could not set permissions on '/nix/var/nix/profiles/per-user' to 755: Operation not permitted

airtonix commented 9 months ago

I'm having an permissions issue with the devbox installer in both:

Github Actions and,
locally in Act using catthehacker/ubuntu:full-20.04.

Locally, If i use catthehacker/ubuntu:act-22.04 locally, then i don't experience this error.

Obviously i can't accept this workaround since there's no way for me to make github run workflows in that docker image.

| Error: exit status 1
| 
| 2023/11/22 20:46:20 Command stderr: error: could not set permissions on '/nix/var/nix/profiles/per-user' to 755: Operation not permitted
| 
| 2023/11/22 20:46:20 
| ExecutionID:c36e19cb0867447aa82f70fb10122c24
| <nil>

In the log, you can see I've tried to hack my past it by chaning ownership after nix installer runs.

Log

```shell x just workflow=prtest job=LintAndTest event=pull_request test_ci_build act pull_request -s GITHUB_TOKEN="$(gh auth token)" --platform ubuntu-22.04=catthehacker/ubuntu:full-20.04 --eventpath .actevent.json --workflows .github/workflows/prtest.yml --job LintAndTest [PRTestChecks/PrTitle] 🚀 Start image=catthehacker/ubuntu:full-20.04 INFO[0000] Parallel tasks (0) below minimum, setting to 1 [PRTestChecks/PrTitle] 🐳 docker pull image=catthehacker/ubuntu:full-20.04 platform= username= forcePull=true INFO[0002] Parallel tasks (0) below minimum, setting to 1 [PRTestChecks/PrTitle] 🐳 docker create image=catthehacker/ubuntu:full-20.04 platform= entrypoint=["tail" "-f" "/dev/null"] cmd=[] network="host" [PRTestChecks/PrTitle] 🐳 docker run image=catthehacker/ubuntu:full-20.04 platform= entrypoint=["tail" "-f" "/dev/null"] cmd=[] network="host" [PRTestChecks/PrTitle] 🐳 docker exec cmd=[chown -R 1001:127 /mnt/Store/Projects/Mine/Github/bank-downloaders] user=0 workdir= [PRTestChecks/PrTitle] ☁ git clone 'https://github.com/aslafy-z/conventional-pr-title-action' # ref=v3 [PRTestChecks/PrTitle] Cleaning up container for job PrTitle [PRTestChecks/PrTitle] 🏁 Job succeeded [PRTestChecks/LintAndTest] 🚀 Start image=catthehacker/ubuntu:full-20.04 INFO[0004] Parallel tasks (0) below minimum, setting to 1 [PRTestChecks/LintAndTest] 🐳 docker pull image=catthehacker/ubuntu:full-20.04 platform= username= forcePull=true INFO[0006] Parallel tasks (0) below minimum, setting to 1 [PRTestChecks/LintAndTest] 🐳 docker create image=catthehacker/ubuntu:full-20.04 platform= entrypoint=["tail" "-f" "/dev/null"] cmd=[] network="host" [PRTestChecks/LintAndTest] 🐳 docker run image=catthehacker/ubuntu:full-20.04 platform= entrypoint=["tail" "-f" "/dev/null"] cmd=[] network="host" [PRTestChecks/LintAndTest] 🐳 docker exec cmd=[chown -R 1001:127 /mnt/Store/Projects/Mine/Github/bank-downloaders] user=0 workdir= [PRTestChecks/LintAndTest] ☁ git clone 'https://github.com/DeterminateSystems/nix-installer-action' # ref=v8 [PRTestChecks/LintAndTest] ☁ git clone 'https://github.com/jetpack-io/devbox-install-action' # ref=v0.7.0 [PRTestChecks/LintAndTest] ⭐ Run Pre Install devbox [PRTestChecks/LintAndTest] ☁ git