OSX Ventura error after install: cannot read flake registry (root:wheel) #584
Labels
Comments
|
I see that ~ % ls -larth /etc/nix/
total 16
lrwxr-xr-x 1 root wheel 29B Jan 18 2023 registry.json -> /etc/static/nix/registry.json
-rw-r--r-- 1 root wheel 131B Jan 18 2023 .nix.conf.bak
-rw-rw-r-- 1 root wheel 276B Jul 20 15:15 nix.conf
dr-xr-xr-x 5 root wheel 160B Jul 20 15:15 .
drwxr-xr-x 93 root wheel 2.9K Jul 20 15:22 ..
~ % ls -larth /etc/static/
ls: /etc/static/: No such file or directory |
|
Here is the install receipt: install receipt{
"version": "0.10.0",
"actions": [
{
"action": {
"action": "create_apfs_volume",
"disk": "disk3",
"name": "Nix Store",
"case_sensitive": false,
"encrypt": true,
"create_or_append_synthetic_conf": {
"action": {
"path": "/etc/synthetic.conf",
"user": null,
"group": null,
"mode": null,
"buf": "nix\n",
"position": "End"
},
"state": "Completed"
},
"create_synthetic_objects": {
"action": null,
"state": "Completed"
},
"unmount_volume": {
"action": {
"disk": "disk3",
"name": "Nix Store"
},
"state": "Progress"
},
"create_volume": {
"action": {
"disk": "disk3",
"name": "Nix Store",
"case_sensitive": false
},
"state": "Completed"
},
"create_fstab_entry": {
"action": {
"apfs_volume_label": "Nix Store",
"existing_entry": "None"
},
"state": "Completed"
},
"encrypt_volume": {
"action": {
"disk": "disk3",
"name": "Nix Store"
},
"state": "Completed"
},
"setup_volume_daemon": {
"action": {
"path": "/Library/LaunchDaemons/org.nixos.darwin-store.plist",
"apfs_volume_label": "Nix Store",
"mount_service_label": "org.nixos.darwin-store",
"mount_point": "/nix",
"encrypt": true,
"needs_bootout": false
},
"state": "Completed"
},
"bootstrap_volume": {
"action": {
"domain": "system",
"service": "org.nixos.darwin-store",
"path": "/Library/LaunchDaemons/org.nixos.darwin-store.plist"
},
"state": "Completed"
},
"kickstart_launchctl_service": {
"action": {
"domain": "system",
"service": "org.nixos.darwin-store"
},
"state": "Completed"
},
"enable_ownership": {
"action": {
"path": "/nix"
},
"state": "Completed"
}
},
"state": "Completed"
},
{
"action": {
"action": "provision_nix",
"fetch_nix": {
"action": {
"url": "https://releases.nixos.org/nix/nix-2.15.0/nix-2.15.0-aarch64-darwin.tar.xz",
"dest": "/nix/temp-install-dir",
"proxy": null,
"ssl_cert_file": null
},
"state": "Completed"
},
"create_nix_tree": {
"action": {
"create_directories": [
{
"action": {
"path": "/nix/var",
"user": "root",
"group": null,
"mode": 493,
"force_prune_on_revert": false
},
"state": "Completed"
},
{
"action": {
"path": "/nix/var/log",
"user": "root",
"group": null,
"mode": 493,
"force_prune_on_revert": false
},
"state": "Completed"
},
{
"action": {
"path": "/nix/var/log/nix",
"user": "root",
"group": null,
"mode": 493,
"force_prune_on_revert": false
},
"state": "Completed"
},
{
"action": {
"path": "/nix/var/log/nix/drvs",
"user": "root",
"group": null,
"mode": 493,
"force_prune_on_revert": false
},
"state": "Completed"
},
{
"action": {
"path": "/nix/var/nix",
"user": "root",
"group": null,
"mode": 493,
"force_prune_on_revert": false
},
"state": "Completed"
},
{
"action": {
"path": "/nix/var/nix/db",
"user": "root",
"group": null,
"mode": 493,
"force_prune_on_revert": false
},
"state": "Completed"
},
{
"action": {
"path": "/nix/var/nix/gcroots",
"user": "root",
"group": null,
"mode": 493,
"force_prune_on_revert": false
},
"state": "Completed"
},
{
"action": {
"path": "/nix/var/nix/gcroots/per-user",
"user": "root",
"group": null,
"mode": 493,
"force_prune_on_revert": false
},
"state": "Completed"
},
{
"action": {
"path": "/nix/var/nix/profiles",
"user": "root",
"group": null,
"mode": 493,
"force_prune_on_revert": false
},
"state": "Completed"
},
{
"action": {
"path": "/nix/var/nix/profiles/per-user",
"user": "root",
"group": null,
"mode": 493,
"force_prune_on_revert": false
},
"state": "Completed"
},
{
"action": {
"path": "/nix/var/nix/temproots",
"user": "root",
"group": null,
"mode": 493,
"force_prune_on_revert": false
},
"state": "Completed"
},
{
"action": {
"path": "/nix/var/nix/userpool",
"user": "root",
"group": null,
"mode": 493,
"force_prune_on_revert": false
},
"state": "Completed"
},
{
"action": {
"path": "/nix/var/nix/daemon-socket",
"user": "root",
"group": null,
"mode": 493,
"force_prune_on_revert": false
},
"state": "Completed"
}
]
},
"state": "Completed"
},
"move_unpacked_nix": {
"action": {
"unpacked_path": "/nix/temp-install-dir"
},
"state": "Completed"
}
},
"state": "Completed"
},
{
"action": {
"action": "create_users_and_group",
"nix_build_user_count": 32,
"nix_build_group_name": "nixbld",
"nix_build_group_id": 30000,
"nix_build_user_prefix": "_nixbld",
"nix_build_user_id_base": 300,
"create_group": {
"action": {
"name": "nixbld",
"gid": 30000
},
"state": "Completed"
},
"create_users": [
{
"action": {
"name": "_nixbld1",
"uid": 301,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 1"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld2",
"uid": 302,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 2"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld3",
"uid": 303,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 3"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld4",
"uid": 304,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 4"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld5",
"uid": 305,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 5"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld6",
"uid": 306,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 6"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld7",
"uid": 307,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 7"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld8",
