all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
* Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic
@ 2022-07-11 22:44 Joshua Branson
  2022-07-12  0:16 ` indieterminacy
                   ` (2 more replies)
  0 siblings, 3 replies; 20+ messages in thread
From: Joshua Branson @ 2022-07-11 22:44 UTC (permalink / raw)
  To: guix-devel


Sorry for starting this centuries flame war, but I can't help but be
more and more impressed with OpenBSD.  It seems ideal for small scale
servers (aka NOT large databases).  It tries really hard to be secure by
default and has great documentation.  With OpenBSD it is easy to set up
a static website (httpd) and your own email server (openSMTPD, spamd,
and pf).

I would argue that the average user will find OpenBSD to be easier to
secure than the Linux kernel.  

The Hyperbola GNU/Linux team recently announced that they would ditch
Linux for OpenBSD. They are using the OpenBSD kernel and the OpenBSD
userland. And they are GPL-ing all of the code. It sounds like they will
have to replace 20% of said code.

https://www.hyperbola.info/

Though the website currently says "Donate to keep the project alive".
So that's not super reassuring...

Anyway, assuming that the HyperbolaBSD team accomplishes their goals,
would Guix System or Guix ever be able to run on HyperbolaBSD? I know
that Guix System ties itself to glibc. HyperbolaBSD does NOT use glibc
and probably never will. Would it be feasible/desireable for Guix & Guix
System to support a BSD kernel and alternative libc?  What about other
OSes?

Thanks,

Joshua

P.S.  I just recently came accross this guide for getting started with
OpenBSD on servers: http://si3t.ch/ah/en/toc/  I am really impressed
with how easy/awesome OpenBSD is.


^ permalink raw reply	[flat|nested] 20+ messages in thread

* Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic
  2022-07-11 22:44 Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic Joshua Branson
@ 2022-07-12  0:16 ` indieterminacy
  2022-07-12  2:18   ` Joshua Branson
  2022-07-14 10:23 ` zimoun
  2022-07-19 21:41 ` jbranso
  2 siblings, 1 reply; 20+ messages in thread
From: indieterminacy @ 2022-07-12  0:16 UTC (permalink / raw)
  To: Joshua Branson; +Cc: guix-devel

On 12-07-2022 00:44, Joshua Branson wrote:
> Sorry for starting this centuries flame war, but I can't help but be
> more and more impressed with OpenBSD.  It seems ideal for small scale
> servers (aka NOT large databases).  It tries really hard to be secure 
> by
> default and has great documentation.  With OpenBSD it is easy to set up
> a static website (httpd) and your own email server (openSMTPD, spamd,
> and pf).
> 
> I would argue that the average user will find OpenBSD to be easier to
> secure than the Linux kernel.
> 
> The Hyperbola GNU/Linux team recently announced that they would ditch
> Linux for OpenBSD. They are using the OpenBSD kernel and the OpenBSD
> userland. And they are GPL-ing all of the code. It sounds like they 
> will
> have to replace 20% of said code.
> 
> https://www.hyperbola.info/
> 
> Though the website currently says "Donate to keep the project alive".
> So that's not super reassuring...
> 
> Anyway, assuming that the HyperbolaBSD team accomplishes their goals,
> would Guix System or Guix ever be able to run on HyperbolaBSD? I know
> that Guix System ties itself to glibc. HyperbolaBSD does NOT use glibc
> and probably never will. Would it be feasible/desireable for Guix & 
> Guix
> System to support a BSD kernel and alternative libc?  What about other
> OSes?
> 
> Thanks,
> 
> Joshua
> 
> P.S.  I just recently came accross this guide for getting started with
> OpenBSD on servers: http://si3t.ch/ah/en/toc/  I am really impressed
> with how easy/awesome OpenBSD is.

I recall dicussing this topic area with you last year:
https://lists.gnu.org/archive/html/help-guix/2021-06/msg00080.html
https://lists.gnu.org/archive/html/help-guix/2021-06/msg00082.html
https://lists.gnu.org/archive/html/help-guix/2021-06/msg00083.html
https://lists.gnu.org/archive/html/help-guix/2021-06/msg00084.html
https://lists.gnu.org/archive/html/help-guix/2021-06/msg00085.html
https://lists.gnu.org/archive/html/help-guix/2021-06/msg00086.html

Im pleased that the Hyperbola community has been making strides.

Hopefully I can one day have an OpenBSD kernel overseeing Guix SD.


