picnoir
November 22, 2018, 8:49am
1
Hey,
I’m having an issue while installing nixos on a kimsufi dedicated server.
I’m following this guide: Installing NixOS on a Kimsufi
I have a problem when chrooting into the install environment. When executing nix/store/hfa8sap493ip9q4wxpnm88m2wcjbl2si-nixos-system-nixos-18.09.1388.03dc6471c12/init, the chroot process ends up with the following error:
unpacking the NixOS/Nixpkgs sources...
error: cloning builder process: Operation not permitted
error: unable to start build process
I don’t know how to fix or debug this to be honest. Google was no help.
The partition on which I mount the nixos installer as plenty of space.
Full log:
root@rescue:~# ls
nixos-minimal-18.09.1388.03dc6471c12-x86_64-linux.iso rescue
root@rescue:~# mkdir image
root@rescue:~# mkdir rescue/nix
root@rescue:~# mount /dev/disk/by-label/rescue rescue/
root@rescue:~# mkdir rescue/nix
root@rescue:~# mount -o loop nixos-minimal-18.09.1388.03dc6471c12-x86_64-linux.iso image/
mount: /dev/loop0 is write-protected, mounting read-only
root@rescue:~# unsquashfs -d rescue/nix/store image/
boot/ EFI/ nix-store.squashfs
.boot.cat isolinux/ version.txt
root@rescue:~# unsquashfs -d rescue/nix/store image/nix-store.squashfs '*'
Parallel unsquashfs: Using 4 processors
70672 inodes (71312 blocks) to write
[================================================================================================/] 71312/71312 100%
created 54335 files
created 17163 directories
created 16337 symlinks
created 0 devices
created 0 fifos
root@rescue:~# cd rescue/
root@rescue:~/rescue# mkdir -p etc dev proc sys
root@rescue:~/rescue# df
Filesystem 1K-blocks Used Available Use% Mounted on
devtmpfs 2005948 0 2005948 0% /dev
178.33.124.57:/home/pub/rescue.v8 3763908936 282585208 3290105040 8% /nfs
tmpfs 2007832 616716 1391116 31% /rw
aufs 2007832 616716 1391116 31% /
178.33.124.57:/home/pub/pro-power 3763908936 282585208 3290105040 8% /power
178.33.124.57:/home/pub/commonnfs 3763908936 282585208 3290105040 8% /common
tmpfs 2007832 0 2007832 0% /dev/shm
tmpfs 2007832 9860 1997972 1% /run
tmpfs 5120 0 5120 0% /run/lock
tmpfs 2007832 0 2007832 0% /sys/fs/cgroup
tmpfs 2007832 12 2007820 1% /tmp
/dev/sda3 5029504 1808476 2942500 39% /root/rescue
/dev/loop0 527360 527360 0 100% /root/image
root@rescue:~/rescue# mount --bind /dev/ dev
root@rescue:~/rescue# mount --bind /proc/ proc/
root@rescue:~/rescue# mount --bind /sys/ sys
root@rescue:~/rescue# INIT=$(find . -type f -path '*nixos*/init')
root@rescue:~/rescue# BASH=$(find . -type f -path '*/bin/bash' | tail -n 1)
root@rescue:~/rescue# sed -i "s,exec systemd,exec /$BASH," "$INIT"
root@rescue:~/rescue# chroot . /$INIT
/nix/store/czx8vkrb9jdgjyz8qfksh10vrnqa723l-bash-4.4-p23/bin/bash: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
<<< NixOS Stage 2 >>>
running activation script...
/nix/store/czx8vkrb9jdgjyz8qfksh10vrnqa723l-bash-4.4-p23/bin/bash: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = "en_US.UTF-8",
LANG = "en_US.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
setting up /etc...
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = "en_US.UTF-8",
LANG = "en_US.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
/nix/store/czx8vkrb9jdgjyz8qfksh10vrnqa723l-bash-4.4-p23/bin/bash: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
/nix/store/czx8vkrb9jdgjyz8qfksh10vrnqa723l-bash-4.4-p23/bin/sh: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
Initializing machine ID from random generator.
/nix/store/czx8vkrb9jdgjyz8qfksh10vrnqa723l-bash-4.4-p23/bin/bash: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
unpacking the NixOS/Nixpkgs sources...
error: cloning builder process: Operation not permitted
error: unable to start build process
starting systemd...
pvgoran
November 22, 2018, 10:25am
2
From my experience, this happens because the activation script of the livecd tries to execute nix-env; since 18.09, Nix defaults to using the “sandbox” mode, which doesn’t work in chroot environment.
Try to disable the sandbox mode by specifying sandbox = false in etc/nix/nix.conf (inside rescue).
1 Like
picnoir
November 22, 2018, 11:06am
3
Nice catch!
For people finding this solution through a google search, you can run
CONF=$(find . -type f -path '*-nix.conf')
sed -i "s,sandbox = true,sandbox = false," "$CONF"
Before jumping into the chroot to solve the problem.
I’ll send a message to the guy owning the guide previously cited.
Thanks again @pvgoran for the answer!!!
picnoir
November 22, 2018, 1:25pm
4
Actually it’s not entirely solved ><
I have a similar problem while running nixos-install:
[root@nixos:/mnt/etc/nixos]# nixos-install --option sandbox false
building the configuration in /mnt/etc/nixos/configuration.nix...
[0/180 built, 1/350/353 copied (1405.5/1408.8 MiB), 27.5/27.9 MiB DL] copying btrfs-progs-4.15.1 from localerror: cloning builder process: Operation not permitted
[351 copied (1405.7 MiB), 27.5 MiB DL]
error: unable to start build process
I still have the sandbox = false setup in my chroot’s /etc/nix configuration and added a nix.useSandbox = false; in my chroot’s /mnt/etc/nixos/configuration.nix.
Looks like the problem still comes from a container built in the chroot. Once again, google is no help on this.
picnoir
November 23, 2018, 8:00am
5
TL;DR: you can’t install nixos on a kimsufi anymore.
[Original post]
I’m debugging the nixos-install script step by step to see what’s wrong.
