asheesh changed the topic of #sandstorm to: Welcome to #sandstorm: home of all things sandstorm.io. Say hi! | Channel glossary: "i,i" means "I have no point, I just want to say". b == thumbs up. | Public logs at https://botbot.me/freenode/sandstorm/ & http://logbot.g0v.tw/channel/sandstorm/today
dwrensha has joined #sandstorm
aldeka_limechat has joined #sandstorm
aldeka_limechat has quit [Ping timeout: 256 seconds]
frigginglorious has joined #sandstorm
aldeka_limechat has joined #sandstorm
aldeka_limechat has quit [Ping timeout: 245 seconds]
warren has joined #sandstorm
frigginglorious has quit [Quit: frigginglorious]
liam has quit [Ping timeout: 252 seconds]
liam has joined #sandstorm
aldeka_limechat has joined #sandstorm
aldeka_limechat has quit [Ping timeout: 256 seconds]
frigginglorious has joined #sandstorm
frigginglorious has quit [Quit: frigginglorious]
frigginglorious has joined #sandstorm
frigginglorious has quit [Quit: frigginglorious]
frigginglorious has joined #sandstorm
guido has quit [Ping timeout: 260 seconds]
guido has joined #sandstorm
jadewang has quit [Remote host closed the connection]
jadewang has joined #sandstorm
jadewang has quit [Remote host closed the connection]
jadewang has joined #sandstorm
jadewang has quit [Remote host closed the connection]
jadewang has joined #sandstorm
jadewang has quit [Remote host closed the connection]
jadewang has joined #sandstorm
jadewang has quit [Remote host closed the connection]
frigginglorious has quit [Quit: frigginglorious]
frigginglorious has joined #sandstorm
aldeka_limechat has joined #sandstorm
aldeka_limechat has quit [Ping timeout: 248 seconds]
frigginglorious has quit [Quit: frigginglorious]
_habnabit has joined #sandstorm
<_habnabit> hi! i don't suppose there's a better channel for talking about capnproto than here? anyway i'm working on a project in rust that exposes a C ABI, but oh my gosh it is so tedious to have to deal with all this unsafety all the time. i'm trying to figure out if it's reasonable/possible to use capnproto for in-process communication using the same general parts as an IPC server would
<_habnabit> that is, expose a C ABI which is as close to just "make an object and talk capnproto RPC at it" as possible
jadewang has joined #sandstorm
jadewang has quit [Ping timeout: 246 seconds]
jemc has quit [Ping timeout: 250 seconds]
<_habnabit> maybe exposing a single function that spins an event loop in a thread and returns an fd pair for talking to it
Lionel_Debroux has quit [Ping timeout: 256 seconds]
aldeka_limechat has joined #sandstorm
aldeka_limechat has quit [Ping timeout: 256 seconds]
jadewang has joined #sandstorm
jadewang has quit [Ping timeout: 265 seconds]
jadewang has joined #sandstorm
jadewang has quit [Ping timeout: 252 seconds]
aldeka_limechat has joined #sandstorm
aldeka_limechat has quit [Ping timeout: 264 seconds]
jadewang has joined #sandstorm
jadewang has quit [Ping timeout: 264 seconds]
jadewang has joined #sandstorm
Jan2 has quit [Quit: KVIrc 4.2.0 Equilibrium http://www.kvirc.net/]
aldeka_limechat has joined #sandstorm
jadewang has quit [Ping timeout: 248 seconds]
aldeka_limechat has quit [Ping timeout: 260 seconds]
Jan\ has joined #sandstorm
<dwrensha> _habnabit: hi!
<dwrensha> _habnabit: are you using capnproto-rust?
