Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error "Nix database directory ‘/nix/var/nix/db’ is not writable" #6

Open
thufschmitt opened this issue Oct 25, 2017 · 1 comment
Open

Error "Nix database directory ‘/nix/var/nix/db’ is not writable" #6

thufschmitt opened this issue Oct 25, 2017 · 1 comment

Comments

@thufschmitt
Copy link
Member

When trying to use this image with stack --docker, I run into the error

error: Nix database directory ‘/nix/var/nix/db’ is not writable: Permission denied

This happens for example in the tweag/sparkle repo.

Steps to reproduce

git clone https://github.com/tweag/sparkle
cd sparkle
stack docker pull
stack --docker build

Expected output

The program should build fine

Actual output

2017-10-25 12:22:29.205207: [debug] Checking for project config at: /home/regnat/Progs/haskell/sparkle/stack.yaml
@(Stack/Config.hs:974:9)
2017-10-25 12:22:29.208960: [debug] Loading project config file stack.yaml
@(Stack/Config.hs:999:13)
2017-10-25 12:22:29.213494: [debug] Run process: /usr/sbin/groupadd -o --gid 100 stack
@(System/Process/Read.hs:306:3)
2017-10-25 12:22:29.220392: [debug] Process finished in 6ms: /usr/sbin/groupadd -o --gid 100 stack
@(System/Process/Read.hs:306:3)
2017-10-25 12:22:29.220841: [debug] Run process: /usr/sbin/useradd -oN --uid 1000 --gid 100 --home /home/regnat/Progs/haskell/sparkle/.stack-work/docker/_home stack
@(System/Process/Read.hs:306:3)
2017-10-25 12:22:29.232900: [debug] Process finished in 11ms: /usr/sbin/useradd -oN --uid 1000 --gid 100 --home /home/regnat/Progs/haskell/sparkle/.stack-work/docker/_home stack
@(System/Process/Read.hs:306:3)
2017-10-25 12:22:29.233020: [debug] Run process: /usr/sbin/groupadd -o --gid 1 group1
@(System/Process/Read.hs:306:3)
2017-10-25 12:22:29.239273: [debug] Process finished in 6ms: /usr/sbin/groupadd -o --gid 1 group1
@(System/Process/Read.hs:306:3)
2017-10-25 12:22:29.239382: [debug] Run process: /usr/sbin/groupadd -o --gid 6 group6
@(System/Process/Read.hs:306:3)
2017-10-25 12:22:29.244206: [debug] Process finished in 4ms: /usr/sbin/groupadd -o --gid 6 group6
@(System/Process/Read.hs:306:3)
2017-10-25 12:22:29.244360: [debug] Run process: /usr/sbin/groupadd -o --gid 17 group17
@(System/Process/Read.hs:306:3)
2017-10-25 12:22:29.248545: [debug] Process finished in 4ms: /usr/sbin/groupadd -o --gid 17 group17
@(System/Process/Read.hs:306:3)
2017-10-25 12:22:29.248649: [debug] Run process: /usr/sbin/groupadd -o --gid 57 group57
@(System/Process/Read.hs:306:3)
2017-10-25 12:22:29.253255: [debug] Process finished in 4ms: /usr/sbin/groupadd -o --gid 57 group57
@(System/Process/Read.hs:306:3)
2017-10-25 12:22:29.253377: [debug] Run process: /usr/sbin/groupadd -o --gid 59 group59
@(System/Process/Read.hs:306:3)
2017-10-25 12:22:29.258083: [debug] Process finished in 4ms: /usr/sbin/groupadd -o --gid 59 group59
@(System/Process/Read.hs:306:3)
2017-10-25 12:22:29.258204: [debug] Run process: /usr/sbin/groupadd -o --gid 100 group100
@(System/Process/Read.hs:306:3)
2017-10-25 12:22:29.262366: [debug] Process finished in 4ms: /usr/sbin/groupadd -o --gid 100 group100
