From: Pjotr Prins <pjotr.public12@thebird.nl>
To: Florian Thevissen <mail@florian-thevissen.de>
Cc: bug-Guix@gnu.org
Subject: bug#34494: proot-based non-root setup: refusing to run with elevated privileges (UID 0)
Date: Sat, 16 Feb 2019 07:34:52 +0100 [thread overview]
Message-ID: <20190216063452.xllpdkhz4lc4jz4q@thebird.nl> (raw)
In-Reply-To: <81415b97-6e02-33dc-a4da-b1b046d5a4e7@florian-thevissen.de>
Did you try something like
proot -0 -b /proc -b /dev -b /etc -r . -b etc_guix/acl:/etc/guix/acl gnu/store/vir3l..-guix-0.x/bin/guix-daemon --disable-chroot
(note the extra -0 and chroot switches) and you should see on a guix package install.
That used to work. But maybe no longer?
On Fri, Feb 15, 2019 at 09:39:21PM +0100, Florian Thevissen wrote:
> Hi,
>
> I am trying to get guix to run on a system where I do not have root
> access, following a guide by pjotrp involving proot, here:
> [1]https://github.com/pjotrp/guix-notes/blob/master/GUIX-NO-ROOT.org .
>
> All guix operations that involve the script perform-download fail with
> the error:
>
> guix perform-download: error: refusing to run with elevated
> privileges (UID 0)
>
> I am not sure if this hints at a bug in guix itself, but a comment in
> the guix sources lets me assume so. It says in
> package-management.scm:355
>
> “Note that scripts like ‘guix perform-download’ do not run as root
> (…)”
>
> In my setup, following this guide, however, it apparently is run as
> root, and (assert-low-privileges) in the script perform-download.scm:89
> acts accordingly by signalling the error and exiting.
>
> (By the way - running guix-daemon with proot root privileges fails
> (-0), and running it without (no -0) fails also.)
>
> Now my question: why is perform-download run as root following pjotrs
> guide, and is there anything that can be done about it?
>
> I am a bit at a loss here, being unfamiliar with the guix sources and
> overall system setup.
>
> Looking forward to help, thanks,
>
> Florian
>
>
> References
>
> 1. https://github.com/pjotrp/guix-notes/blob/master/GUIX-NO-ROOT.org
next prev parent reply other threads:[~2019-02-16 6:44 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-15 20:39 bug#34494: proot-based non-root setup: refusing to run with elevated privileges (UID 0) Florian Thevissen
2019-02-16 6:34 ` Pjotr Prins [this message]
2019-02-16 9:04 ` Florian Thevissen
[not found] ` <20190216091747.eb6g7znptifbqqbt@thebird.nl>
2019-02-16 10:07 ` Florian Thevissen
2019-03-04 21:45 ` Ludovic Courtès
2019-03-05 18:57 ` Florian Thevissen
2019-03-06 16:00 ` Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190216063452.xllpdkhz4lc4jz4q@thebird.nl \
--to=pjotr.public12@thebird.nl \
--cc=bug-Guix@gnu.org \
--cc=mail@florian-thevissen.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).