From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp12.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id 2MyPIP9s62P2EwAAbAwnHQ (envelope-from ) for ; Tue, 14 Feb 2023 12:14:07 +0100 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp12.migadu.com with LMTPS id iAE9IP9s62P6wgAAauVa8A (envelope-from ) for ; Tue, 14 Feb 2023 12:14:07 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 5E9823BDFF for ; Tue, 14 Feb 2023 12:14:07 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pRtFj-0003by-1I; Tue, 14 Feb 2023 06:13:39 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pRWsd-0004Pe-LM for guix-devel@gnu.org; Mon, 13 Feb 2023 06:20:20 -0500 Received: from mout.gmx.net ([212.227.17.21]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pRWsb-0007ZE-1x for guix-devel@gnu.org; Mon, 13 Feb 2023 06:20:19 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=s31663417; t=1676287204; bh=h9A9UDimq0FBWhZOkFnKjpAgVko3ymhdlw9kDdhT2hk=; h=X-UI-Sender-Class:From:To:Cc:Subject:References:Date:In-Reply-To; b=XT9vrGmzBmHjAhPP/Xs77Ng0Bw9Lmyk3gfzmiD1akKNE6aEVOrkogvNAW9xPGSx2G fjYOfbJXwN0Mw94FB3b1UM1Eg5YpudBaNYX5IoWL/GifjoavqYN+FlQvx6V0YGMf0f Isg2UPV+yPnZbNoedUD6i8lhKaNshEOWMrqKRStspz802CG+RrcoDmwX2l1qiCjcYO X2nYl9BIxQREfAFGVPvRbr9zUT8EOC26t14OcFd+iCi+yUKSOGg+4XFo17u9UGs8H4 xlCs6BuRiQvTM9R9z/VV+9bFxNOGAgE2PSh4IdBDDkypOSoojtTnmRIWNeQkSqbtOS z19c8DhSK/WEg== X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a Received: from Geek ([117.216.25.12]) by mail.gmx.net (mrgmx105 [212.227.17.174]) with ESMTPSA (Nemesis) id 1MTiPl-1p0Ofm2kaD-00U6oh; Mon, 13 Feb 2023 12:20:04 +0100 From: James Thomas To: Konrad Hinsen Cc: Guix Devel Subject: Re: Using Guix inside a Guix container References: Date: Mon, 13 Feb 2023 16:51:50 +0530 In-Reply-To: (Konrad Hinsen's message of "Fri, 03 Feb 2023 17:52:22 +0100") Message-ID: <87r0utize9.fsf@gmx.net> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.1.90 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Provags-ID: V03:K1:y0oZdlNpemnwYdEaUocCa8VDlUweyRMFPIknHKRIEIcQWHjTb+i b4MkPKWlLmNlrLZ7WoM1Z14i/Rq/IvCwYUWmJd0O6EZ9WGdEH3gwF22clghdujAbudT4O3I hGap4G7NNoSLSBjfSmJ1bolvePkjyEOkrKENtghW9nIOjfg+6OB1bec2nEXA7iinI9KWPFY Mc1wREZT749OWKRQlgJkw== UI-OutboundReport: notjunk:1;M01:P0:AABRaPJshv8=;aeZO7ExOP4KcBmIc3UL0hJTZAPa AT2OgguiK/2RKxOhp25T3mSCWbnb6pwVIj7X4rJ3lmR7kS6hsK4m/Eat11UlqTKbYvo7bPixN aJNjlhqiWQAQZWN3yVvfpjveBrs5C5QbYFl9EsgQxNoXvDvVvkYW5on4wNbfYdAXjkVfpqtR3 iVFxo4t0Y9/Y+Qs/S7dvSvXUHcVmj1yunAO9E1JJabw55FSoLeU8KYq2bfk/tIagt+R/fTSzg 7ExiMcr6AzFIDzY+4ouGL/w5xG8WdP2MvjrRxrNYzy7unW3Zyb/Y7dlhHBfZxkPYcGFKkt1E0 lMJYfzy6zhpjq2e/8ovOiy733fikiE2TfWAy+OiYR5206qq3YcrGFlmkqGj3M19jdEseObE0d 74dtduQln2JXnKo2oc+3ilVZIvNw12IXCLTi7Ku+Oe4il13btj1IztKxweT1ycXu1Hsp0wMyw bSzFW4Jwd21DOEqfBzAtbWKgfg7KleqmE20ghjyTxanMY1ROrRPPpurDa3ft8KR92Q0dIctZE YAvo94g67j6kpUJSQ1Dof1UM9J7CMQhzl+gHDirz6MYt50OHwHcaqUALRfCo9iawfJhlz9xEP dEwFExvoN2mIYz4A5tvJIRGno6K2nqKO5lTweVYMnwa2tfDgT3rKYtc/HAL6edJJyftT3tff5 eg/NYhMR8msFDtWY3uWgCwkv1omz+iHleq1wkW5iI47BiawLr20A0tYC7Ta3RJKuUY3rPrYbO DJof84ZsNgc5eTB2iGZyKgFmOWx3j9k28PSYzGXKJq80H1OYxNcVT//VgSq1rhpao2E2R7XWr sbpO2metLqBBhJPN/3kg17vRBTLJCf1olyyivNtORlHNE8mDCEhtlao/253bMgju2OhZw1BNz 1AYyiW/Uh3g2NcAjao0kb53A3D5ZuWFt7p7d2h1jD5EX0d9EnObeWP3p1YnrRn1X55c1fhsNg g6qpW68Ezp3srX/b7JCIQcLZuug= Received-SPF: pass client-ip=212.227.17.21; envelope-from=jimjoe@gmx.net; helo=mout.gmx.net X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Mailman-Approved-At: Tue, 14 Feb 2023 06:13:37 -0500 X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: guix-devel-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US ARC-Seal: i=1; s=key1; d=yhetil.org; t=1676373247; a=rsa-sha256; cv=none; b=WcFRmzFEVn2xgLrcyfJVCiVJopbyhn1ku+OXcLkhHkl2A/mhBAO/ugAfRa+fpafTUAdugP 6rcdeNBrjc1W3/L9NfyJBx+3sYCMMFi/mCoYA8fh1KBnfLIPgzCMVs+vyVMS7VkN46FqaQ of/3eAzoltU1CbZFJ+2gJearw7QAAGzI/c4sO/5dymkqNfn6xQzX9GcFRJD8fWYUKavxzv GL+4vwLCTLMD6xmgjxJwy+9rrkfcmzDUUScM97sW1Vlynv5qs0MiFtkAWLkj2KLfIwoMwz vX53rW3XvQjKHyvzklvl+7eL+ZRBDy/shRnmq3Gnh4NwJHHVbFlM2G+8fyFj3g== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=gmx.net header.s=s31663417 header.b=XT9vrGmz; dmarc=pass (policy=none) header.from=gmx.net; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1676373247; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=qerKnxk/qZqVf12tSyBKWsreZdZYbaSA0/fAPbwJu1c=; b=soIyOMZJ9gLYtLNCInwoKv/ttALn8s07zsgYv5Ljcf1Z4Lq/SiM4M075y4YoUq73u1O30A KEWIv7rNus3HpmsG/BWMPGf1L4fHCEe7br9FqFk9p6WKiF+u1ZTDZA69MwMfqJo0KPv8zk Re4R5KQzGfWzCSV4uBu9I8lzuYy3JtwXyX1R7pnk+6yJdxlVZ43pEDLnRpJcckD5OojJjp zXeetljSCnegecmYwwtjaXM0wcEbFHBvTv7rg03TXhWAkIjQvgRNgARcDY1Di0vyxwQsL+ yq/0UudG6FI37mZ02c5JUzDmZhwv8+5KNOaPF56gx2i4eltt78rnYmY5hr/6Dg== X-Migadu-Spam-Score: -2.88 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gmx.net header.s=s31663417 header.b=XT9vrGmz; dmarc=pass (policy=none) header.from=gmx.net; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 5E9823BDFF X-Spam-Score: -2.88 X-Migadu-Scanner: scn1.migadu.com X-TUID: sEXfrBL4Ld4o Konrad Hinsen wrote: > Hi Guix, > > I have been playing with nested Guix containers recently, with some > suprising findings, and I am wondering if what I am doing is considered > officially supported or not. > > First: why? My use case is scientific workflows, for example using > snakemake. I want to run my workflows in Guix containers, for > reproducibility plus other reasons. But my workflows run other programs > in their tasks (basically just "shelling out"), and those tasks may use > their own Guix containers. > > Superficially, this works fine if I add the "guix" package to my "outer" > container and expose the store plus the daemon's socket: > > guix shell -C guix \ > --expose=/var/guix/daemon-socket/socket \ > --expose=/gnu/store \ > -- \ > guix shell -C coreutils -- ls / > > But now for the first surprise: > > $ guix describe > Generation 35 janv. 19 2023 12:34:57 (current) > guix 8221cb6 > repository URL: https://git.savannah.gnu.org/git/guix.git > branch: master > commit: 8221cb6d2ae5624829bf514d25ae234c073e35d5 > > $ guix shell -C guix -- guix describe > guix 9fe5b49 > repository URL: https://git.savannah.gnu.org/git/guix.git > branch: master > commit: 9fe5b490df83ff32e2e0a604bf636eca48b9e240 > > The Guix in my container is an older one, apparently the 1.4.0 release. > Why? Can I change this? Makes sense to me, because the guix package definition was only updated with the new release (see 'guix edit guix'). Maybe you can try: guix shell -C guix --with-version=guix=VERSION -- guix describe Or --with-commit etc. > > My first attempt was time-machine: > > guix shell -C -N guix nss-certs \ > --expose=/var/guix/daemon-socket/socket \ > --expose=/gnu/store \ > -- \ > guix time-machine -C channels.scm -- describe > > Updating channel 'guix' from Git repository at 'https://git.savannah.gnu.org/git/guix.git'... > Authenticating channel 'guix', commits 9edb3f6 to 8221cb6 (331 new commits)... > Computing Guix derivation for 'x86_64-linux'... | > guix 8221cb6 > repository URL: https://git.savannah.gnu.org/git/guix.git > branch: master > commit: 8221cb6d2ae5624829bf514d25ae234c073e35d5 > > Great! Except that every time I run this command, it does the channel > update from scratch, so it's prohibitively slow. Sharing > ${HOME}/.cache/guix seems to fix that. So... finally... > > guix shell -C -N guix nss-certs \ > --expose=/var/guix/daemon-socket/socket \ > --expose=/gnu/store \ > --share=${HOME}/.cache/guix \ > -- \ > guix time-machine -C channels.scm \ > -- \ > shell -C coreutils \ > -- \ > ls / > > guix shell: error: mount: mount "none" on > "/tmp/guix-directory.vpOEDC/sys": Operation not permitted Maybe --expose tmp is needed in the outer container. --