Re: Daemon: nix-connection-error

[ludo@gnu.org (Ludovic Courtès)]

Nikita Karetnikov <nikita@karetnikov.org> skribis:

>> Ah, so this was not the log of a chroot build, right?  (There’s no
>> /homeless-shelter directory in the chroot.)
>
> I'm puzzled.  The manual says that "each build process is run in a
> chroot environment." [1]  However, I see
>
> export HOME="/homeless-shelter"
>
> in '/tmp/nix-build-coreutils-8.21.drv-7/environment-variables'.
>
> Is anything wrong with Guix, or is it my fault?

What makes you think there’s a contradiction here?

Turns out $HOME is automatically set by the daemon for each build (from
nix/libstore/build.cc):

    /* Set HOME to a non-existing path to prevent certain programs from using
       /etc/passwd (or NIS, or whatever) to locate the home directory (for
       example, wget looks for ~/.wgetrc).  I.e., these tools use /etc/passwd
       if HOME is not set, but they will just assume that the settings file
       they are looking for does not exist if HOME is set but points to some
       non-existing path. */
    Path homeDir = "/homeless-shelter";
    env["HOME"] = homeDir;

Yet, the daemon runs builds in a chroot, or complains if it cannot for
some reason (unless HAVE_CHROOT is unset.)

Can you check that HAVE_CHROOT is set, and that the build users exist?

>> Not sure what --userspec is.
>
> 'chroot --userspec=USER:GROUP' allows to specify a user and a group.

And what would you do with that?

As explained in the manual, the normal setup is to run the daemon as
root with --build-users-group; it then automatically calls chroot(2) and
seteuid(2) in the child processes that run the builds.

HTH,
Ludo’.