| 5 Apr 2026 |
 m1cr0man | It does have perms, stracing nscd proves the same output. But somewhere between nscd getting a response from mymachines/getaddrinfo and responding to the requesting client, the scope_id is lost | 11:59:44 |
| m1cr0man | * It does have perms, stracing nscd proves the same output. But somewhere between nscd getting a response from mymachines and responding to the requesting client, the scope_id is lost | 12:01:38 |
| m1cr0man | nsncd/nscd just doesn't support scope IDs, and that's the end of the story. nss-mymachines is working fine, but with the way nixos is configured you would have to make sure libsystemd is in the LD_LIBRARY_PATH for all processes that need to do lookups. I can achieve that in my case, but it's awkward. Would be much nicer if systemd-resolved or some other tool could be a better replacement here | 17:50:29 |
 ma27 | that's kinda why I query the machines via some mechanism and nsupdate this into an authoritative dns server fwiw. | 17:55:37 |
| m1cr0man | Well, I think it is important to understand why stuff like that is necessary. The clean and easy solution would/does work without nscd. For the ease of use for users, I would love to make it just work tm, but it looks like that requires some edits to nsncd at least | 18:01:21 |
| m1cr0man | Oh nevermind, this is a wire protocol limitation on nscd. Funnn. That is so annoying | 18:04:01 |
 hexa | nscd is flokli territory | 18:04:39 |
| hexa | and ninjatrappeur, whom I can't point out right now | 18:04:51 |
 flokli | nsncd is | 18:05:02 |
| flokli | nscd is glibc | 18:05:06 |
| hexa | true | 18:05:20 |
| m1cr0man | yeah either or, this is a wire protocol limitation right? I did give your blog post a good read :) | 18:05:32 |
| flokli | yes | 18:05:43 |
| flokli | i should write a followup rant complaining about the lack of scope ids in the wire protocol | 18:06:17 |
| flokli | or someone else does it and I link to it, or somethign | 18:06:34 |
| flokli | * | 18:06:36 |
| m1cr0man | Alas, this is only an issue for ipv6 link local addresses, and one of the easiest solutions for nspawn is to just assign a ULA or global ipv6 prefix to the container. I think I can live with that. | 18:10:55 |
| flokli | ok | 18:11:12 |
| m1cr0man | It's the year of RFC108 if I can help it :) | 18:11:31 |
| ma27 | not sure I follow: don't we use nsncd as nss via ipc thing to prevent a whole lot of ABI issues you'd get by dlopening misc nss libraries into processes directly? | 18:30:54 |
| m1cr0man | Yeah that's all spot on. My hope in "edits to nsncd" was to make it send the scope_id, but it is a protocol issue, so that won't work. I'm not sure how prolific the dlopen issues would really be for this specifically (on my own system) because the only special ones are in the systemd package, so adding that to a global LD_LIBRARY_PATH would be OK for me - but that's not tenable for nixos defaults. | 20:50:15 |
| 6 Apr 2026 |
|  Eli Saado changed their profile picture. | 10:36:29 |
| Eli Saado changed their profile picture. | 10:42:24 |
| Eli Saado changed their profile picture. | 11:03:15 |
| Eli Saado changed their profile picture. | 11:04:10 |
| Eli Saado changed their profile picture. | 11:05:03 |
| 7 Apr 2026 |
| hexa | https://github.com/NixOS/nixpkgs/pull/507761 | 23:43:08 |
| 8 Apr 2026 |
|  johnhamelink joined the room. | 07:33:37 |
| 12 Apr 2026 |
|  leona changed their profile picture. | 12:16:01 |
| 13 Apr 2026 |
|  Alesya changed their display name from Alesya Huzik to Alesya. | 01:49:03 |
