> > However
> >
> > ./pre-inst-env guix package -i hello
> >
> > Gives me
> >
> > guix package: error: build failed: the build users group
> > `guix-builder' has no members
> >
> > But, but, I do have a group `guix-builder`
> >
> > I think the problem may be that my guix-builder group was defined in NIS
> whereas its members are not in NIS.
>
> What does ‘getenv group guix-builder’ return? It should show something
> like:
> guixbuild:x:30000:guixbuilder01,guixbuilder02,guixbuilder03,guixbuilder04,gu
> ixbuilder05,guixbuilder06,guixbuilder07,guixbuilder08,guixbuilder09,guixbuild
> er10
Answered below....
> Each build account must have ‘guix-builder’ in its supplementary group list.
>
> > The daemon is running as user `guix` on host ${GUIXHOST}
>
> The daemon really needs to run as root, if possible:
>
> http://www.gnu.org/software/guix/manual/html_node/Build-
> Environment-Setup.html
I guess my issues are arising from challenging this (soft?) requirement.
My SA has provided me /gnu as NFS network share owned by network user `guix`
and group owned by `guix-builder`.
However it is 'root squashed' on all servers, including my GUIX_HOST. In other
works, the root account cannot write to it.
For this reason, I have tried
./configure --prefix=/gnu
rather than the suggested
./configure --localstatedir=/gnu/var --exec-prefix=/gnu
Since this suggestion results in `make install` needed to write to both the
root-squashed network share and /usr/local which can only be done by root, an
impossibility.
Or am I thinking about this wrong?
--prefix=/gnu has some additional advantage of getting the /share directory
network wide, as presumably should be /etc/bashy_completion.d
I am making guix from fresh `git pull` master passing all tests (except for
SKIPPING the container test thanks to recent commit - last week it was failing
this one)
However, with this configuration, after install, and running the daemon as user
'guix', I now get:
bash-4.2$ guix build hello
guix build: error: build failed: acquiring/releasing lock: No locks
available
Oh, right, and, I am still doing by hand:
su -c 'mkdir /gnu/var/guix/profiles/per-user; chmod a+rwx
/gnu/var/guix/profiles/per-user' - guix
So, I think if I knew a little more about guix internals, I would expect that I
could figure out a ./configuration that allows /gnu to reside on root-squashed
network share.
Ricardo, you seem to have something _like_ this working. I'm guessing that
your /gnu was local to your GUIXHOST, and so you did not need to solve this
root squash issue.
Ricard & Ludo, do you mind thinking this through a little further with me?
Here is current my account setup
getent group guix-builder
guix-builder:!:20302:guix-builder1,guix-builder2,guix-builder3,guix-builder4,guix-builder5,guix-builder6,guix-builder7,guix-builder8,guix-builder9,guix-builder10
getent passwd guix
guix:$1$E5Ru3NpE$wZZY.cM8TwbRMHBI1UP110:3036:20302:Guix build
user:/var/empty:/bin/bash
getent passwd guix-builder1 ## and all the other guix-builder
guix-builder1:!!:3048:20302:Guix build user 1:/var/empty:/sbin/nologin
~Malcolm
>
> > However trying to --install is not successful
> >
> > /gnu/bin/guix package --install hello
> > accepted connection from pid 26597, uid 1232
> > error: while creating directory `/gnu/var/guix/profiles/per-
> user/mec': Permission denied
> > Please create the `/gnu/var/guix/profiles/per-user/mec' directory,
> with you as the owner.
> > Try "info '(guix) Invoking guix package'" for more information.
> >
> > Which leads me to think the documentation is in error where it says "The
> per-user directory is created when guix-daemon is started".
>
> Well, /var/guix/profiles/per-user is created by the daemon, but .../mec is
> created by ‘guix package’.
>
> > Creating it by hand (owned by guix, with write access to all) :
> >
> > mkdir /gnu/var/guix/profiles/per-user ## the doc says this should
> happen by the daemon but not! FIXME! BUG?
> > chmod a+rwx /gnu/var/guix/profiles/per-user
>
> Perfect.
>
> The daemon really does create /gnu/var/guix/profiles/per-user, making it
> world-writable (see nix/libstore/local-store.cc:254.)
>
> However, you mentioned guix-daemon was *not* running as root, in which
> case it does not attempt to create this directory. That could be the reason.
>
> Thanks for your report,
> Ludo’.
