| 26 Jul 2025 |
 raitobezarius | (not that i'm disagreeing with you, but expanding on the "it only matters for Git" and how Git matters relates to Lix again) | 00:44:02 |
| raitobezarius | emily i ended up doing a thing for the caFile stuff https://gerrit.lix.systems/c/lix/+/3765 | 00:44:24 |
| raitobezarius | contrary to your suggestion of putting CA in the store, I went against and just fixed the small remaining part | 00:44:37 |
| raitobezarius | the diff is smaller this way and I think it's a more correct change because I could not prove (at the current levels of fatigue) that importing in the store would be necessary | 00:45:11 |
 emily | how is this meant to work on Darwin? | 01:30:37 |
| raitobezarius | for a while, I convinced myself that chroot works on Darwin | 01:31:21 |
| raitobezarius | but your remark means that I fooled myself | 01:31:26 |
| emily | it does not | 01:31:37 |
| raitobezarius | so… logicalTargetPath needs to be coerced to the physical location path if we cannot chroot at all | 01:31:42 |
| raitobezarius | and… that should be sufficient, right? | 01:31:55 |
| emily | I believe you're going to recreate the complexity of https://gerrit.lix.systems/c/lix/+/2906 that lead to the store path proposal | 01:32:00 |
| raitobezarius | (and the variable should be renamed) | 01:32:02 |
| raitobezarius | In reply to @emilazy:matrix.org
I believe you're going to recreate the complexity of https://gerrit.lix.systems/c/lix/+/2906 that lead to the store path proposal why would that whole canonicalization be required at all | 01:32:34 |
| raitobezarius | if the CA file appears inside the scratch path of the derivation being built | 01:32:45 |
| raitobezarius | that whole canonicalization seems to intervene without trying to copying the CA file and just giving access to it | 01:33:13 |
| raitobezarius | or am I missing something? | 01:33:25 |
| raitobezarius | put in another way: canonicalization takes place in XNU which will perform POSIX path resolution for me when I copy the file inside the scratch path
all I need to do: get right the logicalTargetPath to export | 01:34:19 |
| raitobezarius | reminder: I copy before entering into the sandbox | 01:34:25 |
| raitobezarius | (-2ed with your remark) | 01:35:18 |
| emily | okay, yes, that solves canonicalization | 01:35:19 |
| emily | this is copying 500 KiB+ on every FOD however | 01:35:38 |
| emily | I would expect that to have measurable perf impact but I'm not certain | 01:35:54 |
| raitobezarius | on Darwin only | 01:36:01 |
| raitobezarius | hmmm | 01:36:21 |
| raitobezarius | I see two family of users of caFile | 01:36:52 |
| raitobezarius | corporate users with their corporate VPN | 01:36:56 |
| raitobezarius | and | 01:36:57 |
| raitobezarius | debugging users with their interception CA | 01:37:03 |
| raitobezarius | The latter doesn't really care about performance I would imagine | 01:37:41 |
| emily | it is set for every nix-darwin user | 01:37:46 |
