!lymvtcwDJ7ZA9Npq:lix.systems

Lix Development

417 Members
(Technical) development of Lix, the package manager, a Nix implementation. Please be mindful of ongoing technical conversations in this channel.139 Servers

Load older messages

SenderMessageTime
29 Jul 2025
@emilazy:matrix.orgemily bind fails on /tmp/blah 17:34:40
@emilazy:matrix.orgemily I don't know, libuv regularly breaks in the Darwin sandbox, so maybe it wasn't related to the CVE stuff 17:35:07
@emilazy:matrix.orgemilybut it seems suspicious (but I can't figure out why it'd have become screwier)17:35:18
@emilazy:matrix.orgemilyRedacted or Malformed Event19:02:32
@emilazy:matrix.orgemilyRedacted or Malformed Event19:02:45
@emilazy:matrix.orgemilyRedacted or Malformed Event19:03:03
@emilazy:matrix.orgemily(my bad, my own dev env was messed up :P)19:05:32
@raitobezarius:matrix.orgraitobezarius (DECT: 7248)awesome work, thanks emily!19:59:09
@emilazy:matrix.orgemilydon't test me, I might remove more things from the packaging 😈19:59:48
@raitobezarius:matrix.orgraitobezarius (DECT: 7248) nix develop --phase testPhase emily 20:01:42
@emilazy:matrix.orgemily fwiw, I'm happy to re-add the flag for https://gerrit.lix.systems/c/lix/+/3833/5. but since internal-api-docs apparently takes 32 seconds on CI, I think it would only be for closure, not for build speed 20:02:53
@emilazy:matrix.orgemily and the closures of doxygen and rapidcheck are small 20:03:47
@emilazy:matrix.orgemilyhmmm20:14:20
@emilazy:matrix.orgemily I notice that the derivation in Nixpkgs already did this devdoc stuff and I just wasted a non-trivial amount of time :) 20:14:37
@emilazy:matrix.orgemilyis there no systematic sync between those two?20:14:44
@emilazy:matrix.orgemily I'll leave what I have up since it's an improvement over HEAD, but it seems like it would be good to minimize the drift between those two to avoid redundant work. 20:16:09
@marie:marie.cologneMariehi, I do a applyPatches thing to apply PR's to my nixpkgs and I've been getting really annoyed that lix copies nixpkgs into the store on every invocation, even though it is already in the store. From googling around this seems to be a known issue. If I call my patched thing "source" the problem goes away. Does anyone know if there is a good reason to only allow "source" here: https://git.lix.systems/lix-project/lix/src/commit/93acdd40f6c3eab1a25ea03d7a160433ed551677/lix/libfetchers/path.cc#L13821:57:17
@marie:marie.cologneMarieSeems to work fine when I remove the restriction, but I don't know much about the codebase, so no idea if this could break something22:11:36
@jade_:matrix.orgjade_i think there is an issue about this somewhere23:56:34
@jade_:matrix.orgjade_i am not sure lol23:56:40
@jade_:matrix.orgjade_i think you should just change your derivation to be named "source" tbh23:56:58
@jade_:matrix.orgjade_ iirc if you put an input-addressed path into the path:... flake fetcher it throws an assert in lix internals. flakes, man. 23:57:27
30 Jul 2025
@jade_:matrix.orgjade_* i think there is an issue about this somewhere because i filed it in cppnix 5 years ago00:16:00
@jade_:matrix.orgjade_* i think there is an issue about this somewhere because i filed it in cppnix nearly 5 years ago00:16:06
@jade_:matrix.orgjade_* i think there is an issue about this somewhere because i filed it in cppnix nearly 5 years ago and we probably imported it00:16:12
@llakala:matrix.orgllakala
In reply to @jade_:matrix.org
was i working on a new one? i don't remember having done so
you mentioned wanting to do it in the "You don't have to use Nix to manage your dotfiles" blogpost 		10:53:43
@llakala:matrix.orgllakalaScreenshot_2025-07-30-06-54-19-29_3aea4af51f236e4932235fdada7d1643.jpg
Download Screenshot_2025-07-30-06-54-19-29_3aea4af51f236e4932235fdada7d1643.jpg		10:54:25
@weethet:catgirl.cloudWeetHet auto prefix = useChroot ? chrootRootDir : tmpDir; is incorrect on macOS 15:50:17
@weethet:catgirl.cloudWeetHet

This is correct however:

#if __linux__
                /* If we are using no sandboxing, we still need to use the physical prefix. */
                useChroot ? logicalTargetPath : prefix + logicalTargetPath;
#else
                prefix + logicalTargetPath;
#endif
15:50:51
@weethet:catgirl.cloudWeetHet

I think this patch works for me:

diff --git a/lix/libstore/build/local-derivation-goal.cc b/lix/libstore/build/local-derivation-goal.cc
index e0e14b09f..33f46dc93 100644
--- a/lix/libstore/build/local-derivation-goal.cc
+++ b/lix/libstore/build/local-derivation-goal.cc
@@ -918,7 +918,11 @@ void LocalDerivationGoal::setupConfiguredCertificateAuthority()
 {
     if (settings.caFile != "") {
         if (pathAccessible(settings.caFile)) {
+#if __linux__
             auto prefix = useChroot ? chrootRootDir : tmpDir;
+#else
+            auto prefix = tmpDir;
+#endif
             debug(
                 "rendering visible configured CA '%s' in the builder (prefix directory: '%s')",
                 settings.caFile,
@@ -1249,8 +1253,6 @@ void LocalDerivationGoal::runChild()
                         "non-functional."
                     );
                 }
-
-                setupConfiguredCertificateAuthority();
             }
 
             for (auto & i : ss) pathsInChroot.emplace(i, i);
@@ -1406,11 +1408,8 @@ void LocalDerivationGoal::runChild()
         }
 #endif
 
-        if (!useChroot) {
-            /* When chroot is not used, FODs still requires a CA to be available as well. */
-            if (!derivationType->isSandboxed()) {
-                setupConfiguredCertificateAuthority();
-            }
+        if (!derivationType->isSandboxed()) {
+            setupConfiguredCertificateAuthority();
         }
 
         if (chdir(tmpDirInSandbox.c_str()) == -1)
15:51:36

Show newer messages

Back to Room ListRoom Version: 10