NixOS rebuild broken: nscd service failed

Help
1

Hello everyone. Excuse me if I’m attaching photos but I can’t ssh into the machine since I can’t rebuild.

So, here is the error:

PXL_20250609_161310010
PXL_20250609_1613100101920×1446 284 KB

No matter what I do, I tried modifying the configuration file to make it just the bootloader and user declaration, but this error still appears.

Here is the hardware config (not touched at all, leaved it as generated during install):

PXL_20250609_161402552
PXL_20250609_1614025521920×2550 365 KB

And here’s the config file:

# Edit this configuration file to define what should be installed on
# your system.  Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).

{ config, pkgs, ... }:

{
  imports =
    [ # Include the results of the hardware scan.
      ./hardware-configuration.nix
    ];

  # Bootloader.
#  boot.loader.systemd-boot.enable = true;
#  boot.loader.efi.canTouchEfiVariables = true;
  # EF: GRUB
  boot.loader = {
    efi.efiSysMountPoint = "/boot/efi";
    efi.canTouchEfiVariables = true;
    grub = {
      enable = true;
      device = "nodev";
      useOSProber = true;
      efiSupport = true;
    };
  };

  # Use latest kernel.
  boot.kernelPackages = pkgs.linuxPackages_latest;

  networking.hostName = "nixos"; # Define your hostname.
  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.

  # Configure network proxy if necessary
  # networking.proxy.default = "http://user:password@proxy:port/";
  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";

  # Enable networking
  networking.networkmanager.enable = true;
  programs.nm-applet.enable = true;

  services.openssh.enable = true;
  services.openssh.ports = [22];
  services.openssh.settings.PasswordAuthentication = true;  
  services.openssh.settings.PermitRootLogin = "yes";  
  services.openssh.settings.AllowUsers = null;
  networking.firewall.allowedTCPPorts = [22];
  


  # Set your time zone.
  time.timeZone = "Europe/Rome";

  # Select internationalisation properties.
  i18n.defaultLocale = "en_US.UTF-8";

  i18n.extraLocaleSettings = {
    LC_ADDRESS = "it_IT.UTF-8";
    LC_IDENTIFICATION = "it_IT.UTF-8";
    LC_MEASUREMENT = "it_IT.UTF-8";
    LC_MONETARY = "it_IT.UTF-8";
    LC_NAME = "it_IT.UTF-8";
    LC_NUMERIC = "it_IT.UTF-8";
    LC_PAPER = "it_IT.UTF-8";
    LC_TELEPHONE = "it_IT.UTF-8";
    LC_TIME = "it_IT.UTF-8";
  };

  # Configure keymap in X11
  services.xserver.xkb = {
    layout = "it";
    variant = "";
  };

  # EF i3
  services.xserver = {
    enable = true;
    displayManager.gdm.enable = true;
    #displayManager.defaultSession = "none+i3";
    windowManager.i3 = {
      enable = true;
      extraPackages = with pkgs; [
        dmenu
        i3status
        i3lock
      ];
    };
  };
  # Enable i3lock otherwise no password will be accepted
  programs.i3lock.enable = true;

  
  security.polkit.enable = true;
  # Configure console keymap
  console.keyMap = "it";

  # Define a user account. Don't forget to set a password with ‘passwd’.
  users.users.edoardo = {
    isNormalUser = true;
    description = "edoardo";
    extraGroups = [ "networkmanager" "wheel" ];
    packages = with pkgs; [];
  };
  
  # KEEP RECENT GENERATIONS
  nix.settings.auto-optimise-store = true;
  nix.gc.automatic = true; 
  nix.gc.dates = "daily";   
  nix.gc.options = "--delete-older-than 7d";  

  # Allow unfree packages
  nixpkgs.config.allowUnfree = true;

  # List packages installed in system profile. To search, run:
  # $ nix search wget
  environment.systemPackages = with pkgs; [
  #  vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
  #  wget
    git
    firefox
    rofi
    terminator
    xfce.thunar
    xfce.ristretto
    vscode
    pywal16
    lxappearance
    gparted
    pantheon.elementary-calculator
    adementary-theme
  ];

  # Enable font directory
  fonts.fontDir.enable = true;
  # Install all nerd fonts
  fonts.packages = with pkgs; [
    nerd-fonts.blex-mono    
  ];
  fonts.enableDefaultPackages = true;
  fonts.fontconfig.defaultFonts.monospace = ["BlexMonoNerdFontMono-Regular"];
#  console.font = "BlexMonoNerdFont Regular";

