| 21 Oct 2023 |
|  zseri left the room. | 19:14:51 |
| 23 Oct 2023 |
 Vladimír Čunát | nix.ci name isn't used much anymore, right? (even though occasionally referenced)
The whole .ci TLD has broken DNSSEC right now, so it isn't accessible by default to some users. (vast majority in some countries, small minority in others)
| 09:33:28 |
| Vladimír Čunát | * nix.ci name isn't used much anymore, right? (even though occasionally referenced)
The whole .ci TLD has broken DNSSEC right now, so it isn't accessible by default to some users. (vast majority in some countries, small minority in others, and minority globally as well I think)
| 09:34:11 |
|  globin joined the room. | 09:52:59 |
|  globin left the room. | 09:53:04 |
| globin set a profile picture. | 14:27:48 |
| 24 Oct 2023 |
 hexa | disk full on the aarch64-darwin builder a few hours ago | 09:37:13 |
| hexa | https://github.com/NixOS/nixpkgs/pull/263041/checks?check_run_id=17994139695 | 09:37:18 |
| hexa | or … 32m ago | 09:37:26 |
| 25 Oct 2023 |
 Artturin | https://github.com/NixOS/ofborg/pull/648 | 02:37:27 |
| Artturin | changed it to update to unstable because of an error (which is in the commit msg) | 02:49:19 |
| Artturin | Hmm | 03:04:16 |
| Artturin |
---- nix::tests::strict_sandboxing stdout ----
thread 'nix::tests::strict_sandboxing' panicked at '
The run was expected to Fail, but did not.
| this derivation will be built:
| /nix/store/ih4kj08w3x1vavdy40n08qis00ilrbjy-sandbox-violation.drv
| building '/nix/store/ih4kj08w3x1vavdy40n08qis00ilrbjy-sandbox-violation.drv'...
| hi
| /nix/store/002bqs9cx1zavfag41xngiih1f2ari27-sandbox-violation
0 out of 2 required lines matched.
- Err("access to absolute path")
- Err("is forbidden in restricted mode")
', ofborg/src/nix.rs:545:13
stack backtrace:
0: rust_begin_unwind
1: core::panicking::panic_fmt
2: core::panicking::panic_display
at /build/rustc-1.72.0-src/library/core/src/panicking.rs:150:5
3: ofborg::nix::tests::assert_run
at ./src/nix.rs:545:13
4: ofborg::nix::tests::strict_sandboxing
at ./src/nix.rs:848:9
5: ofborg::nix::tests::strict_sandboxing::{{closure}}
at ./src/nix.rs:841:28
6: core::ops::function::FnOnce::call_once
at /build/rustc-1.72.0-src/library/core/src/ops/function.rs:250:5
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.
| 03:04:27 |
| Artturin | https://github.com/NixOS/ofborg/blob/de415d372959b7e6fc6b2f6c95f0c21e5010348d/ofborg/src/nix.rs#L842-L854 | 03:04:53 |
| Artturin | https://github.com/NixOS/ofborg/blob/de415d372959b7e6fc6b2f6c95f0c21e5010348d/ofborg/test-srcs/build/default.nix#L19-L25 | 03:08:46 |
| Artturin | What's even the supposed sandbox violation in that test | 03:23:14 |
| Artturin | Redacted or Malformed Event | 03:33:32 |
| Artturin | https://github.com/nixos/nix/commit/dd93c12c6a3ebf5b52fe7045d708ed10f6acd0dd this could be the cause | 04:00:30 |
| Artturin | Nah it shouldn't | 04:02:29 |
| Artturin | The commit that one is reverting is https://github.com/nixos/nix/commit/1cba5984a68a489c4a56691032e4c87991c678f4 | 04:04:17 |
| Artturin | github shows it was in 2.14.0 | 04:04:38 |
| Artturin | while 23.05 is on 2.13.6 | 04:05:06 |
| Artturin | changing the nix version in flake
2_14,2_15 works
2_16 fails | 04:10:03 |
| Artturin | * changing the nix version in flake
2_15 works
2_16 fails | 04:11:15 |
| Artturin | good 2.15.2(.3 too probably), bad 2.16.1(and .0)+ | 04:16:59 |
| Artturin | * good 2.15.2(.3 too probably), bad 2.16.1(and .0)+ | 04:17:07 |
| Artturin | Can't the non-failure with
derivation {
name = "sandbox-violation";
system = builtins.currentSystem;
src = ./../../../lib;
builder = builtins.storePath <bash>;
args = [ "-c" "echo hi; echo ${toString builtins.currentTime} > $out" ];
}
in depth0/depth1/depth3/default.nix in nixpkgs
$ nix shell "nixpkgs#nixVersions.nix_2_16" --command nix-build depth0/depth1/depth3/default.nix -I "bash=$(command -v bash)" --option restrict-eval true
error: access to absolute path '/home/artturin/nixgits/my-nixpkgs/depth0/depth1/depth3/default.nix' is forbidden in restricted mode
| 04:38:26 |
| Artturin | * Can't repro the non-failure with
derivation {
name = "sandbox-violation";
system = builtins.currentSystem;
src = ./../../../lib;
builder = builtins.storePath <bash>;
args = [ "-c" "echo hi; echo ${toString builtins.currentTime} > $out" ];
}
in depth0/depth1/depth3/default.nix in nixpkgs
$ nix shell "nixpkgs#nixVersions.nix_2_16" --command nix-build depth0/depth1/depth3/default.nix -I "bash=$(command -v bash)" --option restrict-eval true
error: access to absolute path '/home/artturin/nixgits/my-nixpkgs/depth0/depth1/depth3/default.nix' is forbidden in restricted mode
| 04:38:36 |
| 26 Oct 2023 |
 pbsds | error: writing to file: No space left on device on aarch64-darwin: https://logs.ofborg.org/?key=nixos/nixpkgs.257760&attempt_id=2f9c3138-239d-428b-980a-22b9604619b1 | 11:21:20 |
| hexa | In reply to @hexa:lossy.network
https://github.com/NixOS/nixpkgs/pull/263041/checks?check_run_id=17994139695 recurrening event | 11:48:57 |