@(System/Process/Read.hs:306:3)
2017-10-25 12:22:29.262471: [debug] Run process: /usr/sbin/groupadd -o --gid 131 group131
@(System/Process/Read.hs:306:3)
2017-10-25 12:22:29.266926: [debug] Process finished in 4ms: /usr/sbin/groupadd -o --gid 131 group131
@(System/Process/Read.hs:306:3)
2017-10-25 12:22:29.269974: [debug] Trying to decode /home/regnat/.stack/build-plan-cache/x86_64-linux-nix/lts-9.0.cache
@(Data/Store/VersionTagged.hs:72:5)
2017-10-25 12:22:29.281217: [debug] Success decoding /home/regnat/.stack/build-plan-cache/x86_64-linux-nix/lts-9.0.cache
@(Data/Store/VersionTagged.hs:76:13)
2017-10-25 12:22:29.281362: [debug] PATH is: Just "/nix/store/nv8jrbvw2h5w3mdqp86r1g49c0m69z6f-git-2.11.0/bin:/nix/store/i1d05sr6c9lvyjd5k2r5zhf3658vnjvb-gradle-3.3/bin:/nix/store/l4g6dqv9w7cmz5hb0ba43g97s7q55ylq-ncurses-5.9-dev/bin:/nix/store/lxdqvr245h6y623glg90059fjpggl0js-ncurses-5.9/bin:/nix/store/3vsv6g1ih0cywr7iqmq8r8kf152cyps3-openjdk-8u122b04/bin:/nix/store/3jk0k16zlzw38v18c0i2sgm0l6fgn5lg-openjdk-8u122b04-jre/bin:/nix/store/zxc8x7w1v9bq0miyyghi4y1chdw1mf8j-spark-2.1.0/bin:/nix/store/gi2qk4pimynjhvpjqa8fh2wi28fffk6g-which-2.21/bin:/nix/store/571h265qayck35kgavx3v8a8nr39v2d1-zip-3.0/bin:/nix/store/qixzv1h36s19zzdy60jpdyz0hrqhhps3-ghc-8.0.2/bin:/nix/store/039vd7bx27wcbps9lwka3d8vyamgsffw-pkg-config-0.29/bin:/nix/store/7cfyhcd43xv8qz4x4lshz1llmbji3d35-patchelf-0.9/bin:/nix/store/94fbfg42f3sinwk17xfz2jjzg5v677vq-paxctl-0.9/bin:/nix/store/mafk2xkm2aw0pnbmxx70zkh1m2ch7fm6-gcc-wrapper-5.4.0/bin:/nix/store/yai0jb6s2myp7n5iziqa2nfwrvnbxi3c-gcc-5.4.0/bin:/nix/store/4qkwbyayzvlsmwzj0y6mfw8awjf5fbd0-binutils-2.27/bin:/nix/store/jkas4im9rr89n86h8p4sh3p6j3zdapcr-glibc-2.24-bin/bin:/nix/store/3al38ybllhnlckcjv1p35lm8cq0rhz55-coreutils-8.26/bin:/nix/store/3al38ybllhnlckcjv1p35lm8cq0rhz55-coreutils-8.26/bin:/nix/store/7szd9c3c688bf11hdzk6ml8lfnwr47r2-findutils-4.6.0/bin:/nix/store/m08mp1p349yq21ziii7a4il7knsahbzk-diffutils-3.5/bin:/nix/store/rmrkgnkdghahq7kjr1p1isv3d88npkb7-gnused-4.3/bin:/nix/store/hq2xb24mnwczmf6qsxn9cvvi3n95cnw3-gnugrep-2.27/bin:/nix/store/a3khm6g2lqp13a08r7y064dl5ysyrx08-gawk-4.1.3/bin:/nix/store/m3fmn3y2g95dnpirwg5zsbj08k3aw6xc-gnutar-1.29/bin:/nix/store/ap833cngp04ks5jnk11643ra899hrzpr-gzip-1.8/bin:/nix/store/yn142bzjxlngbvikkw5qgwzpy1ynbikj-bzip2-1.0.6.0.1-bin/bin:/nix/store/jm6y7lwqhvxxg594ywi4ks7m3znfa4qi-gnumake-4.2.1/bin:/nix/store/cg0gxn11n6sadfrw3p7l8rh053gn3f0z-bash-4.4-p5/bin:/nix/store/gq48z8ywqabwpf96k497chw52f5ypbs3-patch-2.7.5/bin:/nix/store/63bjxmzwyqxikc537h5a915nhkbwi2qs-xz-5.2.2-bin/bin:/opt/host/bin:/home/regnat/Progs/haskell/sparkle/.stack-work/docker/_home/.local/bin:/root/.nix-profile/bin:/root/.nix-profile/sbin:/bin:/sbin:/usr/bin:/usr/sbin"
@(Stack/Nix.hs:126:6)
2017-10-25 12:22:29.281748: [debug] Using a nix-shell environment from file: /home/regnat/Progs/haskell/sparkle/shell.nix
@(Stack/Nix.hs:127:6)
