| 4 Oct 2022 |
 @elvishjerricco:matrix.org | I don't want systemd stage 1 to be default until the docs have been unhidden for at least one release | 20:55:14 |
| @elvishjerricco:matrix.org | but feature parity is basically just missing the fancy luks stuff and networking, so I feel fairly comfortable unhiding docs this release, assuming we can get the two PRs for those things merged by next release | 20:56:03 |
| @elvishjerricco:matrix.org | basically I just want it to go from "experimental" status to "beta" status | 20:57:23 |
 flokli | Yeah, unhiding the docs is probably something that can be done before the release, if they're "ready enough", and what's still not supported is documented somewhere accessible enough | 21:04:07 |
| @elvishjerricco:matrix.org | Yea the work required it's non-negligible. We've got some docs that need improvement and (IMO) we need to avoid duplicating all the systemd docs yet again. | 21:05:08 |
| @elvishjerricco:matrix.org | But it's not a ton of work | 21:05:16 |
| flokli | I'm worried figuring out all the small bits to get the last 10% to work will be much more work than expected | 21:06:03 |
| flokli | Like, networking, root on NFS/iso/... | 21:06:20 |
| @elvishjerricco:matrix.org | I think we're very close to already being there. | 21:06:25 |
| @elvishjerricco:matrix.org | Like on the networking PR I commented the remaining open questions and they're not far fetched | 21:06:50 |
| flokli | There's so much domain specific knowledge hacked into brittle shell scripts, with not too much test coverage | 21:07:03 |
| @elvishjerricco:matrix.org | I think someone is even using NFS root right now | 21:07:07 |
| @elvishjerricco:matrix.org | colemickensIIRC? | 21:07:21 |
| @elvishjerricco:matrix.org | we do also need to fix the iso though. Frankly I don't know how the current one functions at all lol | 21:07:50 |
 colemickens | ElvishJerricco: I was, but have dropped it due to NFS issues and kept having issues rebasing your net PR. But yes, it did work just fine. | 21:07:53 |
 Zhaofeng Li | I have one more question about #189676/cryptenroll: Should we include the tpm kernel modules by default, or should we drop this for this PR? | 21:08:01 |
| colemickens | (and by fine, I mean it actually worked whereas the non-systemd-network has racey issues) | 21:08:08 |
| colemickens | Zhaofeng Li I was just about to ask that, and about whether or not the fido2-device arg is needed or if it's implied to be auto? | 21:08:31 |
| @elvishjerricco:matrix.org | In reply to @zhaofeng:zhaofeng.li
I have one more question about #189676/cryptenroll: Should we include the tpm kernel modules by default, or should we drop this for this PR? yea so that's a pretty small thing in the grand scheme. Enough to block the PR on, but not enough to move systemd stage 1 into "documented and beta" status | 21:09:34 |
| colemickens | I guess someone is likely to notice they need the modules as they enroll, so at least they wouldn't be likely to reboot and be unexpectedly having to enter their password due to modules missing. | 21:09:39 |
| @elvishjerricco:matrix.org | In reply to @zhaofeng:zhaofeng.li
I have one more question about #189676/cryptenroll: Should we include the tpm kernel modules by default, or should we drop this for this PR? * yea so that's a pretty small thing in the grand scheme. Enough to block the PR on, but not enough to stop the move of systemd stage 1 into "documented and beta" status | 21:09:51 |