Kind regards,


Jonathan McHugh


^ permalink raw reply	[flat|nested] 20+ messages in thread

* Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic
  2022-07-12  0:16 ` indieterminacy
@ 2022-07-12  2:18   ` Joshua Branson
  2022-07-12  3:56     ` Akib Azmain Turja
  2022-07-12  8:25     ` Josselin Poiret
  0 siblings, 2 replies; 20+ messages in thread
From: Joshua Branson @ 2022-07-12  2:18 UTC (permalink / raw)
  To: indieterminacy; +Cc: guix-devel

indieterminacy <indieterminacy@libre.brussels> writes:

>
> I recall dicussing this topic area with you last year:
> https://lists.gnu.org/archive/html/help-guix/2021-06/msg00080.html
> https://lists.gnu.org/archive/html/help-guix/2021-06/msg00082.html
> https://lists.gnu.org/archive/html/help-guix/2021-06/msg00083.html
> https://lists.gnu.org/archive/html/help-guix/2021-06/msg00084.html
> https://lists.gnu.org/archive/html/help-guix/2021-06/msg00085.html
> https://lists.gnu.org/archive/html/help-guix/2021-06/msg00086.html
>
> Im pleased that the Hyperbola community has been making strides.
>
> Hopefully I can one day have an OpenBSD kernel overseeing Guix SD.
>
>
> Kind regards,
>
>
> Jonathan McHugh

Looks like the most relevant bit to my question was here:
https://lists.gnu.org/archive/html/help-guix/2021-06/msg00078.html

The real problem will not be the languages (guile or C++), but the
system calls used by Guix.

Guix makes use of some recent (less than 2 decades) and somewhat
advanced features of the Linux kernel, such as namespaces.

To port Guix to another operating system such as BSD (including OSX),
one would have to translate these calls.

For example, Guix is the only software I've actually encountered that
can not run in SmartOS' emulation of Linux, because the system calls it
uses are not implemented there.

I would love for Guix to be a Multi Kernel package manager (I mean it
works on the Hurd also, but I have never encountered a Hurd user in real
life). My dream would be to port Guix to Plan 9 ;-)


^ permalink raw reply	[flat|nested] 20+ messages in thread

* Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic
  2022-07-12  2:18   ` Joshua Branson
@ 2022-07-12  3:56     ` Akib Azmain Turja
  2022-07-12 13:39       ` Joshua Branson
  2022-07-12  8:25     ` Josselin Poiret
  1 sibling, 1 reply; 20+ messages in thread
From: Akib Azmain Turja @ 2022-07-12  3:56 UTC (permalink / raw)
  To: Joshua Branson, indieterminacy; +Cc: guix-devel

[-- Attachment #1: Type: text/plain, Size: 393 bytes --]

Joshua Branson <jbranso@dismail.de> writes:

> (I mean it
> works on the Hurd also, but I have never encountered a Hurd user in real
> life)

Really?  I found tons of bugs in the Hurd port, causing it to not even
boot properly.

-- 
Akib Azmain Turja

This message is signed by me with my GnuPG key.  It's fingerprint is:

    7001 8CE5 819F 17A3 BBA6  66AF E74F 0EFA 922A E7F5

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]

^ permalink raw reply	[flat|nested] 20+ messages in thread

* Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic
  2022-07-12  2:18   ` Joshua Branson
  2022-07-12  3:56     ` Akib Azmain Turja
@ 2022-07-12  8:25     ` Josselin Poiret
  2022-07-12 13:36       ` Joshua Branson
  2022-07-12 20:12       ` Csepp
  1 sibling, 2 replies; 20+ messages in thread
From: Josselin Poiret @ 2022-07-12  8:25 UTC (permalink / raw)
  To: Joshua Branson, indieterminacy; +Cc: guix-devel

Hello,

Joshua Branson <jbranso@dismail.de> writes:

> I would love for Guix to be a Multi Kernel package manager (I mean it
> works on the Hurd also, but I have never encountered a Hurd user in real
> life). My dream would be to port Guix to Plan 9 ;-)

I don't think Guix runs on the Hurd in the same way that Guix runs on
Linux: the (gnu system hurd) tells me that the daemon is started with
--disable-chroot, which actually disables all isolation mechanisms.
There would need to be a significant effort to port the isolation
mechanisms to the Hurd.

Seeing how the daemon is in general left alone since C++ is hard
compared to Scheme (and there's always the "but we could rewrite it in
Guile" excuse), combined with the difficulty of interfacing with
kernels, I'm not sure BSD support (or even Hurd support) will appear
anytime soon.

