| 26 May 2021 |
 Finn Behrens | In reply to @sternenseemann:systemli.org
Finn Behrens: https://hydra.nixos.org/eval/1673050?filter=aarch64&compare=1672940&full=#tabs-still-succeed :) oh, it's all linux? missed that as I looked over it some seconds ago | 15:31:30 |
 sterni (he/him) | yeah | 15:31:37 |
| sterni (he/him) | no one working on haskell has any aarch64-darwin hardware | 15:31:49 |
| Finn Behrens | Doesnt help me that much on xnu :-) | 15:31:52 |
| sterni (he/him) | well I guess it just takes someone to get it working initially | 15:32:16 |
| Finn Behrens | In reply to @sternenseemann:systemli.org
no one working on haskell has any aarch64-darwin hardware I think I read of one person, rewriting codegen for better support under aarch64-darwin | 15:32:23 |
| sterni (he/him) | then we can enable aarch64-darwin hydra builders possibly | 15:32:26 |
| sterni (he/him) | etc. | 15:32:27 |
| sterni (he/him) | codegen of what? | 15:32:39 |
| Finn Behrens | not sure how haskell is working, so the thingy ghc is outputing | 15:33:32 |
 thefloweringash | In reply to @sternenseemann:systemli.org
no one working on haskell has any aarch64-darwin hardware that's definitely not true | 15:33:42 |
| sterni (he/him) | I meant “official” haskell maintainers :p | 15:35:16 |
| sterni (he/him) | In reply to @kloenk:petabyte.dev
not sure how haskell is working, so the thingy ghc is outputing ah I see, probably LLVM on aarch64-darwin | 15:36:02 |
| Finn Behrens | In reply to @kloenk:petabyte.dev
Sadly still seeing this:
GEN doc/manual/nix-build.1
lowdown: sandbox_init: Operation not permitted
lowdown: sandbox_init: Operation not permitted
I think/hope I found a better patch, Will send it to you when it compiled to the end. The buildsystem of lowdown has a flag for it | 15:50:27 |
 LnL | looks like nested sandboxing | 15:54:00 |
| Finn Behrens | andi-: doing this as first thing in the configurePhase (preConfigurePhase should also work) fixed it for my:
echo "HAVE_SANDBOX_INIT=false" > configure.local
your fix sadly did not work on my system. Maybe I have a newer lowdown version
| 15:57:59 |
| Finn Behrens | How is the current state regarding ssl/certs/ca-bundle.crt on macos. I remember change the nix-store-path of my last nix version to get it to download things. Is this still needed? | 15:59:33 |
| LnL | the nix install should set NIX_SSL_CERT_FILE which points to the profile's cacert bundle | 16:04:13 |
| Finn Behrens | So if id did not worked once, it will not work ever again? | 16:05:19 |
| LnL | depends on what went wrong | 16:05:57 |
| Finn Behrens | If I look into the nix-daemon.plist (I don't have a clue how launchtl works), I see that NIX_SSL_CERT_FILE is set to /nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt. But as this is the nix install itself, the path does not exists, as nix does not include this path | 16:09:30 |
| LnL | the installer installs both nix and cacert in the profile by default with nix-env -i | 16:10:12 |
| Finn Behrens | I'm installing nix via nix upgrade-nix --nix-store-path-urls <nix-store> seems like this is broken in nix master? | 16:11:20 |
| LnL | upgrade-nix only works when used exactly right in my experience | 16:12:09 |
| Finn Behrens | ok, maybe that is the issue. How would you suggest me to update the nix version, if I have a nix store path of a nix master build | 16:12:47 |
| LnL | depending on the type of install you'll need to run it as the local user or sudo -i | 16:13:26 |
| Finn Behrens | system, so I have a daemon, and a seperate apfs volume for /nix | 16:13:48 |
| LnL | and it doesn't have any logic for services so won't restart the daemon, etc. | 16:13:44 |
| LnL | regardless of the update if you don't have cacert installed in the default profile you'll probably want to recover that first | 16:15:37 |
| LnL | hopefully there's still one laying around in the store that you can nix-env -i <path> otherwise run nix-env as root with NIX_SSL_CERT_FILE set to some random cert bundle to bypass the daemon | 16:17:19 |
