search

NixOS / nixpkgs

Nix Packages collection & NixOS
MIT License
18k stars 14.01k forks source link

"sys-kernel-debug.mount" fails when running `nixos-rebuild switch` in a Proxmox LXC #157918

Open adryd325 opened 2 years ago

adryd325 commented 2 years ago

Describe the bug

"sys-kernel-debug.mount" fails when running nixos-rebuild switch in a Proxmox LXC

Steps To Reproduce

Steps to reproduce the behavior:

  1. Create a Proxmox LXC using this guide https://nixos.wiki/wiki/Proxmox_Linux_Container
  2. run nixos-rebuild switch after logging in as root

Expected behavior

No error about sys-kernel-debug.mount should be thrown it should be potentially disabled in containers since that stopped it from throwing the error

Screenshots

[root@nixos:~]# nixos-rebuild switch
building Nix...
building the system configuration...
activating the configuration...
setting up /etc...
reloading user units for root...
setting up tmpfiles
warning: the following units failed: sys-kernel-debug.mount

× sys-kernel-debug.mount - Kernel Debug File System
     Loaded: loaded (/etc/systemd/system/sys-kernel-debug.mount; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Wed 2022-02-02 23:44:55 UTC; 14ms ago
      Where: /sys/kernel/debug
       What: debugfs
       Docs: https://www.kernel.org/doc/Documentation/filesystems/debugfs.txt
             https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems
         IP: 0B in, 0B out
        CPU: 1ms

Feb 02 23:44:55 nixos systemd[1]: Mounting Kernel Debug File System...
Feb 02 23:44:55 nixos mount[2363]: mount: /sys/kernel/debug: permission denied.
Feb 02 23:44:55 nixos systemd[1]: sys-kernel-debug.mount: Mount process exited, code=exited, status=32/n/a
Feb 02 23:44:55 nixos systemd[1]: sys-kernel-debug.mount: Failed with result 'exit-code'.
Feb 02 23:44:55 nixos systemd[1]: Failed to mount Kernel Debug File System.
warning: error(s) occurred while switching to the new configuration

Additional context

I used this build from hydra https://hydra.nixos.org/build/166309459

Notify maintainers

@mkg20001

Metadata

[root@nixos:~]# nix-shell -p nix-info --run "nix-info -m"
 - system: `"x86_64-linux"`
 - host os: `Linux 5.11.22-5-pve, NixOS, 21.11 (Porcupine)`
 - multi-user?: `yes`
 - sandbox: `yes`
 - version: `nix-env (Nix) 2.3.16`
 - channels(root): `"nixos-21.11.335733.f6ddd55d5f9"`
 - nixpkgs: `/nix/var/nix/profiles/per-user/root/channels/nixos`
mkg20001 commented 2 years ago

with lxd and security.nesting=true it works

[root@nixos:~]# systemctl status sys-kernel-debug.mount
● sys-kernel-debug.mount - Kernel Debug File System
     Loaded: loaded (/proc/self/mountinfo; enabled; vendor preset: enabled)
     Active: active (mounted) since Thu 2022-02-03 00:01:45 UTC; 6min ago
      Where: /sys/kernel/debug
       What: debugfs
       Docs: https://www.kernel.org/doc/Documentation/filesystems/debugfs.txt
             https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems

Notice: journal has been rotated since unit was started, output may be incomplete.

likely needs seperate image for lxc v1 containers

adryd325 commented 2 years ago

Some extra info nesting is enabled for the lxc in proxmox settings

image

and I'm using pve 7.0-13 as the host

jim3692 commented 1 year ago

I added this to my configuration.nix and it did the trick.

  systemd.mounts = [{
    where = "/sys/kernel/debug";
    enable = false;
  }];