Error with recursive git checkout

  • Done
  • quality assurance status badge
Details
4 participants
  • Alexis Simon
  • Guillaume Le Vaillant
  • Ludovic Courtès
  • Simon Tournier
Owner
unassigned
Submitted by
Guillaume Le Vaillant
Severity
important
G
G
Guillaume Le Vaillant wrote on 2 Oct 2023 13:17
(address . bug-guix@gnu.org)
87msx1qmvs.fsf@kitej
Hi.

With Guix at 47d0346553fdad9795c9390a60944ccaad7e5255, I'm unable to
build a package (see attached patch) requiring a recursive git-fetch to
get the sources:

Toggle snippet (35 lines)
$ ./pre-inst-env guix build bladerf
The following derivations will be built:
/gnu/store/982zz7z94va89fxn79hpjil5wp0v49pn-bladerf-2023.02.drv
/gnu/store/5rlqf4srlnnymsv93ydxkgxwgfszkszw-bladerf-2023.02-checkout.drv
building /gnu/store/5rlqf4srlnnymsv93ydxkgxwgfszkszw-bladerf-2023.02-checkout.drv...
Initialized empty Git repository in /gnu/store/fhlm9zxs4r4cgapbngckpzrs8rnzf1l2-bladerf-2023.02-checkout/.git/
From https://github.com/Nuand/bladeRF
* tag 2023.02 -> FETCH_HEAD
Note: switching to 'FETCH_HEAD'.

You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by switching back to a branch.

If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -c with the switch command. Example:

git switch -c <new-branch-name>

Or undo this operation with:

git switch -

Turn off this advice by setting config variable advice.detachedHead to false

HEAD is now at 41ef634 Revert "libbladeRF: update compatibility for FPGA v0.15.0 from libbladeRF 2.4.0 to 2.5.0"
/gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/libexec/git-core/git-submodule: line 7: basename: command not found
/gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/libexec/git-core/git-submodule: line 7: sed: command not found
/gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/libexec/git-core/git-sh-setup: line 77: basename: command not found
/gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/libexec/git-core/git-sh-setup: line 77: sed: command not found
/gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/libexec/git-core/git-sh-setup: line 292: uname: command not found
/gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/libexec/git-core/git-submodule: line 613: sed: command not found
/gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/libexec/git-core/git-submodule: line 613: cmd_: command not found
git-fetch: '/gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/bin/git submodule update --init --recursive' failed with exit code 127
From ac6fc0fdf16187c4e0c61916c52ced35a031fd76 Mon Sep 17 00:00:00 2001
Message-ID: <ac6fc0fdf16187c4e0c61916c52ced35a031fd76.1696246171.git.glv@posteo.net>
From: Guillaume Le Vaillant <glv@posteo.net>
Date: Sat, 30 Sep 2023 11:17:40 +0200
Subject: [PATCH 1/8] gnu: Add bladerf.

* gnu/packages/radio.scm (bladerf): New variable.
---
gnu/packages/radio.scm | 39 +++++++++++++++++++++++++++++++++++++++
1 file changed, 39 insertions(+)

Toggle diff (65 lines)
diff --git a/gnu/packages/radio.scm b/gnu/packages/radio.scm
index 2e4e9db4cc..aa26c04db2 100644
--- a/gnu/packages/radio.scm
+++ b/gnu/packages/radio.scm
@@ -69,10 +69,12 @@ (define-module (gnu packages radio)
#:use-module (gnu packages image)
#:use-module (gnu packages image-processing)
#:use-module (gnu packages javascript)
+ #:use-module (gnu packages libedit)
#:use-module (gnu packages libusb)
#:use-module (gnu packages linux)
#:use-module (gnu packages logging)
#:use-module (gnu packages lua)
+ #:use-module (gnu packages man)
#:use-module (gnu packages maths)
#:use-module (gnu packages mp3)
#:use-module (gnu packages multiprecision)
@@ -1416,6 +1418,43 @@ (define-public hackrf
@code{(udev-rules-service 'hackrf hackrf #:groups '(\"dialout\"))}.")
(license license:gpl2)))
+(define-public bladerf
+ (package
+ (name "bladerf")
+ (version "2023.02")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/Nuand/bladeRF")
+ (commit version)
+ (recursive? #t)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "038v9qdmrwx9mxsrq4l36bap0bsypyg4i8hs7l7srv4b0c2s7ynp"))))
+ (build-system cmake-build-system)
+ (native-inputs (list doxygen help2man pkg-config))
+ (inputs (list libedit libusb))
+ (arguments
+ (list #:configure-flags #~(list "-DTAGGED_RELEASE=ON"
+ (string-append "-DUDEV_RULES_PATH="
+ #$output
+ "/lib/udev/rules.d")
+ "-DBLADERF_GROUP=dialout"
+ "-DBUILD_DOCUMENTATION=ON")
+ #:tests? #f)) ; No test suite
+ (home-page "https://www.nuand.com/")
+ (synopsis "User-space library and utilities for BladeRF SDR")
+ (description
+ "This package contains a library and command line utilities for
+controlling the BladeRF Software Defined Radio (SDR) over USB. To install the
+hackrf udev rules, you must extend 'udev-service-type' with this package.
+E.g.: @code{(udev-rules-service 'bladerf bladerf)}.")
+ (license (list license:bsd-3
+ license:expat
+ license:gpl2+
+ license:lgpl2.1+))))
+
(define-public hamlib
(package
(name "hamlib")

