search

LnL7 / nix-darwin

nix modules for darwin
MIT License
3.16k stars 454 forks source link

error: the store is not owned by this user #221

Closed happysalada closed 4 years ago

happysalada commented 4 years ago

I went with a manual install since I'm using fish shell as my main shell.

However I think that doing the first symlink with sudo creates a problem. In the readme it says sudo ln -s private/var/run /run

if I run darwin-rebuild check I get error: the store is not owned by this user

if I try to uninstall with nix-build https://github.com/LnL7/nix-darwin/archive/master.tar.gz -A uninstaller I get error: opening lock file '/nix/store/ds5sxiwsrd63i1gw5c1yr4w8c5whdccr-nix-darwin-uninstaller-configuration.lock': Permission denied If I run the command with sudo I get error: file 'nixpkgs' was not found in the Nix search path (add it using $NIX_PATH or -I), at /nix/store/70j4709343v80n0c1204fvrkbq2hr6fy-master.tar.gz/default.nix:1:13

I'm guessing the best thing to do is to uninstall and re-install, however I'm not sure how to do that.

since I am running the fish shell, rather than source the bashrc file, I have had to add

for p in /run/current-system/sw/bin
  if not contains $p $fish_user_paths
    set -g fish_user_paths $p $fish_user_paths
  end
end

to my fish config.

Any ideas on how to move forward are welcome.

LnL7 commented 4 years ago

The default nix installation is for a single user only (no daemon) which means everything is owned by your local user. Using root or sudo for anything that interacts with the nix store will mess up permissions. Generally just fixing the permissions is enough to recover from this.

chown -R $USER /nix/store
happysalada commented 4 years ago

Thanks a lot for the help!

0ihsan commented 4 years ago

Generally just fixing the permissions is enough to recover from this. chown -R $USER /nix/store

Does not work after running darwin-rebuild switch. Works for just one time.

I guess rebuilding process creates files root owns (not the user) or changes the owner of existing files 👎.

So, do I need to run chown -R $USER /nix/store after every darwin-rebuild switch?

LnL7 commented 4 years ago

That's surprising, nothing has really changed there for quite some time. But but that would be a bug.

Do you have any custom activation snippets configured? If not do you see any nix commands execute with sudo when running /run/current-system/sw/bin/bash -x darwin-rebuild switch?

0ihsan commented 4 years ago

Yes, I see commands with sudo:

❯ /run/current-system/sw/bin/bash -x darwin-rebuild switch
+ set -e
+ set -o pipefail
+ export PATH=/nix/store/2bbkv1njq1l6kyy93nvb3990wgmlkryv-coreutils-8.31/bin:/nix/store/d0hz9vb2qjzcfm1ij8y2g02yd1r4yajv-nix-2.3.7/bin:/Users/
ihsan/.nix-profile/bin:/run/current-system/sw/bin:/nix/var/nix/profiles/default/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin:/Users/ihsan/
Sync/bin:/Users/ihsan/Sync/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Users/ihsan/Sync/bin:/Users/ihsan/.nix-profile/bin:/run/current-s
ystem/sw/bin:/nix/var/nix/profiles/default/bin:/nix/store/x2cnkffyac8l775cf8l8fvg6dy2whyvr-neovim-ruby-env/bin
+ PATH=/nix/store/2bbkv1njq1l6kyy93nvb3990wgmlkryv-coreutils-8.31/bin:/nix/store/d0hz9vb2qjzcfm1ij8y2g02yd1r4yajv-nix-2.3.7/bin:/Users/ihsan/.
nix-profile/bin:/run/current-system/sw/bin:/nix/var/nix/profiles/default/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin:/Users/ihsan/Sync/bi
n:/Users/ihsan/Sync/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Users/ihsan/Sync/bin:/Users/ihsan/.nix-profile/bin:/run/current-system/s
w/bin:/nix/var/nix/profiles/default/bin:/nix/store/x2cnkffyac8l775cf8l8fvg6dy2whyvr-neovim-ruby-env/bin
+ origArgs=("$@")
+ extraBuildFlags=()
+ extraProfileFlags=()
+ profile=/nix/var/nix/profiles/system
+ action=
+ '[' 1 -gt 0 ']'
+ i=switch
+ shift 1
+ case $i in
+ action=switch
+ '[' 0 -gt 0 ']'
+ '[' -z switch ']'
+ '[' switch = build ']'
+ extraBuildFlags+=("--no-out-link")
+ '[' switch = edit ']'
+ '[' switch = switch -o switch = build -o switch = check ']'
+ echo 'building the system configuration...'
building the system configuration...
++ nix-build '<darwin>' --no-out-link -A system
warning: Nix search path entry '/nix/var/nix/profiles/per-user/root/channels' does not exist, ignoring
+ systemConfig=/nix/store/ja9jhmyxhgv6aw613kjha2fbg9dwr84m-darwin-system-21.03pre246624.cfed29bfcb2+darwin4.0000000
+ '[' switch = list -o switch = rollback ']'
+ '[' switch = rollback ']'
+ '[' switch = activate ']'
+ '[' -z /nix/store/ja9jhmyxhgv6aw613kjha2fbg9dwr84m-darwin-system-21.03pre246624.cfed29bfcb2+darwin4.0000000 ']'
+ '[' switch = switch ']'
++ dirname /nix/var/nix/profiles/system
+ '[' ihsan '!=' root -a '!' -w /nix/var/nix/profiles ']'
+ nix-env -p /nix/var/nix/profiles/system --set /nix/store/ja9jhmyxhgv6aw613kjha2fbg9dwr84m-darwin-system-21.03pre246624.cfed29bfcb2+darwin4.0
000000
+ '[' switch = switch -o switch = activate -o switch = rollback ']'
+ /nix/store/ja9jhmyxhgv6aw613kjha2fbg9dwr84m-darwin-system-21.03pre246624.cfed29bfcb2+darwin4.0000000/activate-user
warning: Nix search path entry '/nix/var/nix/profiles/per-user/root/channels' does not exist, ignoring
warning: Nix search path entry '/nix/var/nix/profiles/per-user/root/channels' does not exist, ignoring
user defaults...
setting up user launchd services...
+ '[' ihsan '!=' root ']'
+ sudo /nix/store/ja9jhmyxhgv6aw613kjha2fbg9dwr84m-darwin-system-21.03pre246624.cfed29bfcb2+darwin4.0000000/activate
Password:
setting up ~/Applications...
applying patches...
setting up /etc...
system defaults...
setting up launchd services...
configuring networking...
+ '[' switch = changelog ']'
+ '[' switch = check ']'

