Hello Ludovic,
apologies for not adding logs before. It's hard to do when I do guix
commands from Xterm and not from Emacs. Emacs *shell* or *compilation*
buffers will eat all memory if they get too much text.
Probably need to redirect STDOUT STDERR in file when Xterm do guix.
I heard Guix folks work on implementing tiny log output to console and
redirect everything else to a log file. This will be my life saver.
[email protected] (Ludovic Courtès) writes:
> Hello,
>
> Oleg Pykhalov <[email protected]> skribis:
>
>> During 'guix system reconfigure' I got a kernel panic.
>
> Can you show the exact command and its output?
Sorry, as I said this is not a topic and I don't want to do it again and
I caution to make it on my current system.
I will setup a specific Guix VM for this, where I could make a 'system
reconfigure'. Then I'll create a new bug report with full log.
Neverless I'll leave a how-to reproduce it below for at least for myself
TODO list.
The problem
===========
The bigger problem from my view are files like /etc/group.lock and
/etc/passwd.lock. For example:
sudo touch /etc/group.lock
/etc/config.scm
(operating-system
;; …
(groups (cons
(user-group (name "test"))
%base-groups)))
reconfigure log
$ guix system reconfigure $HOME/dotfiles/guix/system-magnolia.scm
substitute: updating list of substitutes from 'https://berlin.guixsd.org'...
100.0%
The following derivations will be built:
/gnu/store/v9dp6193rpxrx1rqfdw59s5ss4wlrfdh-system.drv
/gnu/store/carkycnf6zcarbmnk5745pgsx1nv478y-grub.cfg.drv
/gnu/store/r5p953fx3dl18aav1ggwmiy2bqnv991s-activate-service.drv
/gnu/store/pjjm6595562ysk40zjrznhmsfsid1k8r-activate.drv
/gnu/store/l41adszqk24sb200dwm8sj6ky71ivwpi-boot.drv
/gnu/store/qqhzapsv5w8mrbz3s8hgy7w42r3dbyv9-system
/gnu/store/b4i4drp7lpxmgpcfkbvgmrig2hlszl3j-grub.cfg
/gnu/store/0b459jxdmyz5vf22avav9sm8ig03173k-grub-efi-2.02
/gnu/store/ijw065yljn1np4x0p5l1qkx9w4z9ikcl-bootloader-installer
activating system...
making '/gnu/store/qqhzapsv5w8mrbz3s8hgy7w42r3dbyv9-system' the current
system...
setting up setuid programs in '/run/setuid-programs'...
populating /etc from /gnu/store/iyr9ji3idg3iphi3fskh2hqjlmg4h5w0-etc...
usermod: no changes
adding group 'test'...
groupadd: existing lock file /etc/group.lock without a PID
groupadd: cannot lock /etc/group; try again later.
usermod: no changes
usermod: existing lock file /etc/group.lock without a PID
usermod: cannot lock /etc/group; try again later.
usermod: no changes
usermod: existing lock file /etc/group.lock without a PID
usermod: cannot lock /etc/group; try again later.
usermod: existing lock file /etc/group.lock without a PID
usermod: cannot lock /etc/group; try again later.
usermod: existing lock file /etc/group.lock without a PID
usermod: cannot lock /etc/group; try again later.
usermod: existing lock file /etc/group.lock without a PID
usermod: cannot lock /etc/group; try again later.
usermod: existing lock file /etc/group.lock without a PID
usermod: cannot lock /etc/group; try again later.
usermod: existing lock file /etc/group.lock without a PID
usermod: cannot lock /etc/group; try again later.
usermod: existing lock file /etc/group.lock without a PID
usermod: cannot lock /etc/group; try again later.
usermod: existing lock file /etc/group.lock without a PID
usermod: cannot lock /etc/group; try again later.
usermod: existing lock file /etc/group.lock without a PID
usermod: cannot lock /etc/group; try again later.
usermod: existing lock file /etc/group.lock without a PID
usermod: cannot lock /etc/group; try again later.
usermod: no changes
usermod: no changes
usermod: no changes
usermod: no changes
usermod: no changes
usermod: no changes
usermod: no changes
usermod: no changes
usermod: no changes
usermod: no changes
usermod: no changes
usermod: no changes
usermod: no changes
usermod: no changes
usermod: no changes
usermod: no changes
creating nginx log directory '/var/log/nginx'
creating nginx run directory '/var/run/nginx'
creating nginx temp directories
'/var/run/nginx/{client_body,proxy,fastcgi,uwsgi,scgi}_temp'
nginx: [alert] could not open error log file: open()
"/gnu/store/vyj2vkmdmlpxn3mnj71vz8zc8j30ahkf-nginx-1.12.1/logs/error.log"
failed (2: No such file or directory)
nginx: the configuration file
/gnu/store/xms1g2z62rcj2h9i9d6fbqyl65a4yycm-nginx.conf syntax is ok
nginx: configuration file
/gnu/store/xms1g2z62rcj2h9i9d6fbqyl65a4yycm-nginx.conf test is successful
guix system: unloading service 'user-homes'...
shepherd: Removing service 'user-homes'...
shepherd: Done.
guix system: loading new services: user-homes...
shepherd: Evaluating user expression (register-services (primitive-load
"/gnu/sto?")).
shepherd: Service user-homes could not be started.
Installing for x86_64-efi platform.
Installation finished. No error reported.
The new system generation was produced without "test" group, so you
could reboot into it. And it could lead to problems if we will have a
tiny output to console and big output to a log file, I guess.
> A user-land program is not supposed to be able to cause a kernel panic;
> if it does, that’s a kernel bug.
How to make a kernel panic
The problem will be No defined variable IPTABLES-SSH after 'guix system
reconfigure' and kernel crash after.
$HOME/src/iptables/iptables/ru.scm
(define-module (iptables ru)
;; …
)
(define %iptables-ssh
"-A INPUT -p tcp --dport 22 \
-m state --state NEW -m recent --set --name SSH -j ACCEPT")
/etc/config.scm
(use-modules ;; …
(iptables ru))
(define start-firewall
#~(let ((iptables
(lambda (str)
(zero? (system (string-join `(,#$(file-append iptables
"/sbin/iptables")
,str) " "))))))
(format #t "Install iptables rules.~%")
(and
;; …
(iptables %iptables-ssh))))
(define firewall-service
(simple-service 'firewall shepherd-root-service-type
(list
(shepherd-service
(provision '(firewall))
(requirement '())
(start #~(lambda _
#$start-firewall))
(respawn? #f)
(stop #~(lambda _
(zero?
(system* #$(file-append iptables
"/sbin/iptables")
"-F"))))))))
(operating-system
;; …
(services (cons* ;; …
firewall-service)))
Make a kernel panic
sudo GUILE_LOAD_PATH=\"$HOME/src/iptables\
:$GUILE_LOAD_PATH\" guix system reconfigure \
$HOME/dotfiles/guix/system-magnolia.scm
# Run above again and kernel will panic.
> But perhaps you got the kernel panic *after* rebooting in the
> reconfigured system? That could well be a GuixSD bug, indeed.
No, it happens after second 'guix system reconfigure' with howto above.
[...]
Thanks,
Oleg.