base-commit: 47d0346553fdad9795c9390a60944ccaad7e5255
--
2.41.0
-----BEGIN PGP SIGNATURE-----

iIUEAREKAC0WIQTLxZxm7Ce5cXlAaz5r6CCK3yH+PwUCZRqqpw8cZ2x2QHBvc3Rl
by5uZXQACgkQa+ggit8h/j/ENAD+O1LI9XimLMc0L4YqAZfGUw7C/jxgiJKx0QUS
ix8KAv0A/3vZn1hKC0ZDt+28kZcgC/I0H7GQwxNQfZHv7gyytB2j
=ZflY
-----END PGP SIGNATURE-----

G
G
Guillaume Le Vaillant wrote on 2 Oct 2023 19:37
(address . 66305@debbugs.gnu.org)
878r8kyl4j.fsf@kitej
Workaround: by rebooting the machine to an older generation (and
therefore an older guix-daemon, with Guix at
4f35ff1275e05be31f5d41464ccf147e9dbfd016), the recursive git-fetch
works.
-----BEGIN PGP SIGNATURE-----

iIUEAREKAC0WIQTLxZxm7Ce5cXlAaz5r6CCK3yH+PwUCZRsBjA8cZ2x2QHBvc3Rl
by5uZXQACgkQa+ggit8h/j/4nwD8Cqas1KobHRno6EbybzfqEgxwO7IzDF3feFvt
K+QkbicA/RcLObnfiin35r8zgeTEPZSZof4vOhJzACmIAMgByr/A
=f9n0
-----END PGP SIGNATURE-----

S
S
Simon Tournier wrote on 3 Oct 2023 21:26
Re: bug#66305: Error with recursive git checkout
(name . Ludovic Courtès)(address . ludo@gnu.org)
877co34ide.fsf@gmail.com
Hi Guillaume,

On Mon, 02 Oct 2023 at 11:17, Guillaume Le Vaillant <glv@posteo.net> wrote:

Toggle quote (4 lines)
> With Guix at 47d0346553fdad9795c9390a60944ccaad7e5255, I'm unable to
> build a package (see attached patch) requiring a recursive git-fetch to
> get the sources:

[...]

Toggle quote (10 lines)
> HEAD is now at 41ef634 Revert "libbladeRF: update compatibility for FPGA v0.15.0 from libbladeRF 2.4.0 to 2.5.0"
> /gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/libexec/git-core/git-submodule: line 7: basename: command not found
> /gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/libexec/git-core/git-submodule: line 7: sed: command not found
> /gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/libexec/git-core/git-sh-setup: line 77: basename: command not found
> /gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/libexec/git-core/git-sh-setup: line 77: sed: command not found
> /gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/libexec/git-core/git-sh-setup: line 292: uname: command not found
> /gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/libexec/git-core/git-submodule: line 613: sed: command not found
> /gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/libexec/git-core/git-submodule: line 613: cmd_: command not found
> git-fetch: '/gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/bin/git submodule update --init --recursive' failed with exit code 127

It looks very similar as bug#65924:

bug#65924: git searches coreutils and util-linux commands in PATH
Maxim Cournoyer <maxim.cournoyer@gmail.com>
Wed, 13 Sep 2023 14:00:09 -0400
id:87fs3iuf6e.fsf@gmail.com

I think it is a corollary from:

bug#65866: [PATCH 0/8] Add built-in builder for Git checkouts
Ludovic Courtès <ludo@gnu.org>
Tue, 26 Sep 2023 17:44:22 +0200
id:87fs312b3d.fsf_-_@gnu.org

and if I am correct, such potential issue had been pointed by:

Re: hard dependency on Git? (was bug#65866: [PATCH 0/8] Add built-in builder for Git checkouts)
Simon Tournier <zimon.toutoune@gmail.com>
Thu, 14 Sep 2023 19:28:06 +0200
id:CAJ3okZ0hzimVNtTcSsJKR-x=WKpPVtHYxshznGzecqxNHFWC5Q@mail.gmail.com

Cheers,
simon
L
L
Ludovic Courtès wrote on 4 Oct 2023 18:05
control message for bug #66305
(address . control@debbugs.gnu.org)
87mswybcf9.fsf@gnu.org
severity 66305 important
quit
L
L
Ludovic Courtès wrote on 4 Oct 2023 18:06
control message for bug #65924
(address . control@debbugs.gnu.org)
87il7mbcdz.fsf@gnu.org
merge 65924 66305
quit
L
L
Ludovic Courtès wrote on 4 Oct 2023 18:13
(address . control@debbugs.gnu.org)
87bkdebc32.fsf@gnu.org
unmerge 65924
quit
L
L
Ludovic Courtès wrote on 4 Oct 2023 18:25
Re: bug#66305: Error with recursive git checkout
(name . Simon Tournier)(address . zimon.toutoune@gmail.com)
87v8bm9wx7.fsf@gnu.org
Hello,

Simon Tournier <zimon.toutoune@gmail.com> skribis:

Toggle quote (23 lines)
> On Mon, 02 Oct 2023 at 11:17, Guillaume Le Vaillant <glv@posteo.net> wrote:
>
>> With Guix at 47d0346553fdad9795c9390a60944ccaad7e5255, I'm unable to
>> build a package (see attached patch) requiring a recursive git-fetch to
>> get the sources:
>
> [...]
>
>> HEAD is now at 41ef634 Revert "libbladeRF: update compatibility for FPGA v0.15.0 from libbladeRF 2.4.0 to 2.5.0"
>> /gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/libexec/git-core/git-submodule: line 7: basename: command not found
>> /gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/libexec/git-core/git-submodule: line 7: sed: command not found
>> /gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/libexec/git-core/git-sh-setup: line 77: basename: command not found
>> /gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/libexec/git-core/git-sh-setup: line 77: sed: command not found
>> /gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/libexec/git-core/git-sh-setup: line 292: uname: command not found
>> /gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/libexec/git-core/git-submodule: line 613: sed: command not found
>> /gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/libexec/git-core/git-submodule: line 613: cmd_: command not found
>> git-fetch: '/gnu/store/y3vdq2pdkljrw63xxnc2vb6lz07ycar6-git-minimal-2.41.0/bin/git submodule update --init --recursive' failed with exit code 127
>
> It looks very similar as bug#65924:
>
> bug#65924: git searches coreutils and util-linux commands in PATH
> Maxim Cournoyer <maxim.cournoyer@gmail.com>

D’oh! Thanks Simon and Guillaume for the heads-up (I had totally
overlooked that you raised this during the review, Simon; my bad).

Here’s a patch that fixes it for me:
Toggle diff (15 lines)
diff --git a/guix/scripts/perform-download.scm b/guix/scripts/perform-download.scm
index 045dd84ad6..c869f19502 100644
--- a/guix/scripts/perform-download.scm
+++ b/guix/scripts/perform-download.scm
@@ -108,6 +108,10 @@ (define* (perform-git-download drv output
(drv-output (assoc-ref (derivation-outputs drv) "out"))
(algo (derivation-output-hash-algo drv-output))
(hash (derivation-output-hash drv-output)))
+ ;; Commands such as 'git submodule' expect Coreutils and sed (among
+ ;; others) to be in $PATH.
+ (setenv "PATH" "/run/current-system/profile/bin:/bin:/usr/bin")
+
(git-fetch-with-fallback url commit output
#:recursive? recursive?
#:git-command %git))))
To test it, you need to run the daemon from your checkout, with
something like:

sudo herd stop guix-daemon
sudo -E ./pre-inst-env guix-daemon --build-users-group=guixbuild &

(Once we’ve applied the fix, we’ll have to update the ‘guix’ package.)

I think we should eventually our ‘git’ package as discussed in
https://issues.guix.gnu.org/65924, but that won’t help on foreign
distros anyway, hence the fix above.

WDYT?

