From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp12.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id GMhCGRFG3WMhKgEAbAwnHQ (envelope-from ) for ; Fri, 03 Feb 2023 18:36:17 +0100 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp12.migadu.com with LMTPS id uMEcGRFG3WNHSgEAauVa8A (envelope-from ) for ; Fri, 03 Feb 2023 18:36:17 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 0A98B96EF for ; Fri, 3 Feb 2023 18:36:16 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pNzyX-0007qZ-Qz; Fri, 03 Feb 2023 12:35:49 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pNzyV-0007q1-3c for guix-devel@gnu.org; Fri, 03 Feb 2023 12:35:47 -0500 Received: from koszko.org ([93.95.227.159]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pNzyT-0000F1-4a for guix-devel@gnu.org; Fri, 03 Feb 2023 12:35:46 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=koszko.org; s=mail; h=Content-Type:MIME-Version:References:In-Reply-To:Message-ID: Subject:Cc:To:From:Date:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=8P8e9QvBkFDAHHsHvKmA+83zQc4nITStqCNLhUf4Dp8=; b=M6syiwZMx5Gr2y+TzoR+6i63LA xLhYRKGHT9NWyY1N+SpzUh4pA7e7UB1eXwqzmRTm57TurM6CnsQOUXfHT42kSwBui7ADh6y2CeOMy QyIAmB6lf8qTjfhS18blmSt7rwMHYfaDToI6ed4UP/R9gagmL4KP6dssbFLL/uPxeb65jSffyvCkz AN2MsRNfUh49w1E0YwwAn9EdLKTNCb56WYY07Vl9vCaYhRwz4jCh30pT16TFxhAkD48b8BBWuNUHR DYMjpTKEkw7CqSDiN2Dvz/anFuOwMLtZEZ+WrFgKabwOhoxKnEyI3Ly6HPNzHfCtkxNgflVn5ZZuj yVTTahc1SmIHvLgz9rdNmbOjTWJyz/kzOHSvUPz/g/yQukNbwxfOBjjAtReQHrg14b1iObl6dE+ku kufcMBp+xez24WIZ7KqEg7OedHAQNAiC1tBQL2AU/HqdSwDyeQ/egBCFQKD4CCgx3eFKQyA1zPkkg FVtc0/Tm6RWC/CsJQQOdepO1roxXTSivnXIcCUvqKtwfyZKwcQW+OkYUcqq8URcVjemEDq4h3cEGG 7DyCcro2+YZ3uO3Jbm/OMdrWpq9acaw3OpdJYo+AUJPWOwgjjpZ03ok3RZhURXCN1IEhRkDNqKOOw JxMJ+k6Uts/39+Gzvrt1p3Im0SayFwy18qd0+ZDHQ=; Received: from 77-252-46-225.static.ip.netia.com.pl ([77.252.46.225] helo=koszkonutek-tmp.pl.eu.org) by koszko.org with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1pNzyN-0002cg-Rj; Fri, 03 Feb 2023 18:35:40 +0100 Date: Fri, 3 Feb 2023 18:35:37 +0100 To: Konrad Hinsen Cc: Guix Devel Subject: Re: Using Guix inside a Guix container Message-ID: <20230203183537.5e09f685.koszko@koszko.org> In-Reply-To: References: X-Mailer: Claws Mail 3.17.8 (GTK+ 2.24.33; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="Sig_/./JORRStNMjXMHxqMDHrTCb"; protocol="application/pgp-signature"; micalg=pgp-sha256 Received-SPF: pass client-ip=93.95.227.159; envelope-from=koszko@koszko.org; helo=koszko.org X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-to: Wojtek Kosior From: Wojtek Kosior via "Development of GNU Guix and the GNU System distribution." Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: guix-devel-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1675445777; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=8P8e9QvBkFDAHHsHvKmA+83zQc4nITStqCNLhUf4Dp8=; b=AE6BWlJVEQD1QLMrjDwV2N4sZka/ZZzIliu2jRJ2lf0YRd/HvTK33eYQkMeR05+NuToMz8 zo62dKDNdsRgd7SKDZVLVDeFO/f9+PICU3iX7Q+ywTFn1lUSFm6N1gshGFLLNuga546j1d jgImVIALJwt7mB0rEq9TM65h5VFu5QwHKnLLmU70bLSrjDMvySwkzXrXlQJ3Mnu9NfgDig MgfxW6Eo5kd36X2tWDBuofY94bQRMUQLH7Pr2jNxD/XuFJoZFcpG4zNDGeDjYTsn/mIUal H4r7zApXOghZUDNYB1eRzkSjSBR2ZX+k4B4NpPF2Csmf8qloG7fFL8NDdqSB1A== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=koszko.org header.s=mail header.b=M6syiwZM; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" ARC-Seal: i=1; s=key1; d=yhetil.org; t=1675445777; a=rsa-sha256; cv=none; b=TUN865utGsdHNCPoyvvqelKsVHvlt6JpUOpXQk9qCQBkRmLvTO8annsO+IkcNwL2VFpEj0 5wmYiHipcH7frRbgSaaYSRFT8c7JM2/faqGTQTyJEYgy+Eywlpcu8HHhwmB5LkLiEvfTw0 4qWv3Ev92GXPFXN7eY27W4Ro4Qz0lxQ5aKjw92glnIqD3k0d5SFx5JSDjPIMYsSbWGHhyo p7pTh7IZFsYnCihmFRFrj9mMD13RmINfHUwov6rxRowukUa9eO3W64a7bv2uexX13Lp51F ED7Xx00DTJW34aTNcF74nU4Q57sa/OOEJzTWYDM1xmy7nMhgaAAhURzc7iQuSg== X-Migadu-Queue-Id: 0A98B96EF X-Migadu-Scanner: scn0.migadu.com Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=koszko.org header.s=mail header.b=M6syiwZM; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -6.28 X-Spam-Score: -6.28 