`whoami: cannot find name for user ID` in `nix develop`

synalice · May 19, 2025, 4:13pm

Inside my flake I create a devShell devShells.default = pkgs.mkShell. For some reason, when I enter it, my username is missing:

[I have no name!@mypc ~]$ whoami
whoami: cannot find name for user ID 1045617922
[I have no name!@mypc ~]$ echo $PS1
[\u@\h \W]\$ 
[I have no name!@mypc ~]$ echo $USER
n.krasnov

I tried installing these packages, but they didn’t fix it:

buildInputs = [
  pkgs.bashInteractive
  pkgs.nss
  pkgs.nsss
  pkgs.shadow
  pkgs.nss_pam_ldapd
];

System info

OS: Ubuntu 22.04.5 LTS x86_64
Kernel: Linux 6.8.0-59-generic
DE: GNOME 42.9
WM: Mutter (X11)

Related issue that went nowhere: whoami: cannot find name for user ID <user-id> · Issue #331 · target/lorri · GitHub.

[I have no name!@mypc ~]$ which whoami
/nix/store/9m68vvhnsq5cpkskphgw84ikl9m6wjwp-coreutils-9.5/bin/whoami
[I have no name!@mypc ~]$ whoami 
whoami: cannot find name for user ID 1046609540
[I have no name!@mypc ~]$ /bin/whoami 
myUserName

synalice · May 19, 2025, 4:16pm

I did manage to make it work, but in no way is it a proper sollution:

$ nix profile install nixpkgs#sssd
$ LD_LIBRARY_PATH=~/.nix-profile/lib whoami
myUserName

Why doesn’t buildInputs = with pkgs; [ sssd ];work though?

github.com/NixOS/nixpkgs

Missing `libnss_sss.so.2` where needed.

opened 12:42PM - 05 May 23 UTC

joergdw

0.kind: bug

### Describe the bug `libnss_sss.so.2` not contained in nix-environment for pac…kages that need them. Among them: - [bosh-cli](<https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/applications/networking/cluster/bosh-cli/default.nix#L37>) - whoami ### Environment The following environment probably does not matter (apart from not using NixOS) but I include it for completeness: - OS: Ubuntu 20.04 - Nix: 2.13.2 (single-user-installation) - direnv: 2.32.1 (used to load shells defined in nix-flakes) What may matter however: I use a company-linux making use of <https://ubuntu.com/server/docs/service-sssd-ad> to manage users. ### Steps To Reproduce Steps to reproduce the behavior with `whoami`: 1. Open a terminal where `whoami` is provided by Nix. 2. Execute `whoami`. Addition: I found the reason using `strace whoami`: ``` […] openat(AT_FDCWD, "/nix/store/1nyg1fvhpz8bx3vn3r9f18zhra2rpbx9-glibc-2.37-8/lib/libnss_sss.so.2", O_RDONLY|O_CLOEXEC) = -1 ENOENT (file or directory not found) […] ``` ### Expected behavior I expect to see my username. ### Actual behaviour ```sh % whoami whoami: cannot find name for user ID <my-user-id> ``` ### Additional context There is a related issue which helped me to find the quick-fix: [#31700](<https://github.com/NixOS/nixpkgs/issues/31700>) ### Quick fix Using the library from my host-system: `LD_PRELOAD='/lib/x86_64-linux-gnu/libnss_sss.so.2' whoami` works! The package that provides `libnss_sss.so.2` under the mentioned path is [libnss-sss](<https://packages.ubuntu.com/jammy/libnss-sss>). ### Notify maintainers For gnu-coreutils (`whoami`): @dasJ For bosh-cli: @risicle ### Metadata Please run `nix-shell -p nix-info --run "nix-info -m"` and paste the result. ```console [user@system:~]$ nix-shell -p nix-info --run "nix-info -m" these 2 paths will be fetched (1.10 MiB download, 6.93 MiB unpacked): /nix/store/f01r6lmbi7mg0xg80mvzdwqhlmrzvy4v-bash-interactive-5.2-p15 /nix/store/skjaxjyjqf933mw7pcnhxzms9hk593q9-nix-info copying path '/nix/store/f01r6lmbi7mg0xg80mvzdwqhlmrzvy4v-bash-interactive-5.2-p15' from 'https://cache.nixos.org'... copying path '/nix/store/skjaxjyjqf933mw7pcnhxzms9hk593q9-nix-info' from 'https://cache.nixos.org'... - system: `"x86_64-linux"` - host os: `Linux 5.15.0-69-generic, Ubuntu, 20.04.6 LTS (Focal Fossa), nobuild` - multi-user?: `no` - sandbox: `yes` - version: `nix-env (Nix) 2.13.3` - channels(i539286): `"nixpkgs"` - nixpkgs: `/sapmnt/home/<redacted>/.nix-defexpr/channels/nixpkgs` ```

synalice · May 19, 2025, 4:47pm

Fixed it! Yippee

shellHook = ''
  export LD_LIBRARY_PATH=${pkgs.sssd}/lib
'';

waffle8946 · May 19, 2025, 5:12pm

First off use packages not buildInputs (somehow the old way won’t die off…)

