| 26 Sep 2021 |
 Emil Karlson | well I guess changing defaults like that is not sane | 17:01:23 |
 Mic92 | Well was this possible before already? | 17:08:34 |
| Emil Karlson | yes, but less convenient, also things like sudo do not work | 17:08:55 |
| Mic92 | * Well was this not possible before already? | 17:09:07 |
| Mic92 | I think there was a different kernel fix that allow to have per usernamespace setuid binaries before. | 17:09:42 |
| Mic92 | * I think there was a different kernel fix that allowed to have per usernamespace setuid binaries before. | 17:09:53 |
| Mic92 | But it makes uid migration cheaper. | 17:10:07 |
| Emil Karlson | maybe, but sudo checks the libs, it starts properly suided | 17:10:24 |
| Emil Karlson | you can fix that by copying the libs, but this is probably not the only broken thing | 17:11:02 |
| Emil Karlson | there is nothing suid in the nix/store anyway afaik | 17:11:43 |
| Emil Karlson | also having uids mapped guarantees systemd-nspawn can pick non-colliding uid ranges | 17:13:16 |
| Emil Karlson | dynamically | 17:13:33 |
| 28 Sep 2021 |
|  eyJhb joined the room. | 13:42:43 |
| eyJhb | I've added three new options to networkd https://github.com/NixOS/nixpkgs/pull/139754, as they were just merged with the new systemd update | 13:44:24 |
| eyJhb | If anyone can look at it, it would be great :) | 13:44:33 |
 andi- | eyJhb: I would argue that DUIDType and DIDRawData could need some input validation but I won't -1 if it doesn't get those... | 13:56:54 |
| eyJhb | andi-: it is taken from the DHCPv4 section, which has none as well :p So I think that should be a separate PR to add for both of them :) | 13:57:55 |
| andi- | The link-layer-time looks daunting to verify | 13:57:59 |
| eyJhb | andi-: does it make sense, that it should be a seperate PR? To add it for both? :) | 14:08:44 |
| andi- | Yeah if you want to tackle that. | 14:08:58 |
| andi- | I am fine with the current PR as is | 14:09:03 |
| andi- | generally I'd love if we did perform more validation on the Nix side (with escape hatches?). | 14:09:23 |
| andi- | The last thing I want is a system without network :D | 14:09:30 |
| eyJhb | I have no idea to do any validation on the DUIDType + DUIDRawData :p I might be able to look into it. But unsure how well that would go | 14:09:46 |
| eyJhb | Ohh come on, a system without networking? THat's fun! :D | 14:09:55 |
| andi- | I just realized that with v249 the systemd-wait-online program behaves different and now I had to explicitly disable DHCP/AcceptRA on a bond interface where I didn't configure anything. | 14:10:33 |
| eyJhb | I have some weird issue with a tempoary address w/ IPv6. But I am quite sure it's just my ISP screwing around.... | 14:15:36 |
| andi- | it is always your weird ISP | 14:17:22 |
| eyJhb | Well, you know first hand that my ISP is doing some weird stuff andi- :D | 14:18:06 |
|  khalil joined the room. | 15:03:13 |
