Hi Simon, I guess you’re ahead on me on these issues :-) so I’m glad you’re testing it and reporting back!
Simon Josefsson <si...@josefsson.org> skribis: > I get the following error: > > guix pull: error: cloning builder process: Operation not permitted > > If I add --cap-add and instead run: > > time buildah build --debug --cap-add=CAP_SYS_ADMIN -t > $CI_REGISTRY_IMAGE:$CI_JOB_NAME debian-with-install-guix > > I get this error: > > guix pull: error: while setting up the build environment: cannot set loopback > interface flags: Operation not permitted Is there some AppArmor policy in place or something along these lines? It definitely works on Debian 12 (which is what we use in the system test¹), but Ubuntu for instance has an AppArmor policy that restrains the use of unprivileged user namespaces (I have not looked into how to work around that). Thanks, Ludo’. ¹ https://ci.guix.gnu.org/build/9790957/details
