Help with removing xz 5.6.1 as a dependancy

I need help with determine what is the main package or packages that requires xz 5.6.1 and how to change the version to use 5.4.6 if possible.

I also ran sudo nix-store --optimise -v -j auto, sudo nix-collect-garbage -d, nix-store --optimise -v -j auto and nix-collect-garbage -d before the commands below.

Where in my configuration.nix do I add an overlay to change the dependency?

# Edit this configuration file to define what should be installed on
# your system.  Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).

{ config, pkgs, ... }:

{
  imports =
    [ # Include the results of the hardware scan.
      ./hardware-configuration.nix
      <home-manager/nixos>
      ./dotfiles/doom.nix
      ./dotfiles/fish.nix
      #./dotfiles/hyprland.nix
      ./dotfiles/neovim.nix
      ./dotfiles/starship.nix
      ./dotfiles/suricata.nix
      ./dotfiles/wezterm.nix
      ./dotfiles/xplr.nix
    ];

  #nix settings
  nix.settings.experimental-features = [ "nix-command" "flakes" ];

  hardware.system76.enableAll = true;
  hardware.bluetooth.enable = true;

  # Bootloader.
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;
  boot.loader.timeout = 20;
  boot.kernelPackages = pkgs.linuxPackages_latest;

  systemd.services.NetworkManager-wait-online.enable = false;
  systemd.services.systemd-udev-settle.enable = false;
  systemd.services.network-setup.enable = false;

  systemd.extraConfig = ''
    DefaultTimeoutStopSec=10s
  '';

  # Enable the X11 windowing system.
  services.xserver.enable = true;
  services.xserver.xkb.layout = "us";
  services.xserver.xkb.variant = "";

  services.xserver.displayManager.sddm.enable = true;
  #services.xserver.desktopManager.plasma6.enable = true;
  services.desktopManager.plasma6.enable = true;
  services.xserver.displayManager.defaultSession = "plasma";


  # Enable touchpad support (enabled default in most desktopManager).
  # services.xserver.libinput.enable = true;

  networking.hostName = "blank"; # Define your hostname.
  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.

  # Configure network proxy if necessary

  # Enable networking
  networking.networkmanager.enable = true;

  # Open ports in the firewall.

  # Enable CUPS to print documents.
  services.printing.enable = true;

  # Enable sound with pipewire.
  sound.enable = true;
  hardware.pulseaudio.enable = false;
  security.rtkit.enable = true;
  services.pipewire = {
    enable = true;
    alsa.enable = true;
    alsa.support32Bit = true;
    pulse.enable = true;
    # If you want to use JACK applications, uncomment this
    #jack.enable = true;

    # use the example session manager (no others are packaged yet so this is enabled by default,
    # no need to redefine it in your config for now)
    #media-session.enable = true;
  };

  # Set your time zone.
  services.automatic-timezoned.enable = true;

  # Select internationalisation properties.
  i18n.defaultLocale = "en_US.UTF-8";

  i18n.extraLocaleSettings = {
    LC_ADDRESS = "en_US.UTF-8";
    LC_IDENTIFICATION = "en_US.UTF-8";
    LC_MEASUREMENT = "en_US.UTF-8";
    LC_MONETARY = "en_US.UTF-8";
    LC_NAME = "en_US.UTF-8";
    LC_NUMERIC = "en_US.UTF-8";
    LC_PAPER = "en_US.UTF-8";
    LC_TELEPHONE = "en_US.UTF-8";
    LC_TIME = "en_US.UTF-8";
  };

  environment.sessionVariables = {
    EDITOR = "nvim";
  };

  # Setup keyfile

  # virt reduce redundant writes
  #fileSystems."/nix/store".options = [ "noatime" ];

  virtualisation = {
    docker.rootless = {
      enable = true;
      setSocketVariable = true;
    };
    #virtualbox.host = {
    #  enable = true;
    #};
  };

  # Define a user account. Don't forget to set a password with ‘passwd’.
  users.users.userName = {
    isNormalUser = true;
    description = "Na";
    extraGroups = [ "networkmanager" "wheel"];
    shell = pkgs.fish;
    packages = with pkgs; [
      #packagnames
    ];
  };

  home-manager.users.userName = { pkgs, ... }: {
    home.stateVersion = "23.11";
    nixpkgs.config.allowUnfree = true;

    programs.git = {
      enable = true;
      #credential.helper=blank
      userName = "Na";
      userEmail = "Na";
    };

    home.packages = with pkgs; [
      #gui
      firefox
      #google-chrome
      thunderbird
      gimp
      libreoffice
      obs-studio
      bitwarden
      kdenlive
      mpv
      freecad
      kicad-small
      logisim-evolution
      insomnia
      jetbrains.idea-community
      blender-hip
      zoom-us
      wezterm
      isoimagewriter

      #emacs
      emacs29-gtk3
      emacsPackages.xwidgets-reuse
      pandoc

      # cli
      fish
      starship
      wl-clipboard
      xclip
      calcurse
      xplr
      btop
      ripgrep
      figlet
      ffmpeg-full
      neofetch
      parallel
      file
      xdg-ninja
      screenkey

      # security
      lynis

      #lang
      verilog
      go
      rustup
      gnu-cobol

      #java
      gradle_7
      #gradle

      #python
      (python311.withPackages(ps: with ps; [
           python311Packages.pytz
           python311Packages.datetime
           python311Packages.dateutils
           python311Packages.ptpython
           #suricata depns
           python311Packages.pyyaml
           (buildPythonPackage rec {
             pname = "introcs";
             version = "1.3.1";
             src = fetchPypi {
               inherit pname version;
               sha256 = "blank";
             };
             doCheck = false;
             propagatedBuildInputs = [
               python311Packages.numpy
               python311Packages.pillow
             ];
           })
      ]))

      #lua
      lua-language-server

      #nix
      #nil

      #nodejs
      nodejs_20
      nodePackages.pyright
      #(buildNpmPackage rec {
      #  pname = "dynamodb-admin";
      #  version = "4.6.1";
      #  src = fetchFromGitHub {
      #    owner = "aaronshaf";
      #    repo = "dynamodb-admin";
      #    rev = "v4.6.1";
      #    sha256 = "blank";
      #  };
      #})

      #C & C++
      clang_16
      cmake

      gnumake
      zip

      #Haskell
      #ghc

      #kenzie
      #awscli2
      awscli
      aws-sam-cli

      # MS Azure
      #azure-cli

      #inteliji idea dependency
      graphviz
      plantuml

      #latex
      #texlive.combined.scheme-full
      texliveMinimal

      #hyprland
      #hyprpaper
      #bemenu
    ];
  };

  #programs.kdeconnect.enable = true;

  programs.java = {
    enable = true;
    package = pkgs.openjdk16-bootstrap;
  };

  programs.fish = {
    enable = true;
  };

  #programs.nix-ld.enable = true;

  fonts.packages = with pkgs; [
    (nerdfonts.override { fonts = [ "ShareTechMono" ]; })
  ];

  programs.gnupg.agent = {
    enable = true;
    #pinentryPackage = pkgs.pinentry-qt;
    #pinentryFlavor = "qt";
  };

  # Allow unfree packages
  nixpkgs.config.allowUnfree = true;

  # List packages installed in system profile. To search, run:
  # $ nix search wget

  environment.systemPackages = with pkgs; [
    suricata
  ];

  #systemd.services.suricata = {
  #  description = "Suricata IDS/IPS";
  #  wantedBy = ["multi-user.target"];
  #  serviceConfig = {
  #    ExecStart = "/nix/store/vv9wv7ksnynq16q8sdn3m2f5r56id3p4-system-path/bin/suricata -c /etc/suricata/suricata.yaml --pidfile /var/run/suricata.pid";
  #    Restart = "always";
  #  };
  #};

  # Some programs need SUID wrappers, can be configured further or are
  # started in user sessions.
  # programs.mtr.enable = true;
  # programs.gnupg.agent = {
  #   enable = true;
  #   enableSSHSupport = true;
  # };

  # List services that you want to enable:

  # Enable the OpenSSH daemon.
  # services.openssh.enable = true;

  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
  # on your system were taken. It‘s perfectly fine and recommended to leave
  # this value at the release version of the first install of this system.
  # Before changing this value read the documentation for this option
  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
  system.stateVersion = "23.05"; # Did you read the comment?
}

Derivations (paths ending with .drv) should be harmless.

The contents of your Nix store do not reflect the “installed” packages used by some component in your actual environment.

It’s merely what was at any point installed and then not removed because a GC root is placed on it.

Thus in order to purge xz-5.6.1 off your system, you must figure out which GC root holds a reference on xz. One implicit GC root is running processes. If any running process is linked against that version of lzma, it won’t be GC’d. I’d suggest you to do a reboot.

You can show all GC roots via sudo nix-store --gc --print-roots.

2 Likes

Thank you for your help and explanation.

1 Like