| 11 Dec 2024 |
 jade_ | i just am not sure how we can fix it | 21:36:36 |
 rhelmot | https://git.lix.systems/lix-project/lix/issues/545 oh yeah this is the exact set of failures I'm seeing | 21:39:12 |
| rhelmot | would we take a PR that marks those tests as SKIP if it detects the bad apparmor settings | 21:50:46 |
 Grimmauld | I HAVE BEEN SUMMONED | 22:01:27 |
| Grimmauld | wassup? | 22:01:30 |
| rhelmot | meow | 22:01:48 |
| rhelmot | see abov | 22:01:58 |
| rhelmot | * see above | 22:01:59 |
| Grimmauld | oh. Yeah i occasionally get rebuild fails too with apparmor; typically when writing a new initram | 22:02:36 |
| Grimmauld | i will put it on the list of apparmor things to fix, i suppose | 22:03:07 |
| Grimmauld | hmm this is ubuntu defaults. I suppose i'll spin up some ubuntu VM and test some time soon | 22:07:31 |
| Grimmauld | i just recently started contributing to apparmor upstream, but i believe this is fixable. Just isn't high on my list for now, first is getting decent apparmor development tooling working on nix to not break shit | 22:08:34 |
| Grimmauld | * i just recently started contributing to apparmor upstream, i believe this is fixable. Just isn't high on my list for now, first is getting decent apparmor development tooling working on nix to not break shit | 22:08:44 |
| rhelmot | fantastic, thank you! | 22:10:41 |
| Grimmauld | for now, four options:
- contribute yourself
- write a profile to allow it
- disable apparmor
- wait
| 22:11:35 |
| jade_ | god damn our gerrit is dying so hard | 23:05:07 |
| 12 Dec 2024 |
 puck | is it doing the thing again | 00:09:45 |
| jade_ | idk, it is just being extremely slow | 01:27:51 |
 Charles | if it makes you feel any better, today my gitlab instance took 10 minutes to save the cache for a CI run | 02:54:52 |
|  Gus joined the room. | 04:14:19 |
 aloisw | In reply to @rhelmot:matrix.org
would we take a PR that marks those tests as SKIP if it detects the bad apparmor settings The better option would be to detect the apparmor mess at sandbox setup time and invoke sandbox fallback accordingly. | 06:30:31 |
| rhelmot | what would that look like technically? | 06:30:58 |
| rhelmot | I wasn't aware we had a fallback sandbox | 06:31:04 |
| aloisw | There is no fallback sandbox. Sandbox fallback means the sandbox gets disabled when its setup fails. | 06:32:10 |
| rhelmot | disabling the sandbox means even more derivations will fail so that sounds like not the goal | 06:33:28 |
| rhelmot | the suggestion I was making was that the lix tests should be modified to work under this bad sandbox. we still want lix to work even if we're building with an old nix | 06:35:15 |
| aloisw | In reply to @rhelmot:matrix.org
disabling the sandbox means even more derivations will fail so that sounds like not the goal It will not cause additional failures, at worst it will make failure modes slightly different. | 06:35:24 |
| aloisw | In reply to @rhelmot:matrix.org
the suggestion I was making was that the lix tests should be modified to work under this bad sandbox. we still want lix to work even if we're building with an old nix IIRC the problem is that Ubuntu's AppArmor settings break setting up a Lix sandbox inside a Lix sandbox, versions do not matter. | 06:36:48 |
| rhelmot | I thought the suggestion you were making was that we change the lix sandbox to not instantiate itself if it detects the bad apparmor settings | 06:37:18 |
| aloisw | Fixing sandbox fallback would only disable the inner sandbox instead of making it fail. | 06:37:26 |
