From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id sNjRLBecFl9DfwAA0tVLHw (envelope-from ) for ; Tue, 21 Jul 2020 07:41:11 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id qI+pKBecFl8hNgAA1q6Kng (envelope-from ) for ; Tue, 21 Jul 2020 07:41:11 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 3BA9C9403A3 for ; Tue, 21 Jul 2020 07:41:11 +0000 (UTC) Received: from localhost ([::1]:45548 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jxmth-0005zi-TA for larch@yhetil.org; Tue, 21 Jul 2020 03:41:09 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:50278) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jxmta-0005zG-44 for bug-guix@gnu.org; Tue, 21 Jul 2020 03:41:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:54479) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1jxmtZ-0007el-QT for bug-guix@gnu.org; Tue, 21 Jul 2020 03:41:01 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1jxmtZ-0005lf-Nw for bug-guix@gnu.org; Tue, 21 Jul 2020 03:41:01 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#42173: Nix on Guix System: can't update channels Resent-From: Oleg Pykhalov Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Tue, 21 Jul 2020 07:41:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 42173 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Ludovic =?UTF-8?Q?Court=C3=A8s?= Received: via spool by 42173-submit@debbugs.gnu.org id=B42173.159531722822124 (code B ref 42173); Tue, 21 Jul 2020 07:41:01 +0000 Received: (at 42173) by debbugs.gnu.org; 21 Jul 2020 07:40:28 +0000 Received: from localhost ([127.0.0.1]:37792 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jxmt1-0005kl-SJ for submit@debbugs.gnu.org; Tue, 21 Jul 2020 03:40:28 -0400 Received: from mail-lf1-f51.google.com ([209.85.167.51]:40522) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jxmt0-0005kZ-5D for 42173@debbugs.gnu.org; Tue, 21 Jul 2020 03:40:26 -0400 Received: by mail-lf1-f51.google.com with SMTP id o4so11145096lfi.7 for <42173@debbugs.gnu.org>; Tue, 21 Jul 2020 00:40:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version; bh=k7NujUnTZzshgifplf86Zy/Bx7OAdrXnwq3VCbvxjfg=; b=TFqZzF5b5xQNUEnqAHrEZfff4XFhVvsDF0QG3GEcIfLQTlh5A1+FyOV3YiBsC3KDJU VWjUMO1t5bV1OZ05+/bnWcez2o2PccaItY7hcmknBa4tsli/yG178zhHt0BJoomCU2Jh zF6CdKwbK6hUv6i79YlnukxRpv9d3VJhCOeQLw4nSi7RtEHdxeP5dODOKViaEUemB6zE wJsT9YNSX8miJwSGeZUVgNNOuLuz9GruPKlDjugHF30CeU4IXV4f5dn9gu+EFD88bXMY AgjiB/zehPIfZm5VTImAYLyHFkiCPLBS+L9ozfeCGqVneW6mqIvmY66BV6q1XVP9cTNA eNZg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to :message-id:user-agent:mime-version; bh=k7NujUnTZzshgifplf86Zy/Bx7OAdrXnwq3VCbvxjfg=; b=sNZa+C7NlOlS/niNrmvBFSzlPfZInpVs61R1QFJt3aYQw2dC8U2EW/o+QZ5jqBErmy sVw4c4tqL5q6cVrk2Pa9LNtZVvgM1MM7MQKtnDo6o5x0RDCPNDWmXxtIri02/2NPN0ZX GHF/W8GYwOYPBiS8417KmfDRMXtk8jFM62z1qiTMZzcYRYS0CIPkaKuP2RBltciMZ0wq eyXCiPKbHouTQe4K75JfeRBk5mZ1NPl++xFVJeucGie3exqLkLMUFqSl+GeVRvEJy02i JGzhwFeNHvPIdhMonRKMKT5MYjWHABo114T97qisoGimltT7RtNb1oMYoh07sxCBOgPk 962A== X-Gm-Message-State: AOAM532mF9BPddGhI48roAscd3oYioumIP/rqyqj5+GsbSvI5p7IzoEM T/yMNmWGpFME+2AongJd/W07U9zUAjU= X-Google-Smtp-Source: ABdhPJze4PyPWWshZHn/GB+nHd97iV2H/S9VLB+mK7//M0LF5fZjch36EvxSmZizEXD07vcAhO+50A== X-Received: by 2002:a19:48d3:: with SMTP id v202mr13076346lfa.202.1595317219335; Tue, 21 Jul 2020 00:40:19 -0700 (PDT) Received: from guixsd (ppp91-122-98-213.pppoe.avangarddsl.ru. [91.122.98.213]) by smtp.gmail.com with ESMTPSA id x6sm4140419lff.64.2020.07.21.00.40.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Jul 2020 00:40:18 -0700 (PDT) From: Oleg Pykhalov References: <87a70gud45.fsf@posteo.ro> <7fc08d8c7780.aa19f4b146749b1@guile.gnu.org> <877dv37or1.fsf@gnu.org> Date: Tue, 21 Jul 2020 10:39:57 +0300 In-Reply-To: <877dv37or1.fsf@gnu.org> ("Ludovic \=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\= \=\?utf-8\?Q\?s\?\= message of "Thu, 16 Jul 2020 12:12:02 +0200") Message-ID: <878sfdqpte.