!lheuhImcToQZYTQTuI:nixos.org

Nix on macOS

1166 Members
“There are still many issues with the Darwin platform but most of it is quite usable.” — http://yves.gnu-darwin.org189 Servers

Load older messages

SenderMessageTime
1 Dec 2025
@xoredg:matrix.orgxoredyou don't have map guest 23:45:03
@reckenrode:matrix.orgRandy EckenrodeI’ve been following the upstream issue regarding NFSv4-style ACLs. Those would map better to Darwin and Windows ACLs.23:45:08
@xoredg:matrix.orgxoredlet me get rid of that23:45:14
* @xoredg:matrix.orgxored as it proceeds to unharden the world23:45:27
@xoredg:matrix.orgxoredshould I keep "guest account" = "nobody"?23:46:28
@reckenrode:matrix.orgRandy Eckenrode I map all my users to actual users. I have a samba-guest user on the server. 23:46:47
@reckenrode:matrix.orgRandy EckenrodeThat’s the guest user.23:47:01
@reckenrode:matrix.orgRandy Eckenrodehttps://github.com/reckenrode/nixos-configs/blob/85d19ca2e51254f36f04bfdf8f932c596d18f7c4/hosts/meteion/samba.nix#L51-L6123:47:23
@xoredg:matrix.orgxoredhmm I'll consider it I don't see how the guest account could change anything given the bloody thing is connecting through my user23:48:13
@reckenrode:matrix.orgRandy EckenrodeGuests have read-only access to one of the shares. Time Machine is authenticated. I use sops-nix for the credentials and have an activation script that sets up the Samba password DB.23:48:20
@xoredg:matrix.orgxoredyeah that's what I'm saying if tm is authed I don't trust these options have any impact23:48:50
@reckenrode:matrix.orgRandy EckenrodeAnything in the logs?23:48:59
@xoredg:matrix.orgxoredwell samba has been awfully quiet through all of this dance23:49:18
@xoredg:matrix.orgxoredwith log level 3 that is23:49:23
@reckenrode:matrix.orgRandy EckenrodeThere’s this, but I don’t think it’s related: https://discourse.nixos.org/t/nixos-25-11-broke-ssh-into-gcp-instance/7268723:49:29
@xoredg:matrix.orgxoredTime Machine logs are the ones that have shed any sort of light23:49:32
@reckenrode:matrix.orgRandy EckenrodeDid 25.11 change any of your interface names? I saw you had a link-local address where it was listening.23:50:45
@xoredg:matrix.orgxorednope I can still see thunderbolt023:51:24
@xoredg:matrix.orgxoredI had a systemd network link file for it so it will always be that23:52:21
@xoredg:matrix.orgxored

im losing it ```nix
global = {
interfaces = "lo ${config.xored.ipv6.prefix}:28::${config.xored.hosts.nas.networking.interfaceId}/64 fe80::105f:89ff:fe1f:bc3%thunderbolt0/64";
"bind interfaces only" = "yes";
"disable netbios" = "yes";
"workgroup" = "HOMELAB";
"server string" = "fs";
"netbios name" = "fs";
"vfs objects" = "catia fruit streams_xattr";
"fruit:appl" = true;
"fruit:nfs_aces" = false;
"fruit:copyfile" = false;
};
"tm_share" = {
"path" = "/tank/backups/tm_share";
"valid users" = "xored";
"writeable" = true;
"fruit:time machine" = true;
"fruit:metadata" = "netatalk";
"fruit:resource" = "xattr";
"fruit:encoding" = "native";
};

23:55:18
@xoredg:matrix.orgxoredarggg. formatting23:55:23
@xoredg:matrix.orgxored * im losing it global = { interfaces = "lo ${config.xored.ipv6.prefix}:28::${config.xored.hosts.nas.networking.interfaceId}/64 fe80::105f:89ff:fe1f:bc3%thunderbolt0/64"; "bind interfaces only" = "yes"; "disable netbios" = "yes"; "workgroup" = "HOMELAB"; "server string" = "fs"; "netbios name" = "fs"; "vfs objects" = "catia fruit streams\_xattr"; "fruit:appl" = true; "fruit:nfs\_aces" = false; "fruit:copyfile" = false; }; "tm\_share" = { "path" = "/tank/backups/tm\_share"; "valid users" = "xored"; "writeable" = true; "fruit:time machine" = true; "fruit:metadata" = "netatalk"; "fruit:resource" = "xattr"; "fruit:encoding" = "native"; }; 23:55:41
@xoredg:matrix.orgxored *

im losing it

        global = {
          interfaces = "lo ${config.xored.ipv6.prefix}:28::${config.xored.hosts.nas.networking.interfaceId}/64 fe80::105f:89ff:fe1f:bc3%thunderbolt0/64";
          "bind interfaces only" = "yes";
          "disable netbios" = "yes";
          "workgroup" = "HOMELAB";
          "server string" = "fs";
          "netbios name" = "fs";
          "vfs objects" = "catia fruit streams_xattr";
          "fruit:appl" = true;
          "fruit:nfs_aces" = false;
          "fruit:copyfile" = false;
        };
        "tm_share" = {
          "path" = "/tank/backups/tm_share";
          "valid users" = "xored";
          "writeable" = true;
          "fruit:time machine" = true;
          "fruit:metadata" = "netatalk";
          "fruit:resource" = "xattr";
          "fruit:encoding" = "native";
        };
23:56:29
@xoredg:matrix.orgxoredI have basically your config now23:56:51
@xoredg:matrix.orgxoredand it doesn't work23:56:56
@xoredg:matrix.orgxoredwould you remember which perms do you have on the filesystem23:59:53
2 Dec 2025
@xoredg:matrix.orgxoredeven though its clearly writing .incomplete dirs over there00:00:15
@xoredg:matrix.orgxored 
------------------

This option of the vfs_fruit VFS module that could be used to enable POSIX
directory rename behaviour for OS X clients has been removed as it could result
in severe problems for Windows clients.```
00:04:31
@xoredg:matrix.orgxoreddidn't we need this for the rename of the .sparsebundle00:04:44
@xoredg:matrix.orgxoredI swear to god00:04:49

Show newer messages

Back to Room ListRoom Version: 6