From mboxrd@z Thu Jan 1 00:00:00 1970 From: rekado Subject: Re: permission denied: /gnu/store/...guile... Date: Fri, 22 May 2015 04:06:22 +0800 Message-ID: <14d7811908c.f06290cb71568.256566750208527927@elephly.net> Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:40858) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YvWje-0007Pm-9B for guix-devel@gnu.org; Thu, 21 May 2015 16:06:31 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YvWjd-0001Dv-4W for guix-devel@gnu.org; Thu, 21 May 2015 16:06:30 -0400 List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org To: =?UTF-8?Q?Ludovic_Court=C3=A8s?= Cc: guix-devel@gnu.org > Could you post the output of > =E2=80=9Cstat /gnu/store/cnqmkmj40jmssnx6fkf9n0n3bqj5x426-guile-2.0.11/bi= n/guile=E2=80=9D? ~~~~~ root@banana ~# stat /gnu/store/cnqmkmj40jmssnx6fkf9n0n3bqj5x426-guile-2.0.1= 1/bin/guile File: =E2=80=98/gnu/store/cnqmkmj40jmssnx6fkf9n0n3bqj5x426-guile-2.0.11/b= in/guile=E2=80=99 Size: 10912 =09Blocks: 24 IO Block: 4096 regular file Device: 803h/2051d=09Inode: 15582 Links: 1 Access: (0555/-r-xr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2015-05-21 09:06:47.744008648 +0200 Modify: 1970-01-01 01:00:01.000000000 +0100 Change: 2015-05-17 12:08:22.839537391 +0200 Birth: - ~~~~~ > What do the following return at the Guile REPL: > > (getgr 30000) > (getpw 30001) > > ? ~~~~~ root@banana ~# guile GNU Guile 2.0.11 Copyright (C) 1995-2014 Free Software Foundation, Inc. Guile comes with ABSOLUTELY NO WARRANTY; for details type `,show w'. This program is free software, and you are welcome to redistribute it under certain conditions; type `,show c' for details. Enter `,help' for help. scheme@(guile-user)> (getgr 30000) $1 =3D #("guixbuild" "x" 30000 ("guixbuilder01" "guixbuilder02" "guixbuilde= r03" "guixbuilder04" "guixbuilder05" "guixbuilder06" "guixbuilder07" "guixb= uilder08" "guixbuilder09" "guixbuilder10")) scheme@(guile-user)> (getpw 30001) $2 =3D #("guixbuilder01" "x" 30001 30000 "Guix Build User 1" "/var/empty" = "/gnu/store/6v6wngdavjg0vlkpx8h69pxlzmi8cb8a-shadow-4.1.5.1/sbin/nologin") scheme@(guile-user)>=20 ~~~~~ > Note that here, since it=E2=80=99s a fixed-output derivation, there=E2=80= =99s no chroot, > unshare, etc., so it=E2=80=99s really just UID 30001 running that file. > Something equivalent to: > > # su guixbuilder01 > $ /gnu/store/cnqmkmj40jmssnx6fkf9n0n3bqj5x426-guile-2.0.11/bin/guile I cannot switch to user "guixbuilder01" without having to input a password.= It appears that "su" is also not working as it should. >> ~~~~~~~~ >> rekado@banana guix $ sudo ls >> sudo: unable to stat /etc/sudoers: Permission denied >> sudo: no valid sudoers sources found, quitting >> sudo: unable to initialize policy plugin > > Same with: > > /run/setuid-programs/sudo ls > > ? Yes, exactly the same message. > Does /run/setuid-programs/sudo have the same inode as > $(guix build sudo)/bin/sudo? > stat -c '%i' /run/setuid-programs/sudo \ > $(guix build sudo)/bin/sudo The inode is the same: ~~~~~ rekado@banana ~ $ stat -c '%i' /run/setuid-programs/sudo $(guix build sudo)= /bin/sudo 1461970 1461970 ~~~~~~ > The only partitions are / and /home, right? I only manually mounted / (/dev/sda3) and /home (a luks logical volume): ~~~~~~ rekado@banana ~ $ mount none on /proc type proc (rw,relatime) none on /sys type sysfs (rw,relatime) /dev/sda3 on / type ext4 (rw,relatime,data=3Dordered) none on /dev type devtmpfs (rw,relatime,size=3D1966132k,nr_inodes=3D491533,= mode=3D755) none on /dev/pts type devpts (rw,relatime,gid=3D996,mode=3D620,ptmxmode=3D0= 00) tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev,relatime,size=3D1970696k) /dev/sda3 on /gnu/store type ext4 (rw,relatime,data=3Dordered) /dev/mapper/fedora-home on /home type ext4 (rw,relatime,data=3Dordered) rekado@banana ~ $=20 ~~~~~ Thank you, Ricardo