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -1.0 (-) X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Zhu Zihao via web , 42173@debbugs.gnu.org Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=fail (rsa verify failed) header.d=gmail.com header.s=20161025 header.b=TFqZzF5b; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Spam-Score: -2.01 X-TUID: UTe9vW3aosxm --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi, Ludovic Court=C3=A8s writes: > Hi, > > (+Cc: Oleg, who worked on the Nix service.) > > Zhu Zihao via web skribis: > >> I found that if I put "sandbox =3D false" to /etc/nix/nix.conf. Nix can = update channel. Maybe nix's sandbox forget to import some guix binary path? > > Yes, probably. There=E2=80=99s probably an option similar to the > =E2=80=98--chroot-directory=E2=80=99 of =E2=80=98guix-daemon=E2=80=99 to = specify additional directories > that must be in the =E2=80=9Csandbox=E2=80=9D. > > If you find that option, then we can arrange and add all the > dependencies of /gnu/store/=E2=80=A6/bin/bash there (similar to what > =E2=80=98qemu-binfmt-service-type=E2=80=99 does). /gnu/store/=E2=80=A6/bin/bash (we need a static-bash) is not enough, we also should handle all packages (and closures in case binaries are not static) listed in: $(guix build --no-grafts nix)/share/nix/corepkgs/config.nix =2D-8<---------------cut here---------------start------------->8--- let fromEnv =3D var: def: let val =3D builtins.getEnv var; in if val !=3D "" then val else def; in rec { shell =3D "/gnu/store/pwcp239kjf7lnj5i4lkdzcfcxwcfyk72-bash-minimal-5.0.1= 6/bin/bash"; coreutils =3D "/gnu/store/57xj5gcy1jbl9ai2lnrqnpr0dald9i65-coreutils-8.32= /bin"; bzip2 =3D "/gnu/store/a9f7wmc75hbpg520phw9z4l9asm3qvsw-bzip2-1.0.8/bin/bz= ip2"; gzip =3D "/gnu/store/ncydgq2znms5n1d2k5yqshhf58nsixwv-gzip-1.10/bin/gzip"; xz =3D "/gnu/store/r7k859hmcnkazf492fasqvk25jflnfk6-xz-5.2.4/bin/xz"; tar =3D "/gnu/store/v6f44zccwh9z5zk3pjlywjybbi8n2hjh-tar-1.32/bin/tar"; tarFlags =3D "--warning=3Dno-timestamp"; tr =3D "/gnu/store/57xj5gcy1jbl9ai2lnrqnpr0dald9i65-coreutils-8.32/bin/tr= "; nixBinDir =3D fromEnv "NIX_BIN_DIR" "/gnu/store/2x4qyarbmhi3dqcqhkkia6l49= 1yjnf11-nix-2.3.6/bin"; nixPrefix =3D "/gnu/store/2x4qyarbmhi3dqcqhkkia6l491yjnf11-nix-2.3.6"; nixLibexecDir =3D fromEnv "NIX_LIBEXEC_DIR" "/gnu/store/2x4qyarbmhi3dqcqh= kkia6l491yjnf11-nix-2.3.6/libexec"; nixLocalstateDir =3D "/nix/var"; nixSysconfDir =3D "/etc"; nixStoreDir =3D fromEnv "NIX_STORE_DIR" "/nix/store"; # If Nix is installed in the Nix store, then automatically add it as # a dependency to the core packages. This ensures that they work # properly in a chroot. chrootDeps =3D if dirOf nixPrefix =3D=3D builtins.storeDir then [ (builtins.storePath nixPrefix) ] else [ ]; } =2D-8<---------------cut here---------------end--------------->8--- Currently I don't see a way to mount /gnu/store/57xj5gcy1jbl9ai2lnrqnpr0dald9i65-coreutils-8.32 dependencies (and other packages) inside the Nix sandbox. Oleg. --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEcjhxI46s62NFSFhXFn+OpQAa+pwFAl8Wm80ACgkQFn+OpQAa +pzwYBAAgTjjfnHx8hNC7ueDy7sDFKj3B20at10fDQatGVwseSXEIkMRfBpzWk6H H7mhZdPQV/ZS/uz6OAsZ3TFqvGGvaOpzJhMQeK0PsuZ7DF/JPMB1Kf+fBusAPhKD kqKPYf7k5LhejkByGKuQVjYqFfIovlY+INna5Aa8B6q9mzUvUtBRODLcnLNtkibZ 6OYfQ/7l66D5txd6VicMZ+dL3WD+d2gvEskmCGMUIKa6aXVmE93/noeWGDq9yQ4o uaHD3YT1794fkBQBr1syX+qbkXNbp28oepWAwBqIcOMW4ejQiIWxtGJduT1FGV0B Cax2X3M/MNJYU6TRtQyUvwXEj3Da7vOsk05bwoZ1a/xO3UkUej6NQWEVP6eGl8Fp ib/73ddFkC/7ScVZp36UO6QPNrcGEsyJZitFSH1lVp0qGBWY+Dxu6Efq3UqY6mUa dFnsBUQGqYmAfDWLZptU7nZNYAMsJb+8cVc2G2x5K+lGwCHY5dMpwi06GWcD/xmf tLF3TQ5AKx05/8829oOh0kJzRKuk5Z2yOvAtataIrHzNUHB9YRfKBFYP51SQN8wN jHfvGN6xgL3gvwgum8AZudGAeAApZzeKRrKDoEcEecQQ1KJb0lXVPPpt0auMPSF6 CXYsp/dURE+/5wOkxyuqYtQmrenmXbCpuqT1WsVFW6pczSAfK4k= =VGMy -----END PGP SIGNATURE----- --=-=-=--