[Nix-dev] builder is root, not nixbld<n> [was: cannot build coreutils]
Ben Franksen
ben.franksen at online.de
Sat Apr 26 00:36:30 CEST 2014
Hello
tl;dr I can verify with a very simple nix expression that the builder indeed
is root, and not one of the nixbld users. I think this is not as it should
be.
Any idea what I am doing wrong?
Details follow:
Here is the test expression:
{stdenv, coreutils}: stdenv.mkDerivation {
name = "trivial-0.0";
builder = ./builder.sh;
inherit coreutils;
}
and the builder is just
$coreutils/bin/id
> nix-build '<nixpkgs>' -A trivial
these derivations will be built:
/nix/store/11h7h69wfw56d4j4xgmpgwk2k2hccq6r-trivial-0.0.drv
building path(s) `/nix/store/jvqphwydc3p3ggsn5bmdwks0n5lppqwk-trivial-0.0'
uid=0(root) gid=0(root) groups=0(root)
[...]
When I give the -K option I can see that everything under /tmp/nix-... is
owned by root.
I re-installed nix-1.7 from source and re-checked my configuration.
These are the build users:
> grep nixbld /etc/{passwd,group}
/etc/passwd:nixbld0:x:40000:40000:Nix build user
0,,,:/var/run/empty:/bin/false
/etc/passwd:nixbld1:x:40001:40000:Nix build user
1,,,:/var/run/empty:/bin/false
/etc/passwd:nixbld2:x:40002:40000:Nix build user
2,,,:/var/run/empty:/bin/false
/etc/passwd:nixbld3:x:40003:40000:Nix build user
3,,,:/var/run/empty:/bin/false
/etc/passwd:nixbld4:x:40004:40000:Nix build user
4,,,:/var/run/empty:/bin/false
/etc/passwd:nixbld5:x:40005:40000:Nix build user
5,,,:/var/run/empty:/bin/false
/etc/passwd:nixbld6:x:40006:40000:Nix build user
6,,,:/var/run/empty:/bin/false
/etc/passwd:nixbld7:x:40007:40000:Nix build user
7,,,:/var/run/empty:/bin/false
/etc/passwd:nixbld8:x:40008:40000:Nix build user
8,,,:/var/run/empty:/bin/false
/etc/passwd:nixbld9:x:40009:40000:Nix build user
9,,,:/var/run/empty:/bin/false
/etc/group:nixbld:x:40000:nixbld0,nixbld1,nixbld2,nixbld3,nixbld4,nixbld5,nixbld6,nixbld7,nixbld8,nixbld9
That looks ok to me. My /etc/nix/nix.conf contains one line
build-users-group = nixbld
(I disabled chroot builds for the moment)
Environment:
> env|grep NIX
NIX_REMOTE=daemon
NIX_PATH=nixpkgs=/home/ben/.nix-defexpr/channels/nixos-13.10/nixpkgs
For the multi-user setup I largely followed the instructions here:
http://sandervanderburg.blogspot.de/2013/06/setting-up-multi-user-nix-installation.html
except that I use this very simple upstart job for the nix-daemon:
# Nix build daemon.
description "Nix build daemon"
start on runlevel [2345]
stop on runlevel [!2345]
exec /usr/local/bin/nix-daemon
Cheers
Ben
--
"Make it so they have to reboot after every typo." -- Scott Adams
More information about the nix-dev
mailing list