Received: (at submit) by debbugs.gnu.org; 10 Mar 2024 11:18:15 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sun Mar 10 07:18:15 2024 Received: from localhost ([127.0.0.1]:35721 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1rjHC3-0007ci-AB for submit <at> debbugs.gnu.org; Sun, 10 Mar 2024 07:18:15 -0400 Received: from lists.gnu.org ([209.51.188.17]:57554) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <troy@HIDDEN>) id 1rjHC0-0007ca-Rr for submit <at> debbugs.gnu.org; Sun, 10 Mar 2024 07:18:13 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <troy@HIDDEN>) id 1rjHBT-0002eE-53 for bug-guix@HIDDEN; Sun, 10 Mar 2024 07:17:39 -0400 Received: from mout-p-202.mailbox.org ([2001:67c:2050:0:465::202]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_CHACHA20_POLY1305:256) (Exim 4.90_1) (envelope-from <troy@HIDDEN>) id 1rjHBR-0007N1-3x for bug-guix@HIDDEN; Sun, 10 Mar 2024 07:17:38 -0400 Received: from smtp1.mailbox.org (smtp1.mailbox.org [IPv6:2001:67c:2050:b231:465::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-202.mailbox.org (Postfix) with ESMTPS id 4Tsy6s72Ztz9scm for <bug-guix@HIDDEN>; Sun, 10 Mar 2024 12:17:25 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=troyfigiel.com; s=MBO0001; t=1710069446; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding:autocrypt:autocrypt; bh=qnPD2N7zsNp6PMMW1eI//XA8HM0CwoerGvsRMBryV4I=; b=mn88QbwL6ZUIt+kJdpz8K1oXCwIOu/ZYwAtN71Wegc0WBp+1j+z7f4oqaRf4QLvh1oMjcS ILjoBcaBb4SWArP276AyebjghbJhmj2l2x/HRbX1K9mTobJ+V/POGlEPlmY4WllHkeIt6b 3GwHlVtqHYERr5da2goGRpciT0SHlUBvirwGsTJTS9ksX5ebERNFqhQN6zIch+80sCLXW7 Gc6pQ0qbjUP0gh8cB7Yk7CAql28qriKSNgzW0wXUJzx5eBPhyowxF+LzdF620tUYuRrFoE JI9jV+Js7HKHnhwA4VKwWZ/V9kuD7KluEHXzC/DYSJYjoOa8Z5/MlVGOUHt48g== Message-ID: <444aafb6-1092-43dd-a186-5b24e32f71c2@HIDDEN> Date: Sun, 10 Mar 2024 12:17:25 +0100 MIME-Version: 1.0 Content-Language: en-US, de-DE, nl From: Troy Figiel <troy@HIDDEN> Autocrypt: addr=troy@HIDDEN; keydata= xsFNBGKp71YBEADDmh9HMTg0Z8/xxf4yT6UX2wO8u0Q2nbOAhzROSabUVyBp8Gz6jLcoFN8x rg8XxxBWTCENBWqKkYG6Z/GgPmeKuacAeZIW7dGYaGu4bZHgLsTqk04J/dM63aVveJJY4M4r KNx0Mew+SYTGrh3NnoSF0+ZIskGGh4NJpXOGUSUihjdddn8ouFDDy01GJ9N2ZWprfWo3ynMA xEHhD6CWniQMkmd+TVKjQt+BC8d+nHlOt6vFoDGH9PehXmmBLyOJAVMAlPMyrN8ZjmbRp91s 4Sz2rqjD2GXFGvKClhyxcr2qEUJmCg/Vp8PiZWOwxA/6BCWuNmrl1d1FhXjMMIzz2y92MOlD 5kQm7/261cuXTJvKZOLmHelY0m7gReWnc9peGPmGeukkdblmjwJTnetzvF/AUXNpS29Nmyie 4PgsAbkmL0PwKCbf+6WRWywRidR1narANINGJHL8MDIgdUwuJsYhD5s10bIsg2dOOxFioOnm kgpWiVLmZSq9bkX+SRyWNL+hDhEbGLnZ5WUOszPXgo9Lo2dCGBr4YkCaxVCCCfgAn8TpgcLQ VW37N75MjEX3kVBGBiiifbQUedKHqMddlUEYLSjpBCNxqF1X5fTuurFrfq8EYcYcQGW5Telh fX1I6md7xt0FDBRAVx8jAvy7Rkt6CeKP7oPNMVfoQ62oMT85JQARAQABzSFUcm95IEZpZ2ll bCA8dHJveUB0cm95ZmlnaWVsLmNvbT7CwY8EEwEKADkCGwMECwkIBwQVCgkIBRYCAwEAAh4F AheAFiEE5HwNzSdo36E4/NzWxnyRgbOJP7AFAmVCwP8CGQEACgkQxnyRgbOJP7DK/A/+L6IY xHhr4ZCz5Mk8s0OHAQTP3ZlAtmjMB+Lg0nwg8hVRzF1O/mCQKaFeKwKgh0I0zZIYucnylG6K KtVoa1ZNrpOCO2Qau7C/j6u7lmZGoEyEf9ePvhpVPcqFXSeehNl/nmaAFuLXTTTvkUubuU2m