| 8 Jan 2026 |
 kdn | FYI: I found it:
virtualisation.qemu.options = [
# socat - UNIX-CONNECT:/run/org.nixos.linux-builder/qemu-serial.sock
# minicom -D 'unix#/run/org.nixos.linux-builder/qemu-serial.sock'
''-serial unix:"$TMPDIR/qemu-serial.sock",server,nowait''
];
| 23:23:37 |
| 9 Jan 2026 |
 Randy Eckenrode |
[1/2] /nix/store/jk2r3w2q06vh7hkfxrw74ckrlrppm6gz-swiftc-6.2.3/bin/swiftc -j 16 -num-threads 16 -c -module-name cmTC_a937f -target arm64-apple-macosx14.0 -sdk /nix/store/i6yfk1parrl2f2m>
FAILED: [code=1] CMakeFiles/cmTC_a937f.dir/main.swift.o
/nix/store/jk2r3w2q06vh7hkfxrw74ckrlrppm6gz-swiftc-6.2.3/bin/swiftc -j 16 -num-threads 16 -c -module-name cmTC_a937f -target arm64-apple-macosx14.0 -sdk /nix/store/i6yfk1parrl2f2mhj96x5>
<unknown>:0: warning: using (deprecated) legacy driver, Swift installation does not contain swift-driver at: '/nix/store/jk2r3w2q06vh7hkfxrw74ckrlrppm6gz-swiftc-6.2.3/bin/swift-driver-new'
<unknown>:0: warning: option '-incremental' is only supported in swift-driver
/nix/store/i6yfk1parrl2f2mhj96x565ijc3lg7xv-apple-sdk-26.0/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/lib/swift/Swift.swiftmodule/arm64e-apple-macos.swiftinterface:5:8: error>
3 | // swift-module-flags: -target arm64e-apple-macosx26.0 -target-variant arm64e-apple-ios26.0-macabi -enable-objc-interop -enable-library-evolution -module-link-name swiftCore -pars>
4 | // swift-module-flags-ignorable: -enable-lexical-lifetimes=false -enable-ossa-modules -strict-memory-safety -formal-cxx-interoperability-mode=off -interface-compiler-version 6.2
5 | import SwiftShims
| `- error: no such module 'SwiftShims'
6 | @inlinable public func min<T>(_ x: T, _ y: T) -> T where T : Swift.Comparable {
7 |
/nix/store/i6yfk1parrl2f2mhj96x565ijc3lg7xv-apple-sdk-26.0/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/lib/swift/Swift.swiftmodule/arm64e-apple-macos.swiftinterface:1:1: error>
1 | // swift-interface-format-version: 1.0
| `- error: failed to build module 'Swift'; this SDK is not supported by the compiler (the SDK is built with 'Apple Swift version 6.2 effective-5.10 (swiftlang-6.2.0.17.14 clang-170>
2 | // swift-compiler-version: Apple Swift version 6.2 effective-5.10 (swiftlang-6.2.0.17.14 clang-1700.3.17.1)
3 | // swift-module-flags: -target arm64e-apple-macosx26.0 -target-variant arm64e-apple-ios26.0-macabi -enable-objc-interop -enable-library-evolution -module-link-name swiftCore -pars>
ninja: build stopped: subcommand failed.
| 01:52:13 |
| Randy Eckenrode | That’s with the separate stdlib. I think I’m going to have to do some patching to make it aware of both the dev and lib outputs in the stdlib package. | 01:52:46 |
| Randy Eckenrode | Yeah. I need to revisit the separate lib patch. I don’t think patching the compiler lookup is the right approach. It’s changing the semantics of the search. I should be augmenting the path. | 02:27:53 |
| Randy Eckenrode | * Yeah. I need to revisit the separate lib patch. I don’t think patching the compiler lookup is the right approach. It’s changing the semantics of the search. I should be augmenting the paths in updateRuntimeLibraryPaths. | 02:28:10 |
|  Ivy joined the room. | 05:49:09 |
 alexfmpe | huh what gives?
