lxc/lxd installation problems

[zoranbosnjak]

problem

Installation does not work inside lxc/lxd container on ubuntu 18.04 host.

cat /etc/lsb-release 
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=18.04
DISTRIB_CODENAME=bionic
DISTRIB_DESCRIPTION="Ubuntu 18.04.1 LTS"

steps to reproduce

lxc image list
+-------+--------------+--------+---------------------------------------------+--------+----------+------------------------------+
| ALIAS | FINGERPRINT  | PUBLIC |                 DESCRIPTION                 |  ARCH  |   SIZE   |         UPLOAD DATE          |
+-------+--------------+--------+---------------------------------------------+--------+----------+------------------------------+
|       | e2e780492922 | no     | ubuntu 18.04 LTS amd64 (release) (20190122) | x86_64 | 174.98MB | Jan 23, 2019 at 2:33am (UTC) |
+-------+--------------+--------+---------------------------------------------+--------+----------+------------------------------+

lxc launch e2e780492922 nixtest
# or lxc launch 18.04 nixtest

lxc exec nixtest bash
su -l ubuntu
wget <path_to>/nix-2.2.1-x86_64-linux.tar.bz2
tar -xvjf nix-2.2.1-x86_64-linux.tar.bz2
cd nix-2.2.1-x86_64-linux
./install-multi-user
# all answers 'y'

The process fails with an error:

...
---- sudo execution ------------------------------------------------------------
I am executing:

    $ sudo HOME=/root /nix/store/5hdmx9yk7gr71b98j4vh9271k0zg5jis-nix-2.2.1/bin/nix-env -i /nix/store/5hdmx9yk7gr71b98j4vh9271k0zg5jis-nix-2.2.1

to installing a bootstrapping Nix in to the default Profile

installing 'nix-2.2.1'
error: while setting up the build environment: mounting /proc: Operation not permitted

---- oh no! --------------------------------------------------------------------
Jeeze, something went wrong. If you can take all the output and open
an issue, we'd love to fix the problem so nobody else has this issue.

:(

We'd love to help if you need it.

If you can, open an issue at https://github.com/nixos/nix/issues

Or feel free to contact the team,
 - on IRC #nixos on irc.freenode.net
 - on twitter @nixos_org

[asbachb]

@zoranbosnjak have you done any progress?

[psanford]

I ran into this issue and found setting security.nesting = true on the container and then restarting the container fixed it for me:

lxc config set <container_name> security.nesting true

[derekmahar]

I ran into this issue and found setting security.nesting = true on the container and then restarting the container fixed it for me:

lxc config set <container_name> security.nesting true

Thank you for this solution!

[empathicqubit]

The security.nesting solution helped me get Nix running on a Chromebook (after running it from vsh termina at the developer console). It used to work but I think the Chrome team changed the default settings.

[nathan-at-least]

Hello, I have this failure when installing on a Chromebook. For posterity, I'm documenting the explicit steps based on @empathicqubit 's hints.

Since this may affect many Chromebook or at least Pixelbook users and might need to be documented in the "installing nix" docs. Is that worth a new ticket?

1. Hit ctrl-alt-t which pops open crosh.
2. Run: vsh termina
3. Run: lxc config set penguin security.nesting true
4. Log out of the vsh session, close the crosh tab.
5. In a terminal window (which is associated with the penguin lxc container), run sudo reboot. This closes the window.
6. Start the terminal from the icon again, then follow the nix install instructions.

Note, I personally only tested the single user install method (ie: --no-daemon to the install script).

[dbaynard]

Note, I personally only tested the single user install method (ie: --no-daemon to the install script).

Setting security.nesting to true worked for multi-user install, for me (though I was using an archlinux container, rather than the default debian).

[nakedible-p]

Works for default debian as well.

[nixos-discourse]

This issue has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/running-nixos-18-09-in-an-lxd-3-8-container/1804/6