<dwrensha> _habnabit: can you be more specific about what you mean by "all this unsafety"?
srenatus[m] has quit [Quit: Client limit exceeded: 5000]
bodisiw has quit [Quit: Leaving]
jadewang has joined #sandstorm
jadewang has quit [Ping timeout: 240 seconds]
wolcen has quit [Ping timeout: 252 seconds]
wolcen has joined #sandstorm
bodisiw has joined #sandstorm
wolcen has quit [Ping timeout: 258 seconds]
frigginglorious has joined #sandstorm
jadewang has joined #sandstorm
aldeka_limechat has joined #sandstorm
jadewang has quit [Ping timeout: 264 seconds]
aldeka_limechat has quit [Ping timeout: 250 seconds]
AZero has joined #sandstorm
wolcen has joined #sandstorm
AZero has quit [Quit: Client Exiting]
<CcxWrk> _habnabit: There's also #erights fwiw.
esmiurium_ has quit [Ping timeout: 256 seconds]
<CcxWrk> Surely you can do socketpair, some kind of memory sharing would also work (as long as you can make Rust be happy about it), but I'm not seeing the point of additional eventloop.
bodisiw has quit [Quit: This computer has gone to sleep]
jemc has joined #sandstorm
jemc has quit [Client Quit]
jemc has joined #sandstorm
bodisiw has joined #sandstorm
jadewang has joined #sandstorm
jadewang has quit [Ping timeout: 264 seconds]
AZero has joined #sandstorm
<_habnabit> dwrensha, no, i'm talking about exposing a C ABI from rust is hella unsafe
<_habnabit> CcxWrk, oh okay cool. the event loop is because it looks like all the capnp implementations expect to have promises and such
frigginglorious has quit [Quit: frigginglorious]
jadewang has joined #sandstorm
aldeka_limechat has joined #sandstorm
wolcen has quit [Ping timeout: 258 seconds]
jadewang has quit [Ping timeout: 245 seconds]
aldeka_limechat has quit [Ping timeout: 248 seconds]
ocdtr_web has joined #sandstorm
<ocdtr_web> I just tagged asheesh_ and kentonv to a Synology/Sandstorm question (I think) in Wefork issues. Though I am not sure if dwrensha might also want to know. https://github.com/wefork/wekan/issues/45
AZero has quit [Quit: Client Exiting]
jadewang has joined #sandstorm
jadewang has quit [Remote host closed the connection]
Lionel_Debroux has joined #sandstorm
bodisiw has quit [Quit: This computer has gone to sleep]
<CcxWrk> _habnabit: Well, it all depends what the interaction should be. Presumably the thread would have it's own eventloop. Either way, it begs the question of why even thread? (aka WAYTTD)
bodisiw has joined #sandstorm
<_habnabit> CcxWrk, it really is just trying to reduce unsafe surface area while not making something sufficiently weird that it would be difficult to interact with using existing capnp clients
aldeka_limechat has joined #sandstorm
<_habnabit> i have a rust library; i want to expose it to non-rust clients. spawning a separate process is possible but has its own problems
<_habnabit> ah, 'shared memory RPC' is still on the roadmap
<CcxWrk> Gothcha, so you want to use capnp as library ABI.
Telesight has joined #sandstorm
aldeka_limechat has quit [Ping timeout: 250 seconds]
<_habnabit> more or less
<_habnabit> there's like how openssl has TLS memory BIOs; i guess that's an alternative to having pipes/socketpairs
<CcxWrk> I wonder if there is any actual advantage to that. I mean, if you share memory space with unsafe code…
<CcxWrk> And threads rarely make stuff "safer".
<_habnabit> it's entirely about surface area; more C ABI methods mean more places that you have to reason about the safety of
<_habnabit> i'm not so worried about the non-rust code accidentally stomping on the rust part of the heap
wolcen has joined #sandstorm
<ocdtr_web> asheesh_: I opened a very small Docs PR.
<CcxWrk> I guess you could make all functions take pointer to capnp buffer on whatever they call it. I mean, whatever they'd be passing to write() in IPC case.
<CcxWrk> s/on/or/
<CcxWrk> Do you actually want to run your library in a thread?
<_habnabit> CcxWrk, yeah, but then i started thinking it seems like i'm duplicating work there anyway, since i'm already going to expose a capnp interface, so why bother making an unsafe C ABI function for every one of these endpoints
<_habnabit> i honestly don't care one way or another about running in a thread; i'd be fine avoiding that, but i'm just trying to puzzle out how to do the RPC without it
<_habnabit> especially if shmem RPC isn't done yet
<CcxWrk> Well, doing it without threads is likely way simpler. Until you discover you need event handling in your library, at which point you'd have to do some messy integration with library user's eventloop.
<CcxWrk> In which case I'd probably just give the library it's own thread and a socketpair. That is, until you discover you need to spawn subprocesses and need to hook into wait() reaping.
jadewang has joined #sandstorm
<CcxWrk> And if you can't ensure the user will wait() with __WNOTHREAD I'd really think more about if you really don't want just another process. You know, they are here for the reason of isolating separate parts of a system. :)
<dwrensha> _habnabit: it's perhaps relevant that I'm working on porting capnp-rpc-rust to futures-rs (from gj)
<dwrensha> everything will still be event-loop-centric, but it will be a more standard event loop
<_habnabit> CcxWrk, isolating the rust into a process is p-robably going to be simplest anyway, because i had already started thinking about how to support non-local persistence as well, and that's going to require opening sockets anyway
<_habnabit> also it frees me from having to deal with extension modules in python mostly
<_habnabit> except the capnp python library requires them i think.....
<_habnabit> dwrensha, yeah that'd be good
<_habnabit> dwrensha, can it already do RPC over stdin/stdout?
<dwrensha> on unix we have wrap_raw_socket_descriptor http://docs.capnproto-rust.org/gjio/struct.Network.html#method.wrap_raw_socket_descriptor
<dwrensha> which probably only works for tcp sockets and unix sockets
<dwrensha> but I think it would be straightforward to add something similar for pipes
<dwrensha> ... which I think would work for stdin, on unix
<CcxWrk> If you spawn your "library" inetd-style, it could be capsicum-compliant. ;)
<CcxWrk> _habnabit: BTW the folks in #robigalia also know a thing or two about capnp and sharing memory. Next time around you'll need that. :)
<CcxWrk> (and doing it in Rust)
<_habnabit> CcxWrk, unfortunately i don't know what else to add to the search query to make 'capsicum-compliant' relevant
<CcxWrk> So far the most sensible idea to bring capability security onto unix I've seen. Still, lot of work to remove all the ambient authority.
<_habnabit> ah this
<_habnabit> interesting
dwrensha has quit [Quit: http://www.kiwiirc.com/ - A hand crafted IRC client]
dwrensha has joined #sandstorm
<CcxWrk> I've been toying with the idea of making full email stack (and eventually cap-based "groupware") with capsicum and distributed encrypted backend (perhaps tahoe, perhaps not). There's currently lack of any actual use of capsicum besides stuff that can be easily done with seccomp or pledge().
<CcxWrk> Tahoe-LAFS has currently big issue with concurrent writes. Sandstorm has been nice inspiration in terms of the idea of making isolated app-based capabilities, since I can stack that on top of the storage backend and let the apps deal with concurrency themselves (CRDT-style).
biotim has quit [Quit: Leaving]
biotim has joined #sandstorm
funwhilelost has joined #sandstorm
aldeka_limechat has joined #sandstorm
aldeka_limechat has quit [Ping timeout: 268 seconds]
frew has quit [Ping timeout: 245 seconds]
frew has joined #sandstorm
bodisiw has quit [Quit: This computer has gone to sleep]
prettyvanilla has joined #sandstorm
ocdtr_web has quit [Quit: Page closed]
aldeka_limechat has joined #sandstorm
aldeka_limechat has quit [Ping timeout: 258 seconds]
Telesight has quit [Quit: Leaving.]
bodisiw has joined #sandstorm
funwhilelost has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
bodisiw has quit [Quit: This computer has gone to sleep]
bodisiw has joined #sandstorm
dwrensha has quit [Quit: http://www.kiwiirc.com/ - A hand crafted IRC client]
bodisiw has quit [Quit: This computer has gone to sleep]
bodisiw has joined #sandstorm
dwrensha has joined #sandstorm
dwrensha has quit [Client Quit]
aldeka_limechat has joined #sandstorm