Turns out the problem comes from the Build the system configuration in the target filesystem. (https://github.com/NixOS/nixpkgs/blob/f591dd2fdf240bfc10f838ae1f792d89e8b75781/nixos/modules/installer/tools/nixos-install.sh#L95 ) step:
[root@nixos:/]# cat /etc/nix/nix.conf
# WARNING: this file is generated from the nix.* options in
# your NixOS configuration, typically
# /etc/nixos/configuration.nix. Do not edit it!
build-users-group = nixbld
max-jobs = 1
cores = 1
sandbox = false
extra-sandbox-paths =
substituters = https://cache.nixos.org/
trusted-substituters =
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
auto-optimise-store = false
require-sigs = true
trusted-users = root
allowed-users = *
builders =
[root@nixos:/]# nix build --out-link "$outLink" --store "$mountPoint" "${extraBuildFlags[@]}" --extra-substituters "$sub" -f '<nixpkgs/nixos>' system -I "nixos-config=$NIXOS_CONFIG"
[0/257 built, 0/6 copied (0.0/0.0 MiB), 0.0/0.0 MiB DL] error: cloning builder process: Operation not permitted
error: unable to start build process
[EDIT]
Alright, I’m still stuck on it.
I tried several things. Looks like this error is coming from nix somehow ignoring the “sandbox = false” directive. I sadly did not manage to track down the error in the nix store program.
Looks like you can’t use nix-build from within a chroot (at least from a chroot in the nixos-install process).
I’m giving up on this one, I’m just going to dump my last try, could be handy for somebody else trying to tackle this problem:
nix-build --out-link "$outLink" --store "$mountPoint" --extra-substituters "$sub" -I "nixos-config=$NIXOS_CONFIG" '<nixpkgs/nixos>' --option "sandbox" "false"
these derivations will be built:
/nix/store/01pr08dl6xf8b0qscpbkyp4nf0wwxpz0-dhcpcd.exit-hook.drv
/nix/store/c75vdj3v0s5h4jc2jcr3x0jpk5lfcvh8-pam-environment.drv
/nix/store/14xaf9ad7r1kb6nb7mkx2h09yw5xvmdk-polkit-1.pam.drv
/nix/store/1pvjyx1b633hfgasqk96pjzpphhls6g2-i3lock.pam.drv
/nix/store/1ym7jj35ilslqdgg0r7l5lldzzmim431-etc-nixos.conf.drv
/nix/store/2w2dg30gbfqil61cbh6ibhx2xmcwl1sy-etc-nixos.conf.drv
/nix/store/3102qlnx5chpbp8vivx337jv732ps9fs-login.pam.drv
/nix/store/4b11a22x6sw28w3zj4fg2gpr99h85nrs-groupdel.pam.drv
/nix/store/6if3mkd3fl5rzx1v9y307cci668b05iv-su.pam.drv
/nix/store/6jw26nr1qlysclw24ld4g16yvfjjhxy0-etc-fstab.drv
/nix/store/6vh2q7v3ra7q88x5ss0057r5bw1a38zy-xscreensaver.pam.drv
/nix/store/7c02x84bmfihapw8ynsn5vi87jx9q19y-etc-sshd_config.drv
/nix/store/7fz9p9wxykn6vnpmvqgimcnygqgjkqwd-etc-os-release.drv
/nix/store/7lnxkhsr0gimfi2a4fp21x5jfm0kmlms-i3lock-color.pam.drv
/nix/store/0ln8fz8s43nky4wpih11xzwfz6dz6rnc-unit-systemd-journal-gatewayd.socket.drv
/nix/store/59vm3zgsmjj22a2rk20az1ij9awdy1z3-unit-script-sshd-pre-start.drv
/nix/store/1frlbircar7ldvj5mdh4lj14mnn6q8w6-unit-sshd.service.drv
/nix/store/1nr44c32b64yf04z59dj494xxb9b1zk1-unit-systemd-random-seed.service.drv
/nix/store/230f181bda2jw001kid6iybqzgwaavf9-unit-local-fs.target.drv
/nix/store/2lghvgg057csfpnfd7ck2c5n5p7rm6dh-unit-systemd-binfmt.service.drv
/nix/store/35cfgiwwgqzdldc7hb2j539iaykyr1wr-unit-remote-fs.target.drv
/nix/store/3j7g5z63cdg86m1zrhcpp58h5l57a5xr-unit-nix-daemon.socket.drv
/nix/store/jcwbizzll8ww893jmg2wq3zczf1yggm5-dhcpcd.conf.drv
/nix/store/3klaw4mchv8zf9m7vps3wj43lkbxb4jw-unit-dhcpcd.service.drv
/nix/store/s3a23ygr03hpgm5fkz21x128d55j17la-unit-script-pre-sleep-start.drv
/nix/store/46la6yy0395xpxcxy14hf5yy2wfkah3m-unit-pre-sleep.service.drv
/nix/store/yqr1djka38y497xkvrb0wza9hhm3i0q4-unit-script-prepare-kexec-start.drv
/nix/store/5wsxclfzqqgfy98535my5sjlw7m99bds-unit-prepare-kexec.service.drv
/nix/store/xwsb22b1wyqmgr4ah0qh4zzx51wlmnwa-nixos-help.drv
/nix/store/j7qjrrgb7mmhffg930b9hhprvy8dc7cc-system-path.drv