X-TUID: zbU0aSoyMKln --Sig_/./JORRStNMjXMHxqMDHrTCb Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hi Konrad, I wanted to try specifying currently used version of Guix in some other way to avoid computing Guix inside the container. I tested first without a container guix shell -e '((@ (gnu packages package-management) current-guix))' -- gui= x describe and the result is also bad =E2=80=94 it still tries to compute Guix from scratch every time. So it seems exposing of folders is unlikely to help here because the problem lies elsewhere :/ Perhaps someone else will be able to give a solution? Wojtek -- (sig_start) website: https://koszko.org/koszko.html PGP: https://koszko.org/key.gpg fingerprint: E972 7060 E3C5 637C 8A4F 4B42 4BC5 221C 5A79 FD1A =E2=99=A5 R29kIGlzIHRoZXJlIGFuZCBsb3ZlcyBtZQ=3D=3D | =C3=B7 c2luIHNlcGFyYXR= lZCBtZSBmcm9tIEhpbQ=3D=3D =E2=9C=9D YnV0IEplc3VzIGRpZWQgdG8gc2F2ZSBtZQ=3D=3D | ? U2hhbGwgSSBiZWNvbWUg= SGlzIGZyaWVuZD8=3D -- (sig_end) On Fri, 03 Feb 2023 17:52:22 +0100 Konrad Hinsen wrote: > Hi Guix, >=20 > I have been playing with nested Guix containers recently, with some > suprising findings, and I am wondering if what I am doing is considered > officially supported or not. >=20 > First: why? My use case is scientific workflows, for example using > snakemake. I want to run my workflows in Guix containers, for > reproducibility plus other reasons. But my workflows run other programs > in their tasks (basically just "shelling out"), and those tasks may use > their own Guix containers. >=20 > Superficially, this works fine if I add the "guix" package to my "outer" > container and expose the store plus the daemon's socket: >=20 > guix shell -C guix \ > --expose=3D/var/guix/daemon-socket/socket \ > --expose=3D/gnu/store \ > -- \ > guix shell -C coreutils -- ls / >=20 > But now for the first surprise: >=20 > $ guix describe > Generation 35 janv. 19 2023 12:34:57 (current) > guix 8221cb6 > repository URL: https://git.savannah.gnu.org/git/guix.git > branch: master > commit: 8221cb6d2ae5624829bf514d25ae234c073e35d5 >=20 > $ guix shell -C guix -- guix describe > guix 9fe5b49 > repository URL: https://git.savannah.gnu.org/git/guix.git > branch: master > commit: 9fe5b490df83ff32e2e0a604bf636eca48b9e240 >=20 > The Guix in my container is an older one, apparently the 1.4.0 release. > Why? Can I change this? >=20 > My first attempt was time-machine: >=20 > guix shell -C -N guix nss-certs \ > --expose=3D/var/guix/daemon-socket/socket \ > --expose=3D/gnu/store \ > -- \ > guix time-machine -C channels.scm -- describe >=20 > Updating channel 'guix' from Git repository at 'https://git.savannah.g= nu.org/git/guix.git'... > Authenticating channel 'guix', commits 9edb3f6 to 8221cb6 (331 new com= mits)... > Computing Guix derivation for 'x86_64-linux'... | > guix 8221cb6 > repository URL: https://git.savannah.gnu.org/git/guix.git > branch: master > commit: 8221cb6d2ae5624829bf514d25ae234c073e35d5 >=20 > Great! Except that every time I run this command, it does the channel > update from scratch, so it's prohibitively slow. Sharing > ${HOME}/.cache/guix seems to fix that. So... finally... >=20 > guix shell -C -N guix nss-certs \ > --expose=3D/var/guix/daemon-socket/socket \ > --expose=3D/gnu/store \ > --share=3D${HOME}/.cache/guix \ > -- \ > guix time-machine -C channels.scm \ > -- \ > shell -C coreutils \ > -- \ > ls / >=20 > guix shell: error: mount: mount "none" on > "/tmp/guix-directory.vpOEDC/sys": Operation not permitted >=20 > Now I am lost. It doesn't matter which command I put on the last line, > it's creating a container via time-machine running in another container > that leads to the error. >=20 > Any ideas? >=20 > Cheers, > Konrad. >=20 --Sig_/./JORRStNMjXMHxqMDHrTCb Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iHUEARYIAB0WIQTpcnBg48VjfIpPS0JLxSIcWnn9GgUCY91F6QAKCRBLxSIcWnn9 GktkAQCNpruJRurGhxeAdVzsWq0kqeDtelkfQdWncr2P9pCzDQD/Y5/TPDzW4ugf HH5U1lcTklGlfJGHcwebp64dUjBQCAw= =+81G -----END PGP SIGNATURE----- --Sig_/./JORRStNMjXMHxqMDHrTCb--