"uid": 308,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 8"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld9",
"uid": 309,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 9"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld10",
"uid": 310,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 10"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld11",
"uid": 311,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 11"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld12",
"uid": 312,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 12"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld13",
"uid": 313,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 13"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld14",
"uid": 314,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 14"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld15",
"uid": 315,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 15"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld16",
"uid": 316,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 16"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld17",
"uid": 317,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 17"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld18",
"uid": 318,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 18"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld19",
"uid": 319,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 19"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld20",
"uid": 320,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 20"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld21",
"uid": 321,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 21"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld22",
"uid": 322,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 22"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld23",
"uid": 323,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 23"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld24",
"uid": 324,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 24"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld25",
"uid": 325,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 25"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld26",
"uid": 326,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 26"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld27",
"uid": 327,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 27"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld28",
"uid": 328,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 28"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld29",
"uid": 329,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 29"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld30",
"uid": 330,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 30"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld31",
"uid": 331,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 31"
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld32",
"uid": 332,
"groupname": "nixbld",
"gid": 30000,
"comment": "Nix build user 32"
},
"state": "Completed"
}
],
"add_users_to_groups": [
{
"action": {
"name": "_nixbld1",
"uid": 301,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld2",
"uid": 302,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld3",
"uid": 303,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld4",
"uid": 304,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld5",
"uid": 305,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld6",
"uid": 306,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld7",
"uid": 307,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld8",
"uid": 308,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld9",
"uid": 309,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld10",
"uid": 310,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld11",
"uid": 311,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld12",
"uid": 312,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld13",
"uid": 313,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld14",
"uid": 314,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld15",
"uid": 315,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld16",
"uid": 316,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld17",
"uid": 317,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld18",
"uid": 318,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld19",
"uid": 319,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld20",
"uid": 320,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld21",
"uid": 321,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld22",
"uid": 322,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld23",
"uid": 323,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld24",
"uid": 324,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld25",
"uid": 325,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld26",
"uid": 326,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld27",
"uid": 327,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld28",
"uid": 328,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld29",
"uid": 329,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld30",
"uid": 330,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld31",
"uid": 331,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
},
{
"action": {
"name": "_nixbld32",
"uid": 332,
"groupname": "nixbld",
"gid": 30000
},
"state": "Completed"
}
]
},
"state": "Completed"
},
{
"action": {
"action": "set_tmutil_exclusions",
"set_tmutil_exclusions": [
{
"action": {
"path": "/nix/store"
},
"state": "Completed"
},
{
"action": {
"path": "/nix/var"
},
"state": "Completed"