Best,
-- 
Josselin Poiret


^ permalink raw reply	[flat|nested] 20+ messages in thread

* Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic
  2022-07-12  8:25     ` Josselin Poiret
@ 2022-07-12 13:36       ` Joshua Branson
  2022-07-12 20:12       ` Csepp
  1 sibling, 0 replies; 20+ messages in thread
From: Joshua Branson @ 2022-07-12 13:36 UTC (permalink / raw)
  To: Josselin Poiret; +Cc: indieterminacy, guix-devel

Josselin Poiret <dev@jpoiret.xyz> writes:

> Hello,
>
> Joshua Branson <jbranso@dismail.de> writes:
>

To be clear, I did not write the next paragraph.  I was quoting the
previous discussion.  :)

>> I would love for Guix to be a Multi Kernel package manager (I mean it
>> works on the Hurd also, but I have never encountered a Hurd user in real
>> life). My dream would be to port Guix to Plan 9 ;-)
>
> I don't think Guix runs on the Hurd in the same way that Guix runs on
> Linux: the (gnu system hurd) tells me that the daemon is started with
> --disable-chroot, which actually disables all isolation mechanisms.
> There would need to be a significant effort to port the isolation
> mechanisms to the Hurd.
>
> Seeing how the daemon is in general left alone since C++ is hard
> compared to Scheme (and there's always the "but we could rewrite it in
> Guile" excuse), combined with the difficulty of interfacing with
> kernels, I'm not sure BSD support (or even Hurd support) will appear
> anytime soon.
>

To be fair, Guix does support the Hurd. You can run the guix package
manager on the Hurd. Guix System does not yet support the Hurd. Though I
believe I talked with a user in the guix community that was running GNU
Guix System/Hurd, but the issue he ran into was that he has no wifi
support. Then something broke in GNU Guix System/Hurd and he no longer
run GNU Guix System/Hurd on real hardware.

>
> Best,


^ permalink raw reply	[flat|nested] 20+ messages in thread

* Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic
  2022-07-12  3:56     ` Akib Azmain Turja
@ 2022-07-12 13:39       ` Joshua Branson
  0 siblings, 0 replies; 20+ messages in thread
From: Joshua Branson @ 2022-07-12 13:39 UTC (permalink / raw)
  To: Akib Azmain Turja; +Cc: indieterminacy, guix-devel

Akib Azmain Turja <akib@disroot.org> writes:

> Joshua Branson <jbranso@dismail.de> writes:
>

I did not write the below sentence.  I was quoting the previous
discussion found on guix devel.

>> (I mean it
>> works on the Hurd also, but I have never encountered a Hurd user in real
>> life)
>
> Really?  I found tons of bugs in the Hurd port, causing it to not even
> boot properly.
>

I would not know how well GNU/Hurd Guix System runs.  I have never used
it.  I have played with hurd-service.  That's pretty cool.  But I could
never really get it to work...I am currently playing with the
pre-packaged qemu debian image.


^ permalink raw reply	[flat|nested] 20+ messages in thread

* Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic
  2022-07-12  8:25     ` Josselin Poiret
  2022-07-12 13:36       ` Joshua Branson
@ 2022-07-12 20:12       ` Csepp
  1 sibling, 0 replies; 20+ messages in thread
From: Csepp @ 2022-07-12 20:12 UTC (permalink / raw)
  To: Josselin Poiret; +Cc: Joshua Branson, indieterminacy, guix-devel


Josselin Poiret <dev@jpoiret.xyz> writes:

> Hello,
>
> Joshua Branson <jbranso@dismail.de> writes:
>
>> I would love for Guix to be a Multi Kernel package manager (I mean it
>> works on the Hurd also, but I have never encountered a Hurd user in real
>> life). My dream would be to port Guix to Plan 9 ;-)
>
> I don't think Guix runs on the Hurd in the same way that Guix runs on
> Linux: the (gnu system hurd) tells me that the daemon is started with
> --disable-chroot, which actually disables all isolation mechanisms.
> There would need to be a significant effort to port the isolation
> mechanisms to the Hurd.
>
> Seeing how the daemon is in general left alone since C++ is hard
> compared to Scheme (and there's always the "but we could rewrite it in
> Guile" excuse), combined with the difficulty of interfacing with
> kernels, I'm not sure BSD support (or even Hurd support) will appear
> anytime soon.
>
> Best,

Someone was working on NetBSD support but ran into libc differences or
something and didn't get much support.


^ permalink raw reply	[flat|nested] 20+ messages in thread

* Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic
  2022-07-11 22:44 Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic Joshua Branson
  2022-07-12  0:16 ` indieterminacy
@ 2022-07-14 10:23 ` zimoun
  2022-07-14 10:40   ` Tobias Geerinckx-Rice
  2022-07-19 21:41 ` jbranso
  2 siblings, 1 reply; 20+ messages in thread
From: zimoun @ 2022-07-14 10:23 UTC (permalink / raw)
  To: Joshua Branson, guix-devel

Hi,

On Mon, 11 Jul 2022 at 18:44, Joshua Branson <jbranso@dismail.de> wrote:

> The Hyperbola GNU/Linux team recently announced that they would ditch
> Linux for OpenBSD. They are using the OpenBSD kernel and the OpenBSD
> userland. And they are GPL-ing all of the code. It sounds like they will
> have to replace 20% of said code.
>
> https://www.hyperbola.info/

Well, I am missing where it is announced.  Could you be more specific?

If you run OpenBSD kernel and OpenBSD userland, why not just run an
OpenBSD system? :-)


Well, Debian is working (maybe the project is stalling?) on running GNU
userland using GLibc on the top of a FreeBSD kernel.  The conclusion is:
it is a piece of work. :-)

    https://www.debian.org/ports/kfreebsd-gnu/

What I miss with your proposal is: are you interested by OpenBSD
userland software and you would like them running on a Linux kernel?  Or
are you interested by specific OpenBSD kernel feature and you would like
be able to run GNU software on it?

I think, similar as Josselin, that it requires a lot of work because
many low-level features are kernel dependant.  Therefore, it appears to
me more being worth to focus on smoothing the WSL2 experience, focus on
the Hurd, or to attempt something on the Darwin kernel.


Cheers,
simon



^ permalink raw reply	[flat|nested] 20+ messages in thread

* Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic
  2022-07-14 10:23 ` zimoun
@ 2022-07-14 10:40   ` Tobias Geerinckx-Rice
  2022-07-14 13:06     ` zimoun
  2022-07-19 21:43     ` jbranso
  0 siblings, 2 replies; 20+ messages in thread
From: Tobias Geerinckx-Rice @ 2022-07-14 10:40 UTC (permalink / raw)
  To: guix-devel, zimoun, Joshua Branson

On 14 July 2022 10:23:49 UTC, zimoun <zimon.toutoune@gmail.com> wrote:
> Well, I am missing where it is announced.  Could you be more specific?

https://www.hyperbola.info/news/announcing-hyperbolabsd-roadmap/

Far from 'recent' in my book.

Whatever my opinion on WSL, Darwin, and the Hurd, I must concede that they at least exist.  

Porting Guix to something that doesn't is a poor investment in comparison.

> If you run OpenBSD kernel and OpenBSD userland, why not just run an
OpenBSD system? :-)

Because it contains blobs.  HyperbolaBSD doesn't, by definition (see above).



Kind regards,

T G-R

Sent on the go.  Excuse or enjoy my brevity.


^ permalink raw reply	[flat|nested] 20+ messages in thread

* Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic
  2022-07-14 10:40   ` Tobias Geerinckx-Rice
@ 2022-07-14 13:06     ` zimoun
  2022-07-14 15:38       ` Vagrant Cascadian
  2022-07-19 21:44       ` jbranso
  2022-07-19 21:43     ` jbranso
  1 sibling, 2 replies; 20+ messages in thread
From: zimoun @ 2022-07-14 13:06 UTC (permalink / raw)
  To: Tobias Geerinckx-Rice, guix-devel, Joshua Branson

Hi Tobias, All,

(French Bastille Day is a day off, so a day for trolling. ;-))


On Thu, 14 Jul 2022 at 10:40, Tobias Geerinckx-Rice <me@tobias.gr> wrote:

> https://www.hyperbola.info/news/announcing-hyperbolabsd-roadmap/

Thanks for the link.  It is helpful for understanding. :-)


> Far from 'recent' in my book.

Indeed, the announcement is from 2019-12-21. :-)

Quoting:

        This will not be a "distro", but a hard fork of the OpenBSD
        kernel and userspace

Not being a new distro means using the venerable pkg_* package manager,
right?  Well, I am confused by the aim…


>> If you run OpenBSD kernel and OpenBSD userland, why not just run an
>> OpenBSD system? :-)
>
> Because it contains blobs.  HyperbolaBSD doesn't, by definition (see above).

…because HyperboladBSD seems a new distro as gnewSense is a new distro
free from problematic parts but based on an existing other one.  Well,
since it had been announced on late 2019 and we are in 2022, it could be
interesting to know the status on this project.


> Whatever my opinion on WSL, Darwin, and the Hurd, I must concede that they at least exist.  
>
> Porting Guix to something that doesn't is a poor investment in comparison.

Just to be sure to understand, the initial question is to port Guix to
HyperbolaBSD which is a variant of OpenBSD (kernel and userland).

Therefore, correct me if I misunderstand something, it means:

 1. port Guix to a new kernel not using the GLibc
 2. package all the (free) userland OpenBSD managed by Guix

Bah I wish all the best for people who would tackle this. :-)

Well, dreaming about science fiction, it appears me more approachable to
have Guix running on something as Debian/kfreeBSD – it could be an
interesting project with the help of Debian folks.  Other said, “just”
replace the Linux kernel by a variant of the FreeBSD one running with
GNU GLibc.

However, doing so, the point #2 (BSD userland) is lost.

My understanding is: #1 and #2 require more work than the union of the
Guix community *and* the other kernel community could provide, IMHO.
Assuming both communities would be interested in. :-)


Cheers,
simon


^ permalink raw reply	[flat|nested] 20+ messages in thread

* Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic
  2022-07-14 13:06     ` zimoun
@ 2022-07-14 15:38       ` Vagrant Cascadian
  2022-07-15 11:09         ` Csepp
  2022-07-19 21:46         ` jbranso
  2022-07-19 21:44       ` jbranso
  1 sibling, 2 replies; 20+ messages in thread
From: Vagrant Cascadian @ 2022-07-14 15:38 UTC (permalink / raw)
  To: zimoun, Tobias Geerinckx-Rice, guix-devel, Joshua Branson

[-- Attachment #1: Type: text/plain, Size: 1047 bytes --]

On 2022-07-14, zimoun wrote:
> Well, dreaming about science fiction, it appears me more approachable to
> have Guix running on something as Debian/kfreeBSD – it could be an
> interesting project with the help of Debian folks.  Other said, “just”
> replace the Linux kernel by a variant of the FreeBSD one running with
> GNU GLibc.

Well, guile-3.0 does not build on Debian GNU/kFreeBSD, so that would be
a bit of a blocker for a GNU Guix port:

  https://buildd.debian.org/guile-3.0

But guile-2.2 built fine:

  https://buildd.debian.org/guile-2.2

It is a rough port, I have toyed with it now and again ... requires lots
of patches to code that assume userland based on running kernel; patches
that upstreams are hesitant to take, etc. It is great as a grueling test
of coding assumptions, though!

My guess is you would have the same sort of problems with porting GNU
Guix to any of the *BSD.

Definitely the sort of project that would take someone highly motivated
over many years...


live well,
  vagrant

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 227 bytes --]

^ permalink raw reply	[flat|nested] 20+ messages in thread

* Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic
  2022-07-14 15:38       ` Vagrant Cascadian
@ 2022-07-15 11:09         ` Csepp
  2022-07-19 21:46         ` jbranso
  1 sibling, 0 replies; 20+ messages in thread
From: Csepp @ 2022-07-15 11:09 UTC (permalink / raw)
  To: Vagrant Cascadian
  Cc: zimoun, Tobias Geerinckx-Rice, Joshua Branson, guix-devel


Vagrant Cascadian <vagrant@debian.org> writes:

> [[PGP Signed Part:Undecided]]
> On 2022-07-14, zimoun wrote:
>> Well, dreaming about science fiction, it appears me more approachable to
>> have Guix running on something as Debian/kfreeBSD – it could be an
>> interesting project with the help of Debian folks.  Other said, “just”
>> replace the Linux kernel by a variant of the FreeBSD one running with
>> GNU GLibc.
>
> Well, guile-3.0 does not build on Debian GNU/kFreeBSD, so that would be
> a bit of a blocker for a GNU Guix port:
>
>   https://buildd.debian.org/guile-3.0
>
> But guile-2.2 built fine:
>
>   https://buildd.debian.org/guile-2.2
>
> It is a rough port, I have toyed with it now and again ... requires lots
> of patches to code that assume userland based on running kernel; patches
> that upstreams are hesitant to take, etc. It is great as a grueling test
> of coding assumptions, though!
>
> My guess is you would have the same sort of problems with porting GNU
> Guix to any of the *BSD.
>
> Definitely the sort of project that would take someone highly motivated
> over many years...
>
>
> live well,
>   vagrant
>
> [[End of PGP Signed Part]]

If the goal is to produce highly secure servers than I'd like to suggest
unikernels once again. No Guix running on the deployed server, but the
server image is built by and possibly deployed by Guix.
Of course the downside is that they do a whole lot less than OpenBSD or
Linux. But if your use case is already covered, that's actually a
positive, since no extra features means smaller attack surface.
MirageOS could be a good starting point, since we already have a good
chunk of Ocaml tooling integrated into Guix.
http://unikernel.org/projects/
There was a Nix project with similar aims that sadly fizzled out, so
it's probably not exactly an easy task to tackle, but it's much easier
than porting Guix to a new kernel and packaging a userland for that
kernel.


^ permalink raw reply	[flat|nested] 20+ messages in thread

* Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic
  2022-07-11 22:44 Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic Joshua Branson
  2022-07-12  0:16 ` indieterminacy
  2022-07-14 10:23 ` zimoun
@ 2022-07-19 21:41 ` jbranso
  2 siblings, 0 replies; 20+ messages in thread
From: jbranso @ 2022-07-19 21:41 UTC (permalink / raw)
  To: zimoun, guix-devel

July 14, 2022 6:24 AM, "zimoun" <zimon.toutoune@gmail.com> wrote:

> Hi,
> 
> On Mon, 11 Jul 2022 at 18:44, Joshua Branson <jbranso@dismail.de> wrote:
> 
> Well, I am missing where it is announced. Could you be more specific?

Someone else already provided the link, but someone on irc did ask me
where the source code for HyperbolaBSD  is?  I can't find it, and that
is a bit troubling...

