Hello Attila,
Attila Lendvai <att...@lendvai.name> writes:
> dear Guix,
>
> my ultimate goal is to run Home Assistant (a python based service) from
> Shepherd.
>
> packaging it seems to be too much effort, so i looked into running it in a
> `guix shell --container`. it works fine when done from the terminal:
>
> $ su - hass
> $ guix shell --manifest=manifest.scm --container --emulate-fhs --network
> --share=/srv/hass
> $ cd /srv/hass && source bin/activate && LD_LIBRARY_PATH=/lib:/lib64 hass
> 2>&1 | tee /var/log/home-assistant.log
>
> (specifications->manifest
> '("python"
> "python-virtualenv"
> "python-pytzdata"
> "autoconf"
> "openssl"
> "libxml2"
> "libxslt"
> "libjpeg"
> "libffi"
> "eudev"
> "zlib"
> "pkg-config"
> "ffmpeg"
> "gcc-toolchain"
>
> "git"
> ))
>
> now, i've converted this to a Shepherd service like this:
>
> (simple-service
> 'home-assistant
> shepherd-root-service-type
> (list
> (shepherd-service
> (requirement '(file-systems networking guix-daemon))
> (provision '(home-assistant))
> (documentation "")
> ;; TODO herd stop doesn't work
> (start
> #~(lambda _
> (fork+exec-command
> (list #$(file-append guix "/bin/guix")
> "shell"
> "--manifest=manifest.scm"
> "--container"
> "--emulate-fhs"
> "--network"
> "--share=/srv/hass"
> "--"
> #$(file-append bash "/bin/bash")
> "-c" "cd /srv/hass && source bin/activate &&
> LD_LIBRARY_PATH=/lib:/lib64 hass")
> #:log-file "/var/log/home-assistant.log"
> #:user '#$(user-account-name *hass-user*)
> #:group '#$(user-account-group *hass-user*)
> #:supplementary-groups
> '#$(user-account-supplementary-groups *hass-user*)
> #:environment-variables
> (list (string-append "HOME=/home/"
> #$(user-account-name *hass-user*)))))))))
>
>
> but this errors out:
>
> guix shell: error: mkdir: Permission denied:
> "/tmp/guix-directory.sfpIhA/real-root"
>
> should this work, or am i holding it wrong?
>
> or should it be done some other way? any examples around?
>
> if it should work, then any hints on what to look at for a fix? grepping for
> 'real-root' brings up MOUNT-FILE-SYSTEMS in linux-container.scm, but i
> couldn't find anything obviously broken there.
>
> sidenote: debugging this would be a lot easier if the error wasn't
> reduced to the above line, but instead a general error handler printed
> a backtrace.
I have no idea it this is the cause, but the immediate difference I see
between the terminal (working) and shepherd service (not working) is the
current working directory. In the former case it would be ~hass, in the
latter case it would be /. Guix shell defaults to making CWD available
in the container, so it in the service case (I am guessing) mounts /
onto / of the containers which might mess up some permissions.
You might try setting #:directory if you need the $HOME accessible, or
pass --no-cwd if you do not.
I am unsure this will solve your problem, but I hope it at least helps.
Have a nice day,
Tomas
--
There are only two hard things in Computer Science:
cache invalidation, naming things and off-by-one errors.
