search

NixOS / nixpkgs

Nix Packages collection & NixOS
MIT License
17.36k stars 13.59k forks source link

nvidia-container-toolkit-cdi-generator should not mount nvidia-powerd when nvidia driver == 470 #319201

Closed DictXiong closed 2 weeks ago

DictXiong commented 3 months ago

Describe the bug

The nvidia-container-toolkit-cdi-generator service will ask docker to mount the binary nvidia-powerd which is not provided by the Nvidia driver v470.

https://github.com/NixOS/nixpkgs/blob/47b604b07d1e8146d5398b42d3306fdebd343986/nixos/modules/services/hardware/nvidia-container-toolkit/default.nix#L95

Using NixOS 24.05 with nixpkgs 47b604b0.

Steps To Reproduce

Steps to reproduce the behavior:

      nixpkgs.config.nvidia.acceptLicense = true;
      hardware.nvidia = {
        package = config.boot.kernelPackages.nvidiaPackages.legacy_470;
        modesetting.enable = false;
        powerManagement.enable = true;
        powerManagement.finegrained = false;
        open = false;
        nvidiaSettings = true;
      };
      hardware.opengl = {
        enable = true;
        driSupport = true;
        driSupport32Bit = true;
      };
      hardware.nvidia-container-toolkit.enable = true;
      services.xserver.videoDrivers = [ "nvidia" ];

Expected behavior

nvidia-powerd should not be mounted when the binary is missing.

Screenshots

image image

Notify maintainers

@ereslibre

Metadata

[user@system:~]$ nix-shell -p nix-info --run "nix-info -m"
 - system: `"x86_64-linux"`
 - host os: `Linux 6.6.32, NixOS, 24.05 (Uakari), 24.05.20240611.47b604b`
 - multi-user?: `yes`
 - sandbox: `yes`
 - version: `nix-env (Nix) 2.18.2`
 - nixpkgs: `/nix/store/0vpk9v6rj551q42ym4h9qrdx9xxxhcsg-source`

Edited: a workaround

      systemd.services.nvidia-container-toolkit-cdi-generator = {
        path = [ pkgs.jq pkgs.moreutils ];
        postStart = ''
         jq '."containerEdits"."mounts" |= map(select(."containerPath" != "/usr/bin/nvidia-powerd"))' /run/cdi/nvidia-container-toolkit.json | sponge /run/cdi/nvidia-container-toolkit.json
        '';
      };

Add a :+1: reaction to issues you find important.

ereslibre commented 3 months ago

Thank you for the report @DictXiong. You can also set hardware.nvidia-container-toolkit.mount-nvidia-executables = false; in the meantime. I'll open a PR as soon as possible.