> 
> If you run OpenBSD kernel and OpenBSD userland, why not just run an
> OpenBSD system? :-)

I love that Guix is the Emacs of distros!  It's cool to customize it!
And easy!  But OpenBSD "seems to be more secure" than GNU/Linux. And 
Linux is huge!  And OpenBSD has some awesome software: pf, spamd, httpd,
and some other stuff that their marketing tells me is good.

Maybe a good first step would be for guix to provide a hardened linux
package.  

> Well, Debian is working (maybe the project is stalling?) on running GNU
> userland using GLibc on the top of a FreeBSD kernel. The conclusion is:
> it is a piece of work. :-)
> 
> https://www.debian.org/ports/kfreebsd-gnu
> 
> What I miss with your proposal is: are you interested by OpenBSD
> userland software and you would like them running on a Linux kernel? Or
> are you interested by specific OpenBSD kernel feature and you would like
> be able to run GNU software on it?

I would love to use a secure, extensible, microkernel/exokernel that has a
universal guixy configuration language.  Guix GNU/Hurd System vm is probably 
the best candidate for this, but my understanding is that the "childhurd"  
(a GNU/Hurd running on top of GNU/Linux) is not very stable.  Possibly because
the vm image does not have a swap space.  There was an open bug report for it
but I cannot find it.

Has anyone here had a good experience with a childhurd?  Not a criticism,
I just have not heard many people say that the childhurd is stable/awesome.

> 
> I think, similar as Josselin, that it requires a lot of work because
> many low-level features are kernel dependant. Therefore, it appears to
> me more being worth to focus on smoothing the WSL2 experience, focus on
> the Hurd, or to attempt something on the Darwin kernel.
> 
> Cheers,
> simon


^ permalink raw reply	[flat|nested] 20+ messages in thread

* Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic
  2022-07-14 10:40   ` Tobias Geerinckx-Rice
  2022-07-14 13:06     ` zimoun
@ 2022-07-19 21:43     ` jbranso
  1 sibling, 0 replies; 20+ messages in thread
From: jbranso @ 2022-07-19 21:43 UTC (permalink / raw)
  To: zimoun, Tobias Geerinckx-Rice, guix-devel

July 14, 2022 9:06 AM, "zimoun" <zimon.toutoune@gmail.com> wrote:

> Hi Tobias, All,
> 
> (French Bastille Day is a day off, so a day for trolling. ;-))
> 
> On Thu, 14 Jul 2022 at 10:40, Tobias Geerinckx-Rice <me@tobias.gr> wrote:
> 
>> https://www.hyperbola.info/news/announcing-hyperbolabsd-roadmap
> 
> Thanks for the link. It is helpful for understanding. :-)
> 
>> Far from 'recent' in my book.
> 
> Indeed, the announcement is from 2019-12-21. :-)
> 
> Quoting:
> 
> This will not be a "distro", but a hard fork of the OpenBSD
> kernel and userspace
> 
> Not being a new distro means using the venerable pkg_* package manager,
> right? Well, I am confused by the aim…

They want to use pacman apparently.  :)

> 
>>> If you run OpenBSD kernel and OpenBSD userland, why not just run an
>>> OpenBSD system? :-)
>> 
>> Because it contains blobs. HyperbolaBSD doesn't, by definition (see above).
> 
> …because HyperboladBSD seems a new distro as gnewSense is a new distro
> free from problematic parts but based on an existing other one. Well,
> since it had been announced on late 2019 and we are in 2022, it could be
> interesting to know the status on this project.
> 
>> Whatever my opinion on WSL, Darwin, and the Hurd, I must concede that they at least exist.
>> 
>> Porting Guix to something that doesn't is a poor investment in comparison.
> 
> Just to be sure to understand, the initial question is to port Guix to
> HyperbolaBSD which is a variant of OpenBSD (kernel and userland).
> 
> Therefore, correct me if I misunderstand something, it means:
> 
> 1. port Guix to a new kernel not using the GLibc
> 2. package all the (free) userland OpenBSD managed by Guix
> 
> Bah I wish all the best for people who would tackle this. :-)
> 
> Well, dreaming about science fiction,

Thanks for speaking plainly.  I did not realize how difficult this project
would be.  :)

> it appears me more approachable to
> have Guix running on something as Debian/kfreeBSD – it could be an
> interesting project with the help of Debian folks. Other said, “just”
> replace the Linux kernel by a variant of the FreeBSD one running with
> GNU GLibc.
> 
> However, doing so, the point #2 (BSD userland) is lost.
> 
> My understanding is: #1 and #2 require more work than the union of the
> Guix community *and* the other kernel community could provide, IMHO.
> Assuming both communities would be interested in. :-)
> 
> Cheers,
> simon


