From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-dev+bounces-86298-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 04832138334
	for <garchives@archives.gentoo.org>; Tue, 13 Nov 2018 06:21:36 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 45B23E0AE7;
	Tue, 13 Nov 2018 06:21:32 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id D0537E0AAE
	for <gentoo-dev@lists.gentoo.org>; Tue, 13 Nov 2018 06:21:31 +0000 (UTC)
Received: from [10.128.13.179] (unknown [100.42.98.196])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	(Authenticated sender: zmedico)
	by smtp.gentoo.org (Postfix) with ESMTPSA id 9813F335D0E;
	Tue, 13 Nov 2018 06:21:30 +0000 (UTC)
Subject: Re: [gentoo-dev] [PATCH] install-qa-check.d: Support
 QA{,_STRICT}_INSTALL_PATHS variables (bug 670902)
To: gentoo-dev@lists.gentoo.org, Michael Orlitzky <mjo@gentoo.org>
References: <20181112203344.611-1-zmedico@gentoo.org>
 <2f93eb4a-0fdf-ac1f-d40d-81a3b6a944e9@gentoo.org>
 <3260d441-53d5-3016-958a-d961af9f7ded@gentoo.org>
 <f32f85d3-28e9-dd06-a256-716488eca166@gentoo.org>
 <8b5289cf-2829-33b3-9d01-9461a3066b3e@gentoo.org>
 <d2ee8bdb-9ca6-804a-7422-882aea1fe347@gentoo.org>
From: Zac Medico <zmedico@gentoo.org>
Openpgp: preference=signencrypt
Autocrypt: addr=zmedico@gentoo.org; prefer-encrypt=mutual; keydata=
 xsFNBFs7tmwBEADTzG+IcYtRfTfKryU7sUH7LlV1M+TdaCMfIkY4x6RyHXkaaqYuQ+U9HKn0
 +m5FcZsZ1Ojik+We3Tz0F6kDbam6EWzBxmsLb/IHeUEsvsuLzuBQjiD9zzqGocZiPWr+uWJs
 AdbueS72R7FPXJPDUEPrJ9GdhGFyYARveY9cmdisOwcDOiSFfBjk3/89t4gROn4KUhezVuO9
 VS14gVSns1561CJjlB47HkSBu4+FuzrfVygg4xitWAH119Ehw0vJcgkTw4Bqhk01Iw9us80m
 dFyU8JbJ0CVYe30gYKFFbnXoiT6xLLogKOkv0goPFxaXcMwWM9ei3SjAGVqgN6i8VnO7kquV
 LwkTe6ntEK0iY+l4qTKuyIOQLpCbWNI0eVwlx5b/pY2pt5TEGWAPMCZGjlidMx0aDcVX4oji
 2/xegFAcxALrfOX3kj2FZ9kNAqLZu26AfqtslIqlBEAb5sZwPr351msBIdbaWX2UNw21I478
 7eQ7UfohwXQHlXdhc/wop3VDkDzLBnvlK4ozSJI/9T5F/+9yEZvc6DKUWdEfD12o2El5hHan
 gCUQWDBKqZb1wcekK8KY2tmH8BBQi7k52IWYLJYfJdir/XpGm5SsDpf3zvDcIFXqFHAG7w7b
 fhriM+6oBOeIO9ew1Xj3swbRhDwdzRUhu7Uqayq1vdvKqGkgcQARAQABzSJaYWNoYXJ5IE1l
 ZGljbyA8em1lZGljb0BnbWFpbC5jb20+wsGUBBMBCAA+AhsDBQsJCAcDBRUKCQgLBRYDAgEA
 Ah4BAheAFiEER1is2Nqa/UampgQK1hDPNyHnis0FAltml4cFCQTNZxoACgkQ1hDPNyHnis07
 aA//QH4lchXg2Kt5ZbBlF3UGn8l2lXvjZKnHkSoz1WK5lWJynQN+dFV6ve+mqG8wX7SqEb+3
 iMVh1YoCNx3WSoIb/74/0X+Xtarz1thja8/qS+GyCF1O42aOXYLTuXTmIowjBVIR8v1cZVdY
 L1KNpyfcq9UyL/xyLpBAP6eqB2+rNiNQHuO8xXgoQGr5kpz08yyD+gnpsGG7hdMzOi7FA7kk
 5JN6rvVKVoKE3VHuECj30u/sd5bixndrGOEr2Ps7b1E9D5h0Ge9HTtAdU/qaUZpAChkRPwGK
 aNme3UGag9161JKdBsm7e3/a6GTbqvtJYxSK6B7LvI/VOQmFUlhEcFrDVQzJk0l+X5kn3z2u
 UG80wWTM4p7WCVWiAUPmVGF27ml12J3p8HBXf02VvaNCJtzOCDEbbr+Ynf+JriMUTRy5mzD0
 Vfqt4oWqg7I4q6Ds4TqwmEVxBDdONI2AmhQ+BALGzu3aFyu8fyp7J/KWc+UgK/CGvmJUtrGY
 sUNudPVPDJ33xlxj1Y940OECA+fsBPxS0k18ZoJLivLxwgrS/EkVOcUKNFMezMUHK6WnDlHD
 8UrhvmnF5YewMH1EXelNgZvlWF8z8C2fRx8biGLXaaMQEnmGZkQTN8NJdBhZ1cuD0UORF8Bp
 LKkz1EEWp1Tox4ibn47s6jM4qRb1xTG+c0T4Fl7OwU0EWzu2bAEQAJ9lv8R485soLy25UWUg
 xBpNHOburlMdvBC9t0p3D/fVx1glplnsEWCdIGrYIFgM/Fyb5PG++OA1NqbyRkZ0SkKbf+8/
 Vh0lKiJhuKwm5tXsmIA6gCYa1oM5Vfm2Gm/bwcvXvCorZ3mOCoxMsV5PeHJqujlyMYBCWFM0
 7J/BWR0UwUuM6EbOrtqSLhRn2J5L8h52jJm85uV/v13k9XXEjSZ/bDnKgdx9lG/ufAj1czOe
 qWAL39FA/s75Z8KXamX2DJ3SFze6pRaXSR73Ee9XGUR05Ef9/47N7JtiP2vzQaQLox6qIbyr
 O5Y7Qhlnka/PCSrQqBEB5+v1n/i+bI6JWEmu+TWAunpUR0Hnh9Q7cwb89ydiJqxEk5TBFBDX
 6rbnDmL2ihlGTQtDqg2dZt5WP4/CfSbMvT8aOR0+xhyXHM4tKVEDCSKx6lWXrYvab5fBexmP
 0NLe8gcRtt8KYprIG4YJdASkkyYScaoUuc7O/b1w662bcGcZdxYCDlomOJXk8oSav/iD38Qn
 yWmEac0JFDYO9TM7W2UemZP4m8MHACCjmt+rnCON6JLnvyQCA+iK04HOn/PlgzkVdf6yER2L
 n+tq0Stv3KxR+vdnjlhXfIzoweAKkSDz7mTp8zp7Li1GfFcBh0nhfNpLIwv1+ycSD1pVoI+J
 GX5+4tK4XVAl/svDABEBAAHCwXwEGAEIACYCGwwWIQRHWKzY2pr9RqamBArWEM83IeeKzQUC
 Wzu2twUJAeEzywAKCRDWEM83IeeKzRZ3D/0RFItQdaMZb6hEk8LzRGxJk772Bt2joBPwY/Qv
 dLUzrR38Lg+n2VPuwa83fVDaHj+LUAbPa+y+MDhFTC5Yj8zYXrrRmapu4sDgFtL+CMD5at9k
 HxMMSjLuTQg76BrQnoQ2DFI6TTDVlL4thWszyvsLvdlyQBTZqScY4e98h1Ghylvjrj8kD6OQ
 /wQ1xcDQ1VPXtN7orc7Gk3d8Gwc/vD3NthpXcTHey5eEvHT/7HGMs9N/ChsTLeRO/lCq6ao+
 HtOVe9z/0q7gbCAAVSxwsblmGwNQshaxGvS3K6bQhgjeWlCczKRmIMKiKrscRNPAl5k+kmQ+
 VVztDLLR6pwrKiKp3+22vm0/BEVaTg5iarNkWJlnqwbtnDrxRcoe6EJXUyBco+pLczxDpX6c
 Yv5nAsTUaS+rBo+Cfu7Mml874fOhaffLGM2+HmmWxlsz+SoJMzIHIHQtA9l2OQ7fQa9Xp1TB
 qZuViSnK2lnlyZshEhPOzE+Q65bBeQujPrLrrgl8f9N7fFVDaupmS4MIWvDLmc6qT3bDs5hY
 arIM5Ivi3IJ1yxdWgXkddwdAtO/lbMJDYwBBRbrN+XKKtjKBN8nd2zmaTn8nnZQoSEgc/Mkd
 zbpRt++jfxe4TQUmNvvGhnMKhJOkJVnYfR/Zwk4EsRU31udt6U2WanSbqY8Ad8Ot+xVH+w==
Message-ID: <56c1caef-048c-9f75-9e31-d009d934bce5@gentoo.org>
Date: Mon, 12 Nov 2018 22:21:27 -0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101
 Thunderbird/60.3.0
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
MIME-Version: 1.0
In-Reply-To: <d2ee8bdb-9ca6-804a-7422-882aea1fe347@gentoo.org>
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature";
 boundary="xTThx7nkz4iDl28h0jrzEJol4AEw9l2yS"
X-Archives-Salt: 6f811859-9681-40cf-90ef-dbb3874e890f
X-Archives-Hash: 1bd8e705d0dadd0550b74c4a37c69738

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--xTThx7nkz4iDl28h0jrzEJol4AEw9l2yS
Content-Type: multipart/mixed; boundary="INIpVtFT3jl8GQmfMdetsK4qGP74C80E8";
 protected-headers="v1"
From: Zac Medico <zmedico@gentoo.org>
To: gentoo-dev@lists.gentoo.org, Michael Orlitzky <mjo@gentoo.org>
Message-ID: <56c1caef-048c-9f75-9e31-d009d934bce5@gentoo.org>
Subject: Re: [gentoo-dev] [PATCH] install-qa-check.d: Support
 QA{,_STRICT}_INSTALL_PATHS variables (bug 670902)
References: <20181112203344.611-1-zmedico@gentoo.org>
 <2f93eb4a-0fdf-ac1f-d40d-81a3b6a944e9@gentoo.org>
 <3260d441-53d5-3016-958a-d961af9f7ded@gentoo.org>
 <f32f85d3-28e9-dd06-a256-716488eca166@gentoo.org>
 <8b5289cf-2829-33b3-9d01-9461a3066b3e@gentoo.org>
 <d2ee8bdb-9ca6-804a-7422-882aea1fe347@gentoo.org>
In-Reply-To: <d2ee8bdb-9ca6-804a-7422-882aea1fe347@gentoo.org>