/nix/store/65j90aqbydy2vvrjmz3iqbnqa1yp49y1-unit-polkit.service.drv
/nix/store/6yqv5ahpwydrfcwq4midf4wkfkrla26l-unit-save-hwclock.service.drv
/nix/store/8kax9pxdik8rdi36bd3qxjw1npzq6p2w-unit-user-runtime-dir-.service.drv
/nix/store/9ixalag6rdpzab9h88nnmrwyb76iwwln-unit-serial-getty-.service.drv
/nix/store/9l0sfhdvykixz5v02496silg289avpmv-unit-systemd-journal-flush.service.drv
/nix/store/ha2hlacazqvffk6kd5jrzhwhdl4msfqr-nixos.conf.drv
/nix/store/akn6zfi1pvnl86l7i6j19wsq0qsm45kk-unit-systemd-modules-load.service.drv
/nix/store/4wq8frbl375qgz5fv3dqh18s7vyvh3s5-unit-script-nscd-pre-start.drv
/nix/store/dwicns95cpyhkdqcvqg9929vxfvzq2ll-etc-hosts.drv
/nix/store/fyficlp3qq5wjnms9dx42l9fx867qpas-etc-nscd.conf.drv
/nix/store/n98282igznkwjrg96yl39gv9az9n9303-etc-nsswitch.conf.drv
/nix/store/y2kffvsay3388hnd9yqq6dskz6h0x0s9-unit-script-nscd-post-start.drv
/nix/store/awswd4lxpkm7j5cmh018r2x55a1d1vs1-unit-nscd.service.drv
/nix/store/azsbwd90ssvbqp3ak4vxgqwqbchk8c0k-unit-systemd-remount-fs.service.drv
/nix/store/baf7bgjgv2nly7d84mg8ny904n6l96h3-unit-systemd-fsck-.service.drv
/nix/store/brgb5871rysqmamr9qj23n04xhk862fs-unit-qemu-guest-agent.service.drv
/nix/store/bvi7cnivfmny4f8ixpmdkm2fxnl3p69b-unit-nix-optimise.service.drv
/nix/store/d3h7z0j0va8y7a1r5q9s1kpzb95ia8bv-unit-mdadm-grow-continue-.service.drv
/nix/store/dhb2fynxh42a8zz7xrfh995ywbvc9ii7-unit-systemd-user-sessions.service.drv
/nix/store/p0ml8jia1ys06s7y20xkls8gy8c779nl-unit-script-nix-gc-start.drv
/nix/store/falw2xblvpxsyw5inr0fdbsrqyszaidz-unit-nix-gc.service.drv
/nix/store/flpbmf84qn685bcsjn4idcg6q1a784q2-unit-keys.target.drv
/nix/store/frpzzm287q2341cn27mcaqnaxwh8xrmk-unit-fs.target.drv
/nix/store/g1qbfcg7n5fjmzr3p0cs68qhl3iirnj0-unit-script-network-local-commands-start.drv
/nix/store/gp8zr8hf6v545zyczzjgwgkkpw1a9rzh-unit-network-local-commands.service.drv
/nix/store/nhv7kjwj5kkqzcn4vnqwvfj407xhd3dv-dbus-catalog.xml.drv
/nix/store/qq56d4brnzchpha531n5j8krwk9f0z6k-dbus-1.drv
/nix/store/hx4q8x6r2jijfnblr1pdzfmcsi33zsrm-unit-dbus.service.drv
/nix/store/i6k73vss15jngw6kih0n4np2041bh60i-unit-mdmon-.service.drv
/nix/store/ix8fn7iyxrrrw62j9c9sg1dzzk2y35lp-unit-network-interfaces.target.drv
/nix/store/javi5abgmp9k27d7ifv6lw1zbmlpmyzl-unit-container-getty-.service.drv
/nix/store/9wa0dbvb5pw03mrp2a46gl8rzfr3rrps-unit-script-post-resume-start.drv
/nix/store/jxjkgw0mzlrn73m4q84b3sl8shlscgcc-unit-post-resume.service.drv
/nix/store/1jhrkmqyjrigzgz9h7c1jx3li15azyjb-unit-script-nixos-upgrade-start.drv
/nix/store/k9m2wqx09djylv1h9phv02naqhmw1mib-unit-nixos-upgrade.service.drv
/nix/store/8ckpmmn92vrkv5as8zl8blwwnp1388wf-unit-script-network-setup-start.drv
/nix/store/kck80czbil5nc33hkc6nm7kfcvia025j-unit-network-setup.service.drv
/nix/store/lg1mdp9mwpncrb2klrzzach24kmhk8fj-unit-mdadm-shutdown.service.drv
/nix/store/lnbnd1pscgrvg917pqj0h6wkcwwp2s50-unit-user-.service.drv
/nix/store/fkgxn7w7v0l0fmx2cdy4272vwn4kqp9j-etc-journald.conf.drv
/nix/store/lqc5jga49mzn7fjvf3bk8jckicjz7j6y-unit-systemd-journald.service.drv
/nix/store/b8b8ll9x3zf7wq5zm0bl0c71p43c6fr1-etc-nixos.conf.drv
/nix/store/mlsh7vhkkvdydi7ssdm9kk2n9acmy3k8-unit-systemd-sysctl.service.drv
/nix/store/myc2hw13jqbxcafhb1a9fnj7r5hmq644-unit-systemd-backlight-.service.drv
/nix/store/4m4ww5ndz6bw2kqp2f8wi94vx0fx0wrj-reload-container.drv
/nix/store/82czwpk95rjr61kz3knbpkmmxl2grm9x-unit-script-container_-pre-start.drv
/nix/store/rkmqc8973zjqmqiihxlvkmva2vjz2qd0-container-init.drv
/nix/store/aqa0af560b0rablr526648xzczn07fmz-unit-script-container_-start.drv
/nix/store/fnakl0xhx5ap3gpclrwy6ph5isd5sh94-unit-script-container_-post-start.drv
/nix/store/gymlb79f62an0ic1ka2sdh1a8m5vz8gs-unit-script-container_-pre-stop.drv
/nix/store/n0rga7h72h2pm3vbsi19cvzg3byz4mdb-unit-container-.service.drv
