Hi zimoun, On Thu, 19 Nov 2020 10:21:16 +0100 zimoun wrote: > Let’s postpone this Docker image work and start a new fresh thread once > v1.2.0 is published and the goal to have something for v1.3.0, well > that’s my point of view. After Ryan Prior's E-Mail I'm pretty sure my workaround of creating /tmp, /etc/passwd, /etc/group etc is what Docker actually expects one to do. So we can just create those--either at runtime, or maybe even have guix system docker-image do it at build time (if it doesn't already). I have no opinion on when we should do that (at this release or the next one), except to state that I am certain that it works (and pretty easily), because guix-on-docker does that already and guix works just fine there. That still leaves to explain how to prevent Docker from keeping older layers when it doesn't need to. In guix-on-docker I have a Dockerfile like this FROM alpine:3.12 AS bootstrap-guix-on-alpine [...] FROM scratch AS guix-on-docker COPY --from=bootstrap-guix-on-alpine /etc/guix /etc/guix COPY --from=bootstrap-guix-on-alpine /var/guix /var/guix COPY --from=bootstrap-guix-on-alpine /gnu /gnu COPY --from=bootstrap-guix-on-alpine /usr/local /usr/local COPY --from=bootstrap-guix-on-alpine /root/.config/guix /root/.config/guix ADD set-mtimes.scm / ADD etc/passwd /etc ADD etc/group /etc ADD etc/services /etc ADD with-guix-daemon.scm / RUN ["/usr/local/bin/guix", "repl", "/set-mtimes.scm"] in order to prevent Docker from keeping older layers[1]. The "set-times.scm" invocation there is in order to fix the timestamps. "COPY --from=" does not preserve timestamps. Then guile is very annoyed because it can't use any of the ".go" files--because they are older than the respective ".scm" files. Using set-times.scm means it will create yet another layer where the only difference is the timestamps--so it doubles the size of the resulting image. But then it works. [1] https://docs.docker.com/develop/develop-images/multistage-build/