--INIpVtFT3jl8GQmfMdetsK4qGP74C80E8
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable

On 11/12/18 9:44 PM, Michael Orlitzky wrote:
> On 11/12/2018 06:47 PM, Zac Medico wrote:
>>>
>>> The idea being, to put it in the right place by default, and let peop=
le
>>> override it with EXTRA_ECONF if they really want to download random
>>> binaries from strangers and run them.
>>
>> I recommend to add /nix to the whitelist because this is the default
>> location for all operating systems, as shown consistently throughout t=
he
>> installation instructions found at
>> https://nixos.org/nix/manual/#chap-installation.
>=20
> I mean... I know... my argument is not that they don't tell you to do
> something dumb. If you really want the official experience, you can
> close your eyes, cross your fingers, say a prayer to RMS, and then
> follow their installation instructions:
>=20
>  $ curl https://nixos.org/nix/install | sh
>=20
> The fact that some people choose to use portage to install it probably
> means that they were looking for something a little less yee-haw.

The benefit of using the ebuild is the same as always, it allows for
automated upgrade, uninstall, etc.

> We
> trust the package manager to not let ebuilds do dumb things to our
> systems: no surprise network access, no random filesystem reads/writes,=

> reliable uninstalls, things installed in sensible paths, etc. We
> shouldn't make exceptions to those policies without a good reason.

What does any of this have to do with the nix having a file store under
/nix?

>> The nix manual also has this explicit warning in the "Building Nix fro=
m
>> Source" section found at https://nixos.org/nix/manual/#sec-building-so=
urce:
>>
>>> Warning: It is best not to change the Nix store from its default,
>> since doing
>>> so makes it impossible to use pre-built binaries from the standard Ni=
xpkgs
>>> channels =E2=80=94 that is, all packages will need to be built from s=
ource.
>=20
> Do I have to be that guy who suggests that if people don't want to buil=
d
> from source, then maybe they took a wrong turn back at distrowatch?

They're able to choose between building from source or using prebuilt
packages, and changing the location of the /nix file store is unnecessary=
=2E

> You can override the nix store location with EXTRA_ECONF if you really
> want to dump stuff in /nix. At which point the warning is just telling
> you what's up: you're doing something wrong.

What's inherently wrong about nix having a file store under /nix? Is
this purely about FHS?
--=20
Thanks,
Zac


--INIpVtFT3jl8GQmfMdetsK4qGP74C80E8--

--xTThx7nkz4iDl28h0jrzEJol4AEw9l2yS
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQKTBAEBCgB9FiEE8OgXaltWzqgSupCu0HX7jBBKPSAFAlvqbWhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEYw
RTgxNzZBNUI1NkNFQTgxMkJBOTBBRUQwNzVGQjhDMTA0QTNEMjAACgkQ0HX7jBBK
PSCY3xAAyDOBxMFfPm253iMjhyepv2kAB68FVvQ10ETmvvAt1G6IQ1qdKMfCoHFa
dfKZCqjL9Kw81NqKe9yVpH60nCawk/Ix1WHPVvlBTc3Fcz3487S5e6YGdV3uwcOm
JH92GkCnsH7dSYF5083n1IxJpvYr2+qI4vhCJiURXtPXQkjDnmssrNgOwwtmyU4a
IL77OM3CMsVKmMC1LgWmtell+Ai1kgMgmtW8g6SJO0AMM2+TnrevfCzJvtx7UX26
T+2VvgjWYJtA3auTd4Iir6ZwqOcFZTMUu99gjKKDCyMVZ5KphAKvCwfbo5OoEl7/
gQXnF4uIPq909ySA1XMFX8I1ZDdLRX1tsWtgyR3YkeVculXEulRvujhZwkNh+zdq
qNxzNJc401mDKd19fSg+1bcRXMyP9HJxGm15MqsCE9E7IMXbMS/6mpvY1y0gTR4a
bPhP0/tUXkdHIS3zGeoTNxXAsGb7jA8J/9OhF9C4H6dFXw5rUFaaaqEDemgiqdGe
H0OtQGRLMJ9FH627JFEP6VQ6Rjs4Qt1wI4q4TghlXdHwUKl27yNSBszUspACEt0e
1lsCJjBt8X250+76degRnaFCCebrRefDn6WYLthig+SNazvA50jPNTbHu9MZ6MR0
O01atmsiscapEWkDI4yzzNFaYj+qf+G1pttyzx7OZs53hjHXgLQ=
=G6DF
-----END PGP SIGNATURE-----

--xTThx7nkz4iDl28h0jrzEJol4AEw9l2yS--