/nix/store/9lg2ylspr7b815sdbnj9xxglb9c8p8n6-extra-hwdb-file.drv
/nix/store/dc8qaqkjyqx47sflka0maf4924yd3djm-extra-udev-rules.drv
/nix/store/n1lfgrkm0daidpf5vlfkspigkhjsq0ml-unit-systemd-udevd.service.drv
/nix/store/p4bqwzzpf7lzqgn4ysagm0z3jih470jk-unit-post-resume.target.drv
/nix/store/6fjl87n5a299fzpplmdm4mgkcj9b69yr-audit-stop.drv
/nix/store/v49mrs6qz5p4df4141amj5r8lmjxzagv-audit-disable.drv
/nix/store/vxkfnzh2mf7lkpqgf42d34p8jk16qcrj-unit-audit.service.drv
/nix/store/w2gbkkwnnjhqvfjxn9fs19zqd8y760yy-unit-systemd-timedated.service.drv
/nix/store/wp2zdah9qg7g58cm5c1f3fmk049yvfis-unit-systemd-logind.service.drv
/nix/store/x7k0pyarair9ma8ljxnkmx8vglypspw9-unit-cpufreq.service.drv
/nix/store/dsh2m8c3dr7cmdyafjykyicchwx85445-firewall-start.drv
/nix/store/g10nh7qylkz7pxfs2nn7s5xrc0yzqfnn-firewall-stop.drv
/nix/store/vxqzq3rl2d52x4qndyr1dzrh0ycw4i6r-firewall-reload.drv
/nix/store/xrlyia8pidzrp620blrsdn3y3sk0i78x-unit-firewall.service.drv
/nix/store/y3vjdgi4kvdn5xbffzzwv1ihl0hkrn2a-unit-getty-.service.drv
/nix/store/d2zf2d6zjr861jnl6imq1mzn2l5y1vx0-vconsole.conf.drv
/nix/store/yadpj1cwkfmal63gi5mjgmy5wm9rm018-unit-systemd-vconsole-setup.service.drv
/nix/store/dw1pajhzaxs0gvl8a1gi582a6knrxv2y-unit-script-network-addresses-enp1s0-pre-stop.drv
/nix/store/hs5350n8ixcxzf064q18r78w5h8zpq8d-unit-script-network-addresses-enp1s0-start.drv
/nix/store/yqq0y3n8hhlq0sgqzbsbfl74znzycxxm-unit-network-addresses-enp1s0.service.drv
/nix/store/yqypkwqvwk41gz25xj9p3i4dvls827f4-unit-console-getty.service-disabled.drv
/nix/store/kflrcxcympdf4i9sva71jmkcirxjr5wp-unit-script-network-link-enp1s0-start.drv
/nix/store/z0lw3ax821bpy95p6a0x2hdiq2njq2np-unit-network-link-enp1s0.service.drv
/nix/store/zb85b3q3bmpl2yz7b0kz0q39lr23vgzc-unit-systemd-update-utmp.service.drv
/nix/store/89v14m8q76nn6qjjphmz9zc2c9yrlyz4-nix.conf.drv
/nix/store/zlax5cspk3xrmrqa93bnv46fv0k152nc-unit-nix-daemon.service.drv
/nix/store/zpz5804ryjw0w18s7f4i1ax3z17r9xrd-unit-network-online.target.drv
/nix/store/7xvd0jfc4099w1qxicg65cyv93s3kh5z-system-units.drv
/nix/store/822z3ibp09l66vq3vmm4smr1vgi4ff4i-etc-sleep.conf.drv
/nix/store/83g8z630g3ca80xv61b4v082xi18izyq-etc-system.conf.drv
/nix/store/8k2ysi7w5w2d31vnmjb7g1dyzdbbas9n-set-environment.drv
/nix/store/9279l84hn0rzvvhw7j1mimyfvqypln43-passwd.pam.drv
/nix/store/9ailbgi8zpc3ldspn8fkllqm8f7jwxl0-useradd.pam.drv
/nix/store/a8yprynvqbnbfgv4pgjfpy8fnp9x653p-chpasswd.pam.drv
/nix/store/bbhnx145wi641jq57ppfdcwpxvqd3965-vlock.pam.drv
/nix/store/br5bwjdm17qj89lm50wm7xc09fsnn0ca-etc-host.conf.drv
/nix/store/bwvr1fd9w8dd4m07psxnahai6kv0grfd-etc-10-nixos.rules.drv
/nix/store/c29bw1lvlhjx12v79l4l3qwjpmv5s44v-chsh.pam.drv
/nix/store/df9pdjqcjg3hyjngffy8na4bmij8d8bv-client.conf.drv
/nix/store/dqfwf21cczncfk5ihk32vw3lwq8hp2xc-login.defs.drv
/nix/store/dv828a03nz8gf3kfrfq1idf93jndp2h4-groupadd.pam.drv
/nix/store/f5vqnq5xavbn136shx61aszhx1s0lnm6-other.pam.drv
/nix/store/gddib6h89g6382mjfiz0b1f4sc49rq12-etc-shells.drv
/nix/store/gf2m4lp9pxr34c7wy2sxvvqf6z7f7ba8-runuser-l.pam.drv
/nix/store/haw2dhd6858jlgxhbka73f9kb023b4a3-ftp.pam.drv
/nix/store/ikna2kmxg4gic18m7yxr4j576csvpvmc-issue.drv
/nix/store/j1vbh83slz4fmn2y3vxzxrzf1jqlif0a-runuser.pam.drv
/nix/store/jk3p3hn9fhcj7h3vl93m41lihb5mj25q-groupmod.pam.drv
/nix/store/jmam7c1mpdz5anmxfc25q0klrz6zdmfm-screen.pam.drv
/nix/store/k09l0abdafzpf3pv9a2id48zydrdsxa1-xlock.pam.drv
/nix/store/kqmmiz90rhml73bfsg3vdyrawny5sadd-sudo.pam.drv
/nix/store/l1ygr1kgcxggbkgvh16p6vmmf3f40rjk-sshd.pam.drv
/nix/store/l9sglzp2r4kjzf2fc7i79i3gfx1537m7-hwdb.bin.drv
/nix/store/m6mly4b9div91j0px3wchl005q92nx85-etc-resolvconf.conf.drv
/nix/store/mjyb3wbzh0bkq906jzzlib5lhwlc8rc5-etc-bashrc.drv
/nix/store/msa8fkpvxrpk1lyj123rsyj91wiqqlbr-unit-script-nixos-activation-start.drv
