search

nix-community / impermanence

Modules to help you handle persistent state on systems with ephemeral root storage [maintainer=@talyz]
MIT License
1.09k stars 80 forks source link

Not permission to create the `/persistent/home` directory #58

Closed a12l closed 2 years ago

a12l commented 2 years ago

I get an error message when I start my computer and when I rebuild my configuration.

# nixos-rebuild switch --flake '.#'
building the system configuration...
activating the configuration...
setting up /etc...
mount already exists at '/etc/machine-id', ignoring
mount already exists at '/etc/mullvad-vpn/settings.json', ignoring
'/etc/nix/id_rsa' already links to '/persistent/etc/nix/id_rsa', ignoring
'/etc/ssh/ssh_host_ed25519_key' already links to '/persistent/etc/ssh/ssh_host_ed25519_key', ignoring
'/etc/ssh/ssh_host_ed25519_key.pub' already links to '/persistent/etc/ssh/ssh_host_ed25519_key.pub', ignoring
'/etc/ssh/ssh_host_rsa_key' already links to '/persistent/etc/ssh/ssh_host_rsa_key', ignoring
'/etc/ssh/ssh_host_rsa_key.pub' already links to '/persistent/etc/ssh/ssh_host_rsa_key.pub', ignoring
reloading user units for a12l...
setting up tmpfiles
warning: the following units failed: home-manager-a12l.service

× home-manager-a12l.service - Home Manager environment for a12l
     Loaded: loaded (/etc/systemd/system/home-manager-a12l.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Wed 2021-12-15 12:17:05 CET; 65ms ago
    Process: 32485 ExecStart=/nix/store/k7q69xknc9vg8ikwpf8ff5lbawb27pn1-hm-setup-env /nix/store/p9k6zsqj6z56idmjd37lzlzqvxxsiccx-home-manager-generation (code=exited, status=1/FAILURE)
   Main PID: 32485 (code=exited, status=1/FAILURE)
         IP: 0B in, 0B out
        CPU: 249ms

Dec 15 12:17:05 mobile-p-ep1 systemd[1]: Starting Home Manager environment for a12l...
Dec 15 12:17:05 mobile-p-ep1 hm-activate-a12l[32485]: Starting home manager activation
Dec 15 12:17:05 mobile-p-ep1 hm-activate-a12l[32485]: Activating checkFilesChanged
Dec 15 12:17:05 mobile-p-ep1 hm-activate-a12l[32485]: Activating checkLinkTargets
Dec 15 12:17:05 mobile-p-ep1 hm-activate-a12l[32485]: Activating unmountPersistentStoragePaths
Dec 15 12:17:05 mobile-p-ep1 hm-activate-a12l[32485]: Activating createAndMountPersistentStoragePaths
Dec 15 12:17:05 mobile-p-ep1 hm-activate-a12l[32508]: mkdir: cannot create directory ‘/persistent/home’: Permission denied
Dec 15 12:17:05 mobile-p-ep1 systemd[1]: home-manager-a12l.service: Main process exited, code=exited, status=1/FAILURE
Dec 15 12:17:05 mobile-p-ep1 systemd[1]: home-manager-a12l.service: Failed with result 'exit-code'.
Dec 15 12:17:05 mobile-p-ep1 systemd[1]: Failed to start Home Manager environment for a12l.
warning: error(s) occurred while switching to the new configuration

The relevant parts of my (flake based) config

modules = [
    home-manager.nixosModules.home-manager
    {
        home-manager.users.a12l = {
            home.username = "a12l";
            home.homeDirectory = "/home/a12l";

            imports = [ impermanence.nixosModules.home-manager.impermanence ];

            home.persistence."/persistent/home/a12l" = {
                directories = [
                    ".cache/lorri"
                    ".cache/nix"
                    ".config/pijul"
                    ".gnupg"
                    ".local/share/keyrings"
                    ".local/share/direnv"
                    ".mozilla"
                    ".scribus"
                    ".ssh"
                    ".thunderbird"
                    ".zoom"
                    "Long-Term_Memory"
                    "Short-Term Memory"
                ];

                allowOther = true;
            };
        };
    }

    impermanence.nixosModules.impermanence
    {
        environment.persistence."/persistent" = {
            directories = [
                "/var/log"
                "/var/lib/systemd/coredump"
                "/etc/NetworkManager/system-connections"
            ];

            files = [
                "/etc/machine-id"
                "/etc/mullvad-vpn/settings.json"
                "/etc/nix/id_rsa"
                "/etc/ssh/ssh_host_ed25519_key"
                "/etc/ssh/ssh_host_ed25519_key.pub"
                "/etc/ssh/ssh_host_rsa_key"
                "/etc/ssh/ssh_host_rsa_key.pub"
            ];
        };
    }
]

What should I do? I don't want to manually have to create the /persistent/home directory.

talyz commented 2 years ago

When using the home-manager module you need to create the /persistent/home/<username> directory and give it appropriate permissions. The module can't do it, since it's running as your user, not root.

a12l commented 2 years ago

When using the home-manager module you need to create the /persistent/home/<username> directory and give it appropriate permissions. The module can't do it, since it's running as your user, not root.

Thanks for the explanation! I did that

$ ls -l /persistent/
total 50
drwxr-xr-x 6 root root 7 Dec 15 09:29 etc
drwxr-xr-x 3 root root 3 Dec 16 10:49 home
drwxr-xr-x 4 root root 4 Dec 11 14:27 var

$ ls -l /persistent/home/
total 17
drwxr-xr-x 3 a12l users 3 Dec 16 11:00 a12l

But now when I try to start up the Home Manager service I get another problem.

$ systemctl status home-manager-a12l.service
× home-manager-a12l.service - Home Manager environment for a12l
     Loaded: loaded (/etc/systemd/system/home-manager-a12l.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Thu 2021-12-16 11:09:22 CET; 2min 24s ago
    Process: 1743 ExecStart=/nix/store/k7q69xknc9vg8ikwpf8ff5lbawb27pn1-hm-setup-env /nix/store/p9k6zsqj6z56idmjd37lzlzqvxxsiccx-home-manager-generation (code=exited,>
   Main PID: 1743 (code=exited, status=1/FAILURE)
         IP: 0B in, 824B out
        CPU: 233ms

Dec 16 11:09:22 mobile-p-ep1 hm-activate-a12l[1743]: Activating checkFilesChanged
Dec 16 11:09:22 mobile-p-ep1 hm-activate-a12l[1743]: Activating checkLinkTargets
Dec 16 11:09:22 mobile-p-ep1 hm-activate-a12l[1743]: Activating unmountPersistentStoragePaths
Dec 16 11:09:22 mobile-p-ep1 hm-activate-a12l[1743]: Activating createAndMountPersistentStoragePaths
Dec 16 11:09:22 mobile-p-ep1 hm-activate-a12l[2247]: fuse: mountpoint is not empty
Dec 16 11:09:22 mobile-p-ep1 hm-activate-a12l[2247]: fuse: if you are sure this is safe, use the 'nonempty' mount option
Dec 16 11:09:22 mobile-p-ep1 systemd[1]: home-manager-a12l.service: Main process exited, code=exited, status=1/FAILURE
Dec 16 11:09:22 mobile-p-ep1 systemd[1]: home-manager-a12l.service: Failed with result 'exit-code'.
Dec 16 11:09:22 mobile-p-ep1 systemd[1]: Failed to start Home Manager environment for a12l.
Dec 16 11:09:22 mobile-p-ep1 systemd[1]: home-manager-a12l.service: Consumed 233ms CPU time, received 0B IP traffic, sent 824B IP traffic.

I don't understand what the error log says.

talyz commented 2 years ago

This is because your temporary home directory has already been populated; i.e. one of the directories you've listed in your config has already been created by a program and files have been put in it. You either have to move the offending directory out of the way or reboot (which is probably the easier and safer option). The reason the error message is coming from fuse is that we're using bindfs to set up the bind mounts.

a12l commented 2 years ago

This is because your temporary home directory has already been populated; i.e. one of the directories you've listed in your config has already been created by a program and files have been put in it. You either have to move the offending directory out of the way or reboot (which is probably the easier and safer option). The reason the error message is coming from fuse is that we're using bindfs to set up the bind mounts.

Thanks for the explanation!

I was able to find files by commenting out every directory and file in the home.persistence.<path>.directories and in the home.persistence.<path>.files list; and the uncommenting them line-for-line while switching config between each step.