/nixpkgs/commit/00f35e6653a30fc2c90db96d1f50ac3e04160575 Author: Kranium Gikos Mendoza <kran...@gikos.net> Date: 2016-07-10 (Sun, 10 Jul 2016) Changed paths: M pkgs/development/libraries/leatherman/default.nix Log Message: --- leatherman: 0.7.0 -> 0.7.5 Commit: 356b3ae546fa426435bc9d139cb3dc76c61b936d https://github.com/NixOS/nixpkgs/commit/356b3ae546fa426435bc9d139cb3dc76c61b936d Author: Kranium Gikos Mendoza <kran...@gikos.net> Date: 2016-07-10 (Sun, 10 Jul 2016) Changed paths: M pkgs/tools/system/facter/default.nix Log Message: --- facter: 3.1.6 -> 3.1.8 Commit: 03a7fa910465943268d24089e88cfb8db9baf1e3 https://github.com/NixOS/nixpkgs/commit/03a7fa910465943268d24089e88cfb8db9baf1e3 Author: joachifm <joach...@users.noreply.github.com> Date: 2016-07-12 (Tue, 12 Jul 2016) Changed paths: M pkgs/development/libraries/leatherman/default.nix M pkgs/tools/system/facter/default.nix Log Message: --- Merge pull request #16840 from womfoo/bump/leatherman-0.7.5-facter-3.1.8 Bump leatherman: 0.7.0 -> 0.7.5 and sole dependency facter 3.1.6 -> 3.1.8 Compare: https://github.com/NixOS/nixpkgs/compare/ecb5a56b4ef4...03a7fa910465___ nix-commits mailing list nix-comm...@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] 4c17be: minify: init at v2.0.0
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 4c17bed84c53f018cd3ca97f2a4ea7e4eaa1634d https://github.com/NixOS/nixpkgs/commit/4c17bed84c53f018cd3ca97f2a4ea7e4eaa1634d Author: schneefux <schneefux+com...@schneefux.xyz> Date: 2016-07-10 (Sun, 10 Jul 2016) Changed paths: M pkgs/development/go-modules/libs.json A pkgs/development/web/minify/default.nix A pkgs/development/web/minify/deps.json M pkgs/top-level/all-packages.nix Log Message: --- minify: init at v2.0.0 Commit: ecb5a56b4ef405c244be080e61cda84ecd918864 https://github.com/NixOS/nixpkgs/commit/ecb5a56b4ef405c244be080e61cda84ecd918864 Author: joachifm <joach...@users.noreply.github.com> Date: 2016-07-12 (Tue, 12 Jul 2016) Changed paths: M pkgs/development/go-modules/libs.json A pkgs/development/web/minify/default.nix A pkgs/development/web/minify/deps.json M pkgs/top-level/all-packages.nix Log Message: --- Merge pull request #16300 from schneefux/gopkg-minify minify: init at v2.0.0 Compare: https://github.com/NixOS/nixpkgs/compare/7a54a71c9e57...ecb5a56b4ef4___ nix-commits mailing list nix-comm...@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] 93b246: urlwatch: 2.1 -> 2.2
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 93b246287bb0ca4a86b9f00140939784c81f3b49 https://github.com/NixOS/nixpkgs/commit/93b246287bb0ca4a86b9f00140939784c81f3b49 Author: tv <t...@krebsco.de> Date: 2016-07-09 (Sat, 09 Jul 2016) Changed paths: M pkgs/tools/networking/urlwatch/default.nix A pkgs/tools/networking/urlwatch/setup.patch Log Message: --- urlwatch: 2.1 -> 2.2 Commit: 7a54a71c9e573d5cb77839f16184bc9b343c7b61 https://github.com/NixOS/nixpkgs/commit/7a54a71c9e573d5cb77839f16184bc9b343c7b61 Author: joachifm <joach...@users.noreply.github.com> Date: 2016-07-12 (Tue, 12 Jul 2016) Changed paths: M pkgs/tools/networking/urlwatch/default.nix A pkgs/tools/networking/urlwatch/setup.patch Log Message: --- Merge pull request #16808 from 4z3/urlwatch urlwatch: 2.1 -> 2.2 Compare: https://github.com/NixOS/nixpkgs/compare/356e9c04da54...7a54a71c9e57___ nix-commits mailing list nix-comm...@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] 2b47d2: factorio: 0.12.35 -> 0.13.8
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 2b47d24007c649414e59c884fe6d999a2b3990d1 https://github.com/NixOS/nixpkgs/commit/2b47d24007c649414e59c884fe6d999a2b3990d1 Author: Eric Litak <eli...@gmail.com> Date: 2016-07-12 (Tue, 12 Jul 2016) Changed paths: M nixos/modules/services/games/factorio.nix M pkgs/games/factorio/default.nix Log Message: --- factorio: 0.12.35 -> 0.13.8 Commit: c07866a641d10a6dc527e0d8a59f4f531145a51f https://github.com/NixOS/nixpkgs/commit/c07866a641d10a6dc527e0d8a59f4f531145a51f Author: joachifm <joach...@users.noreply.github.com> Date: 2016-07-12 (Tue, 12 Jul 2016) Changed paths: M nixos/modules/services/games/factorio.nix M pkgs/games/factorio/default.nix Log Message: --- Merge pull request #16882 from elitak/factorio013 factorio: 0.12.35 -> 0.13.8 Compare: https://github.com/NixOS/nixpkgs/compare/416120e0c743...c07866a641d1___ nix-commits mailing list nix-comm...@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-commits
Re: [Nix-dev] Packaging free software that costs money
