Nixos-rebuild switch fails with busctl error: Access Denied

Hi folks,

I recently started with nix / NixOS and only scratched the surface a bit. I’m planning to switch some of my LXC containers on Proxmox 8 from Debian to NixOS. Therefore I looked into this article on the wiki: Proxmox Virtual Environment - NixOS Wiki.

What I’ve done so far

I prepared a small Debian container, installed nix and generated the LXC template. Then I copied the tarball into the hosts template/cache folder and deployed the container as written in the wiki. I also changed the console from tty to console and stated the container. All went well so far.

What went wrong

After creating the recommended /etc/nixos/configuration.nix and updating the nix-channel the following nixos-rebuild switch resulted in an error:

'/nix/store/a6gwhp53b2kmxx7c1al273hl42dcjl7l-system-path/bin/busctl --json=short call org.freedesktop.systemd1 /org/freedesktop/systemd1 org.freedesktop.systemd1.Manager ListUnitsByPatterns asas 0 0' exited with value 1 at /nix/store/rfdh06bvlpryqrc2a1hvxk76hl8naq1p-nixos-system-unnamed-22.11.4773.ea4c80b39be/bin/switch-to-configuration line 140.
warning: error(s) occurred while switching to the new configuration

The same command executed by myself showed the following:

# busctl --json=short call org.freedesktop.systemd1 /org/freedesktop/systemd1 org.freedesktop.systemd1.Manager ListUnitsByPatterns asas 0 0
Call failed: Access denied

This is the entry from the journal:

dbus-daemon[262]: [system] Rejected send message, 1 matched rules; type="method_call", sender=":1.9" (uid=0 pid=10449 comm="busctl --json=short call org.freedesktop.systemd1" label="unconfined") interface="org.freedesktop.systemd1.Manager" member="ListUnitsByPatterns" error name="(unset)" requested_reply="0" destination="org.freedesktop.systemd1" (uid=0 pid=1 comm="/run/current-system/systemd/lib/systemd/systemd" label="unconfined")

What I also tried to find a solution

  • I tried the same with unstable, 23.05 and 22.11 all with the same negativ result

  • I tried with tarballs from Hydra. E.g. nixos-system-x86_64-linux.tar.xz

  • I searched for other guides and solutions and found this on:
    Actually this blog post helped me to get a LXC container up and running, including a working environment where nixos-rebuild switch was working with out issues. But the resulting container was unmanaged and is not what I want.

What can I do to further investigate the issue?

Another search in the forum revealed this topic:

So, I rebooted the container and finally was able to nixos-rebuild switch without an error. :slight_smile: