| 30 Nov 2025 |
 522 it/its ⛯ΘΔ | sanitize how
i mean you can tell env to unset PATH for you if you really want | 12:34:32 |
| 522 it/its ⛯ΘΔ | then you can go invent your own PATH | 12:34:39 |
| 522 it/its ⛯ΘΔ | oh, right, for bash | 12:34:51 |
| 522 it/its ⛯ΘΔ | okay, yeah, for scripts that are intended to be ran in an environment where the environment is totally attacker controlled, env is a bad move (but you probably wouldn't be using a bash script then, you'd probably just go compile a statically linked binary or something) | 12:35:42 |
|  @tinwood:matrix.org left the room. | 12:36:27 |
 aloisw | You can't with the #! because it only accepts a single argument though. | 13:07:07 |
| aloisw | Yes, I think what they mean is that the script can then set PATH at its top, but who does that (and even if they do, how often is it complete and correct). | 13:07:59 |
| 522 it/its ⛯ΘΔ | #!/usr/bin/env -S env --unset=HOME --unset=PATH bash | 13:11:14 |
| 522 it/its ⛯ΘΔ | boom | 13:11:15 |
| 522 it/its ⛯ΘΔ | :) | 13:11:16 |
| 522 it/its ⛯ΘΔ | (that second env can be a /usr/bin/env too) | 13:11:47 |
| 522 it/its ⛯ΘΔ | i think | 13:11:54 |
| aloisw | SYNOPSIS
env [-i] [name=value]... [utility [argument...]]
Oh no, -S might be a GNU extension… | 13:12:51 |
 Katalin 🔪 | not quite, macOS also has -S:
-S string
Split apart the given string into multiple strings, and process each of the resulting strings as separate
arguments to the env utility. The -S option recognizes some special character escape sequences and also
supports environment-variable substitution, as described below.
and it also says this, so FreeBSD at least should have it too
The -P, -S and -v options were added in FreeBSD 6.0.
| 15:39:21 |
| Katalin 🔪 | I wonder if there is caniuse.com but for unix system commands and their options :^) | 15:42:59 |
 bandithedoge | probably not | 15:50:44 |
| bandithedoge | but we should definitely make that | 15:50:49 |
 antifuchs | (tried piping it into cat to inform it that there's no terminal, a trick which sometimes works with other tools... but no. can't really find a flag that would enable wide printing either) | 16:09:56 |
 raitobezarius | lillecarl you had fallback issues with Lix, can you reproduce this issue here: https://git.lix.systems/lix-project/lix/issues/339#issuecomment-15867 ? | 16:52:14 |
| raitobezarius | or did you have a reproducer for fallback? | 16:52:18 |
| raitobezarius | i have been looking at it without any success | 16:52:22 |
 WeetHet | Once flakes are removed from the main tree, there still would be a nix-repl | 17:29:30 |
 piegames | In reply to @weethet:catgirl.cloud
Once flakes are removed from the main tree, there still would be a nix-repl That sounds wrong | 18:13:25 |
|  @acidbong:envs.net joined the room. | 18:13:55 |
| piegames | Like, some parts of the nix3 CLI require Flakes, but not the REPL AFAIK | 18:14:05 |
| WeetHet | It uses flakes by default | 18:15:16 |
| WeetHet | Also I thought that both flakes and nix3 CLI were gonna be moved to a separate module? | 18:16:05 |
 Aijokey | configuration.nix - Main system configuration
============================================================================
{pkgs, ...}: {
imports = [
# Hardware
./hardware-configuration.nix
./hardware.nix
# System modules
./system/boot.nix
./system/locale.nix
./system/network.nix
# Services
./services.nix
# User configuration
./users.nix
# Applications and packages
./apps.nix
# Virtualization
./virtualization/kvm.nix
./virtualization/docker.nix
# Security & Pentesting
./athena.nix
# Customization
./customisation.nix
./llm.nix
];
system.stateVersion = "24.11";
nixpkgs.overlays = [
(final: prev: {
inherit
(prev.lixPackageSets.stable)
nixpkgs-review
nix-eval-jobs
nix-fast-build
colmena
;
})
];
nix.package = pkgs.lixPackageSets.stable.lix;
nixpkgs.config = {
allowUnfree = true;
segger-jlink.acceptLicense = true;
};
nix.settings.experimental-features = ["nix-command" "flakes"];
}
============================================================================
I installed lix but im not sure it do anything
| 18:17:41 |
| WeetHet | Could you format your message properly please | 18:18:14 |
| Aijokey | Redacted or Malformed Event | 18:18:41 |