clone 'https://github.com/actions/cache' # ref=v3 [PRTestChecks/LintAndTest] ☁ git clone 'https://github.com/actions/cache' # ref=v3 [PRTestChecks/LintAndTest] ☁ git clone 'https://github.com/DeterminateSystems/nix-installer-action' # ref=v4 [PRTestChecks/LintAndTest] 'runs-on' key not defined in PRTestChecks/LintAndTest [PRTestChecks/LintAndTest] ⭐ Run Pre Install nix [PRTestChecks/LintAndTest] ✅ Success - Pre Install nix [PRTestChecks/LintAndTest] ☁ git clone 'https://github.com/actions/cache' # ref=v3 [PRTestChecks/LintAndTest] ☁ git clone 'https://github.com/actions/cache' # ref=v3 [PRTestChecks/LintAndTest] ✅ Success - Pre Install devbox [PRTestChecks/LintAndTest] ☁ git clone 'https://github.com/jandelgado/gcov2lcov-action' # ref=v1.0.9 [PRTestChecks/LintAndTest] ⭐ Run Pre gcov2lcov-action [PRTestChecks/LintAndTest] ✅ Success - Pre gcov2lcov-action [PRTestChecks/LintAndTest] ☁ git clone 'https://github.com/acid-chicken/code-coverage-reporter-action' # ref=v0.4.1 [PRTestChecks/LintAndTest] ☁ git clone 'https://github.com/actions/upload-artifact' # ref=v3 [PRTestChecks/LintAndTest] ☁ git clone 'https://github.com/montogeek/github-action-comment-artifacts' # ref=1.0 [PRTestChecks/LintAndTest] ⭐ Run Main Checkout [PRTestChecks/LintAndTest] 🐳 docker cp src=/mnt/Store/Projects/Mine/Github/bank-downloaders/. dst=/mnt/Store/Projects/Mine/Github/bank-downloaders [PRTestChecks/LintAndTest] 🐳 docker exec cmd=[chown -R 1001:127 /mnt/Store/Projects/Mine/Github/bank-downloaders] user=0 workdir= [PRTestChecks/LintAndTest] ✅ Success - Main Checkout [PRTestChecks/LintAndTest] ⭐ Run Main Install nix [PRTestChecks/LintAndTest] 🐳 docker cp src=/home/zenobius/.cache/act/DeterminateSystems-nix-installer-action@v8/ dst=/var/run/act/actions/DeterminateSystems-nix-installer-action@v8/ [PRTestChecks/LintAndTest] 🐳 docker exec cmd=[chown -R 1001:127 /var/run/act/actions/DeterminateSystems-nix-installer-action@v8/] user=0 workdir= [PRTestChecks/LintAndTest] 🐳 docker exec cmd=[node /var/run/act/actions/DeterminateSystems-nix-installer-action@v8/dist/index.js] user= workdir= [PRTestChecks/LintAndTest] ❓ ::group::Configuring KVM | [command]/usr/bin/sh -c echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-determinate-nix-installer-kvm.rules > /dev/null | [command]/usr/bin/sudo udevadm control --reload-rules [PRTestChecks/LintAndTest] 💬 ::debug::Failed to send reload request: No such file or directory | Failed to send reload request: No such file or directory | [command]/usr/bin/sudo rm -f /etc/udev/rules.d/99-determinate-nix-installer-kvm.rules [PRTestChecks/LintAndTest] ❓ ::endgroup:: | KVM is not available. | Fetching binary from https://install.determinate.systems/nix/nix-installer-x86_64-linux?ci=github&correlation=GH-af9539c2-2ae7-4ff1-9432-dfae61baa61b [PRTestChecks/LintAndTest] 💬 ::debug::Downloading https://install.determinate.systems/nix/nix-installer-x86_64-linux?ci=github&correlation=GH-af9539c2-2ae7-4ff1-9432-dfae61baa61b [PRTestChecks/LintAndTest] 💬 ::debug::Destination /tmp/2123b0eb-2cb5-4a65-9715-580f8bc86707 [PRTestChecks/LintAndTest] 💬 ::debug::download complete | Detected `$ACT` environment, assuming this is a https://github.com/nektos/act created container, set `NOT_ACT=true` to override this. This will change the setting of the `init` to be compatible with `act` | Execution environment: { | "NIX_INSTALLER_NO_CONFIRM": "true", | "NIX_INSTALLER_DIAGNOSTIC_ATTRIBUTION": "GH-af9539c2-2ae7-4ff1-9432-dfae61baa61b", | "NIX_INSTALLER_MODIFY_PROFILE": "true", | "NIX_INSTALLER_DIAGNOSTIC_ENDPOINT": "https://install.determinate.systems/nix/diagnostic", | "NIX_INSTALLER_LOGGER": "pretty", | "NIX_INSTALLER_INIT": "none", | "NIX_INSTALLER_START_DAEMON": "true", | "NIX_INSTALLER_EXTRA_CONF": "access-tokens = github.com=***\ntrusted-users = root undefined\nexperimental-features = ca-derivations fetch-closure\n" | } | [command]/tmp/2123b0eb-2cb5-4a65-9715-580f8bc86707 install linux | `nix-installer` needs to run as `root`, attempting to escalate now via `sudo`... | `nix-installer` needs to run as `root`, attempting to escalate now via `sudo`... | 2023-11-22T20:46:04.103684Z INFO nix_installer::plan: Step: Create directory `/nix` | at src/plan.rs:191 | 2023-11-22T20:46:04.103684Z INFO nix_installer::plan: Step: Create directory `/nix` | at src/plan.rs:191 | | 2023-11-22T20:46:04.103843Z INFO nix_installer::plan: Step: Provision Nix | at src/plan.rs:191 | 2023-11-22T20:46:04.103843Z INFO nix_installer::plan: Step: Provision Nix | at src/plan.rs:191 | | 2023-11-22T20:46:15.332017Z INFO nix_installer::plan: Step: Create build users (UID 30000-30032) and group (GID 30000) | at src/plan.rs:191 | 2023-11-22T20:46:15.332017Z INFO nix_installer::plan: Step: Create build users (UID 30000-30032) and group (GID 30000) | at src/plan.rs:191 | | 2023-11-22T20:46:18.186694Z INFO nix_installer::plan: Step: Configure Nix | at src/plan.rs:191 | 2023-11-22T20:46:18.186694Z INFO nix_installer::plan: Step: Configure Nix | at src/plan.rs:191 | | 2023-11-22T20:46:18.370725Z INFO nix_installer::plan: Step: Create directory `/etc/tmpfiles.d` | at src/plan.rs:191 | | 2023-11-22T20:46:18.370741Z INFO nix_installer::plan: Step: Leave the Nix daemon unconfigured | at src/plan.rs:191 | | 2023-11-22T20:46:18.370747Z INFO nix_installer::plan: Step: Remove directory `/nix/temp-install-dir` | at src/plan.rs:191 | 2023-11-22T20:46:18.370725Z INFO nix_installer::plan: Step: Create directory `/etc/tmpfiles.d` | at src/plan.rs:191 | | 2023-11-22T20:46:18.370741Z INFO nix_installer::plan: Step: Leave the Nix daemon unconfigured | at src/plan.rs:191 | | 2023-11-22T20:46:18.370747Z INFO nix_installer::plan: Step: Remove directory `/nix/temp-install-dir` | at src/plan.rs:191 | | 2023-11-22T20:46:19.012557Z WARN nix_installer::plan: SelfTest([ShellFailed { shell: Sh, command: "\"sh\" \"-lc\" \"nix build --no-link --expr \\'derivation { name = \\\"self-test-sh-1700685978372\\\"; system = \\\"x86_64-linux\\\"; builder = \\\"/bin/sh\\\"; args = [\\\"-c\\\" \\\"echo hello > \\\\$out\\\"]; }\\'\"", output: Output { status: ExitStatus(unix_wait_status(32512)), stdout: "", stderr: "sh: 10: .: Can't open /etc/skel/.cargo/env\n" } }]) | at src/plan.rs:231 | 2023-11-22T20:46:19.012557Z WARN nix_installer::plan: SelfTest([ShellFailed { shell: Sh, command: "\"sh\" \"-lc\" \"nix build --no-link --expr \\'derivation { name = \\\"self-test-sh-1700685978372\\\"; system = \\\"x86_64-linux\\\"; builder = \\\"/bin/sh\\\"; args = [\\\"-c\\\" \\\"echo hello > \\\\$out\\\"]; }\\'\"", output: Output { status: ExitStatus(unix_wait_status(32512)), stdout: "", stderr: "sh: 10: .: Can't open /etc/skel/.cargo/env\n" } }]) | at src/plan.rs:231 | | Nix was installed successfully! | To get started using Nix, open a new shell or run `. /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh` | Nix was installed successfully! | To get started using Nix, open a new shell or run `. /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh` | | Added `/nix/var/nix/profiles/default/bin` and `/home/runner/.nix-profile/bin` to `$GITHUB_PATH` [PRTestChecks/LintAndTest] ✅ Success - Main Install nix [PRTestChecks/LintAndTest] ⚙ ::set-env:: DETERMINATE_NIX_KVM=0 [PRTestChecks/LintAndTest] ⚙ ::add-path:: /nix/var/nix/profiles/default/bin [PRTestChecks/LintAndTest] ⚙ ::add-path:: /home/runner/.nix-profile/bin [PRTestChecks/LintAndTest] ⚙ ::add-path:: /nix/var/nix/profiles/default/bin [PRTestChecks/LintAndTest] ⚙ ::add-path:: /home/runner/.nix-profile/bin [PRTestChecks/LintAndTest] ⭐ Run Main sudo chown --recursive "$USER" /nix [PRTestChecks/LintAndTest] 🐳 docker exec cmd=[bash --noprofile --norc -e -o pipefail /var/run/act/workflow/2] user= workdir= [PRTestChecks/LintAndTest] ✅ Success - Main sudo chown --recursive "$USER" /nix [PRTestChecks/LintAndTest] ⭐ Run Main Install devbox [PRTestChecks/LintAndTest] 🐳 docker cp src=/home/zenobius/.cache/act/jetpack-io-devbox-install-action@v0.7.0/ dst=/var/run/act/actions/jetpack-io-devbox-install-action@v0.7.0/ [PRTestChecks/LintAndTest] 🐳 docker exec cmd=[chown -R 1001:127 /var/run/act/actions/jetpack-io-devbox-install-action@v0.7.0/] user=0 workdir= [PRTestChecks/LintAndTest] 'runs-on' key not defined in PRTestChecks/LintAndTest [PRTestChecks/LintAndTest] ⭐ Run Main Get devbox version [PRTestChecks/LintAndTest] 🐳 docker exec cmd=[bash --noprofile --norc -e -o pipefail /var/run/act/workflow/3-composite-0.sh] user= workdir= | Found devbox latest version 0.8.2. [PRTestChecks/LintAndTest] ✅ Success - Main Get devbox version [PRTestChecks/LintAndTest] ⚙ ::set-env:: latest_version=0.8.2 [PRTestChecks/LintAndTest] 'runs-on' key not defined in PRTestChecks/LintAndTest [PRTestChecks/LintAndTest] ⭐ Run Main Mount devbox cli cache [PRTestChecks/LintAndTest] 'runs-on' key not defined in PRTestChecks/LintAndTest [PRTestChecks/LintAndTest] 🐳 docker cp src=/home/zenobius/.cache/act/actions-cache-restore@v3/ dst=/var/run/act/actions/actions-cache-restore@v3/ [PRTestChecks/LintAndTest] 🐳 docker exec cmd=[chown -R 1001:127 /var/run/act/actions/actions-cache-restore@v3/] user=0 workdir= [PRTestChecks/LintAndTest] 🐳 docker exec cmd=[node /var/run/act/actions/actions-cache-restore@v3/dist/restore-only/index.js] user= workdir= [PRTestChecks/LintAndTest] 💬 ::debug::Resolved Keys: [PRTestChecks/LintAndTest] 💬 ::debug::["Linux-devbox-cli-0.8.2"] [PRTestChecks/LintAndTest] 💬 ::debug::Checking zstd --quiet --version [PRTestChecks/LintAndTest] 💬 ::debug::1.5.5 [PRTestChecks/LintAndTest] 💬 ::debug::zstd version: 1.5.5 [PRTestChecks/LintAndTest] 💬 ::debug::Resource Url: http://192.168.86.43:34875/_apis/artifactcache/cache?keys=Linux-devbox-cli-0.8.2&version=10c3673137184e8fc98ee7019556b49e59a4412bda7618d1ecdeb71d8913cc9a [PRTestChecks/LintAndTest] ⚙ *** [PRTestChecks/LintAndTest] 💬 ::debug::Cache Result: [PRTestChecks/LintAndTest] 💬 ::debug::{"archiveLocation":"***","cacheKey":"linux-devbox-cli-0.8.2","result":"hit"} [PRTestChecks/LintAndTest] 💬 ::debug::Archive Path: /tmp/e5740cd2-892b-46ae-b1e6-f4e610d0da55/cache.tzst [PRTestChecks/LintAndTest] 💬 ::debug::Use Azure SDK: false [PRTestChecks/LintAndTest] 💬 ::debug::Download concurrency: 8 [PRTestChecks/LintAndTest] 💬 ::debug::Request timeout (ms): 30000 [PRTestChecks/LintAndTest] 💬 ::debug::Cache segment download timeout mins env var: undefined [PRTestChecks/LintAndTest] 💬 ::debug::Segment download timeout (ms): 600000 [PRTestChecks/LintAndTest] 💬 ::debug::Lookup only: false | Cache Size: ~8 MB (8449799 B) | [command]/usr/bin/tar -xf /tmp/e5740cd2-892b-46ae-b1e6-f4e610d0da55/cache.tzst -P -C /mnt/Store/Projects/Mine/Github/bank-downloaders --use-compress-program unzstd | Cache restored successfully | Cache restored from key: linux-devbox-cli-0.8.2 [PRTestChecks/LintAndTest] ✅ Success - Main Mount devbox cli cache [PRTestChecks/LintAndTest] ⚙ ::set-output:: cache-matched-key=linux-devbox-cli-0.8.2 [PRTestChecks/LintAndTest] ⚙ ::set-output:: cache-hit=true [PRTestChecks/LintAndTest] ⚙ ::set-output:: cache-primary-key=Linux-devbox-cli-0.8.2 [PRTestChecks/LintAndTest] 'runs-on' key not defined in PRTestChecks/LintAndTest [PRTestChecks/LintAndTest] 'runs-on' key not defined in PRTestChecks/LintAndTest [PRTestChecks/LintAndTest] 'runs-on' key not defined in PRTestChecks/LintAndTest [PRTestChecks/LintAndTest] 'runs-on' key not defined in PRTestChecks/LintAndTest [PRTestChecks/LintAndTest] ⭐ Run Main Configure nix access-tokens [PRTestChecks/LintAndTest] 🐳 docker exec cmd=[bash --noprofile --norc -e -o pipefail /var/run/act/workflow/3-composite-5.sh] user= workdir= [PRTestChecks/LintAndTest] ✅ Success - Main Configure nix access-tokens [PRTestChecks/LintAndTest] 'runs-on' key not defined in PRTestChecks/LintAndTest [PRTestChecks/LintAndTest] 'runs-on' key not defined in PRTestChecks/LintAndTest [PRTestChecks/LintAndTest] 🐳 docker exec cmd=[node /var/run/act/workflow/hashfiles/index.js] user= workdir= [PRTestChecks/LintAndTest] 'runs-on' key not defined in PRTestChecks/LintAndTest [PRTestChecks/LintAndTest] ⭐ Run Main Install devbox packages [PRTestChecks/LintAndTest] 🐳 docker exec cmd=[bash --noprofile --norc -e -o pipefail /var/run/act/workflow/3-composite-8.sh] user= workdir= | 2023/11/22 20:46:20 findProjectDir: path is | 2023/11/22 20:46:20 finding devbox.json in dir: /mnt/Store/Projects/Mine/Github/bank-downloaders | 2023/11/22 20:46:20 findProjectDir: path is | 2023/11/22 20:46:20 finding devbox.json in dir: /mnt/Store/Projects/Mine/Github/bank-downloaders | Error: exit status 1 | | 2023/11/22 20:46:20 Command stderr: error: could not set permissions on '/nix/var/nix/profiles/per-user' to 755: Operation not permitted | | 2023/11/22 20:46:20 | ExecutionID:c36e19cb0867447aa82f70fb10122c24 | | 2023/11/22 20:46:20 findProjectDir: path is | 2023/11/22 20:46:20 finding devbox.json in dir: /mnt/Store/Projects/Mine/Github/bank-downloaders [PRTestChecks/LintAndTest] ❌ Failure - Main Install devbox packages [PRTestChecks/LintAndTest] exitcode '1': failure [PRTestChecks/LintAndTest] 'runs-on' key not defined in PRTestChecks/LintAndTest [PRTestChecks/LintAndTest] 🐳 docker exec cmd=[node /var/run/act/workflow/hashfiles/index.js] user= workdir= [PRTestChecks/LintAndTest] 'runs-on' key not defined in PRTestChecks/LintAndTest [PRTestChecks/LintAndTest] ❌ Failure - Main Install devbox [PRTestChecks/LintAndTest] exitcode '1': failure [PRTestChecks/LintAndTest] ⭐ Run Post Install devbox [PRTestChecks/LintAndTest] 🐳 docker cp src=/home/zenobius/.cache/act/jetpack-io-devbox-install-action@v0.7.0/ dst=/var/run/act/actions/jetpack-io-devbox-install-action@v0.7.0/ [PRTestChecks/LintAndTest] 🐳 docker exec cmd=[chown -R 1001:127 /var/run/act/actions/jetpack-io-devbox-install-action@v0.7.0/] user=0 workdir= [PRTestChecks/LintAndTest] ✅ Success - Post Install devbox [PRTestChecks/LintAndTest] ⭐ Run Post Install nix [PRTestChecks/LintAndTest] 🐳 docker exec cmd=[node /var/run/act/actions/DeterminateSystems-nix-installer-action@v8/dist/index.js] user= workdir= [PRTestChecks/LintAndTest] 💬 ::debug::Error determining final disposition: HttpError: Not Found [PRTestChecks/LintAndTest] ✅ Success - Post Install nix [PRTestChecks/LintAndTest] 🏁 Job failed Error: Job 'LintAndTest' failed error: Recipe `test_ci_build` failed on line 67 with exit code 1 (devbox) bank-downloaders on git chore/provide-preview-builds-on-release-prs [$!] via go v1.20.5 via nix impure (nix-shell-env) took 36s ```

Workflow

```yml name: PRTestChecks on: pull_request: # types: # - opened # - reopened # - edited # - synchronize permissions: contents: write pull-requests: write # ensure only one PRTest check runs at a time concurrency: group: prtest cancel-in-progress: true jobs: PrTitle: runs-on: ubuntu-22.04 permissions: statuses: write # if not using nekox/act and the user is airtonix, allow the action to run steps: - uses: aslafy-z/conventional-pr-title-action@v3 if: ${{ !github.event.act }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} LintAndTest: runs-on: ubuntu-22.04 # don't bother running if the PR title is invalid needs: [PrTitle] steps: - name: Checkout uses: actions/checkout@v3 - name: Install nix uses: DeterminateSystems/nix-installer-action@v8 with: logger: pretty planner: linux extra-conf: experimental-features = ca-derivations fetch-closure init: 