I don't know whether or not I have any custom activation snippets.

FWIW: I have nix, nix-darwin & home-manager installed. Here is my ~/.nixpkgs/darwin-configuration.nix

{ config, pkgs, ... }:
{

    # environment.systemPackages = [];
    programs.fish.enable = true;
    environment.shells = [ pkgs.fish ];

    # auto upgrade & gc
    nix.gc.user = "ihsan";
    nix.package = pkgs.nix;
    nix.gc.automatic = true;
    services.nix-daemon.enable = true;

    fonts.fonts = [ pkgs.fira-code ];

    # defaults
    system.defaults.dock.show-recents = false;
    system.defaults.finder.QuitMenuItem = true;
    system.defaults.NSGlobalDomain.KeyRepeat = 1;
    system.defaults.NSGlobalDomain.InitialKeyRepeat = 10;

    system.stateVersion = 4;

}

OutOfTopic: I wonder why I see warning: Nix search path entry '/nix/var/nix/profiles/per-user/root/channels' does not exist, ignoring. I also see this when I run home-manager switch besides darwin-rebuild switch.

LnL7 commented 4 years ago

The activation needs extra permissions for some things so that's normal, but it looks like all of the nix-* commands (like nix-build or nix-env) run as your local user so none of the permissions get changed there.

However you have the nix-daemon enabled, the daemon runs as root if you have a single user installation you shouldn't enable it. Unless you want to switch, but that's not handled completely automatically for you at the moment.

0ihsan commented 4 years ago

Oh I see. I want single user installation, now I disabled it and have seen this:

..
...
building '/nix/store/a0gfm62cnww19vkvbsy8i26lsjfdypcs-darwin-system-21.03pre246624.cfed29bfcb2+darwin4.0000000.drv'...
error: The daemon is not enabled but this is a multi-user install, aborting activation
Enable the nix-daemon service:

    services.nix-daemon.enable = true;

or set

    nix.useDaemon = true;

I did add the nix-daemon = true option because of this suggestion.

Is it possible that I missed or did not read a question saying "do you want single-user install or multi user [s/m]" or something like that while installing nix-darwin?

LnL7 commented 4 years ago

Hmm, I guess the checks have gotten a bit confused now. Firstly, you can choose daemon mode in the nix installer by passing an extra flag. The darwin installer doesn't really change anything there other than taking over management over the service.

As for the error, nix.conf is currently used to detect this which isn't really a great condition. If you temporarily remove /etc/nix/nix.conf it should continue. And the new system should create a new version of that file with the appropriate content.

0ihsan commented 4 years ago

I did 

mv /etc/nix/nix.conf /tmp/

and set daemon to false in ~/.nixpkgs/darwin-configuration.nix

services.nix-daemon.enable = false;

but now I am getting this:

❯ darwin-rebuild switch
building the system configuration...
warning: Nix search path entry '/nix/var/nix/profiles/per-user/root/channels' does not exist, ignoring
grep: /etc/nix/nix.conf: No such file or directory
error: the store is not owned by this user, but /nix/var/nix/db is writable
If you are using the daemon:

    sudo chown -R /nix/var/nix/db

Should I continue with the suggestion above?

Incase you think these solutions are not mature enough, as a workaround I can create an alias for darwin-rebuild-switch -> sudo chown -R <user> /nix; darwin-rebuild switch.

LnL7 commented 4 years ago

Hmm, you still get this message even if you sudo chown $USER /nix/store before?

0ihsan commented 4 years ago

Sorry, now I changed the owner to the $USER after removing /etc/nix/nix.conf and it worked! Thank you for your time.

LnL7 commented 4 years ago

Great! I'll try to take a look if I can catch this case before it enables the daemon so it's easier to recover.