From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp11.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id +PfDADtO0WINzAAAbAwnHQ (envelope-from ) for ; Fri, 15 Jul 2022 13:23:39 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp11.migadu.com with LMTPS id wNzQADtO0WLG2gAA9RJhRA (envelope-from ) for ; Fri, 15 Jul 2022 13:23:39 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 87D3863C for ; Fri, 15 Jul 2022 13:23:38 +0200 (CEST) Received: from localhost ([::1]:33386 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oCJQ1-00073K-JW for larch@yhetil.org; Fri, 15 Jul 2022 07:23:37 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:45328) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oCJPQ-000731-GF for guix-devel@gnu.org; Fri, 15 Jul 2022 07:23:00 -0400 Received: from mx0.riseup.net ([198.252.153.6]:44776) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oCJPO-0003jF-73 for guix-devel@gnu.org; Fri, 15 Jul 2022 07:23:00 -0400 Received: from fews1.riseup.net (fews1-pn.riseup.net [10.0.1.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mail.riseup.net", Issuer "R3" (not verified)) by mx0.riseup.net (Postfix) with ESMTPS id 4Lkpqz4XLrz9slq; Fri, 15 Jul 2022 11:22:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1657884175; bh=jP1ACRBn526oCRUZAu3kUi7n59ZmmH+o9KujYM1ATjE=; h=References:From:To:Cc:Subject:Date:In-reply-to:From; b=hYDJj6DdsetOYeGtbFJDDDXJRcyXSiLbsMmcROAjXuQIqT/NEmkB6Z7RXNAHGB0/Z NqwDsghXR8NCU+wwhsOQelvRSa8s17YNnLgtf4Q+p2e2+ocibp7v39gwO4g3j3j0IY KcOHBDeHfUUTop95fVOialg3HOkH3xynjia9Vgok= X-Riseup-User-ID: 23D5CB316EBD4CCABD4ED2AD8CEDCB8E015E58ACA7DC14131EBA2FD917A269A4 Received: from [127.0.0.1] (localhost [127.0.0.1]) by fews1.riseup.net (Postfix) with ESMTPSA id 4Lkpqy2x1dz5vRH; Fri, 15 Jul 2022 11:22:54 +0000 (UTC) References: <875yk36zhs.fsf@dismail.de> <86lesw2dsa.fsf@gmail.com> <2697DE8E-5C5C-4FD4-81E8-7237B5654ADD@tobias.gr> <86fsj33ku8.fsf@gmail.com> <874jzjogbo.fsf@contorta> From: Csepp To: Vagrant Cascadian Cc: zimoun , Tobias Geerinckx-Rice , Joshua Branson , guix-devel@gnu.org Subject: Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic Date: Fri, 15 Jul 2022 13:09:03 +0200 In-reply-to: <874jzjogbo.fsf@contorta> Message-ID: <877d4eaad1.fsf@riseup.net> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Received-SPF: pass client-ip=198.252.153.6; envelope-from=raingloom@riseup.net; helo=mx0.riseup.net X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1657884218; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=ufb8C6q7mBEzpFz0lDcwdPdgen5xLjU+rCEhZxeENOk=; b=NSxb7/nouE2/v3uarIBSQQHXm8gdsb8uwzmTS8JPzw7fCVfcTKG8xkt6ViHxGc0TgxSdCO aR6qRLyLxMBFY/IgQHRq5+7SzeMlWARxqCDyStRq9+dXTh3n1TJEOcwCPPHOtdRlm2h/fp PjuhLaguQGZLP32sEWmbhlD3tV01mpMW1eNCngAuafXZBrvp53iKb83mCxuiEHXqiT+FoM QrMWVO9eB10Y4lZzLzqyReGgBpHbBkcbxmQfDv4cveEysO+7S6PkpqQup3jURRk9g6wZ7r V6Z8XDrYNdP+r1VMz3LMtg1I8TKzJdwWyRSiVyqDQGW2X3em43HNtlvzc2NEGA== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1657884218; a=rsa-sha256; cv=none; b=a31gzkkGYs6UAmLY2+6S9eBnB84xxWfBBo4FcEhpJ66X5iOPF7rr3pG+aQiuMOGcyD9sNK 9fr0+Q6Pmel2RwM2VcpEwsLFgRN7Mmiw6Iph/hDktqRbVei/NELdVHoIqh4PGLwaNt1vo3 oNvsrHU0xeNGfHTuZf1R0VQymLSktseaXGGgGop8EwRy1VOxX73h1EjBl/j87POjaHpZI0 +fD2WtmbpOJ13otstknslY8Ig6OaLaDVkKRaONc5q+tMUSx8eP7jIh51/jBWzanMphKuBn 4bSbc9OCg1mJKH3/OZk7hKMBSta6xizEVsYHX01PkGiPoAEpvnubd+cMXJTmIw== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=riseup.net header.s=squak header.b=hYDJj6Dd; dmarc=pass (policy=none) header.from=riseup.net; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -7.55 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=riseup.net header.s=squak header.b=hYDJj6Dd; dmarc=pass (policy=none) header.from=riseup.net; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 87D3863C X-Spam-Score: -7.55 X-Migadu-Scanner: scn0.migadu.com X-TUID: pXtcGHIF5w6Y Vagrant Cascadian writes: > [[PGP Signed Part:Undecided]] > On 2022-07-14, zimoun wrote: >> Well, dreaming about science fiction, it appears me more approachable to >> have Guix running on something as Debian/kfreeBSD =E2=80=93 it could be = an >> interesting project with the help of Debian folks. Other said, =E2=80= =9Cjust=E2=80=9D >> replace the Linux kernel by a variant of the FreeBSD one running with >> GNU GLibc. > > Well, guile-3.0 does not build on Debian GNU/kFreeBSD, so that would be > a bit of a blocker for a GNU Guix port: > > https://buildd.debian.org/guile-3.0 > > But guile-2.2 built fine: > > https://buildd.debian.org/guile-2.2 > > It is a rough port, I have toyed with it now and again ... requires lots > of patches to code that assume userland based on running kernel; patches > that upstreams are hesitant to take, etc. It is great as a grueling test > of coding assumptions, though! > > My guess is you would have the same sort of problems with porting GNU > Guix to any of the *BSD. > > Definitely the sort of project that would take someone highly motivated > over many years... > > > live well, > vagrant > > [[End of PGP Signed Part]] If the goal is to produce highly secure servers than I'd like to suggest unikernels once again. No Guix running on the deployed server, but the server image is built by and possibly deployed by Guix. Of course the downside is that they do a whole lot less than OpenBSD or Linux. But if your use case is already covered, that's actually a positive, since no extra features means smaller attack surface. MirageOS could be a good starting point, since we already have a good chunk of Ocaml tooling integrated into Guix. http://unikernel.org/projects/ There was a Nix project with similar aims that sadly fizzled out, so it's probably not exactly an easy task to tackle, but it's much easier than porting Guix to a new kernel and packaging a userland for that kernel.