Hi,
I have resolved a main issue by having /gnu mounted without root squashing and
running gnu-daemon as root, as strongly suggested after building with
`./configure --localstatedir=/gnu/var --exec-prefix=/gnu`
And .... I am proceeding largely happily.
So.... WOOHOO and WHOOWHEE and general applause, cheers, and well-wishing from
all quarters.
Thanks for everyone's advice and help.
I will start new threads with other issues.
Ludo, did I tell you, as you asked, I did build guix from master also without
any FAILS and only SKIPPED one test, containers.scm.
~Malcolm
> -----Original Message-----
> From: Cook, Malcolm
> Sent: Monday, July 20, 2015 5:38 PM
> To: 'Ludovic Courtès'
> Cc: 'Ricardo Wurmus'; 'Guix-devel'; 'Pjotr Prins'; 'bio-
> packag...@mailman.open-bio.org'
> Subject: RE: Using a shared Guix store (was RE: [Bio-packaging] testing out
> guix)
>
> > > However
> > >
> > > ./pre-inst-env guix package -i hello
> > >
> > > Gives me
> > >
> > > guix package: error: build failed: the build users group
> > > `guix-builder' has no members
> > >
> > > But, but, I do have a group `guix-builder`
> > >
> > > I think the problem may be that my guix-builder group was defined in
> > > NIS
> > whereas its members are not in NIS.
> >
> > What does ‘getenv group guix-builder’ return? It should show
> > something
> > like:
> > guixbuild:x:30000:guixbuilder01,guixbuilder02,guixbuilder03,guixbuilde
> > r04,gu
> > ixbuilder05,guixbuilder06,guixbuilder07,guixbuilder08,guixbuilder09,gu
> > ixbuild
> > er10
>
> Answered below....
>
> > Each build account must have ‘guix-builder’ in its supplementary group list.
> >
> > > The daemon is running as user `guix` on host ${GUIXHOST}
> >
> > The daemon really needs to run as root, if possible:
> >
> > http://www.gnu.org/software/guix/manual/html_node/Build-
> > Environment-Setup.html
>
> I guess my issues are arising from challenging this (soft?) requirement.
>
> My SA has provided me /gnu as NFS network share owned by network user
> `guix` and group owned by `guix-builder`.
>
> However it is 'root squashed' on all servers, including my GUIX_HOST. In
> other works, the root account cannot write to it.
>
> For this reason, I have tried
>
> ./configure --prefix=/gnu
>
> rather than the suggested
>
> ./configure --localstatedir=/gnu/var --exec-prefix=/gnu
>
> Since this suggestion results in `make install` needed to write to both the
> root-squashed network share and /usr/local which can only be done by root,
> an impossibility.
>
> Or am I thinking about this wrong?
>
> --prefix=/gnu has some additional advantage of getting the /share directory
> network wide, as presumably should be /etc/bashy_completion.d
>
> I am making guix from fresh `git pull` master passing all tests (except for
> SKIPPING the container test thanks to recent commit - last week it was failing
> this one)
>
> However, with this configuration, after install, and running the daemon as
> user 'guix', I now get:
>
> bash-4.2$ guix build hello
> guix build: error: build failed: acquiring/releasing lock: No locks
> available
>
> Oh, right, and, I am still doing by hand:
> su -c 'mkdir /gnu/var/guix/profiles/per-user; chmod a+rwx
> /gnu/var/guix/profiles/per-user' - guix
>
> So, I think if I knew a little more about guix internals, I would expect that
> I
> could figure out a ./configuration that allows /gnu to reside on root-squashed
> network share.
>
> Ricardo, you seem to have something _like_ this working. I'm guessing that
> your /gnu was local to your GUIXHOST, and so you did not need to solve this
> root squash issue.
>
> Ricard & Ludo, do you mind thinking this through a little further with me?
>
> Here is current my account setup
>
> getent group guix-builder
> guix-builder:!:20302:guix-builder1,guix-builder2,guix-builder3,guix-
> builder4,guix-builder5,guix-builder6,guix-builder7,guix-builder8,guix-
> builder9,guix-builder10
>
> getent passwd guix
> guix:$1$E5Ru3NpE$wZZY.cM8TwbRMHBI1UP110:3036:20302:Guix
> build user:/var/empty:/bin/bash
>
> getent passwd guix-builder1 ## and all the other guix-builder
> guix-builder1:!!:3048:20302:Guix build user
> 1:/var/empty:/sbin/nologin
>
>
> ~Malcolm
>
>
> >
> > > However trying to --install is not successful
> > >
> > > /gnu/bin/guix package --install hello
> > > accepted connection from pid 26597, uid 1232
> > > error: while creating directory `/gnu/var/guix/profiles/per-
> > user/mec': Permission denied
> > > Please create the `/gnu/var/guix/profiles/per-user/mec' directory,
> > with you as the owner.
> > > Try "info '(guix) Invoking guix package'" for more information.
> > >
> > > Which leads me to think the documentation is in error where it says
> > > "The
> > per-user directory is created when guix-daemon is started".
> >
> > Well, /var/guix/profiles/per-user is created by the daemon, but
> > .../mec is created by ‘guix package’.
> >
> > > Creating it by hand (owned by guix, with write access to all) :
> > >
> > > mkdir /gnu/var/guix/profiles/per-user ## the doc says this should
> > happen by the daemon but not! FIXME! BUG?
> > > chmod a+rwx /gnu/var/guix/profiles/per-user
> >
> > Perfect.
> >
> > The daemon really does create /gnu/var/guix/profiles/per-user, making
> > it world-writable (see nix/libstore/local-store.cc:254.)
> >
> > However, you mentioned guix-daemon was *not* running as root, in
> which
> > case it does not attempt to create this directory. That could be the
> > reason.
> >
> > Thanks for your report,
> > Ludo’.
