| 5 Apr 2026 |
 hexa | hm | 02:46:49 |
| hexa | whatever the current generation of nixos containers is | 02:47:04 |
 m1cr0man | Well if it comes up in "machinectl" and it has a ve-$container interface on the host, it should give you something based on my understanding | 02:47:49 |
| hexa | it does come up in machinectl | 02:48:01 |
| hexa | getent hosts <container> works fwiw | 02:49:48 |
| m1cr0man | Does your container have more than just link local ips? | 02:50:14 |
| m1cr0man | In reply to @hexa:lossy.network
getent hosts <container> works fwiw Works for me too but on ipv6 returns no scope ID for link local addresses | 02:50:43 |
| m1cr0man | I believe it is using llmnr-ipv6 instead in this case. I was able to validate that with `resolvectl query -p llmnr-ipv6 example` | 02:51:56 |
| hexa | nvm, no interface in the host namespace | 02:52:26 |
| hexa | it has a bunch of ULA ip addresses | 02:52:41 |
| hexa | eh … 5am | 02:53:05 |
| hexa | 💤 | 02:53:08 |
| m1cr0man | Yeah, early here too. Ttyl if you are around but thanks for the quick checks | 02:53:58 |
| m1cr0man | Just for sanity: the docs on mymachines demonstrate clearly that an ipv6 ping should return a scope ID
https://www.freedesktop.org/software/systemd/man/latest/nss-mymachines.html | 03:00:55 |
| m1cr0man | A couple of straces later, I've found that libnss_mymachines.so.2 isn't in the standard library path. Adding it via LD_LIBRARY_PATH makes getent ahosts work as expected. Uh, this is where my nixos knowledge is not great - what's the right way to make this library available for the whole system? It's always dynamically loaded based on nsswitch.conf, so I can't compile it in to the necessary binaries. | 10:35:05 |
| m1cr0man | Another person has walked this path before 😅 systemd/lib is in nscd.service's LD_LIBRARY_PATH, and nscd.conf has an interesting note:
# Note that we can not use `enable-cache no` As this will actually cause nscd
# to just reject the nss requests it receives, which then causes glibc to
# fallback to trying to handle the request by itself. Which won't work as glibc
# is not aware of the path in which the nss modules live. As a workaround, we
# have `enable-cache yes` with an explicit ttl of 0
| 10:40:43 |
| m1cr0man | But this still doesn't explain why ping is not getting the result from mymachines. Perhaps nscd doesn't have permission to send the dbus message to systemd to get the container addresses? | 10:45:36 |
| m1cr0man | It does have perms, stracing nscd proves the same output. But somewhere between nscd getting a response from mymachines/getaddrinfo and responding to the requesting client, the scope_id is lost | 11:59:44 |
| m1cr0man | * It does have perms, stracing nscd proves the same output. But somewhere between nscd getting a response from mymachines and responding to the requesting client, the scope_id is lost | 12:01:38 |
| 19 May 2021 |
|  @grahamc:nixos.org set the history visibility to "world_readable". | 19:20:58 |
| @grahamc:nixos.org changed the room name to "" from "". | 19:20:58 |
| @grahamc:nixos.org invited  casey ©. | 19:21:08 |
| casey © joined the room. | 19:21:17 |
|  [0x4A6F] joined the room. | 19:23:16 |
|  Alyssa Ross joined the room. | 19:26:50 |
| hexa joined the room. | 19:27:05 |
|  andi- joined the room. | 19:40:47 |
|  n0emis joined the room. | 19:42:15 |
|  Server Stats Discoverer (traveler bot) joined the room. | 19:50:53 |
|  Matrix Traveler (bot) joined the room. | 20:03:52 |
