building the configuration in /mnt/etc/nixos/configuration.nix...
[359 copied (1576.8 MiB), 7.2 MiB DL]
error: while setting up the build environment: unable to bind mount '/mnt/nix/store/85d8y2vybq07al01j7zv518yf3fa9mwq-append-initrd-secrets.drv.chroot': Permission denied
I have a very standard PC setup, 8GB RAM, Intel x86_64 CPU, etc. Does anyone know what could be causing this or could you give me some pointers on how I could go about debugging what is wrong here? Thanks in advance!
Hi,
being a relative newbie who have still to grasp Nix language I can’t
figure out whats goes wrong, however IMO your config is way too
minimal… This http://ix.io/1EB9 is my, stripped down minimal
config, not super-minimal but comfortable for a starter CLI-only
deploy… Normally I add few extra pkgs, at least Emacs including
personal config as org mode file so I can deploy and log anything
in a single shot. If you are a vimmer you may like vim/nvim instead.
If it may help I normally install with a minimal config and after
switch to a full config because nixos-install download anything
needed to build the target config not in the target /mnt/nix/store
but in the live image /nix/store so a big config can run out of
ram…
Consider that nixos config and optional home-manager config describe
the entire system, you shouldn’t (and can’t generally speaking) do
“minimal install” like Arch and after manually install packages, touch
up /etc configs etc. Anything is in a handful of nix files so the
system is reproducible and can be described entirely without forgotten
hacks, changes form the past etc.
Yes, I understand that my configuration is too minimal for practical use, I plan on adding a lot more to it in the future, but for now I’m just trying to get past the nixos-install step.
Can you post the content of your hardware-configuration.nix ?
I suspect the issue is with the filsystem labels you used.
The configuration generation tool looks for fs labelled “nixos” and “boot” AFAIK.
building the configuration in /mnt/etc/nixos/configuration.nix...
[359 copied (1576.8 MiB), 7.2 MiB DL]
error: while setting up the build environment: unable to bind mount '/mnt/nix/store/85d8y2vybq07al01j7zv518yf3fa9mwq-append-initrd-secrets.drv.chroot': Permission denied
What I would do in this case is I would cp /run/current-system/sw/bin/nixos-install . ; chmod 755 nixos-install and edit it to add set -x at the top of the file so that it would print what it tries to do. Then I would run ./nixos-install and see what command fails.
Absolutely, it’s available here: https://hastebin.com/raw/ocajisonuh I’ve checked it and it appears to be resolving the right drive UUIDs and I don’t see any obvious issues with any of the other options.
Unfortunately it appears that the actual error is happening as part of the nix build command, and we can’t see what exactly that is doing. Is there a similar trick to see exactly what the nix build is getting tripped up by?
Thanks to srhb on irc.freenode.net#nixos who helped me do a bit more debugging, we added -vvv to the nix build command in nixos-install and got this output: https://hastebin.com/abuverakat Unfortunately I’m not really able to figure out anything more from this as it still doesn’t give us the command that it’s running that’s failing. Specifically what the actual arguments to the mount command are that we could use to try to diagnose the permissions issue.
Just for funsies we also tried disabling sandboxing by adding nix.useSandbox = false; to /etc/nixos/configuration.nix and running nixos-rebuild switch, then restarted the nix-daemon with pkill nix-daemon and verified the config went through with nix show-config | grep "sandbox =", then ran nixos-install again, but we continued to get the same error.
Well I feel pretty dumb. I finally tried digging out one of my other USB drives from my desk and when I tried the same steps with that it worked perfectly the first time. I’m very confused as to what is wrong with my other USB drive that could be causing this, since I’ve tried re-copying the disk image to it several times to ensure it wasn’t something temporary going wrong with the dd if=path-to-image of=/dev/sdX copy process but got no results, and badblocks -ns /dev/sdX on the USB drive returns no bad sectors. But I guess I will remember not to use this drive in the future for Linux installs, whatever the issue is!
Thanks to everybody who helped me try to debug this!