From: Konrad Hinsen <konrad.hinsen@fastmail.net>
To: Guix Devel <guix-devel@gnu.org>
Subject: Using Guix inside a Guix container
Date: Fri, 03 Feb 2023 17:52:22 +0100 [thread overview]
Message-ID: <m1mt5uk7y1.fsf@fastmail.net> (raw)
Hi Guix,
I have been playing with nested Guix containers recently, with some
suprising findings, and I am wondering if what I am doing is considered
officially supported or not.
First: why? My use case is scientific workflows, for example using
snakemake. I want to run my workflows in Guix containers, for
reproducibility plus other reasons. But my workflows run other programs
in their tasks (basically just "shelling out"), and those tasks may use
their own Guix containers.
Superficially, this works fine if I add the "guix" package to my "outer"
container and expose the store plus the daemon's socket:
guix shell -C guix \
--expose=/var/guix/daemon-socket/socket \
--expose=/gnu/store \
-- \
guix shell -C coreutils -- ls /
But now for the first surprise:
$ guix describe
Generation 35 janv. 19 2023 12:34:57 (current)
guix 8221cb6
repository URL: https://git.savannah.gnu.org/git/guix.git
branch: master
commit: 8221cb6d2ae5624829bf514d25ae234c073e35d5
$ guix shell -C guix -- guix describe
guix 9fe5b49
repository URL: https://git.savannah.gnu.org/git/guix.git
branch: master
commit: 9fe5b490df83ff32e2e0a604bf636eca48b9e240
The Guix in my container is an older one, apparently the 1.4.0 release.
Why? Can I change this?
My first attempt was time-machine:
guix shell -C -N guix nss-certs \
--expose=/var/guix/daemon-socket/socket \
--expose=/gnu/store \
-- \
guix time-machine -C channels.scm -- describe
Updating channel 'guix' from Git repository at 'https://git.savannah.gnu.org/git/guix.git'...
Authenticating channel 'guix', commits 9edb3f6 to 8221cb6 (331 new commits)...
Computing Guix derivation for 'x86_64-linux'... |
guix 8221cb6
repository URL: https://git.savannah.gnu.org/git/guix.git
branch: master
commit: 8221cb6d2ae5624829bf514d25ae234c073e35d5
Great! Except that every time I run this command, it does the channel
update from scratch, so it's prohibitively slow. Sharing
${HOME}/.cache/guix seems to fix that. So... finally...
guix shell -C -N guix nss-certs \
--expose=/var/guix/daemon-socket/socket \
--expose=/gnu/store \
--share=${HOME}/.cache/guix \
-- \
guix time-machine -C channels.scm \
-- \
shell -C coreutils \
-- \
ls /
guix shell: error: mount: mount "none" on
"/tmp/guix-directory.vpOEDC/sys": Operation not permitted
Now I am lost. It doesn't matter which command I put on the last line,
it's creating a container via time-machine running in another container
that leads to the error.
Any ideas?
Cheers,
Konrad.
next reply other threads:[~2023-02-03 16:52 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-03 16:52 Konrad Hinsen [this message]
2023-02-03 17:35 ` Using Guix inside a Guix container Wojtek Kosior via Development of GNU Guix and the GNU System distribution.
2023-02-13 11:21 ` James Thomas
2023-02-13 12:35 ` Jim
2023-02-15 9:49 ` Konrad Hinsen
2023-02-17 15:41 ` Simon Tournier
2023-02-18 9:21 ` Konrad Hinsen
2023-03-13 12:50 ` Containerized workflow in containerized processes Simon Tournier
2023-03-21 8:13 ` Konrad Hinsen
2023-03-13 12:52 ` Using Guix inside a Guix container Simon Tournier
2023-02-21 22:50 ` Ludovic Courtès
2023-02-27 14:27 ` Konrad Hinsen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m1mt5uk7y1.fsf@fastmail.net \
--to=konrad.hinsen@fastmail.net \
--cc=guix-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.