Open MrQubo opened 7 months ago
Have you enabled dynamic UID allocation in Nix?
I can only reproduce this with hardening enabled (seems like @MrQubo also has it enabled from their metadata). Some related threads on Discourse:
The appropriate maintainers to ping are @joachifm @emilazy then.
Happens to me too - broke somewhere between nixpkgs
commits 842d9d80cfd4560648c785f8a4e6f3b096790e19
and 1536926ef5621b09bba54035ae2bb6d806d72ac8
it looks like (my nixpkgs
rev before error and after)
@reidlabwastaken could you bisect?
@reidlabwastaken could you bisect?
I don't think I have the hardware good enough for that - sorry (raspberry pi 4)
@reidlabwastaken the RPI4 isn't fast by any means but it can still compile software. coreutils
isn't a very intensive build; takes about 6min on an x86 machine 1.6 times as fast as an RPI4.
Make sure you exclude staging commits by running a first-parent bisect; building the stdenv is certainly beyond what is reasonable for a RPI4.
I tried building coreutils using 842d9d80cfd4560648c785f8a4e6f3b096790e19 using a hardened profile and it failed with the same error, when I run sudo sysctl kernel.unprivileged_userns_clone=1
the build succeeds, so the issue is likely this line of the hardened profile.
I think this is the same underlying problem as this.
There is a similar issue here: https://github.com/NixOS/nix/issues/6898
Steps To Reproduce
Steps to reproduce the behavior:
Build log
Additional context
Seems like the same issue happens in logrotate as well: https://github.com/NixOS/nix/issues/8502
Notify maintainers
@dasJ
Metadata
Add a :+1: reaction to issues you find important.