unofficial mirror of bug-guix@gnu.org 
 help / color / mirror / code / Atom feed
* bug#22053: silent failure on guix environment foo --container
@ 2015-11-29 18:29 Efraim Flashner
  2015-11-29 21:20 ` Ludovic Courtès
  0 siblings, 1 reply; 6+ messages in thread
From: Efraim Flashner @ 2015-11-29 18:29 UTC (permalink / raw)
  To: 22053


[-- Attachment #1.1: Type: text/plain, Size: 994 bytes --]

When trying to run `guix environment foo --container` I don't get a container
with a new shell or any useful information, it just thinks about it for a
while and then returns to the command prompt, allowing me to enter another
command.

efraim@debian-netbook:~$ strace -f -o log guix environment vim --container ; echo $?
1

efraim@debian-netbook:~$ uname -a
Linux debian-netbook 4.3-0.dmz.2-liquorix-amd64 #1 ZEN SMP PREEMPT Debian 4.3-2 (2015-11-17) x86_64 GNU/Linux

efraim@debian-netbook:~$ sudo sysctl -w kernel.unprivileged_userns_clone=1
sysctl: cannot stat /proc/sys/kernel/unprivileged_userns_clone: No such file or directory
(this kernel does allow running VMs as user, which makes it nice)

efraim@debian-netbook:~$ guix --version
guix (GNU Guix) 0.9.0

-- 
Efraim Flashner   <efraim@flashner.co.il>   אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted

[-- Attachment #1.2: log.gz --]
[-- Type: application/gzip, Size: 137137 bytes --]

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#22053: silent failure on guix environment foo --container
  2015-11-29 18:29 bug#22053: silent failure on guix environment foo --container Efraim Flashner
@ 2015-11-29 21:20 ` Ludovic Courtès
  2015-11-30  6:50   ` Efraim Flashner
  0 siblings, 1 reply; 6+ messages in thread
From: Ludovic Courtès @ 2015-11-29 21:20 UTC (permalink / raw)
  To: Efraim Flashner; +Cc: 22053

Efraim Flashner <efraim@flashner.co.il> skribis:

> When trying to run `guix environment foo --container` I don't get a container
> with a new shell or any useful information, it just thinks about it for a
> while and then returns to the command prompt, allowing me to enter another
> command.
>
> efraim@debian-netbook:~$ strace -f -o log guix environment vim --container ; echo $?
> 1

The failure is:

--8<---------------cut here---------------start------------->8---
21228 mount("none", "/tmp/guix-directory.5sVcGc//dev/pts", "devpts", MS_NOSUID|MS_NOEXEC, "newinstance,ptmxmode=0666,mode=6"...) = -1 EPERM (Operation not permitted)
21228 exit_group(1)                     = ?
--8<---------------cut here---------------end--------------->8---

The problem may be that the kernel does not support
CONFIG_DEVPTS_MULTIPLE_INSTANCES.  Could you check that in
/proc/config.gz or similar?

The other problem is that there’s no error reporting, which doubles user
frustration.  David, could you look into it?  :-)

Ludo’.

^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#22053: silent failure on guix environment foo --container
  2015-11-29 21:20 ` Ludovic Courtès
@ 2015-11-30  6:50   ` Efraim Flashner
  2015-11-30 12:22     ` Ludovic Courtès
  0 siblings, 1 reply; 6+ messages in thread
From: Efraim Flashner @ 2015-11-30  6:50 UTC (permalink / raw)
  To: Ludovic Courtès; +Cc: 22053


[-- Attachment #1.1: Type: text/plain, Size: 1098 bytes --]

On Sun, 29 Nov 2015 22:20:33 +0100
ludo@gnu.org (Ludovic Courtès) wrote:

> Efraim Flashner <efraim@flashner.co.il> skribis:
> 
>  [...]  
> 
> The failure is:
> 
> --8<---------------cut here---------------start------------->8---
> 21228 mount("none", "/tmp/guix-directory.5sVcGc//dev/pts", "devpts", MS_NOSUID|MS_NOEXEC, "newinstance,ptmxmode=0666,mode=6"...) = -1 EPERM (Operation not permitted)
> 21228 exit_group(1)                     = ?
> --8<---------------cut here---------------end--------------->8---
> 
> The problem may be that the kernel does not support
> CONFIG_DEVPTS_MULTIPLE_INSTANCES.  Could you check that in
> /proc/config.gz or similar?

# CONFIG_DEVPTS_MULTIPLE_INSTANCES is not set

> 
> The other problem is that there’s no error reporting, which doubles user
> frustration.  David, could you look into it?  :-)
> 
> Ludo’.



-- 
Efraim Flashner   <efraim@flashner.co.il>   אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted

[-- Attachment #1.2: config.gz --]
[-- Type: application/gzip, Size: 44463 bytes --]

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#22053: silent failure on guix environment foo --container
  2015-11-30  6:50   ` Efraim Flashner
@ 2015-11-30 12:22     ` Ludovic Courtès
  2015-11-30 12:44       ` Efraim Flashner
  0 siblings, 1 reply; 6+ messages in thread
From: Ludovic Courtès @ 2015-11-30 12:22 UTC (permalink / raw)
  To: Efraim Flashner; +Cc: 22053

Efraim Flashner <efraim@flashner.co.il> skribis:

> On Sun, 29 Nov 2015 22:20:33 +0100
> ludo@gnu.org (Ludovic Courtès) wrote:
>
>> Efraim Flashner <efraim@flashner.co.il> skribis:
>> 
>>  [...]  
>> 
>> The failure is:
>> 
>> --8<---------------cut here---------------start------------->8---
>> 21228 mount("none", "/tmp/guix-directory.5sVcGc//dev/pts", "devpts", MS_NOSUID|MS_NOEXEC, "newinstance,ptmxmode=0666,mode=6"...) = -1 EPERM (Operation not permitted)
>> 21228 exit_group(1)                     = ?
>> --8<---------------cut here---------------end--------------->8---
>> 
>> The problem may be that the kernel does not support
>> CONFIG_DEVPTS_MULTIPLE_INSTANCES.  Could you check that in
>> /proc/config.gz or similar?
>
> # CONFIG_DEVPTS_MULTIPLE_INSTANCES is not set

QED.  :-)  However, the daemon needs it too.  Don’t you have problems
with guix-daemon as well, when building things locally on that machine?

Ludo’.

^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#22053: silent failure on guix environment foo --container
  2015-11-30 12:22     ` Ludovic Courtès
@ 2015-11-30 12:44       ` Efraim Flashner
  2015-11-30 12:51         ` Ludovic Courtès
  0 siblings, 1 reply; 6+ messages in thread
From: Efraim Flashner @ 2015-11-30 12:44 UTC (permalink / raw)
  To: Ludovic Courtès; +Cc: 22053

[-- Attachment #1: Type: text/plain, Size: 2169 bytes --]

On Mon, 30 Nov 2015 13:22:34 +0100
ludo@gnu.org (Ludovic Courtès) wrote:

> Efraim Flashner <efraim@flashner.co.il> skribis:
> 
> > On Sun, 29 Nov 2015 22:20:33 +0100
> > ludo@gnu.org (Ludovic Courtès) wrote:
> >  
> >> Efraim Flashner <efraim@flashner.co.il> skribis:
> >> 
> >>  [...]  
> >> 
> >> The failure is:
> >> 
> >> --8<---------------cut here---------------start------------->8---
> >> 21228 mount("none", "/tmp/guix-directory.5sVcGc//dev/pts", "devpts", MS_NOSUID|MS_NOEXEC, "newinstance,ptmxmode=0666,mode=6"...) = -1 EPERM (Operation not permitted)
> >> 21228 exit_group(1)                     = ?
> >> --8<---------------cut here---------------end--------------->8---
> >> 
> >> The problem may be that the kernel does not support
> >> CONFIG_DEVPTS_MULTIPLE_INSTANCES.  Could you check that in
> >> /proc/config.gz or similar?  
> >
> > # CONFIG_DEVPTS_MULTIPLE_INSTANCES is not set  
> 
> QED.  :-)  However, the daemon needs it too.  Don’t you have problems
> with guix-daemon as well, when building things locally on that machine?
> 
> Ludo’.