'none' - run: sudo chown --recursive "$USER" /nix - name: Install devbox uses: jetpack-io/devbox-install-action@v0.7.0 env: DEVBOX_DEBUG: 1 with: skip-nix-installation: 'true' enable-cache: false - name: Print Google Chrome Info run: | which google-chrome google-chrome --version google-chrome --product-version - name: Install Problem Matcher run: | echo "::add-matcher::./.github/problem-matcher.json" - name: Lint run: devbox run -- just lint - name: Test run: devbox run -- just test - name: Remove Problem Matcher run: | echo "::remove-matcher owner=go::" - name: gcov2lcov-action uses: jandelgado/gcov2lcov-action@v1.0.9 with: infile: coverage.txt outfile: coverage.lcov - name: Code Coverage Reporter Action if: ${{ !github.event.act }} uses: acid-chicken/code-coverage-reporter-action@v0.4.1 with: lcov-file: ./coverage.lcov - name: Build run: devbox run -- just build - name: Upload Artifacts if: ${{ !github.event.act }} uses: actions/upload-artifact@v3 with: path: | dist/**/* !dist/**/*.json !dist/**/*.yaml - name: Link Artifacts uses: montogeek/github-action-comment-artifacts@1.0 ```

command

```shell act pull_request \ -s GITHUB_TOKEN="$(gh auth token)" \ --platform ubuntu-22.04=catthehacker/ubuntu:full-20.04 \ --eventpath .actevent.json \ --workflows .github/workflows/prtest.yml \ --job LintAndTest ```

A few thoughts:

if I'm using init: none, doesn't that mean i'm in single user mode?
reading https://github.com/cachix/install-nix-action/issues/148 seems to indicate this error only occurs during multi user mode.

LucilleH commented 9 months ago

@airtonix looking at this log line:

Detected `$ACT` environment, assuming this is a https://github.com/nektos/act created container, set `NOT_ACT=true` to override this. This will change the setting of the `init` to be compatible with `act`
| Execution environment: {
|     "NIX_INSTALLER_NO_CONFIRM": "true",
|     "NIX_INSTALLER_DIAGNOSTIC_ATTRIBUTION": "GH-af9539c2-2ae7-4ff1-9432-dfae61baa61b",
|     "NIX_INSTALLER_MODIFY_PROFILE": "true",
|     "NIX_INSTALLER_DIAGNOSTIC_ENDPOINT": "https://install.determinate.systems/nix/diagnostic",
|     "NIX_INSTALLER_LOGGER": "pretty",
|     "NIX_INSTALLER_INIT": "none",
|     "NIX_INSTALLER_START_DAEMON": "true",
|     "NIX_INSTALLER_EXTRA_CONF": "access-tokens = github.com=***\ntrusted-users = root undefined\nexperimental-features = ca-derivations fetch-closure\n"
| }

I wonder if that is why an act container worked, because the environment was set differently. Can you try setting the environment explicitly and see? Especially with NIX_INSTALLER_START_DAEMON

airtonix commented 9 months ago

@LucilleH 🌮 😄 Not sure how i missed that! thanks.

works with this:


      - name: Install devbox
        uses: jetpack-io/devbox-install-action@v0.7.0
        env:
          DEVBOX_DEBUG: 1
          NIX_INSTALLER_START_DAEMON: false
        with:
          skip-nix-installation: 'true'

jetify-com / devbox-install-action

could not set permissions on '/nix/var/nix/profiles/per-user' to 755: Operation not permitted #26