^ permalink raw reply	[flat|nested] 20+ messages in thread

* Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic
  2022-07-14 13:06     ` zimoun
  2022-07-14 15:38       ` Vagrant Cascadian
@ 2022-07-19 21:44       ` jbranso
  1 sibling, 0 replies; 20+ messages in thread
From: jbranso @ 2022-07-19 21:44 UTC (permalink / raw)
  To: Vagrant Cascadian, zimoun, Tobias Geerinckx-Rice, guix-devel

July 14, 2022 11:38 AM, "Vagrant Cascadian" <vagrant@debian.org> wrote:

> On 2022-07-14, zimoun wrote:
> 
>> Well, dreaming about science fiction, it appears me more approachable to
>> have Guix running on something as Debian/kfreeBSD – it could be an
>> interesting project with the help of Debian folks. Other said, “just”
>> replace the Linux kernel by a variant of the FreeBSD one running with
>> GNU GLibc.
> 
> Well, guile-3.0 does not build on Debian GNU/kFreeBSD, so that would be
> a bit of a blocker for a GNU Guix port:
> 
> https://buildd.debian.org/guile-3.0
> 
> But guile-2.2 built fine:
> 
> https://buildd.debian.org/guile-2.2
> 
> It is a rough port, I have toyed with it now and again ... requires lots
> of patches to code that assume userland based on running kernel; patches
> that upstreams are hesitant to take, etc. It is great as a grueling test
> of coding assumptions, though!

Does guile 3.0+ compile on the GNU/Hurd?  

> 
> My guess is you would have the same sort of problems with porting GNU
> Guix to any of the *BSD.
> 
> Definitely the sort of project that would take someone highly motivated
> over many years...
> 
> live well,
> vagrant


^ permalink raw reply	[flat|nested] 20+ messages in thread

* Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic
  2022-07-14 15:38       ` Vagrant Cascadian
  2022-07-15 11:09         ` Csepp
@ 2022-07-19 21:46         ` jbranso
  1 sibling, 0 replies; 20+ messages in thread
From: jbranso @ 2022-07-19 21:46 UTC (permalink / raw)
  To: Csepp, Vagrant Cascadian; +Cc: zimoun, Tobias Geerinckx-Rice, guix-devel

July 15, 2022 7:23 AM, "Csepp" <raingloom@riseup.net> wrote:

> Vagrant Cascadian <vagrant@debian.org> writes:
> 
> 
> If the goal is to produce highly secure servers than I'd like to suggest
> unikernels once again. No Guix running on the deployed server, but the
> server image is built by and possibly deployed by Guix.
> Of course the downside is that they do a whole lot less than OpenBSD or
> Linux. But if your use case is already covered, that's actually a
> positive, since no extra features means smaller attack surface.
> MirageOS could be a good starting point, since we already have a good
> chunk of Ocaml tooling integrated into Guix.
> http://unikernel.org/projects
> There was a Nix project with similar aims that sadly fizzled out, so
> it's probably not exactly an easy task to tackle, but it's much easier
> than porting Guix to a new kernel and packaging a userland for that
> kernel.

Thanks for the suggestion!  That would be a really secure server!


^ permalink raw reply	[flat|nested] 20+ messages in thread

* Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic
@ 2022-07-20 16:03 Raghav Gururajan
  2022-07-20 16:49 ` Maxime Devos
  2022-07-21 16:27 ` zimoun
  0 siblings, 2 replies; 20+ messages in thread
From: Raghav Gururajan @ 2022-07-20 16:03 UTC (permalink / raw)
  To: guix-devel


[-- Attachment #1.1: Type: text/plain, Size: 614 bytes --]

Hello Guix!

I'd like to add following points to this discourse:

[1] The idea isn't off-topic, because, Guix is meant to be kernel 
agnostic. So exploring HyperbolaBSD as a kernel option for Guix is with 
in the prospect.

[2] IIUC, HyperbolaBSD (OS) consist of a custom-made kernel and a 
custom-made userspace, both of which the components are either derived 
from OpenBSD System or written from scratch. So two things can be 
explored, *separately*.
(A) Guix System with GNU userspace and HyperbolaBSD kernel.
(B) Guix System with HyperbolaBSD userspace and HyperbolaBSD kernel.

Regards,
RG.

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 236 bytes --]

^ permalink raw reply	[flat|nested] 20+ messages in thread

* Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic
  2022-07-20 16:03 Raghav Gururajan
@ 2022-07-20 16:49 ` Maxime Devos
  2022-07-21 16:27 ` zimoun
  1 sibling, 0 replies; 20+ messages in thread
From: Maxime Devos @ 2022-07-20 16:49 UTC (permalink / raw)
  To: Raghav Gururajan, guix-devel


[-- Attachment #1.1.1: Type: text/plain, Size: 665 bytes --]


On 20-07-2022 18:03, Raghav Gururajan wrote:
> [2] IIUC, HyperbolaBSD (OS) consist of a custom-made kernel and a 
> custom-made userspace, both of which the components are either derived 
> from OpenBSD System or written from scratch. So two things can be 
> explored, *separately*.
> (A) Guix System with GNU userspace and HyperbolaBSD kernel.
> (B) Guix System with HyperbolaBSD userspace and HyperbolaBSD kernel. 

