hannes changed the topic of #mirage to: bug cleaning day first friday each month from 14:00 UTC till late, meet here. MirageOS 3 is released, happy hacking!
jpdeplaix has joined #mirage
maker has quit [Ping timeout: 248 seconds]
maker has joined #mirage
argent_smith has joined #mirage
R1P has joined #mirage
mort___ has joined #mirage
R1P has quit [Ping timeout: 240 seconds]
contrapumpkin has quit [Ping timeout: 265 seconds]
mort___ has quit [Quit: Leaving.]
<argent_smith>
hannes: are there any manuals/tutorials/whatever on how to use mirage-fs-unix?
<hannes>
argent_smith: sorry, not sure. may be worth asking on the mailing list about example code for mirage-fs-unix... I myself don't persistent storage
miragebot has joined #mirage
<miragebot>
[mirage] hannesm pushed 2 new commits to master: https://git.io/vbMMi
<yomimono>
we have a couple of items about physical stuff happening at 34c4 first up :)
<yomimono>
there will be a physical meetup on (28th December) from 14:00 on in front of the freie congress radio (CCL Ebene 1, Bankettraum 1)
<yomimono>
(thanks to hannes for organizing, also possibly for espresso :D)
<hannes>
that's where my espressomachine and bicycle will be afaict
TImada has joined #mirage
TImada has quit [Changing host]
TImada has joined #mirage
<yomimono>
is it the bean-grinder bicycle?
djwillia has joined #mirage
<hannes>
yes, WIP
<hannes>
fingers crossed I'll finish it tonight or this week..
<yomimono>
awesome, I want to try it :D
<reynir>
^ me too
<mort___1>
.
<yomimono>
also at 34c3 I'll give a talk on library operating systems (with some mirage specifics), come see it on 30 dec at 11:30 in saal dijkstra
<yomimono>
please sit in the front and nod a lot
<yomimono>
also you are invited to ask questions like "wow, that mirageos project sounds really cool"
* hannes
is so happy that there'll be a mirageos talk without him having to do anything :D
<yomimono>
...except organize the track that it's happening in, which I'm grateful to you for doing! resilience track looks amazing, I'm really excited for it
thomasga has joined #mirage
<thomasga>
hey
<yomimono>
hello!
<hannes>
yomimono: if you have slides upfront to share and want feedback, pls do. either on site or before 24th
<reynir>
o/ thomasga
<yomimono>
copy that. I will probably want an audience for practice talk onsite but will try to arrange there and then
<yomimono>
toying with the idea of using mirage-framebuffer + text-only slides, we'll see :D
<yomimono>
next in non-34c3 items: next bug cleaning day will be friday, 5 january
<hannes>
yomimono: yes, joe did that (generate pdf via latex, then pngs, then unikernel displaying the slides with eye-of-mirage)
<hannes>
the talk will also be streamed (watch media.ccc.de for more information, I haven't found yet the url)
<yomimono>
cool :)
<yomimono>
I'll send out an email reminder about bug cleaning after 34c3
<yomimono>
if that's all good, hannes, you had an item up next about hack retreats?
<hannes>
yes, the last one was amazing and i received several notes for blog posts... i'll collect them (more are always welcome, pls real sentences, no bullet points) and put one on mirage.io
<hannes>
hopefully this will happen before christmas this year
<hannes>
and to continue this event, i booked the same place for 7th - 18th march -- I'll put up a website really soon now, please register early. since it will be slightly longer (+50%, 11 instead of 7 days), it'll be slightly more expensive.
<hannes>
it is of course possible to join for part of the time only
<yomimono>
perhaps some coordination between people who intend to join for part of the time and work on specific things would be a good idea, maybe we can self-organize that
<Drup>
doooh
<hannes>
website + registration will also be up before christmas (since i plan to convince some people at 34c3 to join us). i really really enjoyed the last one
<thomasga>
I concur it was great
<Drup>
icfp deadline is 16th March ಠ_ಠ
<reynir>
Drup: then you can join for 2 days! :)
<hannes>
Drup: nice, so we can submit all the ICFP papers about MirageOS ;)
<thomasga>
or you can submit early :-)
<thomasga>
hannes: clever!!
<Drup>
thomasga: yeah
<hannes>
yes, the statistics AFAIR are that if you submit early, the chances are higher that your paper gets accepted. so submitting early is always a good idea
<thomasga>
that's actually a good idea :-)
<reynir>
Drup: are you thinking of going?
<Drup>
reynir: I'm thinking of going each time, and each time there is something that prevents me
<hannes>
we _could_ think about a MirageOS3 paper (functional pearl?) if anyone wants to drive the effort
<reynir>
Drup: Ah. Would be fun to finally meet you in person :)
<yomimono>
I'm happy to collaborate on such an effort but lack a bunch of skills and background about writing papers for these venues, so cannot lead it myself
<Drup>
I want to go to see camels and eat delicacies too
<hannes>
I'm interested (via personal mail or discussion at 34c3) in feedback about the length and amount of retreats. I'm personally happy with 2 times a year about one week each.
