Matthias Wachs <[email protected]> skribis: >> How did it complain exactly? Is it running as ‘root’, as per >> <http://www.gnu.org/software/guix/manual/guix.html#Setting-Up-the-Daemon>? >> >> The ability to run build processes in a chroot and under separate UIDs >> is essential to achieve reproducibility. > > The basic issue is: > I cannot add a builder group since on these machines I don't have the > "groupadd" command ... limitations of the image/testbed
You may have ‘addgroup’ instead, no? > So when starting the daemon with: > > [tumple_gnunet_deployment@planetlab-02 ~]$ sudo guix-daemon > warning: daemon is running as root, so using `--build-users-group' is > highly recommended > accepted connection from pid 13641, uid 1376 > 245 operations > > The client prints: > > guix package -i make > <removed> > substituter-succeeded > /nix/store/qhkvy39118lccxxsnrwjb9xp7s4627py-make-3.82-debug > guix package: error: build failed: unable to fork: Operation not > permitted Can you try to set those CLONE_* constants that you added to 0 instead of some other value? According to the clone(2) man page, EPERM means: CLONE_NEWIPC, CLONE_NEWNET, CLONE_NEWNS, CLONE_NEWPID, or CLONE_NEWUTS was specified by an unprivileged process (process without CAP_SYS_ADMIN). But you said guix-daemon is running as ‘root’. So it might be that the kernel doesn’t recognize these flags, and returns EPERM for lack of a better idea. Thanks, Ludo’.