  # Some programs need SUID wrappers, can be configured further or are
  # started in user sessions.
  # programs.mtr.enable = true;
  # programs.gnupg.agent = {
  #   enable = true;
  #   enableSSHSupport = true;
  # };

  # List services that you want to enable:

  # Enable the OpenSSH daemon.
  # services.openssh.enable = true;

  # Open ports in the firewall.
  # networking.firewall.allowedTCPPorts = [ ... ];
  # networking.firewall.allowedUDPPorts = [ ... ];
  # Or disable the firewall altogether.
  # networking.firewall.enable = false;

  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
  # on your system were taken. It‘s perfectly fine and recommended to leave
  # this value at the release version of the first install of this system.
  # Before changing this value read the documentation for this option
  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
  system.stateVersion = "25.05"; # Did you read the comment?

}

Does anyone can help? As I said I tried deleting 99% of the config and leave it as minimal as possibile but the error is always the same

2

Anyone can help? I’ve tried reinstalling mulitple times but alwys the same problem comes up

3

Tried again… I reinstalled again, this time I kept the default configuration (done trough GNOME installer).

I just modified the bootloader to use grub and uncommented the network manager enabled flag.

Now besides the error related to nscd.service a new error spawned: avahi-daemon.service. The error is exactly the same type of nscd.

I just did the installation, which went without errors. Then assigned to my user a password, then reboot.
Grub appears, I select Nixos, and first thing:

  • gdm does not open, I only get a static terminal interface asking me for login, and I can’t do anything. So I have to press alt+F4/F3 to open an identical terminal but working one and login from there.
  • AS soon as I login I try to do sudo nixos rebuild switch and I get the error…
4

you didn’t include the logs for nscd.service yet - can you please take a picture of the output of journalctl -u nscd.service?

1 Like
5

Sure, here it is:

PXL_20250610_192420676
PXL_20250610_1924206761920×1446 409 KB

  • Just booted, as usual, login propmt from terminal that is stuck (likely gdm not starting and just displaying the terminal), so I press ctrl+alt+F5 to switch to terminal working.
  • I had to run sudo journalctl -u nscd.service because otherwise there were no entries.
6

read-only filesystem eh? let’s see what mount says… looks like /var or /run maybe?

1 Like
7

Thanks again for stopping by.

Here is the output of mount

1000027309
10000273091920×2550 543 KB

Just a quick heads up: if you see “mynix” it’s because I did the installation by manually by creeating a extra LUKS partition mounted on /mnt, these are the commands I used:

sudo cryptsetup luksOpen/dev/nvme0n1p7 mynix
sudo mount /dev/mapper/mynix /mnt
sudo swapon /dev/nvme0n1p6
sudo mkdir -p /mnt/boot/efi
sudo mount /dev/nvme0n1p5 /mnt/boot 
sudo mount /dev/nvme0n1p1 /mnt/boot/efi
sudo nixos-generate-config --root /mnt
sudo nixos-install

And then lastly I created a password for my user using the command nixos-enter (if I remember correctly).

8

nothing is mounted read-only that shouldn’t be… maybe a systemd issue where the service is hardened excessively in your case? though looking at the service definition nothing looks like it would cause that… :thinking:

maybe upstream can help you debug this - i would reach out to them, file an issue on nsncd github tracker (cc me if you want)

keep us in the loop, though, because this really sounds like something we need to get resolved

9

Thanks for your kind assistance…

I’m changing laptop anyway and hopefully I wont have this problem with the new one. So I can’t really help going deeper since I won’t have access anymore to that laptop in a couple of days.

Finger crossed it wont happen on the new one too.

1 Like
10

Well… I just did the EXACT same configuration on another laptop:

  • Previous laptop: Thinkpad T490
  • New laptop: Thinkad T14 Gen 5
  • Previous config: windows 10 along encrypted nixos and 8gb swap separate partition
  • Current config: windows 11 along encrypted nixos and 8gb swap separate partition

Done the exact same steps documented before… Everything worked! Gdm started and I’m inside gnome.

…Wondering why previous laptop created problems

11

i’m so glad to hear you’re up and running! curious though… :thinking:

1 Like