}
]
},
"state": "Completed"
},
{
"action": {
"action": "configure_nix",
"setup_default_profile": {
"action": {
"unpacked_path": "/nix/temp-install-dir"
},
"state": "Completed"
},
"configure_shell_profile": {
"action": {
"locations": {
"fish": {
"confd_suffix": "conf.d/nix.fish",
"confd_prefixes": [
"/etc/fish",
"/usr/local/etc/fish",
"/opt/homebrew/etc/fish",
"/opt/local/etc/fish"
],
"vendor_confd_suffix": "vendor_conf.d/nix.fish",
"vendor_confd_prefixes": [
"/usr/share/fish/",
"/usr/local/share/fish/"
]
},
"bash": [
"/etc/bashrc",
"/etc/profile.d/nix.sh",
"/etc/bash.bashrc"
],
"zsh": [
"/etc/zshrc",
"/etc/zsh/zshrc"
]
},
"create_directories": [],
"create_or_insert_into_files": [
{
"action": {
"path": "/etc/bashrc",
"user": null,
"group": null,
"mode": 420,
"buf": "\n# Nix\nif [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then\n . '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'\nfi\n# End Nix\n\n \n",
"position": "Beginning"
},
"state": "Completed"
},
{
"action": {
"path": "/etc/bash.bashrc",
"user": null,
"group": null,
"mode": 420,
"buf": "\n# Nix\nif [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then\n . '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'\nfi\n# End Nix\n\n \n",
"position": "Beginning"
},
"state": "Completed"
},
{
"action": {
"path": "/etc/zshrc",
"user": null,
"group": null,
"mode": 420,
"buf": "\n# Nix\nif [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then\n . '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'\nfi\n# End Nix\n\n \n",
"position": "Beginning"
},
"state": "Completed"
}
]
},
"state": "Completed"
},
"place_nix_configuration": {
"action": {
"create_directory": {
"action": {
"path": "/etc/nix",
"user": null,
"group": null,
"mode": 493,
"force_prune_on_revert": false
},
"state": "Completed"
},
"create_or_merge_nix_config": {
"action": {
"path": "/etc/nix/nix.conf",
"pending_nix_config": {
"settings": {
"bash-prompt-prefix": "(nix:$name)\\040",
"extra-nix-path": "nixpkgs=flake:nixpkgs",
"build-users-group": "nixbld",
"auto-optimise-store": "true",
"experimental-features": "nix-command flakes auto-allocate-uids"
}
}
},
"state": "Completed"
}
},
"state": "Completed"
}
},
"state": "Completed"
},
{
"action": {
"action": "configure_init_service",
"init": "Launchd",
"start_daemon": true
},
"state": "Completed"
},
{
"action": {
"action": "remove_directory",
"path": "/nix/temp-install-dir"
},
"state": "Completed"
}
],
"planner": {
"planner": "macos",
"settings": {
"modify_profile": true,
"nix_build_group_name": "nixbld",
"nix_build_group_id": 30000,
"nix_build_user_prefix": "_nixbld",
"nix_build_user_count": 32,
"nix_build_user_id_base": 300,
"nix_package_url": "https://releases.nixos.org/nix/nix-2.15.0/nix-2.15.0-aarch64-darwin.tar.xz",
"proxy": null,
"ssl_cert_file": null,
"extra_conf": [],
"force": false,
"diagnostic_endpoint": "https://install.determinate.systems/nix/diagnostic"
},
"encrypt": null,
"case_sensitive": false,
"volume_label": "Nix Store",
"root_disk": "disk3"
},
"diagnostic_data": {
"version": "0.10.0",
"planner": "macos",
"configured_settings": [],
"os_name": "unknown",
"os_version": "unknown",
"triple": "aarch64-apple-darwin",
"is_ci": false,
"endpoint": "https://install.determinate.systems/nix/diagnostic",
"ssl_cert_file": null,
"failure_chain": null
}
}
|
|
I tried the official installer and I get: I have successfully used both the determinate systems installer and official nix installer on this work laptop in the past. This makes me suspect some security policy could be creating a problem for me. I would be grateful if anyone can help me debug it if that seems to be the case. |
I found this error in Console.app: Some googling led me to:
https://akshayranganath.github.io/OCSP-Validation-With-Openssl/ Conclusion: The method of using a custom certificate that nix uses is being blocked by security policy now. |
|
Or perhaps related to NixOS/nix#7937 |
|
I'm having the same issue as @codygman, with a fresh install with the latest installer version ( |
3 tasks
|
@codygman If you are using some IT Management Service which enforces a specific set of SSL certs for your machine, you may be able to set the @jmp-0x7C0 are you using any IT management software or special SSL configurations? |
|
@Hoverbear I'm not using any kind of IT management software, this is my personal machine. Some additional context that might be useful: I had previously installed |
|
Any chance you had Nix-Darwin installed too? |
|
@Hoverbear yes I might have installed Nix-Darwin quite some time ago but I'm not 100% sure. |
|
We've seen similar issues rising from You'll probably need to try to uninstall Nix Darwin, but since you reinstalled Nix it's hard to know what will happen... |
|
@Hoverbear Ok thanks. It seems the Nix Darwin uninstaller depends on a working nix install being available, running |
|
Well #561 won't help you if you have a broken old |
|
@Hoverbear I ended up fixing my issue by recreating a new symbolic link to the certificate store, it seems I must have had a broken symbolic link. |
Hoverbear
added
bug
|
That's a good workaround, we'll have to ponder how we can cure this state... |
|
I can confirm that the workaround works. In my case the link seems to have never been updated to utilize the nix one. After applying the workaround provided by @jmp-0x7C0 everything worked. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Following official install instructions:
Then looking at it's permissions:
Should those be the permissions?
Is Ventura unsupported for some reason? I should probably update anyway.
Could this be because of company specific IT Service Management such as ConnectWise?
The text was updated successfully, but these errors were encountered: