Hello Guix! One of the most important pieces of advice we give to use Guix on foreign distros is to make sure the distro runs nscd, so we don’t end up dlopening NSS modules in Guix-produced programs:
https://guix.gnu.org/manual/en/html_node/Application-Setup.html#Name-Service-Switch A situation where this is not possible is HPC clusters: you would like to run packs there, but you’re not root and cannot spawn nscd, and those machines typically use a Red Hat derivative with ‘sssd’: --8<---------------cut here---------------start------------->8--- $ grep sss /etc/nsswitch.conf passwd: files sss shadow: files sss group: files sss services: files sss netgroup: files sss automount: files sss --8<---------------cut here---------------end--------------->8--- If you try to run binaries from ‘guix pack’ there, they’ll fail to find libnss_sss.so, and so user name lookups etc. (e.g., getpw(3)) will fail. The workaround I found is to add ‘sssd’ to the pack, like so: guix pack -RR -S /lib=lib -S /bin=bin sssd guile That way, on the other machine, you can set LD_LIBRARY_PATH such that Guix’ libnss_sss.so gets loaded: tar xf /path/to/pack.tgz LD_LIBRARY_PATH=$PWD/lib ./bin/guile -c '(pk (getpw (getuid)))' It works! However, if people have ideas of less arcane workarounds, I’m interested. For the record, I pushed one commit that fixes ‘sssd’¹ and another one to have LD_LIBRARY_PATH honored when using GUIX_EXECUTION_ENGINE=fakechroot². Ludo’. ¹ https://git.savannah.gnu.org/cgit/guix.git/commit/?id=8df6900dffa9e1c74ac3f64877f067974eee0eeb ² https://git.savannah.gnu.org/cgit/guix.git/commit/?id=28dce8f02db38a41e59ecdf3786baa6f732636ff