| colemickens | * I guess someone is likely to notice they need the modules as they enroll, so at least they wouldn't be likely to reboot and be unexpectedly having to enter their password due to modules missing. (I guess they could temp modprobe them and then reboot and be surprised) | 21:10:15 |
| @elvishjerricco:matrix.org | I mean I certainly was confused when my steam deck said there was no TPM device installed. Took me a minute to realize I needed a kernel module. Not a big deal but at least kinda noteworthy | 21:11:13 |
| Zhaofeng Li | In reply to @colemickens:matrix.org
Zhaofeng Li I was just about to ask that, and about whether or not the fido2-device arg is needed or if it's implied to be auto? It's not required and the cryptsetup service will determine the required token type from the LUKS key slot header | 21:11:38 |
 @hexa:lossy.network | hi, I'm seeing the mk-initrd-ng builder fail on the libxcrypt branch | 21:41:21 |
| @hexa:lossy.network | initrd-linux> /bin -> /nix/store/xavgss5cngx68ffd7y4nvf3gl5j8raq2-initrd-bin-env/bin
initrd-linux> /etc/fstab -> /nix/store/5x0glmakxlphadn0y5ynb3ymcxmsv4sn-initrd-fstab
initrd-linux> /etc/initrd-release -> /nix/store/7wwkq5lhxfjh81nan7kggc7vv3qwxnzn-initrd-release
initrd-linux> /etc/kbd/keymaps -> /nix/store/qbys2yn2mvixz0rc6g2cvmbihwlb3fgc-console-env/share/keymaps
initrd-linux> /etc/modprobe.d/debian.conf -> /nix/store/q7airdzvbg25php1a52bpswp92h6qchy-kmod-debian-aliases.conf-22-1.1
initrd-linux> /etc/modprobe.d/systemd.conf -> /nix/store/r7mlbby6n26amxrhsxzgnl5m8kldgpyr-systemd-stage-1-251.4/lib/modprobe.d/systemd.conf
initrd-linux> /etc/modprobe.d/ubuntu.conf -> /nix/store/wgaaknrv637qa0i1yhff7n5nh9447jny-initrd-kmod-blacklist-ubuntu
initrd-linux> /etc/modules-load.d/nixos.conf -> /nix/store/6adb24fxb7lxxpvrzgf9frk1ynh8l83v-initrd-nixos.conf
initrd-linux> /etc/os-release -> /nix/store/7wwkq5lhxfjh81nan7kggc7vv3qwxnzn-initrd-release
initrd-linux> /etc/passwd -> /nix/store/x79jlgg44cks805vzm9q3mshvk06nkk6-fake-nss/etc/passwd
initrd-linux> /etc/shadow -> /nix/store/vjisvrzd9rhhhidpa243rrnnzwb3ich3-initrd-shadow
initrd-linux> /etc/sysctl.d/nixos.conf -> /nix/store/ab44sbjb3zk06yzqs5xxnai2jcvga0jv-initrd-nixos.conf
initrd-linux> /etc/systemd/network -> /nix/store/i0wypsybg9f7xdjzp14mqzcdv313hxz4-initrd-link-units
initrd-linux> /etc/systemd/system -> /nix/store/11d3p04w20q1k3izmvlz7zfdlqpkbn05-initrd-units
initrd-linux> /etc/systemd/system.conf -> /nix/store/cq7f9nfwg8ly1730xbap0631km95apb8-initrd-system.conf
initrd-linux> /etc/udev/rules.d -> /nix/store/q5rdk89xnzplh7m0kgjpd53v960sw7yn-initrd-udev-rules
initrd-linux> /etc/vconsole.conf -> /nix/store/vnspz6aghpx0pkak1ps76as2qdcbzbb7-vconsole.conf
initrd-linux> /init -> /nix/store/r7mlbby6n26amxrhsxzgnl5m8kldgpyr-systemd-stage-1-251.4/lib/systemd/systemd
initrd-linux> /lib/firmware -> /nix/store/n7j49yh6kcisb31xg6c48lzcbhz813gw-linux-5.15.71-modules-shrunk/lib/firmware
initrd-linux> /lib/modules -> /nix/store/n7j49yh6kcisb31xg6c48lzcbhz813gw-linux-5.15.71-modules-shrunk/lib/modules
initrd-linux> /sbin -> /nix/store/xavgss5cngx68ffd7y4nvf3gl5j8raq2-initrd-bin-env/sbin
initrd-linux> Error: Os { code: 2, kind: NotFound, message: "No such file or directory" }
| 21:41:33 |
| @hexa:lossy.network | the error message is only mildly helpful | 21:41:43 |
| @hexa:lossy.network | https://github.com/mweinelt/nixpkgs/tree/glibc-without-libcrypt | 21:42:37 |
| @hexa:lossy.network | this branch | 21:42:38 |
| @hexa:lossy.network | for example when building up to nixosTests.hibernate-systemd-stage-1 | 21:42:54 |