<thomasga>
hannes: I wrote some intro to MirageOS for the next JFLA, I'll be happy to use it as a basis for a paper with more contents at ICFP
<mort___1>
FWIW i'm happy to collaborate on paper/pearl too, but have no experience with ICFP or functional pearls specifically
<mort___1>
have written papers though
<thomasga>
:-)
<thomasga>
I'll make a quick translation of my paper and send it around then
<mort___1>
:)
<hannes>
the question remains: anyone willing to drive the paper? we need one person in the front seat
<Drup>
Yeah, I would be motivated too, I really want something concrete to show on functoria
<yomimono>
that's great thomasga, thank you! :)
* thomasga
opening google translate
<reynir>
haha
<hannes>
i could do that, but i fear i will do a bad job considering my current schedule and lifestyle
<thomasga>
hannes: I'll drive it :p (or annoy Ani and mort to do so)
<mort___1>
thomasga: fair. but also :p
<hannes>
thomasga: yay, i'm happy to contribute!
<mort___1>
(and thanks!)
<yomimono>
hooray, thank you! :)
<yomimono>
let's move on before thomasga changes his mind :D
<thomasga>
haha
<yomimono>
(btw ICFP is the international conference on functional programming, which will be held in st louis, MO, USA in september of 2018)
<yomimono>
moving along for real: talex5 is looking for volunteers to work on the integration between qubes 4's firewall rules and qubes-mirage-firewall
<yomimono>
talex5, if you're around, more to say about that?
<talex5>
Yeah, it seems that Qubes 4 now provides firewall rules in a sensible format (not Linux iptables).
<talex5>
If we supported that, mirage-firewall would be a drop-in replacement for the default Linux firewall (and you could update the rules at runtime without knowing OCaml).
<talex5>
At some point next year I'll upgrade my own machine to Qubes 4 and maybe do it myself, but if anyone wants to implement it now, please go ahead!
<yomimono>
I was hoping cfcs would be around to talk about how that fits in with the work done at the hack retreat, but unless the nick is different it seems not to be the case
<hannes>
I know someone implemented a rule parser for pf (OpenBSD packet filter, also available on FreeBSD) using angstrom https://github.com/cfcs/ocaml-pf
<reynir>
It seems R4 also has made some changes to the RPC when executing commands - something not affecting mirage-firewall, though
<talex5>
Would be good to find out exactly what those changes were.
<talex5>
The firewall does respond to a couple of commands I think (set date, wait for session).
<reynir>
I agree. I haven't found any documentation on this yet
<yomimono>
it seems there's some paucity in documentation on qubes's internal formats, the best bet might be the qubes-devel list
* h01ger
waves to talex5
<yomimono>
or h01ger :P
<talex5>
Hi!
<reynir>
(I'm also wondering how qubes-mirage should deal with different versions of qubes)
* h01ger
is merely a qubes os user (like q-m-firewall user too), i havent really ever looked into the qubes codebase, sorry
<h01ger>
IOW: mailing the qubes-devel list is better
* reynir
installed qubes 2 days ago
<h01ger>
that said, i'm following qubes quite closely since a year..
<yomimono>
I think so far it hasn't mattered because the scope of qubes-mirage has been small enough not to break with new releases
<yomimono>
but you raise a good point; we probably won't be that lucky forever
<yomimono>
I think maybe you could just have a qubes-version key in the configuration language that then knows which version of the library to select, and then let opam do the rest
<talex5>
I think we'll just have to branch (or drop Qubes 3). We'll need one version with the policy in OCaml, and one that gets it from QubesDB.
<yomimono>
either by selecting a qubes-mirage-3 vs qubes-mirage-4, or constraining the version of qubes-mirage
<h01ger>
there's also cfcs q-m-firewall branch were he implemented parsing rules from an external file, how he's working on making it a pf parser. such a feature (not having to rebuild the firewall to change the rules) is IMO mandatory before it can replace sys-firewall
<yomimono>
oh, for the firewall itself; sorry, I was thinking about the library
<h01ger>
qubes 3.2 will be supported by ITL for one year after the 4.0 release (just FYI, as a datapoint)
<h01ger>
so if (easily) possible i think it would be nice if q-m-f would support both qubes releases. if thats a hassle, go for 4! ;)
<yomimono>
I still like the feature of cfcs's branch where the firewall is immutable once deployed, even in a universe with a working q-m-firewall that can read updates from xenstore
<yomimono>
s/xenstore/qubesdb or qrexec or whatever/
<reynir>
I think the differences are fairly manageable. I think it should be possible to handle both versions at runtime if it's possible to query for the qubes version. Anyway, I don't really know the extent of the changes - I've only tried some things to see what happens :-)
<thomasga>
(completely out of topic but which version of xenstore is in Qubes?)