On Wed, Jul 6, 2016, at 06:48 PM, Profpatsch wrote: > On 16-07-06 09:50am, Kevin Cox wrote: > > IIUC you can't "really require" money for a GPL program. You can charge > > for the distribution or for binaries or whatever you like, but nothing > > is stopping others from building and distributing the program for no > > charge (or even taking the money themselves) this is part of the freedom > > offered by the license. > > I’m not sure how that fares legally (compared to proprietary licenses), > but in a day-to-day environment, this holds true for *every* digital > file. > > It is a basic property. > > If you don’t think so, I point you to $FILE_SHARING_WEBSITE of your > choice. That patterns of bytes are easily disseminated seems impertinent to me. An unlicensed distributor of proprietary software can be *forced* to stop their activity and also be made to pay for any damages that the copyright holder is able to prove. A libre software vendor can ask for payment but they have no recourse against re-distributors. I believe this is what Kevin Cox is referring to. I agree with Jookia that the policy proposed in this thread is inappropriate for Nixpkgs. I think a case could be made for adding standard meta attributes containing information about where to go to pay/donate, but only if absent built-in policies. ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Has someone a working setup for Kernel development with NixOS?
On Mon, Jun 27, 2016, at 08:52 PM, Matthias Beyer wrote: > basically what I do with `nixos-rebuild build-vm` but from another > configuration.nix than my system-configuration.nix. You probably want something like ``` $ nix-build -I nixpkgs=/my/nixpkgs -I nixos-config=/my/configuration.nix '' -A vm $ ./result/bin/run-nixos-vm ``` or some variation thereof. HTH, Joachim ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Best way to install nix packages from github repo
On Sat, Jun 25, 2016, at 02:09 PM, Kelong Cong wrote: > I'm not too familiar with nix expression yet so using nix-env -f appears > to be the easiest approach at the moment. Note that `nix-env -f` can be used with http(s) urls as well, so you can point to an autogenerated github archive, e.g., https://github.com/NixOS/nixpkgs/archive/master.tar.gz, if you want all the latest bugs. ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Link to nix.useSandbox in pull request template
On Sat, Jun 18, 2016, at 12:03 AM, Maarten Hoogendoorn wrote: > I've encountered a missing dependency in a package, and created a pull > request [1] to add the dependency. > > However, I'm not completely sure how to build/test this using sandboxing > as > is suggested in the pull request template. Could the link to the > documentation be broken? > > Thanks, > Maarten > > [1] https://github.com/NixOS/nixpkgs/pull/16304 The option used to be named `useChroot`, which is now an alias of `useSandbox`. ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Malicious installation methods
On Fri, Jun 17, 2016, at 11:36 PM, Yui Hirasawa wrote: > > True, of course. But, there is a class of software projects which will > > likely never be "packaged" by package managers - namely, other package > > managers. Nix falls into this class, along with, for example, NPM, > > Brew, Oh-My-Zsh, and others. > > What reason would there to not package other package managers? > >>> > >>> IIRC, Debian won't package Nix because it violates the FHS (by requiring > >>a /nix > >>> directory). > >> > >> Is the nix root dir configurable? Would it be that horrible to have > >> /opt/nix or /var/lib/nix or something else be the nix root on Debian? > > > > It's not strictly required, but it would mean losing out on all the binary > > packages provided by the CI. > > Aren't they built in a chroot like Guix does? Why would anything break > just because you change where they are installed? Because it invalidates all the store references. ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] racket advance version
On Thu, May 5, 2016, at 08:18 PM, Karn Kallio wrote: > > The attached patch advances the racket version from 6.4 to the latest > release 6.5 Applied, thank you ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Contributing to nixpkgs and maintainers burden
On Sun, Apr 10, 2016, at 07:00 AM, Ruben Astudillo wrote: > Hi nixers. > > I have a couple of packages (hakuneko, haskell-related) on my local copy > of the repo. Time to time I've thought of contributing back. But I think > on the maintainers of nixpkgs and don't know if I am really making them > favor. Hi, In my opinion you should just create pull requests and trust that all contributors are capable of ignoring things they don't care about (if not, that's their problem, not yours, IMO). What you can do to speed things up is explicitly mentioning people you think needs to see the PR, if the mention bot fails to do so (again, trust that people are able to manage what they pay attention to). Also, following the guidelines helps reduce overhead. As an aside, I find that the discussions about the "github mess" end up with overly complex solutions that don't really address the core issues (in my opinion). It'd be a shame if we're actually dissuading would-be contributors. (Please don't take this as an invitation to start yet another discussion about this). Just my 2 NOK. Regards, Joachim ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] 16.03 in gcc5.3, master in gcc 4.9?