Not at all, I've been building things all day. Is this the type of thing that
would control if there were multiple concurrent build processes? I've only
ever built things consecutively (not including make -j2). Without changing
settings, should I be building two packages concurrently, or building one and
downloading substitutes at the same time?

efraim@debian-netbook:~$ systemctl status guix-daemon.service
● guix-daemon.service - Guix daemon builds packges, installs them, and runs garbage collection.
   Loaded: loaded (/etc/systemd/system/guix-daemon.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2015-11-28 21:36:22 IST; 1 day 17h ago
 Main PID: 810 (guix-daemon)
   CGroup: /system.slice/guix-daemon.service
           └─810 /root/.guix-profile/bin/guix-daemon --build-users-group=guix-builder

-- 
Efraim Flashner   <efraim@flashner.co.il>   אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#22053: silent failure on guix environment foo --container
  2015-11-30 12:44       ` Efraim Flashner
@ 2015-11-30 12:51         ` Ludovic Courtès
  0 siblings, 0 replies; 6+ messages in thread
From: Ludovic Courtès @ 2015-11-30 12:51 UTC (permalink / raw)
  To: Efraim Flashner; +Cc: 22053

Efraim Flashner <efraim@flashner.co.il> skribis:

> On Mon, 30 Nov 2015 13:22:34 +0100
> ludo@gnu.org (Ludovic Courtès) wrote:
>
>> Efraim Flashner <efraim@flashner.co.il> skribis:
>> 
>> > On Sun, 29 Nov 2015 22:20:33 +0100
>> > ludo@gnu.org (Ludovic Courtès) wrote:
>> >  
>> >> Efraim Flashner <efraim@flashner.co.il> skribis:
>> >> 
>> >>  [...]  
>> >> 
>> >> The failure is:
>> >> 
>> >> --8<---------------cut here---------------start------------->8---
>> >> 21228 mount("none", "/tmp/guix-directory.5sVcGc//dev/pts", "devpts", MS_NOSUID|MS_NOEXEC, "newinstance,ptmxmode=0666,mode=6"...) = -1 EPERM (Operation not permitted)
>> >> 21228 exit_group(1)                     = ?
>> >> --8<---------------cut here---------------end--------------->8---
>> >> 
>> >> The problem may be that the kernel does not support
>> >> CONFIG_DEVPTS_MULTIPLE_INSTANCES.  Could you check that in
>> >> /proc/config.gz or similar?  
>> >
>> > # CONFIG_DEVPTS_MULTIPLE_INSTANCES is not set  
>> 
>> QED.  :-)  However, the daemon needs it too.  Don’t you have problems
>> with guix-daemon as well, when building things locally on that machine?
>> 
>> Ludo’.
>
> Not at all, I've been building things all day.

I’ve realized that the daemon has a fallback case for this situation, in
libstore/build.cc:

--8<---------------cut here---------------start------------->8---
  /* Mount a new devpts on /dev/pts.  Note that this
     requires the kernel to be compiled with
     CONFIG_DEVPTS_MULTIPLE_INSTANCES=y (which is the case
     if /dev/ptx/ptmx exists). */
  if (pathExists("/dev/pts/ptmx") &&
      !pathExists(chrootRootDir + "/dev/ptmx")
      && dirsInChroot.find("/dev/pts") == dirsInChroot.end())
  {
      if (mount("none", (chrootRootDir + "/dev/pts").c_str(), "devpts", 0, "newinstance,mode=0620") == -1)
          throw SysError("mounting /dev/pts");
      createSymlink("/dev/pts/ptmx", chrootRootDir + "/dev/ptmx");

      /* Make sure /dev/pts/ptmx is world-writable.  With some
         Linux versions, it is created with permissions 0.  */
      chmod_(chrootRootDir + "/dev/pts/ptmx", 0666);
  }
--8<---------------cut here---------------end--------------->8---

David, should we do something similar?

Thanks,
Ludo’.

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2015-11-30 12:52 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-11-29 18:29 bug#22053: silent failure on guix environment foo --container Efraim Flashner
2015-11-29 21:20 ` Ludovic Courtès
2015-11-30  6:50   ` Efraim Flashner
2015-11-30 12:22     ` Ludovic Courtès
2015-11-30 12:44       ` Efraim Flashner
2015-11-30 12:51         ` Ludovic Courtès

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).