From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id gFmeGeg73WNVOgAAbAwnHQ (envelope-from ) for ; Fri, 03 Feb 2023 17:52:56 +0100 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id 4LqmGOg73WOHhQEAG6o9tA (envelope-from ) for ; Fri, 03 Feb 2023 17:52:56 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id E106A3FEA3 for ; Fri, 3 Feb 2023 17:52:55 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pNzId-0002oW-Rz; Fri, 03 Feb 2023 11:52:31 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pNzIc-0002o9-1v for guix-devel@gnu.org; Fri, 03 Feb 2023 11:52:30 -0500 Received: from wout3-smtp.messagingengine.com ([64.147.123.19]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pNzIa-0004hd-9k for guix-devel@gnu.org; Fri, 03 Feb 2023 11:52:29 -0500 Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id 2DA533200982; Fri, 3 Feb 2023 11:52:25 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute2.internal (MEProxy); Fri, 03 Feb 2023 11:52:25 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.net; h= cc:content-type:date:date:from:from:in-reply-to:message-id :mime-version:reply-to:sender:subject:subject:to:to; s=fm3; t= 1675443144; x=1675529544; bh=x/X35WqAaBcdX/ig/Gc60eDjq4abbomFDd+ 6+5MtMkc=; b=m0LFOkTWWOSLW2E6jN7XD3IS8FFwl8lOKlhBHRFrJCUaBheOJf6 B4lp+lb9VGIG4RrvVWMtvoiXMcvHZBxsbaC7n1uWMo5uCFxXfqsjAL/9EUWS4aOc 3RLnPt/vWGUe8xQCjD47bsykLFjRAICXPziub8o77Tu5mppWmuuYUYmrqKSFgxwl AJ/U2FF+psYLxB7ZZajCdXMa1iVpPFRftrDBurozZqZFdQRD3bap/mUN8SHDb+6J 6PY8L36c98+FcttkkopVhJOl6xcfBghem9vEmYoSI2UnbEV0leWOddDvLip/xBLg 1J8DuWdKrxLKUwj3CHyn992mWO7OYYf60Yg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:date:feedback-id :feedback-id:from:from:in-reply-to:message-id:mime-version :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1675443144; x= 1675529544; bh=x/X35WqAaBcdX/ig/Gc60eDjq4abbomFDd+6+5MtMkc=; b=p Q9xUaNlIf6Lu3G3zf+71ZtUlmv7Zggp/EeOhcYv/MCzIbQcfhqQa4ajmXf5Ebr52 aFpRB30NnkxWR5gHwo0jRgtZlGwqYNcN13am7jCTESHvWpOsZnQD8OncHQGoanNU YJZsk5VxyzIacNnXgoLPwYXlrcajkDbrtfIfqIBkENxlq47w5uwLl5XRt10dNHwS Hzlnu5XoESVJG5LUVx1gxrYBMZUY8wGxdn8Uc1o/4V6f/j571UPowh2sCDrxZfDd /Bvjxkh5SaGG3DqO+9g5aXtP6uKzo+PyYLRB2+rA16ZAjmoj/25LdLOnG8MspmDD VtQ/BuZBGu0IzKobRqz9g== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrudegtddgledtucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhephffvufffkfggtgesthdtredttddttdenucfhrhhomhepmfhonhhrrgguucfj ihhnshgvnhcuoehkohhnrhgrugdrhhhinhhsvghnsehfrghsthhmrghilhdrnhgvtheqne cuggftrfgrthhtvghrnhepgeevteeifeegfeehfedvgfekjeeutdfguefgfedvhfeuteei fedvheetfedtfeehnecuffhomhgrihhnpehgnhhurdhorhhgnecuvehluhhsthgvrhfuih iivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepkhhonhhrrggurdhhihhnshgvnhes fhgrshhtmhgrihhlrdhnvght X-ME-Proxy: Feedback-ID: i184641e2:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri, 3 Feb 2023 11:52:24 -0500 (EST) From: Konrad Hinsen To: Guix Devel Subject: Using Guix inside a Guix container Date: Fri, 03 Feb 2023 17:52:22 +0100 Message-ID: MIME-Version: 1.0 Content-Type: text/plain Received-SPF: pass client-ip=64.147.123.19; envelope-from=konrad.hinsen@fastmail.net; helo=wout3-smtp.messagingengine.com X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: guix-devel-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1675443176; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=x/X35WqAaBcdX/ig/Gc60eDjq4abbomFDd+6+5MtMkc=; b=EOsX73tcmrvn7xCuXJsL743584LwiQ2YezqSDpJ/xmt+jF72HDwMbxAJ8ybPCai6Ka+VTZ ZkxeLMGZ+n5uCAAmdjIShFBfcKiJD0mFbpct1fKYXqYvhdSe1AIjK0TaK1hVj5XZFvXH3o mtzPq0nji50oR7hNpOZV5gmu3M6r89AjVAcrDgU4nMSQ0+1XMIJ7jlg0+OCwfm+K39EIjm upXlPV9Ye5wrSLmkfTLiFgn32cbYOkvBB0VMMHtIgNAvoPNQZtV7lVCNjGe0815coFgEjN ogdrFU4/oKCMPBr4gzrK6LCi3A9eFQKhZ9qnquA2DozIi1p0LdP/LbNfVtn6KQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=fastmail.net header.s=fm3 header.b=m0LFOkTW; dkim=fail ("headers rsa verify failed") header.d=messagingengine.com header.s=fm3 header.b="p Q9xUaN"; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=fail reason="SPF not aligned (relaxed)" header.from=fastmail.net (policy=none) ARC-Seal: i=1; s=key1; d=yhetil.org; t=1675443176; a=rsa-sha256; cv=none; b=QlCQ5QHMQTGVYF/WGwZ7yAXNUUn2sVA8MHMR9psf5/Fxneu4VAOHfqrrtCAXDSitRX9l3O vducN4S3SetO2Bv8FHwJxWK3LBXXrYR0scBe9V0QqFHSayctImav/0qV7BOPXrdk9OLlpo QoVmcJbGB36OE/eZe8yPSdbcV0Gd7L+jVwQmrpfVxFuuyB1g/1fYAndac1hCjot8hbXwwG 3RPuow7i5V1XTZS4fYw+3lWiAU8wpFIG+7vzQBnVAB7WukJST816rQNFx7R7bqhAWwHNR8 IGUL6zMtssCsmDYOUqjckPn3a5LCbS+dwAkguhlkGn5DaJ1LLGDIN3vNGgccsw== X-Migadu-Spam-Score: -1.88 X-Spam-Score: -1.88 X-Migadu-Queue-Id: E106A3FEA3 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=fastmail.net header.s=fm3 header.b=m0LFOkTW; dkim=fail ("headers rsa verify failed") header.d=messagingengine.com header.s=fm3 header.b="p Q9xUaN"; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=fail reason="SPF not aligned (relaxed)" header.from=fastmail.net (policy=none) X-Migadu-Scanner: scn1.migadu.com X-TUID: pbm2Y4Y/Eczb Hi Guix, I have been playing with nested Guix containers recently, with some suprising findings, and I am wondering if what I am doing is considered officially supported or not. First: why? My use case is scientific workflows, for example using snakemake. I want to run my workflows in Guix containers, for reproducibility plus other reasons. But my workflows run other programs in their tasks (basically just "shelling out"), and those tasks may use their own Guix containers. Superficially, this works fine if I add the "guix" package to my "outer" container and expose the store plus the daemon's socket: guix shell -C guix \ --expose=/var/guix/daemon-socket/socket \ --expose=/gnu/store \ -- \ guix shell -C coreutils -- ls / But now for the first surprise: $ guix describe Generation 35 janv. 19 2023 12:34:57 (current) guix 8221cb6 repository URL: https://git.savannah.gnu.org/git/guix.git branch: master commit: 8221cb6d2ae5624829bf514d25ae234c073e35d5 $ guix shell -C guix -- guix describe guix 9fe5b49 repository URL: https://git.savannah.gnu.org/git/guix.git branch: master commit: 9fe5b490df83ff32e2e0a604bf636eca48b9e240 The Guix in my container is an older one, apparently the 1.4.0 release. Why? Can I change this? My first attempt was time-machine: guix shell -C -N guix nss-certs \ --expose=/var/guix/daemon-socket/socket \ --expose=/gnu/store \ -- \ guix time-machine -C channels.scm -- describe Updating channel 'guix' from Git repository at 'https://git.savannah.gnu.org/git/guix.git'... Authenticating channel 'guix', commits 9edb3f6 to 8221cb6 (331 new commits)... Computing Guix derivation for 'x86_64-linux'... | guix 8221cb6 repository URL: https://git.savannah.gnu.org/git/guix.git branch: master commit: 8221cb6d2ae5624829bf514d25ae234c073e35d5 Great! Except that every time I run this command, it does the channel update from scratch, so it's prohibitively slow. Sharing ${HOME}/.cache/guix seems to fix that. So... finally... guix shell -C -N guix nss-certs \ --expose=/var/guix/daemon-socket/socket \ --expose=/gnu/store \ --share=${HOME}/.cache/guix \ -- \ guix time-machine -C channels.scm \ -- \ shell -C coreutils \ -- \ ls / guix shell: error: mount: mount "none" on "/tmp/guix-directory.vpOEDC/sys": Operation not permitted Now I am lost. It doesn't matter which command I put on the last line, it's creating a container via time-machine running in another container that leads to the error. Any ideas? Cheers, Konrad.