On Tue, Mar 22, 2016, at 01:59 PM, Lluís Batlle i Rossell wrote: > On Tue, Mar 22, 2016 at 01:23:39PM +0100, Vladimír Čunát wrote: > > On 03/22/2016 10:22 AM, Lluís Batlle i Rossell wrote: > > > I think that someone merged into 16.03 instead of into master unwillingly. > > > An error. But did this pass unnoticed by the maintainers for more than 15 > > > days? > > > > No, according to some chats the inclusion in 16.03 is intentional. The > > changes for master are in staging, but there's also mass darwin breakage > > which noone addresses, so that's why it isn't merged to master yet. > > https://github.com/NixOS/nixpkgs/commit/dd53c65dccb6#commitcomment-16668634 > > > > It's possible the darwin breakage is on 16.03 as well, as Hydra has no > > darwin jobs for releases AFAIK. > > How weird. Why that was merged into 16.03 and not into master? Why isn't > master the first step to 16.03? Because releases are linux only and so are unaffected by the darwin breakage. This way we get the feature into the release while minimising disruption for nixpkgs users. Makes sense to me. > So, should we push fixes for gcc5 into 16.03? Will that be merged into > master? Should these go to staging? I'd expect that staging ends up being merged into master at some point, so putting fixes into staging makes sense to me. ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Non-root access to nixos-container
On Wed, Dec 16, 2015, at 08:46 PM, rohit yadav wrote: > Hi, Hi, > After trying docker, rkt etc, I have found nixos-container to be best > suited for my application. However, I find a warning that root access to > the container should not be provided to any untrusted user. I am > wondering > if I can create a normal user in a declarative container, would that be > safe? This may be a trivial question, I just want to be clear on this. Depending on your setup, having root in the container may be equivalent to having root on the host. Compared to that situation, executing as an unprivileged user within the container appears to improve security. That said, if a container solution CAN adversely affect the host system, it is prudent to assume that a malicious user will find a way to make that happen (whether anyone will care to try is another matter). This caveat very much applies to NixOS containers, which are implemented by executing `systemd-nspawn` as root on the host system. Systemd-nspawn upstream explicitly states that lightweight containers are insecure and not to be relied on to do much beyond preventing accidental damage to the host system. If security is your only reason for using containers, consider whether you're meaningfully improving security compared to running the service as an unprivileged user on the host and not actually making things worse by introducing additional complexity. HTH, Joachim ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Secure NixOS
On Mon, Dec 7, 2015, at 12:14 PM, zimbatm wrote: > [...] > (3) is already supported by adding `security.grsecurity.enable` to your > configuration.nix file. To be frank, grsecurity support in NixOS is user-unfriendly. My biggest gripe is that the implementation is biased towards compile-time tuning of run-time behavior. I proposed a few patches towards a sysctl oriented implementation, but they failed to gain traction (granted, the patches are imperfect and incomplete). What is more, the lack of a satisfying method of applying appropriate PaX flags to binaries, ala paxd, greatly impedes use of Grsecurity/PaX on the desktop. Finally, I failed to get RBAC to actually work, in its current form. I have found it easier to simply switch to a distro with proper Grsecurity/PaX support. If I continue to tinker with NixOS, it will be in a virtual machine. Just my 2 NOK ... ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Design Patterns for Achieving what Nix is Advertized for