Ludo’.
S
S
Simon Tournier wrote on 4 Oct 2023 20:16
(name . Ludovic Courtès)(address . ludo@gnu.org)
87r0maz21l.fsf@gmail.com
Hi Ludo,

On Wed, 04 Oct 2023 at 18:25, Ludovic Courtès <ludo@gnu.org> wrote:

Toggle quote (16 lines)
> diff --git a/guix/scripts/perform-download.scm b/guix/scripts/perform-download.scm
> index 045dd84ad6..c869f19502 100644
> --- a/guix/scripts/perform-download.scm
> +++ b/guix/scripts/perform-download.scm
> @@ -108,6 +108,10 @@ (define* (perform-git-download drv output
> (drv-output (assoc-ref (derivation-outputs drv) "out"))
> (algo (derivation-output-hash-algo drv-output))
> (hash (derivation-output-hash drv-output)))
> + ;; Commands such as 'git submodule' expect Coreutils and sed (among
> + ;; others) to be in $PATH.
> + (setenv "PATH" "/run/current-system/profile/bin:/bin:/usr/bin")
> +
> (git-fetch-with-fallback url commit output
> #:recursive? recursive?
> #:git-command %git))))

LGTM.

Well, I would add a comment explicitly mentioning that’s a temporary fix
pointing this issue #66305.

And I have tested with:

Toggle snippet (5 lines)
$ guix build ocaml-ansiterminal -S --no-substitutes
$ guix build volk --no-substitutes --check -S


Cheers,
simon
S
S
Simon Tournier wrote on 4 Oct 2023 20:18
(name . Ludovic Courtès)(address . ludo@gnu.org)
CAJ3okZ2=pO3F663j8dBZFkFYnkko+M85UEo9CgbnjXeBrDUY6A@mail.gmail.com
On Wed, 4 Oct 2023 at 20:16, Simon Tournier <zimon.toutoune@gmail.com> wrote:

Toggle quote (2 lines)
> And I have tested with:

On foreign distro I mean :-)
L
L
Ludovic Courtès wrote on 5 Oct 2023 11:28
(name . Simon Tournier)(address . zimon.toutoune@gmail.com)
87sf6p8lk5.fsf@gnu.org
Hello,

Simon Tournier <zimon.toutoune@gmail.com> skribis:

Toggle quote (23 lines)
> On Wed, 04 Oct 2023 at 18:25, Ludovic Courtès <ludo@gnu.org> wrote:
>
>> diff --git a/guix/scripts/perform-download.scm b/guix/scripts/perform-download.scm
>> index 045dd84ad6..c869f19502 100644
>> --- a/guix/scripts/perform-download.scm
>> +++ b/guix/scripts/perform-download.scm
>> @@ -108,6 +108,10 @@ (define* (perform-git-download drv output
>> (drv-output (assoc-ref (derivation-outputs drv) "out"))
>> (algo (derivation-output-hash-algo drv-output))
>> (hash (derivation-output-hash drv-output)))
>> + ;; Commands such as 'git submodule' expect Coreutils and sed (among
>> + ;; others) to be in $PATH.
>> + (setenv "PATH" "/run/current-system/profile/bin:/bin:/usr/bin")
>> +
>> (git-fetch-with-fallback url commit output
>> #:recursive? recursive?
>> #:git-command %git))))
>
> LGTM.
>
> Well, I would add a comment explicitly mentioning that’s a temporary fix
> pointing this issue #66305.

It’s not temporary in that it will still be needed for example by the
Debian package of Guix. But yeah, I’ll clarify that in the comment.

Toggle quote (5 lines)
> And I have tested with:
>
> $ guix build ocaml-ansiterminal -S --no-substitutes
> $ guix build volk --no-substitutes --check -S

Awesome, thanks for checking!

Ludo’.
L
L
Ludovic Courtès wrote on 5 Oct 2023 23:31
(name . Simon Tournier)(address . zimon.toutoune@gmail.com)
87cyxs21tq.fsf@gnu.org
Hi!

Pushed as 762fdbdef52b4c17df578478cadc8655d56171a4.

Now to update ‘guix’…

Ludo’.
L
L
Ludovic Courtès wrote on 12 Oct 2023 16:42
(name . Simon Tournier)(address . zimon.toutoune@gmail.com)
87pm1jlx59.fsf@gnu.org
Ludovic Courtès <ludo@gnu.org> skribis:

Toggle quote (4 lines)
> Pushed as 762fdbdef52b4c17df578478cadc8655d56171a4.
>
> Now to update ‘guix’…

Done last week in 16fd9d6e3d626fc624c38cb3096331905a4161e4.

Closing!
Closed
A
A
Alexis Simon wrote on 25 Oct 2023 06:53
Error with recursive git checkout
(address . 66305@debbugs.gnu.org)
1f7a9c28-602c-42ac-bf3b-1b8534b4982e@runbox.com
Hi,

I think I'm hitting this bug trying to git-fetch with submodules.
I am on a foreign distro.

