| 20 Dec 2022 |
|  Pascal joined the room. | 00:24:20 |
| 24 Dec 2022 |
 Madoura | We have torch now. https://github.com/Madouura/nixpkgs/commit/df71e711026a37178f9a258f236db0e1a66e2f0b | 14:36:29 |
| 29 Dec 2022 |
|  luizirber joined the room. | 19:48:22 |
| 21 Feb 2023 |
|  John ✒️ joined the room. | 10:48:27 |
| 28 Feb 2023 |
|  Ido Samuelson joined the room. | 05:43:18 |
| 14 Mar 2023 |
|  pbsds joined the room. | 13:15:12 |
| 24 Mar 2023 |
|  htran joined the room. | 02:20:37 |
| 25 Mar 2023 |
|  @valconius:matrix.org joined the room. | 23:44:55 |
|  rbutani joined the room. | 23:55:19 |
| 27 Mar 2023 |
|  Ryan Swart joined the room. | 09:41:42 |
| 29 Mar 2023 |
|  SomeoneSerge (utc+3) joined the room. | 19:39:45 |
| SomeoneSerge (utc+3) | Hi! Just wanted to mention that torchWithRocm is going to require allowUnfree = true when https://github.com/NixOS/nixpkgs/pull/222273 gets merged. I think this needs to be addressed upstream in openai/triton (they unconditionally download and vendor a copy of ptxas from cuda), but I haven't the capacity to handle this now | 19:54:53 |
| 31 Mar 2023 |
| Ryan Swart | Kind of a meta question - I am trying to run static nix on an HPC cluster and am running into some roadblocks (with a custom path and disabling the sandbox as much as possible I am still running into permission denied errors - can't chroot or run bubblewrap); given that I have the ability to run arbitrary binaries - is there a way to disable all "special" path modification etc in such a way that common HPC access limitations can allow nix to still build derivations? | 02:28:46 |
| Ryan Swart | I have looked into both static-nix and nix-portable, but neither seem to be a drop-in solution for my case | 02:29:36 |
| 2 Apr 2023 |
| John ✒️ | ryantalo: have you tried something like this? https://www.jboy.space/blog/nix-on-hpc.html | 11:56:18 |
| 1 Apr 2023 |
| SomeoneSerge (utc+3) | Anyone tried running running Nix from Singularity and binding /nix/store? The cluster at my uni won't enable user namespaces, so no unchroot and no bubblewrap for me | 23:44:29 |
| SomeoneSerge (utc+3) | singularity run --bind /abc:/efg something.sif works, but I want to use singularity-tools.buildImage and that puts e.g. the shell into /nix/store, which then is hidden by the --bind =' | 23:45:35 |
| SomeoneSerge (utc+3) | And singularity run --overlay is, again, disabled on the cluster xD | 23:45:55 |
| SomeoneSerge (utc+3) | In reply to @ryantalo:matrix.org
Kind of a meta question - I am trying to run static nix on an HPC cluster and am running into some roadblocks (with a custom path and disabling the sandbox as much as possible I am still running into permission denied errors - can't chroot or run bubblewrap); given that I have the ability to run arbitrary binaries - is there a way to disable all "special" path modification etc in such a way that common HPC access limitations can allow nix to still build derivations?
disable all "special" path modification etc
Hi, which path modifications are you referring to?
| 23:46:27 |
| 2 Apr 2023 |
| Ryan Swart | That describes using chroot - which I don't have permissions to do; nix seems to get to a point of reading/writing source files, and takes forever to work through them (like 5 mins+, log example here: https://gist.github.com/ryanswrt/3ebf02bd10e25319f153014698a14c63) and then eventually dies | 13:40:48 |
| 3 Apr 2023 |
| Ryan Swart | It ends up dying with error: setting up a private mount namespace: Operation not permitted | 00:50:04 |
 jbedo | In reply to @ss:someonex.net
singularity run --bind /abc:/efg something.sif works, but I want to use singularity-tools.buildImage and that puts e.g. the shell into /nix/store, which then is hidden by the --bind =' i use singularity on a hpc to bind in a nix store, but not in conjunction with a singularity image as since i have a nix store in the container i just use the nix in that store | 01:19:37 |
| SomeoneSerge (utc+3) | In reply to @jb:vk3.wtf
i use singularity on a hpc to bind in a nix store, but not in conjunction with a singularity image as since i have a nix store in the container i just use the nix in that store Is it a prepoppulated store, or a writable image? | 11:15:52 |
|  peddie joined the room. | 17:29:11 |
| jbedo | I prepopulate a nix store in project/scratch area with a copy of nix then bind mount it in the container so it's writable | 20:53:52 |
| jbedo | The singularity image I use is completely empty, really just using singularity to bind mount as there's no namespaces | 20:54:42 |
| 4 Apr 2023 |
 tpw_rules | i've done hax with singularity too. i need to document them sometime | 03:43:20 |
| Ryan Swart | Have you benched the performance profile of nix-in-singularity? How close is it to native? | 09:28:23 |
| jbedo | no i haven't but i expect it to be close to native as it's just a bunch of binds handled by the kernel | 11:39:46 |
| SomeoneSerge (utc+3) | @jbedo do you also disable the sandbox?
I suppose what I'm seeing is nix trying to set up mount namespaces for the builds, but idk:
Singularity> nix-shell -p gh
error: executing shell '/nix/store/k4j76vg58c6j90s8l46kx3843vysx732-bash-interactive-5.2-p15/bin/bash': No such file or directory
Singularity> nix shell nixpkgs#gh
error: setting up a private mount namespace: Operation not permitted
Singularity>
| 17:00:50 |
