unofficial mirror of 
 help / color / mirror / code / Atom feed
* bug#69708: Guix-Jupyter download directive: "Operation not permitted"
@ 2024-03-10 11:17 Troy Figiel
  0 siblings, 0 replies; only message in thread
From: Troy Figiel @ 2024-03-10 11:17 UTC (permalink / raw)
  To: 69708

Hi Guix-Jupyter,

Please let me know if this is the right location to file a bug. Since I
don't have an account on, I can't file an issue there.

In any case, the ;;guix download directive assumes the ability to hard
link from the gnu store to your tmp directory. This killed the Guix
kernel and returned an "Operation not permitted" error in my Jupyter

As it turns out, there is a kernel parameter called
"fs.protected_hardlinks" which prevents the creation of hard links by
users that do not own the source. Since my gnu store is root owned and I
run Jupyter as non-root (hence creating the container in the tmp
directory as non-root), this fails. For my system
"fs.protected_hardlinks" was set to 1 by default. Setting it to 0 fixes
the problem.

However, I am not convinced hard linking is the right solution anyway.
For one, it is not uncommon to have tmp and the gnu store living on
different volumes (which seems to be fixed upstream, but not tagged
yet). Copying would be an improvement, as it circumvents these issues,
but with the obvious downside that it duplicates all the data.

I was thinking it might make more sense to bind mount the file into the
container. This would solve the above issues, but not duplicate the
data. The raw data would then be completely immutable, however, I do not
see this as a downside, since treating raw data as immutable is already
a good practice.


Best wishes,


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2024-03-17 11:33 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-03-10 11:17 bug#69708: Guix-Jupyter download directive: "Operation not permitted" Troy Figiel

Code repositories for project(s) associated with this public inbox

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).