$ uname -a
Darwin MacBookPro.Home 24.6.0 Darwin Kernel Version 24.6.0: Mon Jul 14 11:30:29 PDT 2025; root:xnu-11417.140.69~1/RELEASE_ARM64_T6000 arm64
$ nix-shell -p hello --run 'uname -a'
Darwin MacBookPro.Home 24.6.0 Darwin Kernel Version 24.6.0: Mon Jul 14 11:30:29 PDT 2025; root:xnu-11417.140.69~1/RELEASE_ARM64_T6000 arm64 arm Darwin
| 15:38:30 |
| alexfmpe | my outer shell is zsh, the nix-shell is bash, but calling bash directly doesn't add whatever that suffix is, so it doesn't look like a shell thing | 15:39:31 |
| alexfmpe | this divergence also doesn't show up on my nixos | 15:39:49 |
| alexfmpe | so maybe it's a nix+mac or nix-darwin thing? | 15:40:01 |
| Ivy | discovered a catastrophic bug in gpg-agent for macos on home-manager | 16:10:52 |
| Ivy | gpg-agent has a core problem that goes upstream and means that gpg-agent fundamentally doesnt work on darwin in supervised mode adn the launchd agent is useless | 16:11:28 |
 Katalin 🔪 | perhaps MacGPG has patches for this or at least a workaround? that’s what I use and gpg-agent runs automatically there | 16:16:37 |
| Ivy | one part of it is having a wrapper to get the sockets
// Simple wrapper to activate launchd sockets
// and set them up in the same way systemd would
// so that we can use gpg-agent in --supervised mode
#include <errno.h>
#include <err.h>
#include <unistd.h>
#include <launch.h>
#include <stdio.h>
#include <stdlib.h>
#include <fcntl.h>
int get_launchd_socket(const char *sockName)
{
// Get our sockets from launchd
int *fds = NULL;
size_t count = 0;
errno = launch_activate_socket(sockName, &fds, &count);
if (errno != 0 || fds == NULL || count < 1)
{
warn("Error getting socket FD from launchd");
return 0;
}
if (count != 1)
{
warnx("Expected one FD from launchd, got %zu. Only using first socket.", count);
}
// Unset FD_CLOEXEC bit
fcntl(fds[0], F_SETFD, fcntl(fds[0], F_GETFD, 0) & ~FD_CLOEXEC);
if (fds)
{
free(fds);
}
return 1;
}
int main(int argc, char **argv)
{
// List of sockets we're going to check for
const char *sockets[] = {
"ssh",
"browser",
"extra",
"std"};
int fds = 0;
char *fdsString = NULL;
char *fdNames = NULL;
char *tmpfdNames = NULL;
// Activate the sockets and count and store names
for (int i = 0; i < sizeof(sockets) / sizeof(sockets[0]); i++)
{
if (get_launchd_socket(sockets[i]))
{
fds++;
asprintf(&fdNames, (tmpfdNames == NULL ? "%s%s" : "%s:%s"), (tmpfdNames == NULL ? "" : tmpfdNames), sockets[i]);
if (tmpfdNames)
{
free(tmpfdNames);
}
tmpfdNames = fdNames;
}
}
// Set the ENV var for our PID
char *pidString = NULL;
asprintf(&pidString, "%ld", (long)getpid());
setenv("LISTEN_PID", pidString, 0);
free(pidString);
// Set the number of FDs we've opened
asprintf(&fdsString, "%d", fds);
setenv("LISTEN_FDS", fdsString, 0);
free(fdsString);
// And their names
setenv("LISTEN_FDNAMES", (fdNames == NULL ? "" : fdNames), 0);
free(fdNames);
// Launch the command we were passed
++argv;
if (*argv)
{
execvp(*argv, argv);
err(1, "Error executing command");
}
else
{
errx(1, "No command specified");
}
}
| 16:16:37 |
| Ivy | perhaps it does | 16:16:46 |
| Ivy | it does not | 16:17:12 |
| Ivy | https://github.com/search?q=repo%3AGPGTools%2FMacGPG2%20launch_activate_socket&type=code | 16:17:16 |
| Ivy | this function needs to be called to get the sockets | 16:17:26 |
| Ivy | because otherwise it cant get the sockets from launchd | 16:18:07 |
| Katalin 🔪 | right, they have a launch agent for killing gpg-agent when the user logs out instead | 16:19:08 |
| Katalin 🔪 | I wonder how they set it up | 16:19:15 |
| Ivy | still doesnt properly manage the sockets tho | 16:19:35 |
| Ivy | utterly a hack | 16:19:40 |
| Katalin 🔪 | mhm | 16:19:50 |
| Ivy | additionally this does nothing https://github.com/nix-community/home-manager/blob/0e4217b2c4827e71e2e612accccb01981c16afda/modules/services/gpg-agent.nix#L451-L453 | 16:21:03 |
| Ivy | as the names are far not what gpg actually wants | 16:21:20 |
| Ivy | nor does it know how to get them | 16:21:27 |
| Ivy | the only way to get them is through launch_activate_socket | 16:21:42 |
| Ivy | they could be used as the names but then there would have to be major translation to the real names | 16:22:20 |
| Ivy | which have to be "ssh", "extra", "browser" and always finally "std" | 16:22:37 |
