From mboxrd@z Thu Jan 1 00:00:00 1970 From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) Subject: Re: Problem installing Guix on OpenVZ host that uses zfs Date: Thu, 13 Apr 2017 16:54:12 +0200 Message-ID: <871sswpdd7.fsf@gnu.org> References: <877f2q673x.fsf@xsteve.at> <20170412153319.GC5920@jasmine> <874lxtpdeb.fsf@xsteve.at> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:41959) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cyg8a-0003B7-3q for guix-devel@gnu.org; Thu, 13 Apr 2017 10:54:21 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cyg8W-0007nM-6H for guix-devel@gnu.org; Thu, 13 Apr 2017 10:54:20 -0400 In-Reply-To: <874lxtpdeb.fsf@xsteve.at> ("Stefan \=\?utf-8\?Q\?Reich\=C3\=B6r\=22\?\= \=\?utf-8\?Q\?'s\?\= message of "Wed, 12 Apr 2017 22:41:16 +0200") List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Stefan =?utf-8?Q?Reich=C3=B6r?= Cc: guix-devel@gnu.org Hello! Stefan Reich=C3=B6r skribis: > Here is the part that triggers the problem as I assume (I can send the > full log as well when it is needed): > > [pid 31032] open("/proc/self/mountinfo", O_RDONLY) =3D 17 > [pid 31032] read(17, "2860 2854 0:102 / / rw,noatime m"..., 4096) =3D 4076 > [pid 31032] read(17, "", 4096) =3D 0 > [pid 31032] close(17) =3D 0 > [pid 31032] mount(NULL, "/", NULL, MS_PRIVATE, NULL) =3D -1 EACCES (Permi= ssion denied) > [pid 31032] futex(0x7f827449c190, FUTEX_WAKE_PRIVATE, 2147483647) =3D 0 > [pid 31032] write(2, "while setting up the build envir"..., 97) =3D 97 > [pid 31032] exit_group(1) =3D ? > [pid 31028] close(16) =3D 0 > > The entry for "/" in /proc/self/mountinfo is: > 3966 3548 0:102 / / rw,noatime master:129 - zfs satazpool/data/subvol-618= -disk-1 rw,xattr,posixacl The corresponding code in nix/libstore/build.cc is this: --8<---------------cut here---------------start------------->8--- /* Make all filesystems private. This is necessary because subtrees may have been mounted as "shared" (MS_SHARED). (Systemd does this, for instance.) Even though we have a private mount namespace, mounting filesystems on top of a shared subtree still propagates outside of the namespace. Making a subtree private is local to the namespace, though, so setting MS_PRIVATE does not affect the outside world. */ Strings mounts =3D tokenizeString(readFile("/proc/self= /mountinfo", true), "\n"); foreach (Strings::iterator, i, mounts) { vector fields =3D tokenizeString >(*= i, " "); string fs =3D decodeOctalEscaped(fields.at(4)); if (mount(0, fs.c_str(), 0, MS_PRIVATE, 0) =3D=3D -1) throw SysError(format("unable to make filesystem `%1%' = private") % fs); } --8<---------------cut here---------------end--------------->8--- So =E2=80=9Cfs.c_str()=E2=80=9D evaluates to =E2=80=9C/=E2=80=9D, as expect= ed. Now maybe zfs-on-linux doesn=E2=80=99t implement MS_PRIVATE or has specific constraints (is it on FUSE?). Perhaps you should check with the zfs-on-linux people what they think of it. Thanks, Ludo=E2=80=99.