On Fri, Nov 27, 2015, at 03:09 AM, Martin Vahi wrote: > > In the light of the instability of the Nix > > https://github.com/NixOS/nix/issues/718 A single bug report is hardly evidence of the "instability of Nix". For many (most?) of us, Nix works as advertised and has done so for a long time. The fact that a build fails in an arbitrary build environment is an argument in *favour* of the Nix approach, where environments are precisely defined. The state space of a modern OS boggles the mind and it really is mad to expect anything to work consistently. That things actually work and work so well is amazing. Anyway, your best bet is to read https://nixos.org/~eelco/pubs/phd-thesis.pdf and similar material on nixos.org.That should give you an idea of what you need to achieve feature parity and beyond. A few remarks: > Nix sales argument: > Multiple versions of the package can > be used simultaniously and each of the > packages can use its own set of dependencies. > [] > Proposed workaround design pattern: > [...] With Nix, you get cryptographic hash signatures which exactly denote arbitrary build configurations and their combinations, no DSL required (unless you consider Nix itself a DSL). Also, Nix solves the general case, not only traditional software packages. > Nix sales argument: > It is possible to select, what packages > are available in the environment(PATH, libs), the > environment is versioned(allowing rollbacks, branches, etc.) > and the environments are reproducible on > different computers by having the clone computer > go from state 0 (the "hello" has been installed) > to the destination environment state by > going through all those state tree vertices > that are on the path from the root (the "hello") > to the leaf or some vertex in between. The design of Nix allows precisely computing a component's runtime dependencies (the closure), which in turn enables replication by dumb byte transfer. A NixOS system configuration is just a component, like any other, and can be replicated in the same fashion. I find it unhelpful to think about this in terms of the recipient going through a sequence of state transitions to reach an end state. Regards, Joachim ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] How do I change vim compile options from my configuration.nix?
On Tue, Nov 24, 2015, at 10:48 PM, Anders Lundstedt wrote: > I want to run a vim compiled with the options > > +python3 > -python > > How do I accomplish this? One way to achieve this is via ~/.nixpkgs/config.nix. Vim happens to have a configurable variant. Something like (untested) ```nix { vim.python3 = true; } ``` should give you what you want (I think, based on my brief reading of the source). See `` for details. Not all packages support this idiom. In the general case, you'd customize the package via the `packageOverrides` mechanism (see the manual for details). HTH, Joachim ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] How do I change vim compile options from my configuration.nix?
On Wed, Nov 25, 2015, at 06:36 PM, Anders Lundstedt wrote: > On Wed, Nov 25, 2015 at 6:22 PM,wrote: > > One way to achieve this is via ~/.nixpkgs/config.nix. Vim happens to > > have a configurable variant. Something like (untested) > > ```nix > > { > > vim.python3 = true; > > } > > ``` > > I do not have a ~/.nixpkgs/config.nix. I created one with those three > lines but that did not help. I then tried to put the line "vim.python3 > = true;" in my configuration.nix, which gave the following error when > doing "nix-rebuild --switch": > > error: The option `vim' defined in `/path/to/configuration.nix' does not > exist. That is not what I suggested you do. If you want to use `configuration.nix`, you must use the option `nixpkgs.config`. What I had in mind was the following sequence (assuming you start without ~/.nixpkgs): ```sh mkdir ~/.nixpkgs echo '{ vim.python3 = true; }' > ~/.nixpkgs/config.nix nix-env -iA nixos.vim_configurable vim --version | grep python3 ``` ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Increase the size of /run/user/1000
On Tue, Jul 14, 2015, at 07:44 PM, Nikita Karetnikov wrote: I'm aware of boot.runSize, but it doesn't seem to affect /run/user/1000. What's the proper way to do it? The standard way of controlling the size of /run/user is the RuntimeDirectorySize directive in logind.conf [1]. The NixOS interface is services.logind.extraConfig. HTH. [1]: http://www.freedesktop.org/software/systemd/man/logind.conf.html (I originally sent this directly to the OP by accident, sorry about that!) ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Permission error when installing mpd
On Thu, Feb 19, 2015, at 09:28 PM, James Cook wrote: Hm, this sounds like a bug actually. Maybe the mkdir is running as mpd but the author of that .nix file expected it to run as root? (Can anyone contradict this?) This is correct [1]. Until the fix hits unstable, you can set systemd.services.mpd.serviceConfig = { PermissionsStartOnly = true; }; in your configuration.nix to allow the preStart script to run as root (or just run it manually, as has been suggested). [1]: https://github.com/NixOS/nixpkgs/issues/6277 ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev