nix-env -i fails in latest nixos/nix Docker image
#5777
Comments
|
Issue with latest image, downgrading to last tag works |
|
Running it with 2.4 should also work because the change mentioned was introduced in 2.5 |
|
I can confirm that this also happens with 2.5.0 docker image. |
tristanpemble
changed the title
nix-env -i failsnix-env -i fails in latest nixos/nix Docker image
|
Docker image seems to be completly broken for us. With the latest image I'm unable to build anything as it fails f.e on launching nix-shell [+] Building 0.3s (10/15)
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 37B 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 34B 0.0s
=> [internal] load metadata for docker.io/nixos/nix:latest 0.0s
=> [internal] load build context 0.1s
=> => transferring context: 116.30kB 0.0s
=> [ 1/11] FROM docker.io/nixos/nix 0.0s
=> CACHED [ 2/11] COPY ./ ./trezor-user-env 0.0s
=> CACHED [ 3/11] WORKDIR ./trezor-user-env 0.0s
=> CACHED [ 4/11] RUN ls / 0.0s
=> CACHED [ 5/11] RUN ls /trezor-user-env 0.0s
=> ERROR [ 6/11] RUN nix-shell --run "./src/binaries/firmware/bin/download.sh" 0.1s
------
> [ 6/11] RUN nix-shell --run "./src/binaries/firmware/bin/download.sh":
#10 0.138 unexpected error in download thread: error: unsharing filesystem state in download thread: Operation not permitted
#10 0.139 error: download of 'https://github.com/NixOS/nixpkgs/archive/7fad01d9d5a3f82081c00fb57918d64145dc904c.tar.gz' was interrupted
------
executor failed running [/bin/sh -c nix-shell --run "./src/binaries/firmware/bin/download.sh"]: exit code: 1Going back to the old alpine image fixes it, and I'm able to build it. |
|
Perhaps the default tag in the docker registry could be rolled back? |
|
It seems this issue affects any kind of download, not just |
|
(Just copying GitHub metadata from the closed duplicate issue.) |
This comment has been minimized.
This comment has been minimized.
Attempted fix for NixOS#5777.
On Docker (but not podman), unshare(CLONE_FS) fails with EPERM. So let's ignore it and hope nothing bad happens. Attempted fix for NixOS#5777.
I've rollback the latest tag for now. Thank you for the ping. The fix for this just landed few minutes ago (thank you @edolstra) and docker image should be working with 2.5.1 bugfix releast which should happen in next days. |
|
@Valodim @vcunat @vdovhanych Nix 2.5.1 was just released with fixes for docker image. Could you confirm that it works for you now? |
|
I confirm that it is working now again, thank you! |
|
@garbas: 2.5.1 tag is there, but I see 2.5.0 pushed later under the |
|
I'm still seeing some issues with this change. Not sure if that is related to this or some changes in nix, but the script that worked before is not working now and fails on this |
That was my mistake. Should be fixed now.
This was a major change how we build docker image since we build the image from scratch. I don't expect everything would work as with alpine. I would suggest to ensure in downstream that
We are not setting |
|
Has anyone experienced issues with allocating temporary files? Permissions? (when updating the docker image from 2.3.latest to 2.5.1) So far I don't have really useful pointers, but e.g. lua(jit)'s
I also see similarly looking non-lua regressions. |
|
This issue has been mentioned on NixOS Discourse. There might be relevant details there: https://discourse.nixos.org/t/tweag-nix-dev-update-24/17230/1 |
for docker needed, see: NixOS/nix#5777 NixOS/nix#5787
the latest version of Nix fails on install of any package in the latest
nixos/nixDocker images running v2.5. seems to be related to #5391docker run --rm nixos/nix nix-env -i helloThe text was updated successfully, but these errors were encountered: