Guix tools should not honor NIX_* environment variables

  • Open
  • quality assurance status badge
Details
3 participants
  • Jeff Mickey
  • Ludovic Courtès
  • Ricardo Wurmus
Owner
unassigned
Submitted by
Jeff Mickey
Severity
normal
Merged with
J
J
Jeff Mickey wrote on 25 Jan 2016 01:38
guix daemon writes acl to /etc/nix/acl not /etc/guix
(address . bug-guix@gnu.org)
8760yixzl8.fsf@nevada.int.iggy.bz
On NixOS when I follow the binary installation instructions as of 0.9.0,
it places the acl in the wrong place.

guix archive --authorize < hydra.gnu.org.pub

This puts the file in /etc/nix/acl, not /etc/guix acl. This means the
guix daemon can't find the acl, and you build everything from scratch.

I solved this locally by making them a symlink.

Also, /gnu/store is set to only have 1770 permissions instead of 1774,
which means you can't use any of your guix symlinks with 0.9.0 :/

// codemac
L
L
Ludovic Courtès wrote on 26 Jan 2016 11:00
(name . Jeff Mickey)(address . j@codemac.net)(address . 22459@debbugs.gnu.org)
87zivsvex9.fsf@gnu.org
Jeff Mickey <j@codemac.net> skribis:

Toggle quote (8 lines)
> On NixOS when I follow the binary installation instructions as of 0.9.0,
> it places the acl in the wrong place.
>
> guix archive --authorize < hydra.gnu.org.pub
>
> This puts the file in /etc/nix/acl, not /etc/guix acl. This means the
> guix daemon can't find the acl, and you build everything from scratch.

(guix pki) has:

Toggle snippet (4 lines)
(define %acl-file
(string-append %config-directory "/acl"))

where (guix config) does:

Toggle snippet (5 lines)
(define %config-directory
;; This must match `NIX_CONF_DIR' as defined in `daemon.am'.
(or (getenv "NIX_CONF_DIR") "@guix_sysconfdir@/guix"))

So most likely the ‘NIX_CONF_DIR’ environment variable is defined on
your system, and ‘guix archive’ simply honors that.

Can you confirm?

Now, we’ve honored those ‘NIX_’ variables mostly because the daemon
code, which comes from Nix, uses them, and I initially didn’t want to
diverge. Nowadays it would probably make sense to rename them.

Toggle quote (2 lines)
> Also, /gnu/store is set to only have 1770 permissions instead of 1774,

That’s not what I see:

Toggle snippet (4 lines)
$ tar tvf guix-binary-0.9.0.x86_64-linux.tar.xz |grep /gnu/store/$
drwxrwxr-t root/root 0 1970-01-01 01:00 ./gnu/store/

Which installation method did you use?

Toggle quote (2 lines)
> which means you can't use any of your guix symlinks with 0.9.0 :/

What do you mean by “your guix symlinks”?

Thanks,
Ludo’.
L
L
Ludovic Courtès wrote on 3 Feb 2016 22:10
rename
(address . request@debbugs.gnu.org)
87vb657b5k.fsf@gnu.org
retitle 22459 Guix tools should not honor NIX_* environment variables
severity 22459 wishlist
thanks
L
L
Ludovic Courtès wrote on 25 Jun 2016 01:17
control message for bug #22459
(address . control@debbugs.gnu.org)
87ziqarxc0.fsf@gnu.org
severity 22459 normal
L
L
Ludovic Courtès wrote on 25 Jun 2016 01:17
control message for bug #23828
(address . control@debbugs.gnu.org)
87y45urxb9.fsf@gnu.org
merge 23828 22459
L
L
Ludovic Courtès wrote on 27 Jun 2016 00:15
Re: bug#23828: unsupported sexp item type #f ```
(name . David Craven)(address . david@craven.ch)
87vb0violj.fsf@gnu.org
This issue is partly addressed with your patch pushed as
9dd674db017dbdc451cfd35da2dc3ce08db0726a, which renames ‘NIX_CONF_DIR’
to ‘GUIX_CONFIGURATION_DIRECTORY’.

Ludo’.
R
R
Ricardo Wurmus wrote on 14 May 2020 14:35
Guix tools should not honor NIX_* environment variables
(address . 22459@debbugs.gnu.org)
87d076k838.fsf@elephly.net
These NIX_* variables are still in use:

NIX_AFFINITY_HACK
NIX_BIN_DIR
NIX_BUILD_CORES
NIX_HELD_LOCKS
NIX_IGNORE_SYMLINK_STORE
NIX_STORE
NIX_STORE_DIR

This is used internally:

_NIX_OPTIONS

--
Ricardo
L
L
Ludovic Courtès wrote on 18 May 2020 00:52
(name . Ricardo Wurmus)(address . rekado@elephly.net)(address . 22459@debbugs.gnu.org)
87wo5ajhry.fsf@gnu.org
Hi,

Ricardo Wurmus <rekado@elephly.net> skribis:

Toggle quote (10 lines)
> These NIX_* variables are still in use:
>
> NIX_AFFINITY_HACK
> NIX_BIN_DIR
> NIX_BUILD_CORES
> NIX_HELD_LOCKS
> NIX_IGNORE_SYMLINK_STORE
> NIX_STORE
> NIX_STORE_DIR

I think those used in the build environment, NIX_STORE and
NIX_BUILD_CORES at least, are here to stay; we could provide GUIX_
aliases though they couldn’t be relied on before some time.

Not sure about the others!

Thanks,
Ludo’.
?
Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send an email to 22459@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 22459
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch