issue with openldap managed users on HPC

  • Open
  • quality assurance status badge
Details
2 participants
  • Davide Corrado
  • Ludovic Courtès
Owner
unassigned
Submitted by
Davide Corrado
Severity
normal
D
D
Davide Corrado wrote on 28 Mar 11:20 +0100
(name . bug-guix@gnu.org)(address . bug-guix@gnu.org)
AS8PR08MB873493D7B0014DF3C90C2960D73B2@AS8PR08MB8734.eurprd08.prod.outlook.com
hello, I installed guix in a HPC environment and everything works as expected if I use guix as a local user. I got this issue when I try to run it as an openldap/sssd-managed user.

example:
[
root@frontend ~]# id konrad
uid=10000(konrad) gid=10000(hpc-users) groups=10000(hpc-users)

[root@frontend ~]# getent passwd -s sss
konrad:*:10000:10000:Davide Corrado:/home/konrad:/bin/bash

[root@frontend ~]# su - konrad
Last login: Thu Mar 28 11:04:07 CET 2024 on pts/0
[konrad@frontend ~]$ id
uid=10000(konrad) gid=10000(hpc-users) groups=10000(hpc-users)
[konrad@frontend ~]$ guix install hello
user with UID 10000 not found
guix install: error: while creating directory `/var/guix/profiles/per-user/konrad': Permission denied
hint: Please create the `/var/guix/profiles/per-user/konrad' directory, with you as the owner.

I could create the missing /var/guix/profiles/per-user/konrad directory with the proper uid and gid and everything works as expected, but creating a procedure for managing this issue do not look like a clean solution to me. Am I missing something? Am I the only one using guix with such an environment?







Follow us on


DAVIDE CORRADO

HPC ENGINEER

+39 011.043.8173 | +39 392.015.2300 | www.doit-systems.ithttps://www.doit-systems.it/

Via Alessandro Antonelli 10, 10093, Collegno (TO), Italy

DoIT Systems srl | Codice Fiscale e Partita IVA: 10222290016 | REA: TO 1116464 | Capitale €100.000.iv. | Sede legale: c/o Studio Angeli - via G. Pomba, 29 - 10123 Torino Sede operativa di Torino: Via Antonelli 10 - 10093 Collegno Ufficio: 011.0438173 | Sede op. di Maranello: via Tazio Nuvolari, 55 - 41053 Maranello (MO)
Attachment: file
L
L
Ludovic Courtès wrote on 27 May 17:06 +0200
(name . Davide Corrado)(address . davide.corrado@doit-systems.it)(address . 70062@debbugs.gnu.org)
87o78rxpk0.fsf@gnu.org
Hi Davide,

Sorry for the delay; it looks like your bug report fell through the
cracks.

Davide Corrado <davide.corrado@doit-systems.it> skribis:

Toggle quote (17 lines)
> hello, I installed guix in a HPC environment and everything works as expected if I use guix as a local user. I got this issue when I try to run it as an openldap/sssd-managed user.
>
> example:
> [
> root@frontend ~]# id konrad
> uid=10000(konrad) gid=10000(hpc-users) groups=10000(hpc-users)
>
> [root@frontend ~]# getent passwd -s sss
> konrad:*:10000:10000:Davide Corrado:/home/konrad:/bin/bash
>
> [root@frontend ~]# su - konrad
> Last login: Thu Mar 28 11:04:07 CET 2024 on pts/0
> [konrad@frontend ~]$ id
> uid=10000(konrad) gid=10000(hpc-users) groups=10000(hpc-users)
> [konrad@frontend ~]$ guix install hello
> user with UID 10000 not found

I think this message shows the core of the problem.

Is nscd running on this machine, as per

It has to be installed and running so that Guix-installed programs can
access the user account database etc.

A simple way to check whether this is working is by running the ‘id’
program of the ‘coreutils’ package provided by Guix, like so:

guix shell coreutils -- id

HTH!

Ludo’.
?
Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send an email to 70062@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 70062
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch