| 6 Jun 2022 |
 Linux Hackerman | But I don't know if that's why it was implemented this way, nor if it makes sense to do it that way | 22:49:40 |
 Buckley | I’ll have a peek later, but I’m guessing colmena just uses the nix copy tool (which probably doesn’t support sudo). If I’m wrong and it’s a two line patch I’ll totally PR that :o | 23:00:00 |
| 7 Jun 2022 |
 Chinchilla Washington | How can I get more of the error log from colmena? I'm getting an 'insecure package' error and would like to trace down what's using this old ass version of nodejs | 04:54:20 |
| Linux Hackerman | In reply to @cw:kernelpanic.cafe
How can I get more of the error log from colmena? I'm getting an 'insecure package' error and would like to trace down what's using this old ass version of nodejs Pass -v | 07:49:45 |
| Linux Hackerman | In reply to @buckley310:matrix.org
I’ll have a peek later, but I’m guessing colmena just uses the nix copy tool (which probably doesn’t support sudo). If I’m wrong and it’s a two line patch I’ll totally PR that :o Oh right, yeah, that's possible | 07:50:28 |
| Linux Hackerman | What's actually the point in not sshing in as root and using sudo instead? That's perplexed me for a while... | 07:52:29 |
 CRTified | One point might be that sudo allows somewhat fine-grained restriction on executed commands | 07:53:07 |
| CRTified | And in a sense, it allows for crude 2FA (SSH with pubkey, sudo with pw) | 07:53:48 |
| CRTified | * One point might be that sudo allows somewhat fine-grained restriction on executed commands (But that requires you to know what you'll run) | 07:54:10 |
| CRTified | * One point might be that sudo allows somewhat fine-grained restriction on executed commands (But that requires you to know what you'll run - adding a shell is nonsense if you want this) | 07:54:20 |
| Linux Hackerman | In reply to @schnecfk:ruhr-uni-bochum.de
One point might be that sudo allows somewhat fine-grained restriction on executed commands (But that requires you to know what you'll run) But if you're running something you just copied over... | 07:54:43 |
| Linux Hackerman | (Which is necessarily the case with a nixos configuration) | 07:55:22 |
| CRTified | True 🤔 | 08:22:37 |
| Linux Hackerman | In reply to @schnecfk:ruhr-uni-bochum.de
And in a sense, it allows for crude 2FA (SSH with pubkey, sudo with pw) Are people doing that? | 08:49:23 |
| CRTified | I don't know, but I've seen that reason a few times (not limited to colmena), always with the advice to make root as inaccessible as possible | 09:11:53 |
| 8 Jun 2022 |
 Wanja Hentze | How do you folks feel about adding a --interactive or --confirm (actual name can be bikeshed) option to colmena that makes it prints the list of target hosts and asks you to confirm before proceeding? | 16:56:51 |
| 9 Jun 2022 |
 Zhaofeng Li | That sounds like a reasonable feature to add | 03:42:09 |
|  Taeer Bar-Yam joined the room. | 13:25:40 |
| Taeer Bar-Yam | I'm hoping someone here can help me out. If not, I'll open an issue on the github. I can't get --keep-result to do anything. I'm running colmena build --keep-result, and it doesn't create any .gcroots directory. I've tried it with and without flakes. | 16:39:06 |
| Zhaofeng Li | In reply to @shine:proqqul.net
I'm hoping someone here can help me out. If not, I'll open an issue on the github. I can't get --keep-result to do anything. I'm running colmena build --keep-result, and it doesn't create any .gcroots directory. I've tried it with and without flakes. The current implementation only creates GC roots as one of the last steps after a successful activation (not build). It should probably be moved to after the build. | 16:56:15 |
| Zhaofeng Li | (done) | 18:33:07 |
| Taeer Bar-Yam | Thank you! <3 I was trying to make that change myself and getting bogged down in where exactly mut should and shouldn't go (not a rust programmer) | 18:46:49 |
| Taeer Bar-Yam | Oh. Hm... I'm still having the same behaviour (nothing being produced with --keep-result) | 18:47:14 |
| Zhaofeng Li | Hmm, it does create them for me with colmena build | 18:56:13 |
| Taeer Bar-Yam | Aha! It works when using flakes, but not without | 18:57:48 |
| Taeer Bar-Yam | presumably it doesn't know how to find the hive directory in a non-flake build | 18:58:03 |
| Zhaofeng Li | Weird, it should be able to create GC roots with non-flakes (actually we are only testing it in the non-flake path in the end-to-end tests) | 19:00:28 |
| Zhaofeng Li | Just tried and it does work in the non-flakes case | 19:01:47 |
| Taeer Bar-Yam | oh never mind, I see it now. | 19:09:28 |
| Taeer Bar-Yam | I think i might have just been looking in the wrong place | 19:09:37 |