2017-10-25 12:22:29.282531: [debug] Run process: /usr/bin/nix-shell /home/regnat/Progs/haskell/sparkle/shell.nix --arg ghc "with (import <nixpkgs> {}); haskell.compiler.ghc802" --run "'/nix/store/0qc6i5davsbjxnmk803f7zmwdxgpvzgf-stack-1.5.0/bin/stack' $STACK_IN_NIX_EXTRA_ARGS '--extra-lib-dirs=/nix/store/nv8jrbvw2h5w3mdqp86r1g49c0m69z6f-git-2.11.0/lib' '--extra-include-dirs=/nix/store/nv8jrbvw2h5w3mdqp86r1g49c0m69z6f-git-2.11.0/include' '--extra-lib-dirs=/nix/store/i1d05sr6c9lvyjd5k2r5zhf3658vnjvb-gradle-3.3/lib' '--extra-include-dirs=/nix/store/i1d05sr6c9lvyjd5k2r5zhf3658vnjvb-gradle-3.3/include' '--extra-lib-dirs=/nix/store/lxdqvr245h6y623glg90059fjpggl0js-ncurses-5.9/lib' '--extra-include-dirs=/nix/store/l4g6dqv9w7cmz5hb0ba43g97s7q55ylq-ncurses-5.9-dev/include' '--extra-lib-dirs=/nix/store/3vsv6g1ih0cywr7iqmq8r8kf152cyps3-openjdk-8u122b04/lib' '--extra-include-dirs=/nix/store/3vsv6g1ih0cywr7iqmq8r8kf152cyps3-openjdk-8u122b04/include' '--extra-lib-dirs=/nix/store/zxc8x7w1v9bq0miyyghi4y1chdw1mf8j-spark-2.1.0/lib' '--extra-include-dirs=/nix/store/zxc8x7w1v9bq0miyyghi4y1chdw1mf8j-spark-2.1.0/include' '--extra-lib-dirs=/nix/store/gi2qk4pimynjhvpjqa8fh2wi28fffk6g-which-2.21/lib' '--extra-include-dirs=/nix/store/gi2qk4pimynjhvpjqa8fh2wi28fffk6g-which-2.21/include' '--extra-lib-dirs=/nix/store/gdw5qz99ihbv3l3nc91jdynfm3va46qq-zlib-1.2.10/lib' '--extra-include-dirs=/nix/store/w95hz9gg3wnxq20xsjb5dwwh72nixsps-zlib-1.2.10-dev/include' '--extra-lib-dirs=/nix/store/571h265qayck35kgavx3v8a8nr39v2d1-zip-3.0/lib' '--extra-include-dirs=/nix/store/571h265qayck35kgavx3v8a8nr39v2d1-zip-3.0/include' '--extra-lib-dirs=/nix/store/3vsv6g1ih0cywr7iqmq8r8kf152cyps3-openjdk-8u122b04/lib/openjdk/jre/lib/amd64/server' '--internal-re-exec-version=1.5.0' '--internal-docker-entrypoint' 'DockerEntrypoint {deUser = Just (DockerUser {duUid = 1000, duGid = 100, duGroups = [1,6,17,57,59,100,131], duUmask = 18})}' '--docker' 'build' '--verbose'"
@(Stack/Exec.hs:65:5)
error: Nix database directory ‘/nix/var/nix/db’ is not writable: Permission denied
2017-10-25 14:22:29.444117: [debug] Run process: /run/current-system/sw/bin/docker rm -f f37fa6ad11b2da6ba5a3d1cfe7c7e0ecaf2429c1d439cf2e66fccd044222b7d6
@(System/Process/Read.hs:306:3)
2017-10-25 14:22:29.754608: [debug] Process finished in 310ms: /run/current-system/sw/bin/docker rm -f f37fa6ad11b2da6ba5a3d1cfe7c7e0ecaf2429c1d439cf2e66fccd044222b7d6
@(System/Process/Read.hs:306:3)
@thufschmitt thufschmitt mentioned this issue Oct 25, 2017
Open
@thufschmitt
Copy link
Member Author

I did some researches on this on the train back home, and giving worldwide rw permissions to the /nix directory (and /tmp too) solves this as one could expect.

So adding something like this in the Dockerfile resolves this:

RUN chmod -R a+rw /nix/var
RUN chmod 777 /nix/store
RUN chmod 777 /nix/store/*
RUN chmod 777 /tmp

(the three first chmods are just here because doing chmod +R 777 /nix takes too much time and isn't needed)

There is probably be a less hackish and insecure way to solve this given that there is no real need to instanciate any derivation while running the stack build (because everything has been built while creating the image), so write-access to the store shouldn't be needed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@thufschmitt