search

NixOS / nix

Nix, the purely functional package manager
https://nixos.org/
GNU Lesser General Public License v2.1
12.94k stars 1.53k forks source link

After multi-user install every command fails with `SSL connect error (35)` #11989

Open hasufell opened 2 days ago

hasufell commented 2 days ago

Describe the bug

On a multi-user install, every nix command throws SSL connect errors when trying to fetch from the cache. A single user install works fine.

$ nix-shell -p nix-info --run "nix-info -m"
warning: error: unable to download 'https://cache.nixos.org/6c7dwicl4jn20bg2zh0sbkpnlfpplsh8.narinfo': SSL connect error (35) OpenSSL/3.0.14: error:16000069:STORE routines::unregistered scheme; retrying in 315 ms
warning: error: unable to download 'https://cache.nixos.org/gw0swsnbfk9l8d1il70psm8b3r5m33jv.narinfo': SSL connect error (35) OpenSSL/3.0.14: error:16000069:STORE routines::unregistered scheme; retrying in 281 ms
warning: error: unable to download 'https://cache.nixos.org/126zbg10gjaxgs1kxz69h05ai95266cg.narinfo': SSL connect error (35) OpenSSL/3.0.14: error:16000069:STORE routines::unregistered scheme; retrying in 278 ms
warning: error: unable to download 'https://cache.nixos.org/0irlcqx2n3qm6b1pc9rsd2i8qpvcccaj.narinfo': SSL connect error (35) OpenSSL/3.0.14: error:16000069:STORE routines::unregistered scheme; retrying in 276 ms
warning: error: unable to download 'https://cache.nixos.org/6c7dwicl4jn20bg2zh0sbkpnlfpplsh8.narinfo': SSL connect error (35) OpenSSL/3.0.14: error:16000069:STORE routines::unregistered scheme; retrying in 639 ms
warning: error: unable to download 'https://cache.nixos.org/gw0swsnbfk9l8d1il70psm8b3r5m33jv.narinfo': SSL connect error (35) OpenSSL/3.0.14: error:16000069:STORE routines::unregistered scheme; retrying in 628 ms
warning: error: unable to download 'https://cache.nixos.org/126zbg10gjaxgs1kxz69h05ai95266cg.narinfo': SSL connect error (35) OpenSSL/3.0.14: error:16000069:STORE routines::unregistered scheme; retrying in 555 ms
warning: error: unable to download 'https://cache.nixos.org/0irlcqx2n3qm6b1pc9rsd2i8qpvcccaj.narinfo': SSL connect error (35) OpenSSL/3.0.14: error:16000069:STORE routines::unregistered scheme; retrying in 705 ms
warning: error: unable to download 'https://cache.nixos.org/6c7dwicl4jn20bg2zh0sbkpnlfpplsh8.narinfo': SSL connect error (35) OpenSSL/3.0.14: error:16000069:STORE routines::unregistered scheme; retrying in 1318 ms
warning: error: unable to download 'https://cache.nixos.org/gw0swsnbfk9l8d1il70psm8b3r5m33jv.narinfo': SSL connect error (35) OpenSSL/3.0.14: error:16000069:STORE routines::unregistered scheme; retrying in 1265 ms
warning: error: unable to download 'https://cache.nixos.org/126zbg10gjaxgs1kxz69h05ai95266cg.narinfo': SSL connect error (35) OpenSSL/3.0.14: error:16000069:STORE routines::unregistered scheme; retrying in 1088 ms
warning: error: unable to download 'https://cache.nixos.org/0irlcqx2n3qm6b1pc9rsd2i8qpvcccaj.narinfo': SSL connect error (35) OpenSSL/3.0.14: error:16000069:STORE routines::unregistered scheme; retrying in 1040 ms
warning: error: unable to download 'https://cache.nixos.org/126zbg10gjaxgs1kxz69h05ai95266cg.narinfo': SSL connect error (35) OpenSSL/3.0.14: error:16000069:STORE routines::unregistered scheme; retrying in 2522 ms
warning: error: unable to download 'https://cache.nixos.org/6c7dwicl4jn20bg2zh0sbkpnlfpplsh8.narinfo': SSL connect error (35) OpenSSL/3.0.14: error:16000069:STORE routines::unregistered scheme; retrying in 2736 ms
warning: error: unable to download 'https://cache.nixos.org/gw0swsnbfk9l8d1il70psm8b3r5m33jv.narinfo': SSL connect error (35) OpenSSL/3.0.14: error:16000069:STORE routines::unregistered scheme; retrying in 2204 ms
warning: error: unable to download 'https://cache.nixos.org/0irlcqx2n3qm6b1pc9rsd2i8qpvcccaj.narinfo': SSL connect error (35) OpenSSL/3.0.14: error:16000069:STORE routines::unregistered scheme; retrying in 2638 ms
error: Nix daemon disconnected unexpectedly (maybe it crashed?)

Steps To Reproduce

Steps to reproduce the behavior:

  1. sh <(curl -L https://nixos.org/nix/install) --daemon
  2. start a new shell
  3. nix-shell -p nix-info --run "nix-info -m"

Expected behavior

Nix commands that fetch from the cache work.

Screenshots

Screenshot_2024-11-29_13-19-23

Screenshot_2024-11-29_13-20-04

Additional context

Nix was installed previously (also as multi-user). Due to a broken store, nix was uninstalled first according to the instructions at https://nix.dev/manual/nix/2.18/installation/uninstall.

The system is OpenSUSE Tumbleweed.

A single-user install works:

$ nix-shell -p nix-info --run "nix-info -m"
 - system: `"x86_64-linux"`
 - host os: `Linux 6.11.8-1-default, openSUSE Tumbleweed, noversion, nobuild`
 - multi-user?: `no`
 - sandbox: `yes`
 - version: `nix-env (Nix) 2.25.2`
 - nixpkgs: `/home/hasufell/.nix-defexpr/channels/nixpkgs`

Metadata

Not possible to retrieve metadata.

Notify maintainers

Note for maintainers: Please tag this issue in your PR.

Add a :+1: reaction to issues you find important.

abathur commented 2 days ago

Is this in some work/org environment that does or might have an ssl-intercepting proxy?

I am not certain if this is right since I haven't had to deal with one myself, but a single-user install might be picking up a cert bundle from an env that isn't available/set for the nix-daemon service.

hasufell commented 2 days ago

Is this in some work/org environment that does or might have an ssl-intercepting proxy?

No.