<yomimono>
how do I find that out?
<thomasga>
`strip xenstored` ?
<reynir>
(should I boot up R4 to check as well?)
<h01ger>
3.2 has xen 4.6.6-35
<thomasga>
sorry `strings $(which xenstored)`
<yomimono>
you definitely don't want all the output of that command
<yomimono>
what format does it have?
<thomasga>
if you see some OCaml symbols in there I am happy otherwise I know what I should try to do next :-)
<yomimono>
major.minor.patch or something?
<reynir>
½½½½½½½½½½½½½½½½½½3~
<thomasga>
so no interesting OCaml symbols?
<yomimono>
CENTIPEDE
<reynir>
haha sorry, put the other laptop on this one
<h01ger>
"rpm -qa |grep xen" in dom0
<yomimono>
lots of glibc stuff actually
<thomasga>
damn, they are not using my nice OCaml implementation. bad bad
<yomimono>
:(
<reynir>
oh great, I'm getting the duplicate MAC bug now /o\
<thomasga>
anyway, if qubes users want to try the qubes dev to switch to the OCaml version that would be great, but otherwise I'm fine too
<thomasga>
(I was just curious)
<yomimono>
I think they're probably using what's packaged in fedora
<yomimono>
rather than being worried about the specific implementation
<yomimono>
(although h01ger might have more insight on that)
<yomimono>
np :) that's all for the agenda, you got in before I asked for other items
<yomimono>
other other items are welcome :)
<hannes>
yes: another event where we can meetup is fosdem (2&3 feb 2018) in brussels -- i'll be there
<thomasga>
also I plan to refresh the design/contents/structure of the website over the holidays. Not sure how far I will go but our website is becoming too old and to hard to debug/maintain.
<hannes>
thomasga: \o/
<yomimono>
that work is very appreciated, thanks thomasga :)
<thomasga>
I'll start with the unfinished work that Anil did in the beginning of the year (mirage-bushell-www) and see if I can convert it to Ramen and add a canopy-like workflow.
<thomasga>
I'll probably ask for feedback/help at one point but I want to try a few things first :-)
* h01ger
will also be at fosdem
<hannes>
that sounds excellent! I really like the canopy workflow of keeping the unikernel running, but modifying the data in a different repository
<thomasga>
yea that's great
<reynir>
How does canopy check for updates?
<hannes>
i plan to have a more sane let's encrypt setup (all in OCaml) in january :)
<yomimono>
canopy serves the contents of a git repository, so changes are reflected when you push IIRC
<hannes>
reynir: it get's a push notification from the git repository (post-commit hook)
<reynir>
Ah
<reynir>
I was thinking polling the repo every time would be way too slow heh :)
<thomasga>
you can add simple webhooks to GitHub repositories
<thomasga>
e.g. it can ping a "secret" url on your website to say there is new contents available
<hannes>
and you don't have to use GitHub for this (I'm using my own git repo for another Canopy instance) :)
<Drup>
While I understand the advantage of the canopy workflow, the actual website was not good.
<thomasga>
so after every push to the data repository, GH sends a ping to the unikernel which then can pull that data
<thomasga>
yea it works without GH of course
<Drup>
(the current mirage one, from an organization point of view, is decently easy to navigate)
<thomasga>
Drup: yea. We need to find a good mix :-)
<thomasga>
I'd really like to revive the pioner project page as well
<thomasga>
I feel it's not really maintained anymore
<hannes>
I have somewhere some commits on Canopy to include a footer, and have a better selection of headings (instead of all files in the directory, provide a list via config)
<Drup>
Ah, the canopy version of the pioner project page is particularly unreadable :/
<hannes>
thomasga: yes, agreed. I hope it will migrate back to the main mirage.io website
<Drup>
hannes: it's a click-fest. It might have not been nice on the eyes, but it was much better as a big webpage with everything in it
<hannes>
Drup: imho title + abstract with overview works better, but this is certainly a question of taste -- and how well the abstract and title are written
<Drup>
(also, pure black text on pure white background in web pages is a pet peeve of mine, but that's getting off-topic)
<reynir>
I like high contrast pages
<reynir>
(maybe I need to get my eyes checked...)
<hannes>
(in any case, I'm glad thomasga wants to work on a new website, and am looking forward to contribute once he's asking for it)
<Drup>
hannes: in theory, we could have both presentation: the main page would simply concatenate the articles that fits the tags
<Drup>
anyway!
<Drup>
sorry for sidetracking the discussion
<yomimono>
discussion has no track at this point, I think ;)
propumpkin has joined #mirage
<yomimono>
if anyone's waiting for permission to regard the catchup as over, I grant it ;)