[Nix-dev] multi-user / RHEL6.5/ no root -- "nix-env -i" trying to grab a lock file outside of "per-user"

Thu, 21 Aug 2014 01:35:06 -0700 

Hello all,

I'm an enthusiastic recent convert to nix.  I'm trying to get it set up
across our university's shared RHEL 6.5 linux setup so that my students and
I can use it for building all our research software.  I've convinced the
sysadmins to symlink /nix/ to an NSF location (for now) so that we can get
started, but I can't get things working in multiuser mode
(NIX_REMOTE=daemon) with a special build-user that is non-root.

For example:

  * user "builder" -- own /nix, runs nix-daemon, non-root
  * user "steve" -- non-root, can write to
/nix/var/nix/daemon-socket/socket

Actually, if steve runs "nix-env -i hello", it works as far as building the
package in the store, but then at the end it fails when trying to update
the profiles:

    replacing old `hello-2.9'
    installing `hello-2.9'
    error: opening lock file `/nix/var/nix/profiles/default.lock':
Permission denied

Why should it be going for "profiles/" instead of
"profiles/per-user/steve/"?  Why does the user account need to do any of
the locking at all?  Shouldn't the daemon control all access to the "/nix"
directory in the multi-user setup?

I messed around with the perms in that profiles directory, making it
group-writable (for a group that includes "steve" and "builder"), but that
just gets me to a different error:

    error: creating symlink from `/nix/var/nix/profiles/.new_default' to
`default-47-link': File exists

Seems like a lose-lose situation -- I can play with setting/unsetting the
sticky bit, "chmod 1775", on that profiles/ dir but the best I can't avoid
hitting some error.  I think the problem originates in "profile.d/nix.sh"
which was created during installation and reads:

    _NIX_DEF_LINK=/nix/var/nix/profiles/default

Should that instead say profiles/per-user/$USER/default ?  I don't want to
mutate a config file in the nix store, so hopefully there is some way to
change this NIX_DEF_LINK during the install process?  Or build an alternate
one and point my ~/.nix-profile/etc/profile.d there?  What's the best
approach?

Thanks in advance for your help,
  -Ryan

P.S. This is with nix-1.7.



-- 
Ryan R. Newton
(812) 856-4205
Asst. Professor
Indiana University - School of Informatics & Computing
Lindley Hall 230H
http://www.cs.indiana.edu/~rrnewton/

_______________________________________________
nix-dev mailing list
[email protected]
http://lists.science.uu.nl/mailman/listinfo/nix-dev

Reply via email to