Hi Jimmy!
I guess they are reducing the capabilities allowed to their build
platform
but I can really tell what operation is guix pull attempting in this
particular case.
Do you have any possibility to run guix pull with strace? strace is a
program that logs all the system calls [1] of another program,
so you might see what operation is failing.
But for this, you must modify the startup file of guix-daemon! Because
`guix pull` only forwards requests to `guix-daemon`, which
does all the work! I don't know how to do it in docker, but, for my Arch
Linux system, there is a `guix-daemon` service file at
/etc/systemd/system/guix-daemon.service.
There, you can find a line starting with "ExecStart=". This is the
command to run the daemon. Prepend `strace -o
/tmp/guix-daemon.strace.log` to the command to log all the system calls
to the file /tmp/guix-daemon.stace.log
Hope that helps,
Moritz
[1]:
https://en.wikipedia.org/wiki/System_call#Categories_of_system_calls