Toggle snippet (19 lines)
/gnu/store/pmv37cxc4cg1s7x8yg8dkhikkwmwpncr-git-minimal-2.41.0/libexec/git-core/git-submodule:
line 7: /bin/basename: Permission denied
/gnu/store/pmv37cxc4cg1s7x8yg8dkhikkwmwpncr-git-minimal-2.41.0/libexec/git-core/git-submodule:
line 7: /bin/sed: Permission denied
/gnu/store/pmv37cxc4cg1s7x8yg8dkhikkwmwpncr-git-minimal-2.41.0/libexec/git-core/git-sh-setup:
line 77: /bin/basename: Permission denied
/gnu/store/pmv37cxc4cg1s7x8yg8dkhikkwmwpncr-git-minimal-2.41.0/libexec/git-core/git-sh-setup:
line 77: /bin/sed: Permission denied
/gnu/store/pmv37cxc4cg1s7x8yg8dkhikkwmwpncr-git-minimal-2.41.0/libexec/git-core/git-sh-setup:
line 292: /bin/uname: Permission denied
/gnu/store/pmv37cxc4cg1s7x8yg8dkhikkwmwpncr-git-minimal-2.41.0/libexec/git-core/git-submodule:
line 613: /bin/sed: Permission denied
/gnu/store/pmv37cxc4cg1s7x8yg8dkhikkwmwpncr-git-minimal-2.41.0/libexec/git-core/git-submodule:
line 613 : cmd_: command not found
git-fetch:
'/gnu/store/pmv37cxc4cg1s7x8yg8dkhikkwmwpncr-git-minimal-2.41.0/bin/git
submodule update --init --recursive' failed with exit code 127

This is with a recent guix I think
Toggle snippet (8 lines)
? guix describe
Generation 8 oct. 24 2023 21:31:58 (current)
guix 0074731
repository URL: https://git.savannah.gnu.org/git/guix.git
branch: master
commit: 00747316ee0e1a7962ffe226c727776ba7a8163b

Alexis
A
A
Alexis Simon wrote on 25 Oct 2023 18:51
(address . 66305@debbugs.gnu.org)
ee85ee58-c432-4724-8c0b-c43b6fd6e810@runbox.com
ah well it seems this is due to a selinux policy error

Toggle snippet (50 lines)
SELinux is preventing git-submodule from execute access on the file
/usr/bin/sed.

***** Plugin catchall (100. confidence) suggests
**************************

If you believe that git-submodule should be allowed execute access on
the sed file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'git-submodule' --raw | audit2allow -M my-gitsubmodule
# semodule -X 300 -i my-gitsubmodule.pp


Additional Information:
Source Context system_u:system_r:guix_daemon.guix_daemon_t:s0
Target Context system_u:object_r:bin_t:s0
Target Objects /usr/bin/sed [ file ]
Source git-submodule
Source Path git-submodule
Port <Unknown>
Host xps13
Source RPM Packages
Target RPM Packages sed-4.8-12.fc38.x86_64
SELinux Policy RPM selinux-policy-targeted-38.29-1.fc38.noarch
Local Policy RPM
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name xps13
Platform Linux xps13 6.5.7-200.fc38.x86_64 #1 SMP
PREEMPT_DYNAMIC Wed Oct 11 04:07:58 UTC 2023
x86_64
Alert Count 460
First Seen 2023-10-24 20:20:26 PDT
Last Seen 2023-10-25 09:44:31 PDT
Local ID fa57086c-6738-4eec-8252-3abb66a9e249

Raw Audit Messages
type=AVC msg=audit(1698252271.150:513): avc: denied { execute } for
pid=10644 comm="git-submodule" name="sed" dev="dm-0" ino=261979
scontext=system_u:system_r:guix_daemon.guix_daemon_t:s0
tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=0


Hash: git-submodule,guix_daemon.guix_daemon_t,bin_t,file,execute

But trying to fix it does not seem to have any effect. I've added this
to the guix-daemon.cil and re-applied
Toggle snippet (5 lines)
(allow guix_daemon_t
bin_t
(file (execute)))

Alexis
A
A
Alexis Simon wrote on 25 Oct 2023 19:47
(address . 66305@debbugs.gnu.org)
59ba31b7-42a5-4b54-a617-b4a6102c3581@runbox.com
This is what was needed in the selinux policy to fix the errors

Toggle snippet (5 lines)
(allow guix_daemon_t
bin_t
(file (execute execute_no_trans map)))

Alexis
?