| 9 Jun 2021 |
 manveru | Mic92: they can... but it's a major PITA | 11:50:42 |
| manveru | you basically have to import self with fetchGit and submodules | 11:51:11 |
 Mic92 (Old) | manveru: do you have an example? | 11:51:29 |
| manveru | and it only works if the dir isn't dirty :P | 11:51:33 |
| manveru | fullself = builtins.fetchGit { url = "https://whatever"; ref = "master"; rev = self.rev; submodules = true; }; | 11:52:41 |
| manveru | kinda like that | 11:52:48 |
| Mic92 (Old) | Ok. I see the problem | 11:53:32 |
| manveru | of course that only works with master branch, because Nix can't get revs from undefined branches... | 11:53:41 |
| manveru | and self.rev is only set if the flake isn't dirty | 11:53:54 |
| Mic92 (Old) | the whole flake or just the submodule? | 11:54:08 |
| Mic92 (Old) | If the whole flake needs to be clean than this is useless | 11:54:52 |
| manveru | yeah... i know :| | 11:55:23 |
| manveru | submodules cost me more weeks of my life than i'd dare to count | 11:55:48 |
| manveru | also in theory you can pass submodules = true for flake inputs, but i think that's still broken | 11:56:53 |
| manveru | https://github.com/NixOS/nix/issues/4423 has more info | 11:59:39 |
| manveru | also related https://github.com/NixOS/nix/pull/4435 for that inputs issue | 12:02:00 |
| manveru | i tried fixing that, but couldn't get it right :| | 12:02:14 |
 Las | Submodules for flakes are still broken | 14:18:09 |
| Las | In reply to @manveru:matrix.org
also in theory you can pass submodules = true for flake inputs, but i think that's still broken I couldn't get this to work | 14:18:39 |
|  Sophrosyne joined the room. | 15:30:55 |
| Sophrosyne changed their display name from sophrosyne97 to Sophrosyne. | 17:10:28 |
 rycee | abathur: Generally speaking my use-case for user-installable suid programs would be something like Gnome Keyring or xscreensaver, which rely on being run as suid for some functionality. For example, starting xscreensaver prints "OOM: /proc/127568/oom_score_adj: Permission denied: To prevent the kernel from randomly unlocking your screen via the out-of-memory killer, "xscreensaver-auth" must be setuid root.". | 21:11:57 |
| rycee | Mic92: Yeah, seems like a really tricky problem to solve. I was thinking about some kind of signature system that would allow signed packages to be installed with extra capabilities (such as suid) if the signer is trusted by the system. | 21:21:17 |
| 10 Jun 2021 |
 abathur | rycee: graham pointed me at a doc about a "pivots" concept recently when I was asking about these from resholve's perspective; it looks like maybe the canonical source is https://gist.github.com/Infinisil/3366e7dfc9a01f6eeb25b5cb475cc585 | 00:30:56 |
| abathur | * rycee: graham pointed me at a doc about a "pivots" concept recently when I was asking about these from resholve's perspective; it looks like maybe the canonical source (not sure; just guessing because it has a proof-of-concept...) is https://gist.github.com/Infinisil/3366e7dfc9a01f6eeb25b5cb475cc585 | 00:32:21 |
 ma27 | Anything missing from me to get https://github.com/NixOS/nix/pull/4770 merged? :) | 10:52:01 |
 ldesgoui | Hey, say I wanted to build/check a flake in recursive-nix, I do have its lockfile, is that possible at the moment? Would that respect the restrictions of not doing arbitrary substitutions? I'm trying stuff out but I'm hitting my head against the sandbox I believe | 11:36:58 |
| ldesgoui | I suppose I should explain what I'm trying to do, I would like to have a derivation create a machine-readable report from the results of building/checking a flake, even the failing derivations, from what I can tell recursive-nix would be the only way | 11:43:58 |
| ldesgoui | Let me know if this is the wrong channel to ask in | 11:46:36 |
| manveru | ldesgoui: i'm in a similar boat atm... tried getting nixos-rebuild with a flake to work, but the build fails because it cannot download the flake inputs | 11:54:03 |
