guix-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Compiling guix 0.3 on a fedora 8 planetlab node

From: Ludovic Courtès
Subject: Re: Compiling guix 0.3 on a fedora 8 planetlab node
Date: Fri, 30 Aug 2013 14:05:40 +0200
User-agent: Gnus/5.130007 (Ma Gnus v0.7) Emacs/24.3 (gnu/linux) 
Matthias Wachs <address@hidden> skribis:

>> How did it complain exactly?  Is it running as ‘root’, as per
>> <http://www.gnu.org/software/guix/manual/guix.html#Setting-Up-the-Daemon>?
>> 
>> The ability to run build processes in a chroot and under separate UIDs
>> is essential to achieve reproducibility.
>
> The basic issue is: 
> I cannot add a builder group since on these machines I don't have the
> "groupadd" command ... limitations of the image/testbed

You may have ‘addgroup’ instead, no?

> So when starting the daemon with:
>
> address@hidden ~]$ sudo guix-daemon
> warning: daemon is running as root, so using `--build-users-group' is
> highly recommended
> accepted connection from pid 13641, uid 1376
> 245 operations
>
> The client prints:
>
> guix package -i make
> <removed>
> substituter-succeeded 
> /nix/store/qhkvy39118lccxxsnrwjb9xp7s4627py-make-3.82-debug
> guix package: error: build failed: unable to fork: Operation not
> permitted

Can you try to set those CLONE_* constants that you added to 0 instead
of some other value?

According to the clone(2) man page, EPERM means:

  CLONE_NEWIPC,  CLONE_NEWNET,  CLONE_NEWNS, CLONE_NEWPID, or CLONE_NEWUTS was 
specified by
  an unprivileged process (process without CAP_SYS_ADMIN).

But you said guix-daemon is running as ‘root’.  So it might be that the
kernel doesn’t recognize these flags, and returns EPERM for lack of a
better idea.

Thanks,
Ludo’.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]