From mboxrd@z Thu Jan 1 00:00:00 1970 From: Omar Tarabai Subject: GUIX on fedora 14 Date: Tue, 7 Jan 2014 14:57:54 +0100 Message-ID: Mime-Version: 1.0 Content-Type: multipart/alternative; boundary=047d7b414f404e553f04ef61c317 Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:48124) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1W0XAP-0001f9-DP for guix-devel@gnu.org; Tue, 07 Jan 2014 08:58:06 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1W0XAK-0001sD-0V for guix-devel@gnu.org; Tue, 07 Jan 2014 08:58:01 -0500 Received: from mail-ob0-f175.google.com ([209.85.214.175]:58987) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1W0XAJ-0001s5-S6 for guix-devel@gnu.org; Tue, 07 Jan 2014 08:57:55 -0500 Received: by mail-ob0-f175.google.com with SMTP id uz6so166218obc.34 for ; Tue, 07 Jan 2014 05:57:54 -0800 (PST) List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org To: guix-devel@gnu.org --047d7b414f404e553f04ef61c317 Content-Type: text/plain; charset=ISO-8859-1 Hello, I have Guix 0.5 installed on a fedora 14, 2.6.32 kernel. Running the following: guix package --verbose -i tar I get the error: guix package: error: build failed: unable to fork: Operation not permitted I traced the error to the clone() operation in build.cc. As mentioned by Ludovic in a previous conversation with Matthias Wachs, it seems to be a problem of a missing capability CAP_SYS_ADMIN. I tried running the daemon as root only or with --build-users-group=guix-builder but I get the same error. I also tried isolating the clone operation in a test script to verify the problem, fails again (running as root). I tried removing all the CLONE_* flags as recommended by Ludovic, I get the error: build error: cannot set loopback interface flags: Permission denied I assume its because of the missing CLONE_NEWNET It seems that for some reason on this system, processes started with root privileges does not get the CAP_SYS_ADMIN capability. I know this is more of an environment problem than a Guix problem but I was hoping if you guys have any pointers as what could be the issue. Thanks a lot, Omar --047d7b414f404e553f04ef61c317 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
Hello,

I have Guix 0= .5 installed on a fedora 14, 2.6.32 kernel.

Running the follow= ing:
guix package --verbose -i tar

I get the error:
guix= package: error: build failed: unable to fork: Operation not permitted

I traced the error to the clone() operation in build.cc. As menti= oned by Ludovic in a previous conversation with Matthias Wachs, it seems to= be a problem of a missing capability CAP_SYS_ADMIN.
I tried running the= daemon as root only or with --build-users-group=3Dguix-builder but I get t= he same error. I also tried isolating the clone operation in a test script = to verify the problem, fails again (running as root).

I tried removing all the CLONE_* flags as recomme= nded by Ludovic, I get the error:
build error: cannot set loopback inter= face flags: Permission denied

I assume its because of the= missing CLONE_NEWNET

It seems that for some reason on this system, pro= cesses started with root privileges does not get the CAP_SYS_ADMIN capabili= ty. I know this is more of an environment problem than a Guix problem but I= was hoping if you guys have any pointers as what could be the issue.

Thanks a lot,
Omar
--047d7b414f404e553f04ef61c317--