/nix/store/bmf3cgl0b44s7xggkapyw22cqga746c9-unit-nixos-activation.service.drv
/nix/store/kyd7fk5s5qvfmsbh6kj5f4knr1wsw3zn-unit-dbus.service.drv
/nix/store/lc2zi69v9l2b4fzx0dk1p0x0qznwqggh-unit-dbus.socket.drv
/nix/store/ss1sfa7zqjnn90877r4bys6rgs60vshl-unit-graphical-session.target.drv
/nix/store/mrba1wd7hkhbk15dsn7vb51acvisxx7h-user-units.drv
/nix/store/nm7laqcwnibdpv288xhgy9sphg9s3fbp-cups.pam.drv
/nix/store/p4my1j7bj9ja15xgrv97vadbsc850yyv-etc-hostname.drv
/nix/store/pvkvzwjih0sb63i0a0b9nz72s8iwldbz-etc-logind.conf.drv
/nix/store/pvvd04bhgvdclj951y0krcd4m4hj3lgi-smb-dummy.conf.drv
/nix/store/q95fin5mmn8drli2skal6sg83nvsdka2-locale.conf.drv
/nix/store/s60glpyab1raswk6cy27ir07442l306x-groupmems.pam.drv
/nix/store/sj7vx2hv80ghbxbp4q1l5wygrihdaif2-userdel.pam.drv
/nix/store/vfzmfrcz91jrm0dffhp6fw3k6ksq1mlk-etc-ssh_config.drv
/nix/store/vvpsd54rrzbpix49glw4m3z5jmgl5fkf-systemd-user.pam.drv
/nix/store/w3yqkygj59ji8rn7dbayydqmrlxsyk3s-etc-subuid.drv
/nix/store/whjd03kqliqbs4zr589sh1ilp1s9hgd1-usermod.pam.drv
/nix/store/xhlmbas38052b8mvzi0khk0dm4rqvkdm-udev-rules.drv
/nix/store/yrgf4f7mp1s7hwlp6ijcx6ymfldz3zhz-etc-ssh_known_hosts.drv
/nix/store/z0qkdj6gl7xkz5pmcg1xkw2zba7281jh-chfn.pam.drv
/nix/store/zcv44iw5b7qpaab5vk8pbywf9bfz2hgw-etc-user.conf.drv
/nix/store/zdbfxy977lpyl3cjj9ldc8rsgjpkmaaf-etc-subgid.drv
/nix/store/zm91p6nzb27j1awc032xnwllbhck5vly-etc-profile.drv
/nix/store/zv9xvpqpa1rjl6561nx64p2fnnf9wy41-useradd.drv
/nix/store/0bx1rs0m7vgvyyprkwzb7f1jagmlzj0h-etc.drv
/nix/store/hjmq8kcb2hx2g55rlmdglyicmj1zpbhr-vm-run-stage2.drv
/nix/store/vsrjqvln4jzwx4y1sg943aw0s80a3av7-vm-run.drv
/nix/store/65nbi8qlvi4ax51xh3j6x2wq476qn5sj-system-path.drv
/nix/store/ip8v13iw850s4kl40a39zjilcjkvhpm6-grub-config.xml.drv
/nix/store/abiimwy5xgk75sakhj94dzdqrbaw80q8-install-grub.sh.drv
/nix/store/dhnvdgslkxmbk91b2kar4jd8fic7gvm8-users-groups.json.drv
/nix/store/rr6kxfk2js4m5mxk3sn2lv26s5ycz65z-append-initrd-secrets.drv
/nix/store/355i3miq7mqxnklj16931wylyw9jv9k4-etc-fstab.drv
/nix/store/56j7f08fjpa01jpp81z71p7m7k8aabbc-dbus-1.drv
/nix/store/rjlxk12b2saj9icbpr94q93wiw5i3mzc-unit-dbus.service.drv
/nix/store/cwwxl54kshibsnzpfj6i100gh5vbw3ks-user-units.drv
/nix/store/bm3w243r4d2xjbb49grmjqcljwi1fnj0-unit-systemd-fsck-.service.drv
/nix/store/j4xq073mj9dfhclhyafc4l5ma9rdf0bd-unit-dbus.service.drv
/nix/store/k26qngipdbzk1pm7id81yx3a4w9mcrbi-unit-polkit.service.drv
/nix/store/k55by3sq0mpqj8vmdirsrv69c3lb3db3-system-units.drv
/nix/store/wijym8zbszgvvx1cxcpc64ijcsr4bh6h-etc.drv
/nix/store/2jasfannwyfgfbn76l4pd8ljxhxyxv3x-local-cmds.drv
/nix/store/xga7zl87kn93aaalmgndkyrkfvxfjdjc-stage-2-init.sh.drv
/nix/store/68svy3y789qn2l17hajvxn5wjcdfyl5s-mdadm.conf.drv
/nix/store/7p435ka0yrjzjf3wh0a53fcn6pnms5r7-kernel-modules-shrunk.drv
/nix/store/93vclqa9hwj7v2x23gn3s7k9gvcz3kcx-initrd-fsinfo.drv
/nix/store/k9bbng6knwa0i6qbbnr4w3v5ld78f1in-keymap.drv
/nix/store/rwdf3vlvf8rgq205cvr8491r4jai1d9n-stage-1-init.sh.drv
/nix/store/zha1gangvyvg5c0jann9jkdrrsdmavwf-initrd.drv
/nix/store/zn3q16ld35b5cpvvg7l31g2ijmwlhw0s-nixos-system-alternativebit.fr-18.09.1420.5d4a1a3897e.drv
/nix/store/jy0c0d32a4cr27wf7gdhqfbj0ap8dcg2-nixos-boot-disk.drv
/nix/store/0xfqlh4jwvnrgqilvgvya52yi1jw7r6w-run-nixos-vm.drv
/nix/store/6d687z2s5a2z28x7l8xcny7x2y3dxsjy-stage-2-init.sh.drv
/nix/store/c4rwgyd50drgmqkmk27aa2av723ic41s-nixos-system-alternativebit.fr-18.09.1420.5d4a1a3897e.drv
/nix/store/hv6wx2722rqkxnsjx7qj606lbqf5rbig-closure-info.drv
/nix/store/pjj1rbm174vbg76jv8wp5p08dz8n8r61-run-nixos-vm.drv
/nix/store/28vjvznxi3cnj8mncsbdpaclhwbm40yk-nixos-vm.drv
/nix/store/8yqcnj3q0r466nypybn06widkn5cznqy-grub-config.xml.drv
/nix/store/3w2sif0vjy06hlf9xd971x9k17mc8hyw-install-grub.sh.drv
/nix/store/dz0j7p9lxy6w88wd6504cp0717002nr0-system-path.drv
/nix/store/4gjyfjmjylimw78pdsawqjaq5i8fgz17-dbus-1.drv
/nix/store/4mscnm4jkgnddk1fmq7z6xwkjv63q4sn-unit-rngd.service.drv
/nix/store/sgwykdwxa0ylrrc7vqr2pn44v073q0m2-extra-udev-rules.drv
/nix/store/5cwsndj1gwz8qq6127k8mahiwklf4391-hwdb.bin.drv
/nix/store/yng3yx0mywlai3bfprc60047f0j361gc-dhcpcd.conf.drv
/nix/store/5w10r24zkvckmhpyb932asamg7y1asv2-unit-dhcpcd.service.drv
/nix/store/7blkd5468wn64f1x9b1mshzjdpn81jhq-unit-systemd-udevd.service.drv
/nix/store/adhybg6ycijs67sdk082rxwh2n6rqp9z-etc-fstab.drv
/nix/store/cgyqfykdpxdz32yh05qlk392jrg7v8vb-etc-timesyncd.conf.drv
/nix/store/cvpjwckd3xp6m5204fndapr9np5lijbp-unit-systemd-fsck-.service.drv
/nix/store/dvhc6gp311dz6nb1ck3vq5gcv3msc9j3-unit-systemd-timesyncd.service.drv
/nix/store/fzdxdnm3la55k83hdwyp65x4cp41jn3x-unit-dbus.service.drv
/nix/store/qw1pxa9jhc4mywdz9aqajwi5qwnp0dwa-unit-polkit.service.drv
/nix/store/i6i0xrfdzw2fpawxy8vikr07nfyi2bgx-system-units.drv
/nix/store/dacyniamm5rpblhn42n2is8lzb0fp4wh-unit-dbus.service.drv
/nix/store/kpv6zimixcxzdkaicabim358ld0357yn-user-units.drv
/nix/store/wq3n2djlcpfgdl9vqk17ki6zjidsv26k-udev-rules.drv
/nix/store/8hjxc6rsglw20f6z96aw9j2gdv2nd5vn-etc.drv
/nix/store/8ww80sprnbklnwhd51xl3c3rsg239d0n-initrd-fsinfo.drv
/nix/store/a1dsmzp96f62xg7fv789797z2k3ypx6c-kernel-modules-shrunk.drv
/nix/store/gvvny05px8qwjmfikri0mvmjqyvfpwqa-users-groups.json.drv
/nix/store/k5xc7l58jpw27bpv8ks404zlnwrzpgj6-stage-1-init.sh.drv
/nix/store/nnxkbpj3fmvwkdqws0rzmzyd9khj0j0m-nixos-vm.drv
/nix/store/rkiy0y5adavbg7577yyg39lqn9b5sgqi-initrd.drv
/nix/store/zslqc7qaknbfn0dihj5w6520a354v04m-nixos-system-alternativebit.fr-18.09.1420.5d4a1a3897e.drv
these paths will be fetched (84.99 MiB download, 454.82 MiB unpacked):
/nix/store/044ih3akb7lwhchv5rl2wslifnpi3dsz-mesa-noglu-18.1.7-drivers
/nix/store/0fnpfbv0wg9rnykplpnyjpql11kz3rs3-libomxil-bellagio-0.9.3
/nix/store/0njxikghr5s5y3mbxwrcmc76gc0gxlk2-libdrm-2.4.93
/nix/store/0qx75w9g8nwycpqrpc7xn1jiy8g9qji7-vte-0.52.2
/nix/store/0sarg0z2l0qhrbff55rz27cd9g708lrz-epoxy-1.5.1
/nix/store/0vk7ivr7pp7bphx8cmv4gvra93pwxgmg-libXi-1.7.9-dev
/nix/store/0xgmyrx8086kljddblrirfkbs8ck26c5-cups-2.2.6
/nix/store/17am6bza1av8i1gllx9aszgan8nhx65k-dconf-0.28.0-lib
/nix/store/1hwxrxmwxni4p5d1cbxb01rlsqfl4y9p-libGL-1.0.0-dev
/nix/store/1nnplnv2xn6gh1m66sjcvpw5gm8x0j0n-libdrm-2.4.93-bin
/nix/store/1w1rryb0knx2x6sfp1jj9y9nqfapwr1v-libxkbcommon-0.8.0
/nix/store/1whmyf4qpvrh4ydgl7nw7hwv77ay8g3b-libxcb-1.12-dev
/nix/store/29l32ad1pc593bvaz9r802psnyz7sdsl-SDL2-2.0.8
/nix/store/2ar3wn4xwwvzyxi34p12kh97hbq71n6h-nettle-3.4-dev
/nix/store/2kqjjpg0slscm4frm6shdmlpinpkn6l0-libXrandr-1.5.1-dev
/nix/store/32ayyxv62j400sim448lg1z73fnwlqmq-gettext-0.19.8.1
/nix/store/33dirx4d9wm176w424jr59asvf1bhywv-libXdamage-1.1.4-dev
/nix/store/3q86fk8zrn53sw3md122p43fsqf2zybw-libXxf86vm-1.1.4
/nix/store/4p88zybzrsg5vgm09jwylzyw5v9vb6xs-libjpeg-turbo-1.5.3-bin
/nix/store/4ps4yzv9lw772xqkb7sswp0rgmdp3rmn-expat-2.2.6-dev
/nix/store/57nxbb09cyqx3al7axrrif2scafpwirl-jq-1.5-bin
/nix/store/5am4ph6cvpcdnmw2kmj1zws0k86krri5-fixesproto-5.0
/nix/store/5n1xwwvnw3v9igik1ixq2siv846bihsd-gdk-pixbuf-2.36.12-dev
/nix/store/5papm7iy6207j1zn4cijdc8wlg7v6y10-mesa-noglu-18.1.7
/nix/store/6dx3270dvf6bkalldvvgz0hcqp89wb8g-glibc-iconv-2.27
/nix/store/6qlyc5b20r861ljkgagr8hqwk4sb8x06-python-2.7.15
/nix/store/6qv4njj1zw6m2yjh0gcxmybhlsx0ii9j-wayland-protocols-1.16
/nix/store/6rd2yk59zhjf56gm8d9if86crxvj3bac-spice-0.14.0
/nix/store/73dhmykksrhl294kx3a518xg17bbr8kz-cups-2.2.6-dev
/nix/store/755ism6nzmih63mkv78981jpdd7kqrxv-initrd
/nix/store/847y2nbzll9j4mc58yih0b8zwbw5lwz7-libXvMC-1.0.10
/nix/store/8fz98xhlk563kgsvmvihyj8m6i22pcc7-libogg-1.3.3
/nix/store/8gm4zbvvdbnhbybrhm2cbzqkpkdlrlnq-libffi-3.2.1-dev
/nix/store/8hhzkpwg0av28n03jd9crd4rpj6a8fpa-libXv-1.0.11
/nix/store/8k2iby14iflz9wn8g8s3s8wa5v70s0di-renderproto-0.11.1
/nix/store/8y421rdn40z4lqq04596kx1ya2d96iqb-libXau-1.0.8-dev
/nix/store/93gm3fqaml75zmcc0674sy5k0w8ssjn8-gtk+3-3.22.30-dev
/nix/store/985gmk6iri26qll1yqm0w8q1ih34d0f4-usbredir-0.8.0
/nix/store/9irxxc8h4kbw1f8kwyp4448d9ln176gs-libtiff-4.0.9-dev
/nix/store/9p1dqfvw4x3qp2adfgirw6790y8qvrln-autogen-5.18.12-lib
/nix/store/9q5j5h83sivxx44ai532g2pkrr5vflbg-speexdsp-1.2rc3
/nix/store/a0p0sd84yymb6zlay9wjm34hgr33ccan-gtk+3-3.22.30
/nix/store/arlsi185rckwkrji6ayllnsbfgn80bi7-llvm-6.0.1-lib
/nix/store/bbx1l1ljdjba237iaw5yvsrzq3hx65nr-qemu-host-cpu-only-for-vm-tests-3.0.0
/nix/store/bdd20x4nnfkw1rmy9n0wj1p6p54h921i-xproto-7.0.31
/nix/store/bfrvh4fpdz71g06m3z5559l65n0cmdlz-mesa-noglu-18.1.7-dev
/nix/store/bjk3w674k67vvladazrlhs9m6lz5nvqk-cairo-1.15.12-dev
/nix/store/bvbj06m245lbz26zzjww5z65p3b6r7yc-xineramaproto-1.2.1
/nix/store/c62s4xk9nvx0v1ljlmfvb7izjkjnrmg9-wayland-1.15.0
/nix/store/c9471ygh10cvbys3ilxbb54ldpg5yara-libXrender-0.9.10-dev
/nix/store/cb0n9fv4gfykkycqmj8p9ai8qsjv0y2i-kbproto-1.0.7
/nix/store/d07rplv06pgilqhar8zyfw965s9nqy2h-pango-1.42.1-bin
/nix/store/db81kl5z7iadis1jmsqwa0m3gccnx7pv-libjpeg-turbo-1.5.3-dev
/nix/store/dhrcg5drmihd0s4cmavg4dj5x9h628xm-zlib-1.2.11-dev
/nix/store/dhwmp45fw81h5dx21453mdb90zfqkqay-libxshmfence-1.3
/nix/store/dj3sdmwgfqbnn09bdf6spzw5p58ck0jq-pkg-config-0.29.2
/nix/store/dzg92k3h3f2590rzwkkdgjhm7hzcqm7g-pcre2-10.31-bin
/nix/store/f69ms8smldwfbba8s9b7n8in9afrmlxy-udev-rules
/nix/store/f8xx5xjrf6s87s8wkxwyw516h3vpaznr-fftw-single-3.3.8
/nix/store/fm0cl2sb112r4r6npxmw359wlmfakf1v-at-spi2-atk-2.26.2
/nix/store/fpi95dnl53sa33qflwcglg0ly8zkrrgz-gptfdisk-1.0.4
/nix/store/fpzn6dd3zl7alzjw4kfm9h4sh5lc0674-recordproto-1.14.2
/nix/store/fw6kv6w6fjh5q7pmnr470pkp93ds13hb-libvorbis-1.3.6
/nix/store/fyl6hvjgjzr43n6xwdbmai5ziv33w5p3-libXft-2.3.2-dev
/nix/store/h2y23zv427cghcjdm0f2gmi6k2bijx57-libpng-apng-1.6.34-dev
/nix/store/habc1ik5m90laf8hg2qrbyw9ls1y0l81-jasper-2.0.14-bin
/nix/store/hc1pr3gmyjvl3x12iizh3kp09k35dx54-libXinerama-1.1.3-dev
/nix/store/hix9xmrji19m4fs9vj371xq3g14ai74g-libpciaccess-0.14
/nix/store/hj4y5krr6hgd2cah7qwrvpp3brygbqj2-qemu-host-cpu-only-3.0.0
/nix/store/hp2rsb9j7k1i4shwm62y3fj6y0b60dmf-xkeyboard-config-2.24
/nix/store/hpfrjdc8nm8rzgf31hps2yl5p072rvbv-xcb-util-0.4.0
/nix/store/i9m39nd026k3nrqf41362qnkvhnhxq3f-virglrenderer-0.6.0
/nix/store/ipba8r4418ls0j55p5y5gi4zmg2kna5n-gmp-6.1.2-dev
/nix/store/iqvaq64hi6527l0yg01rp0digq07jmin-onig-6.8.2
/nix/store/iqylql44flvay2fibls0gcxfkpx3ahdz-libXcomposite-0.4.4-dev
/nix/store/j1gfp22j516j4v6f4xsjy5vdfsjngnjq-inputproto-2.3.2
/nix/store/j5824xjv2mrzpa6bnwhh2bffgc64g3d8-libpulseaudio-12.2
/nix/store/j5kg48z065dalnlmkcr5a2mwc2gwkh6c-mtools-4.0.18
/nix/store/j7rjm10in090fpmwqdmb6np0pc3yl32c-qemu-host-cpu-only-3.0.0-ga
/nix/store/jr0igqm4iy2gsa9l3rx1krn65i9dygf3-jq-1.5-lib
/nix/store/k44a93h60ywpi44xdz7liga6lqyy72py-extra-utils
/nix/store/k976m4xm2iy6zfgrabaxc7z9gp2r6vk2-libXcursor-1.1.15-dev
/nix/store/kcn3yv1k67wi7mqszv9831zkbvb96vj8-snappy-1.1.7
/nix/store/kd3h2d854nmypjnlmn6k71241cj4lxhj-compositeproto-0.4.2
/nix/store/kkczf0s9g04f5sfiwzd7y0f0qj0hkrgw-glib-2.56.0-dev
/nix/store/kkz8zrwh4r3cpssmgwiwhwfcyipc37zc-at-spi2-core-2.28.0
/nix/store/kxz25dc76m0rmxl9kw004km3sdsi5liy-util-linux-2.32.1-dev
/nix/store/lmw6ps4lmqnpa8rqar981r9ycjyb2n17-pcre2-10.31-dev
/nix/store/ln7qxilv7kxqja5h5w1bgf9r29s2xawg-randrproto-1.5.0
/nix/store/lpx9dhhzbnvimpkm4v7acxdaakgi7iwg-autogen-5.18.12
/nix/store/lr4q2vqb86kyi5in3d8bjrh0npmp2fpf-gnutls-3.6.2-bin
/nix/store/m3qnk7230x3zng1mqhjmhqwwzgl15y4x-scrnsaverproto-1.2.2