(C) Guix System with HyperbolaBSD userspace (except for GNU C library 
and compiler) and Linux or Hurd kernel

Probably won't work for all userspace things but possibly some of them 
run on Linux/Hurd+glibc

Greetings,
Maxime.


[-- Attachment #1.1.2: OpenPGP public key --]
[-- Type: application/pgp-keys, Size: 929 bytes --]

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 236 bytes --]

^ permalink raw reply	[flat|nested] 20+ messages in thread

* Re: Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic
  2022-07-20 16:03 Raghav Gururajan
  2022-07-20 16:49 ` Maxime Devos
@ 2022-07-21 16:27 ` zimoun
  1 sibling, 0 replies; 20+ messages in thread
From: zimoun @ 2022-07-21 16:27 UTC (permalink / raw)
  To: Raghav Gururajan, guix-devel

Hi Raghav,

On Wed, 20 Jul 2022 at 12:03, Raghav Gururajan <rg@raghavgururajan.name> wrote:

> [1] The idea isn't off-topic, because, Guix is meant to be kernel 
> agnostic. So exploring HyperbolaBSD as a kernel option for Guix is with 
> in the prospect.

Hum, I do not think that Guix is agnostic about the standard C library.
Therefore, Guix is not meant to be kernel agnostic.

Well, it depends what we name Guix.  From my understanding, the
bootstrap chain is not kernel agnostic.  For instance, what is the size
of the current binary seed on the Hurd kernel?

From my understanding, Guix is meant to be GNU which means Guix is using
many tools from GNU and these tools are often not kernel agnostic.


> (A) Guix System with GNU userspace and HyperbolaBSD kernel.

Debian folks did that:

   GNU userland packaged with .deb using GLibc
   running on the top of a modified FreeBSD kernel

The project is named Debian/kfreebsd [1] and it is a huge piece of work.
Well, we could imagine reuse their work and replace “Debian packages” by
Guix ones.

But… yes, a strong but!  It is a lot of work as Vagrant explains it [2].
Basically, Guile 3.0 is not working on Debian/kfreebsd so it requires
many patches to have Guile 3.0 running on the top of a BSD kernel.


1: <https://www.debian.org/ports/kfreebsd-gnu/>
2: <https://yhetil.org/guix/874jzjogbo.fsf@contorta>


> (B) Guix System with HyperbolaBSD userspace and HyperbolaBSD kernel.

It means port Guix to a BSD kernel.  Guix is strongly connected to the
GLibc and a BSD kernel is not using GLibc but another.  Therefore, it
requires to solve many difficult core issues.


On Wed, 20 Jul 2022 at 18:49, Maxime Devos <maximedevos@telenet.be> wrote:

> (C) Guix System with HyperbolaBSD userspace (except for GNU C library 
> and compiler) and Linux or Hurd kernel

It means port BSD applications.  For instance, about pf, from Wikipedia
[1]:

        PF has been ported to many other operating systems, however
        there are major differences in capabilities

and even, nothing about kernels other than BSD variants.

1: <https://en.wikipedia.org/wiki/PF_(firewall)#Ports>


In all cases (A) or (B) or (C), it is the sort of project that would
take someone highly motivated and highly skilled busy for some time.


Cheers,
simon


^ permalink raw reply	[flat|nested] 20+ messages in thread

end of thread, other threads:[~2022-07-21 16:34 UTC | newest]

Thread overview: 20+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-07-11 22:44 Could Guix System eventually run on top of HyperbolaBSD ? slightly off topic Joshua Branson
2022-07-12  0:16 ` indieterminacy
2022-07-12  2:18   ` Joshua Branson
2022-07-12  3:56     ` Akib Azmain Turja
2022-07-12 13:39       ` Joshua Branson
2022-07-12  8:25     ` Josselin Poiret
2022-07-12 13:36       ` Joshua Branson
2022-07-12 20:12       ` Csepp
2022-07-14 10:23 ` zimoun
2022-07-14 10:40   ` Tobias Geerinckx-Rice
2022-07-14 13:06     ` zimoun
2022-07-14 15:38       ` Vagrant Cascadian
2022-07-15 11:09         ` Csepp
2022-07-19 21:46         ` jbranso
2022-07-19 21:44       ` jbranso
2022-07-19 21:43     ` jbranso
2022-07-19 21:41 ` jbranso
  -- strict thread matches above, loose matches on Subject: below --
2022-07-20 16:03 Raghav Gururajan
2022-07-20 16:49 ` Maxime Devos
2022-07-21 16:27 ` zimoun

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.