Dimitri DELABROYE <dimitri.delabroye@inria.fr> skribis:
Just so those unfamiliar with Grid’5000 understand: what’s special here
is that users can spawn new nodes where they are root, but this root
user is not trusted as an admin of the cluster as a whole.
Thus, if /var/guix as we know it were NFS-exported read/write, anyone
could fiddle with all of /var/guix/profiles/per-user. That’s the reason
why Dimitri & co. came up with the idea of storing per-user profiles in
each user’s home directory.
Why home directories? Because there’s already machinery on G5K that
arranges so that a node can NFS-mount nothing but the home directory of
the user who reserved the node.
Why not treat /var/guix/profiles/per-user/USER NFS shares in the same
way as home directories, then? That’s an option, but that’d mean extra
The problem is that ‘gc-roots’ in (guix store roots) won’t traverse
those /per-user/USER symlinks. Instead, it assumes they are symlinks to
In fact, it’s possible to use profiles other than the default profile,
and those profiles can be anywhere on the file system. For instance, if
guix install -p ~/.guix/my-profile emacs
the thing is installed in ~/.guix/my-profile; that profile does not show
up in /var/guix/profiles, but it is seen as a GC root by the daemon, via
Longer-term, we could imagine having a “private profile” option, where
the default profile is managed this way instead of being visible in
/var/guix/profiles/per-user. But obviously that needs more thought and
it’s not an option to solve your immediate problem.
As it stands, the simplest option I think would be handle NFS exports of
/var/guix/profiles/per-user/USER just like exports of /home/USER.