[Nix-dev] multi-user / RHEL6.5/ no root -- "nix-env -i" trying to grab a lock file outside of "per-user"

Ryan Newton rrnewton at indiana.edu
Thu Aug 21 06:18:02 CEST 2014


Hello all,

I'm an enthusiastic recent convert to nix.  I'm trying to get it set up
across our university's shared RHEL 6.5 linux setup so that my students and
I can use it for building all our research software.  I've convinced the
sysadmins to symlink /nix/ to an NSF location (for now) so that we can get
started, but I can't get things working in multiuser mode
(NIX_REMOTE=daemon) with a special build-user that is non-root.

For example:

  * user "builder" -- own /nix, runs nix-daemon, non-root
  * user "steve" -- non-root, can write to
/nix/var/nix/daemon-socket/socket

Actually, if steve runs "nix-env -i hello", it works as far as building the
package in the store, but then at the end it fails when trying to update
the profiles:

    replacing old `hello-2.9'
    installing `hello-2.9'
    error: opening lock file `/nix/var/nix/profiles/default.lock':
Permission denied

Why should it be going for "profiles/" instead of
"profiles/per-user/steve/"?  Why does the user account need to do any of
the locking at all?  Shouldn't the daemon control all access to the "/nix"
directory in the multi-user setup?

I messed around with the perms in that profiles directory, making it
group-writable (for a group that includes "steve" and "builder"), but that
just gets me to a different error:

    error: creating symlink from `/nix/var/nix/profiles/.new_default' to
`default-47-link': File exists

Seems like a lose-lose situation -- I can play with setting/unsetting the
sticky bit, "chmod 1775", on that profiles/ dir but the best I can't avoid
hitting some error.  I think the problem originates in "profile.d/nix.sh"
which was created during installation and reads:

    _NIX_DEF_LINK=/nix/var/nix/profiles/default

Should that instead say profiles/per-user/$USER/default ?  I don't want to
mutate a config file in the nix store, so hopefully there is some way to
change this NIX_DEF_LINK during the install process?  Or build an alternate
one and point my ~/.nix-profile/etc/profile.d there?  What's the best
approach?

Thanks in advance for your help,
  -Ryan

P.S. This is with nix-1.7.



-- 
Ryan R. Newton
(812) 856-4205
Asst. Professor
Indiana University - School of Informatics & Computing
Lindley Hall 230H
http://www.cs.indiana.edu/~rrnewton/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.science.uu.nl/pipermail/nix-dev/attachments/20140821/e8c8ef74/attachment.html 


More information about the nix-dev mailing list