From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id OK48D1KbHl+KLAAA0tVLHw (envelope-from ) for ; Mon, 27 Jul 2020 09:16:02 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id uJjlClKbHl+nIwAAbx9fmQ (envelope-from ) for ; Mon, 27 Jul 2020 09:16:02 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id B55B794013B for ; Mon, 27 Jul 2020 09:16:01 +0000 (UTC) Received: from localhost ([::1]:34674 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jzzEm-0003f3-MT for larch@yhetil.org; Mon, 27 Jul 2020 05:16:00 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:60056) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jzzEd-0003c0-CD for help-guix@gnu.org; Mon, 27 Jul 2020 05:15:51 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:52755) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jzzEc-00026S-Ej; Mon, 27 Jul 2020 05:15:50 -0400 Received: from 2001-1c02-0b03-a700-d349-5b8c-fab5-562c.cable.dynamic.v6.ziggo.nl ([2001:1c02:b03:a700:d349:5b8c:fab5:562c]:50442) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1jzzEb-0006ag-S7; Mon, 27 Jul 2020 05:15:50 -0400 Message-ID: <2b12256f21f181bc9602e35fe0956d82e8948a6f.camel@gnu.org> Subject: Re: Non-root installs. From: Roel Janssen To: Diagon , help-guix Date: Mon, 27 Jul 2020 11:15:44 +0200 In-Reply-To: <173886d3220.dff4077070452.3808057483354071794@niwas.net> References: <173886d3220.dff4077070452.3808057483354071794@niwas.net> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.36.4 (3.36.4-1.fc32) MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-BeenThere: help-guix@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org Sender: "Help-Guix" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of help-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=help-guix-bounces@gnu.org X-Spam-Score: -1.01 X-TUID: 5dtfPt29WzfB On Sat, 2020-07-25 at 17:02 -0700, Diagon wrote: > Hey all - I tried on IRC, but was told that this might be a better > place. I'm wondering if someone here has experience with a non-root > install. Optimally, is there by this point a guix-install.sh for > non-root? I know it's doable, eg: > https://github.com/pjotrp/guix-notes/blob/master/GUIX-NO-ROOT.org > > I was able to get my sysadmin to create a writable /gnu, which I > gather will allow me to install binaries, rather than recomplie > everything, since I'll have the right path. Now that I've read the > install script, I see that it also uses /var/guix. Do I need to ask > for that, or is there a way around it, by putting it in /gnu/var, > maybe? I assume I can put /root/.config/guix in my home directory, > but I also see we need a guixbuild group. How can I get away without > this and still run the server manually? > > All input appreciated! > /D You can do "export GUIX_STATE_DIRECTORY=/gnu/profiles" to avoid using /var/guix. On our cluster install we have a shared /gnu filesystem across our nodes, and we use one node on which "guix-daemon" runs as root. On the other nodes we set the following: export GUIX_DAEMON_SOCKET=guix://
: That way, you can isolate the "guix-daemon" node, which makes it more reasonable because now you only need super user privileges on a specific (isolated) node. For single-machine instances I don't know how to make this work. Kind regards, Roel Janssen