/nix/store/nd07anmjq1klrn16g461qznjsk0lyd9g-pango-1.42.1-dev
/nix/store/pc6h838ik0yb0rndfqngajwd4yynsbin-fontconfig-2.12.6-dev
/nix/store/pda740qpdg8nirlzjk18l92565s8ina2-libtiff-4.0.9-bin
/nix/store/ps3yzkv08x32smyr3arzk0403f38m1b8-atk-2.28.1-dev
/nix/store/q3ridw6xdmf0py4fkl5iyz5qkqpw8h19-libpaper-1.1.24
/nix/store/qcm7wxncrs6s045pr9cq2z8h2irb4613-libXdamage-1.1.4
/nix/store/qiv51flrar60yx3nazn2bx9dwyyqp2kh-harfbuzz-1.8.8-dev
/nix/store/qmrraik4xfwm7igq6c1l68salc0v2g23-gdbm-1.17
/nix/store/qsvyz09nl9qcgkjqn1ljxzcjnynr1f2b-numactl-2.0.12
/nix/store/qw61y70lrrailcn6w8i8ha1ajj905smr-libXtst-1.2.3
/nix/store/r81p2x8zxrgxilvricgah9alkw5prz0n-libXxf86vm-1.1.4-dev
/nix/store/rcqvp4cg75dz9dj5s83262xnmwjy9lvb-xextproto-7.3.0
/nix/store/rmzxkjkyhlrr70cdvazpscsx5zh3fkwn-libXScrnSaver-1.2.2
/nix/store/sfnik1cjki69gh70d4fbw0inc3kcxv9g-gsettings-desktop-schemas-3.28.0
/nix/store/sn6l14lxz0v188wqwc7lpimf723scnkd-vde2-2.3.2
/nix/store/sr8lgrbrxmmp6f1z0pr1m3krlr6dsazp-xz-5.2.4-dev
/nix/store/vancdy0plyjzm0m7zwp8a821b4c58m4a-libGL-1.0.0
/nix/store/vyxjnl1n0wqbwkcyg5gh3rgc1ci9ii9c-xcb-util-0.4.0-dev
/nix/store/w8833ihykqsinx2wzgnw60jw66l2z8cm-libXfixes-5.0.3-dev
/nix/store/wyl8bwby5n7sykd30b26l278cg547dj4-libpcap-1.8.1
/nix/store/x48bylmg68wlk2763an55sqk7pmmh14y-jasper-2.0.14-dev
/nix/store/x8m2d55l6y585djs02dshd0qaasb46fn-xf86vidmodeproto-2.3.1
/nix/store/xycjz3xr3zcigpqhwkarf1kai9i4f0ks-libXext-1.3.3-dev
/nix/store/yds3kxq3jqi9wcsxvp4ncazjgnb0p9n8-libsndfile-1.0.28
/nix/store/z61za4nin8hs24wpqqmk54qak2wv8gq0-celt-0.5.1.3
/nix/store/zavrkx3070qvv5zv8840grl8jrzp3wsk-freetype-2.9-dev
/nix/store/zgal8qx33hhky4zck5i7xlz26nwjpy8s-gnutls-3.6.2-dev
/nix/store/zhd6ybmvrhwxqdwqah9jlas9vnhz825v-libdrm-2.4.93-dev
/nix/store/zhdgkqwra0zl8437bjy1kqv8p44nxqxv-libSM-1.2.2-dev
/nix/store/zirndj8davmkjsm0aqx7fvh7ribdm7j5-flac-1.3.2
/nix/store/zk120bhr8xv6v8qd81yy1zbnaq2q8l2j-grub-2.02
/nix/store/zplplwngw36wawq11clm96mbsniw285c-libICE-1.0.9-dev
/nix/store/zqrklfsn1m734d46pqcl50cmakczyr80-libX11-1.6.6-dev
error: cloning builder process: Operation not permitted
error: unable to start build process
This looks like a sandboxing issue. Could you try setting one of these:
https://github.com/obsidiansystems/obelisk/issues/172#issuecomment-411507818
Otherwise you can safely disable sandboxing with the sandbox false option.
picnoir
November 25, 2018, 9:01am
7
Hey matthew. Indeed, it’s probably a sandboxing issue.
In my last post, I disabled the sandboxing in /etc/nix, /etc/nixos/config.nix (from both the chroot and the host config) as well as passing it via the CLI -option "sandbox" "false". For some reason, the configuration is ingnored and the build is occuring in a sandbox anyways.
I removed the installation, I can’t give you an access to it anymore. But I’ll try to reproduce this issue locally and open an issue on the nix repository shortly
Shados
August 14, 2019, 2:34am
8
The solution is: don’t chroot, pivot_root.
Set up your chroot environment as you were, in say /real-root, and get the path to init (e.g. INIT=$(find . -type f -path '*nixos-system*/init'))
cd /real-root
mkdir old_root
mount --make-rprivate /
pivot_root . old_root
$INIT
Now you’re in the livecd environment (ish), proceed to do your installation
This approach doesn’t work if your filesystem or something else needs kernel modules that the Kimsufi rescue system doesn’t provide. If that is the case, you’ll need to create a NixOS chroot that you can kexec into, so that you get the NixOS kernel as well.
See https://github.com/nix-community/nixos-generators and https://github.com/cleverca22/nix-tests/tree/master/kexec for some existing sources on the kexec approach.
2 Likes
. This worked for me when I needed to reinstall NixOS on a Kimsufi box today.