And if you’re setting LD_LIBRARY_PATH then something’s gone massively wrong. What OS and nixpkgs revision are you using? Are you using lorri? (I’d not heard the best things about it, I personally use direnv.)
And is your shell literally pkgs.mkShell with nothing else?

synalice · May 21, 2025, 9:17pm

Here is my flake.nix

Summary

{
  inputs = {
    nixpkgs.url = "nixpkgs/nixos-24.11";
    nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
    flake-utils.url = "github:numtide/flake-utils";
  };

  outputs =
    {
      nixpkgs,
      nixpkgs-unstable,
      flake-utils,
      ...
    }:
    flake-utils.lib.eachDefaultSystem (
      system:
      let
        pkgs = nixpkgs.legacyPackages.${system};
        pkgs-unstable = nixpkgs-unstable.legacyPackages.${system};
        lib = nixpkgs.lib;
      in
      rec {
        devShells.default = pkgs.mkShell {
          packages = with pkgs; [
            bashInteractive
            sssd
          ];

          shellHook = ''
            #export LD_LIBRARY_PATH=${pkgs.sssd}/lib
          '';
        };
      }
    );
}

Yea, this I feel the same way. But why exactly is it true? Is it because Nix should make this path available automatically, without me doing it manually via LD_LIBRARY_PATH?

OS: Ubuntu 22.04.5 LTS x86_64
Kernel: Linux 6.8.0-59-generic
DE: GNOME 42.9
WM: Mutter (X11)

I don’t think revisions matter in my case. I’ve just replicated this without a lock file.

Nope. Only direnv. But I’ve just replicated this issue without it.

NobbZ · May 22, 2025, 5:19am

The problem here is, that other programs in the same environment might not find their own libraries in the correct versions anymore, as LD_LIBRARY_PATH is searched before the RPATH.

So if the LD-path contains libfoo.so version 3, while some app needs v2, then this app will break.

And even with a lib of the same versions, it could be beuilt with a different featureset, which makes an application to not work correctly.

synalice · May 22, 2025, 8:28am

But why doesn’t bash (or any other application like whoami) doesn’t see sssd libraries? Again, shouldn’t nix add them automatically?

I think I am missing something in my understanding of buildInputs/packages… From what I understand, declaring a package in one of these attribute sets (1) creates a nix store with specified package and (2) adds a symlinks to all files in this store. Which means when you enter a devShell, nix creates symlink /usr/lib/libfoo.s that points to /nix/store/hash-package/usr/lib/libfoo.so. I assume if this was true I wouldn’t need to set LD_LIBRARY_PATH manually. Is this correct?

Can someone please test my flake on non-NixOS system? Maybe this is only specific to my machine (why tho?).

Flake

{
  inputs = {
    nixpkgs.url = "nixpkgs/nixos-24.11";
    nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
    flake-utils.url = "github:numtide/flake-utils";
  };

  outputs =
    {
      nixpkgs,
      nixpkgs-unstable,
      flake-utils,
      ...
    }:
    flake-utils.lib.eachDefaultSystem (
      system:
      let
        pkgs = nixpkgs.legacyPackages.${system};
        pkgs-unstable = nixpkgs-unstable.legacyPackages.${system};
        lib = nixpkgs.lib;
      in
      rec {
        devShells.default = pkgs.mkShell {
          packages = with pkgs; [
            bashInteractive
            sssd
          ];

          shellHook = ''
            #export LD_LIBRARY_PATH=${pkgs.sssd}/lib
          '';
        };
      }
    );
}

Weirdly enough, even with LD_LIBRARY_PATH set I don’t have my username in the “first” bash shell (the one you see after running nix develop). Only after you run bash and open another sub-shell do you see your name in PS1. I didn’t notice this first because I had PS1 set.

Here is an screen recording of me showing this behavior — https://files.catbox.moe/1n4nmk.mp4

NobbZ · May 22, 2025, 6:23pm

Doesn’t see them, or an incompatible version of them from the LD_LIBRARY_PATH is shadowing the actual relevant entry?

Again, whenever LD_LIBRARY_PATH appears in the environment, things might just work still, or they might break in ways that are hard to understand without knowing really the complete environment and what exactly is in that variable, and what lives in the folders listed in that variable, and what programs are ran under that environment.

synalice · May 22, 2025, 9:54pm

As you can see from the video in my previous post, it’s adding the LD_LIBRARY_PATH variable that fixes the issue. Using sssd without setting the variable does nothing in terms of fixing this issue. Even though whoami binary actually comes from the /nix/store.

Could you please please test that on your machine? Do you have the same issue? Even though Nix is supposed to be hermetic, I feel like there might be something wrong with my Ubuntu 22 that causes that. I will try replicating this in a VM later.

Did not quite get the meaning of this but I do agree that setting LD_LIBRARY_PATH is a hack that should be avoided if possible.

synalice · May 23, 2025, 8:43am

Yea, I’ve just tested the flake on a Debian 12 VM and the issue is gone :') No sssd needed, no PS1 either.

How would I debug this? The reason I want to solve this is because the OS I’m running (Ubuntu 22) is provided to my by my company (it was preinstalled on the laptop and the BIOS is password-protected) — if the flake is broken for me, it might as well be broken for everyone else in my team/company.