From: ludo@gnu.org (Ludovic Courtès)
To: rekado <rekado@elephly.net>
Cc: guix-devel@gnu.org
Subject: Re: permission denied: /gnu/store/...guile...
Date: Thu, 21 May 2015 10:03:23 +0200 [thread overview]
Message-ID: <87382q8iic.fsf@gnu.org> (raw)
In-Reply-To: <14d731d6c62.1217a38e2105373.2722327377786941574@elephly.net> (rekado@elephly.net's message of "Thu, 21 May 2015 04:56:57 +0800")
rekado <rekado@elephly.net> skribis:
>>> Derive([("out","/gnu/store/vvs2c9zzl9zwrq0zwrayjlih9cpwjbcq-ibus-pinyin-1.5.0.tar.gz","sha256","a85d458dcc51ea9fd65849e63002428b3fcb3b39adcbea9214b5cb4a4cbdbc96")],[("/gnu/store/479gki04zgbysxipcb1wdl56mh1bldbx-guile-2.0.11.drv",["out"]),("/gnu/store/p20cih7k80cpqka6f06100j1ycgf3fl1-module-import.drv",["out"]),("/gnu/store/s8bacxxryg87p2ag6gl46qz6jvpdm5qs-gnutls-3.4.0.drv",["out"]),("/gnu/store/w9g2dqsfgr6n8pslwmm2lgbka96qwig4-module-import-compiled.drv",["out"])],["/gnu/store/yhds5m08mgp3a3yb2gj9imn7pkap0fc1-ibus-pinyin-1.5.0.tar.gz-builder"],"x86_64-linux","/gnu/store/cnqmkmj40jmssnx6fkf9n0n3bqj5x426-guile-2.0.11/bin/guile",["--no-auto-compile","-L","/gnu/store/6fnbs4j7dsn6rc598d72caay00yggvh7-module-import","-C","/gnu/store/ww9kwrbs4h468vll6a3swg6dc3hr9f8i-module-import-compiled","/gnu/store/yhds5m08mgp3a3yb2gj9imn7pkap0fc1-ibus-pinyin-1.5.0.tar.gz-builder"],[("impureEnvVars","http_proxy https_proxy"),("out","/gnu/store/vvs2c9zzl9zwrq0zwrayjlih9cpwjbcq-ibus-pinyin-1.5.0.tar.gz")])
>>
>>However I don’t see this derivation mention in the strace log.
>
> Oh, right. The strace log shows the output for another package I'm working on, "gnome-keyring". There are only two things it has in common with "ibus-pinyin": there is no binary substitute available and I get the same error about "permission denied" when executing guile.
Could you post the output of
“stat /gnu/store/cnqmkmj40jmssnx6fkf9n0n3bqj5x426-guile-2.0.11/bin/guile”?
What do the following return at the Guile REPL:
(getgr 30000)
(getpw 30001)
?
> The strace log is here: http://elephly.net/downies/guile-permission-denied2.txt
Note that here, since it’s a fixed-output derivation, there’s no chroot,
unshare, etc., so it’s really just UID 30001 running that file.
Something equivalent to:
# su guixbuilder01
$ /gnu/store/cnqmkmj40jmssnx6fkf9n0n3bqj5x426-guile-2.0.11/bin/guile
> ~~~~~~~~
> rekado@banana guix $ sudo ls
> sudo: unable to stat /etc/sudoers: Permission denied
> sudo: no valid sudoers sources found, quitting
> sudo: unable to initialize policy plugin
Same with:
/run/setuid-programs/sudo ls
?
Does /run/setuid-programs/sudo have the same inode as
$(guix build sudo)/bin/sudo?
stat -c '%i' /run/setuid-programs/sudo \
$(guix build sudo)/bin/sudo
The only partitions are / and /home, right?
Thanks,
Ludo’.
next prev parent reply other threads:[~2015-05-21 8:03 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-20 7:06 permission denied: /gnu/store/...guile rekado
2015-05-20 8:17 ` Andreas Enge
2015-05-20 11:24 ` Daniel Pimentel
2015-05-20 12:24 ` Ludovic Courtès
2015-05-20 13:12 ` Daniel Pimentel
2015-05-20 17:24 ` Alex Kost
2015-05-21 20:40 ` Synaptics & libinput driver Ludovic Courtès
2015-05-20 12:18 ` permission denied: /gnu/store/...guile Ludovic Courtès
2015-05-20 20:56 ` rekado
2015-05-21 8:03 ` Ludovic Courtès [this message]
2015-05-22 20:15 ` Mark H Weaver
2015-05-22 20:21 ` Mark H Weaver
2015-05-23 9:41 ` rekado
2015-05-23 14:22 ` Ludovic Courtès
2015-05-23 16:26 ` Mark H Weaver
2015-05-23 22:28 ` Ludovic Courtès
-- strict thread matches above, loose matches on Subject: below --
2015-05-21 20:06 rekado
2015-05-21 21:53 ` Ludovic Courtès
2015-05-22 8:33 ` rekado
2015-05-22 13:33 ` Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87382q8iic.fsf@gnu.org \
--to=ludo@gnu.org \
--cc=guix-devel@gnu.org \
--cc=rekado@elephly.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.