OEQe1oua/9HQPbd2mlKNjUnj9YmYs9qqF9bcJmT0U2WUg4Jz3DmHQiK175QqJv7fXtIdHzAk BRlJdrslLPOrIDb7WAnXpUQs1bcirKuSFOsyeGn0plh3t0uSm8d3BValRArPMw/h9FldGRXr KycSCIuU/vL94mncXSwIy8ifY4XkcBVvuZ8CbAh3G3iuZ6LLoMsjGmCXkm6Ru9OieC8xmAae 69RYw/zXHoIkW+/nLygEv7+7tMrYTFcUR0RmMvHjiZafnGwHkBCFMojUapcG/EAsSYQzssGP qYLuqIaq2weCYpfNUMDye3rivOKFcO6Aa63lCb1TLy/OVoK0al04WdO+teDJVj88WNyMZu1c SdBYd3lJ9VLSmsBJ0FFksuDyXQqmrN+Uckka+JdKHiADGGaztMHmbJkZ1DZ2jfEh0kJTcCr8 PAXIvTMcgi/BLP3R6u+iHnycypID8pwLIDg3Gg3cLcfeBmCBEAft/Gk5RF0POIL8QAx7IVwu AD4kpM6fkXc6Dq9sl6us38ekm6M7fprOwU0EYqnvVgEQANU4cn+tMmYLMMJA3yeE7JIlY5E+ xZ5qrvNA+UwqTuZGcQH3Th81fsF1qYYiT38fq6GAEImJ19VqVs9f/YGSdkUk1ZA46AwzPuij pFGUm3yL71kCzPblF1zUCzOllc1N7pi3YD+XQr7ggqX/s/MS1uxR9Sgs5coYUT0ygXVOGkSk OQjdQ99B2+BUTos28C2sDfJfCd5ekLCp02EUle527sX8QjyTiTUlu5pvFnCtzO6MWf3loiJb Vi9vA0hQFOnu4jM0TjzIc4vWJpX1oExfFwEsoSVLDQh3CFIoe8wHsRgpIvtWiiRIuaaJawhx ac6mj4yaB2UR/MW8KFpUmqzTgVn8FLt0S0yo1PpleTFT8IsGY8luoyWIaUyNCrjXxrps8yFj HoE54Abb0S6Z15Ko2csG2DR1u4ZtELVsHcF3gZT5q1Nt9BnV8TYi0+vNjVjQ7OODQMOBSIB8 bBEQogtbTxBYvIs57ClYAd0fHssz7fJHaKDbcsZXGWKdiSEQrrfc78tOgmYml997og7SyLg+ YI9X8G4RJiIF9EThRtAKK92i9xktWLLBCl5q5nwRPcObVgy7AiwQBPX1WVR3+Uy6BaeyylPY YIAyM6dHwl4/e5HczR5Nt6pzmnOza8F2JT4blqJd+QVeL+xDtBvzKWLBVZkPJMbwqYS/1MOu 4UdmuNIpABEBAAHCwXYEGAEKACAWIQTkfA3NJ2jfoTj83NbGfJGBs4k/sAUCYqnvVgIbDAAK CRDGfJGBs4k/sAQUD/4xIZxwGDsBc3mf4qnahCEAN3NjyhI/9q2oFGzyN0t9ifh7u7HD5R0F 5WdI2JnOnW3Bjl3YnsMfLg9wHnsT3R1xresf59wXuKQ7UIpqPfMXLZnHtaUP5bmpETvkvybN f0zkekbU27chbmiAOyDB3ApsFQ7lqwvOO0K3+sx94ROsJwb+MDpjGAOewVPk7V0br0twFo2R 5/vtp8cNCg/lKlqWDmJ0fWipxazSzVAMDxn+ci0DB5o5UyHhxc8WgXXLl7t22m7b6kVZ0EKN oEPa7/TvIj1wVDFUFrEMEuJFBMDqZDLdBMZzEsq7O0sHaGifiy0zHRE7Eyfo+9sV0ccSWdeE f5GjoKLtR7MlJ+I9IfHuCl++Gxa+MM8yXfn/tk7vcsGJhewrqqTlvnpMuITCmdTJymgnKS/B jSDDKjgRsZLLzhkE+dVTBZRkHFOGf9rV8+JQRYwqZVIjIEln6EZdfOQIKPll4EY19f9stj7h ptM9jXDTBm4MBxdCdWIRsU19w4TqvitioADjMSZ1MYqQlS6pWQI9tDMJ/mLqKcWrHhar6rwv v/gTpsbePtVR2GkWMjEHE1VS1LKmr+UcWFu3MJIHMd4DFnypp1n1cY+u0emp93JUMDMqa79F G+6Sbeaw5G+/fx8S4hpw63SiA1x8c5PMjKGwx5G4ZZfNwT+mAi6dHA== To: bug-guix@HIDDEN Subject: Guix-Jupyter download directive: "Operation not permitted" Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4Tsy6s72Ztz9scm Received-SPF: pass client-ip=2001:67c:2050:0:465::202; envelope-from=troy@HIDDEN; helo=mout-p-202.mailbox.org X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.3 (-) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -2.3 (--) Hi Guix-Jupyter, Please let me know if this is the right location to file a bug. Since I don't have an account on gitlab.inria.fr, I can't file an issue there. In any case, the ;;guix download directive assumes the ability to hard link from the gnu store to your tmp directory. This killed the Guix kernel and returned an "Operation not permitted" error in my Jupyter console. As it turns out, there is a kernel parameter called "fs.protected_hardlinks" which prevents the creation of hard links by users that do not own the source. Since my gnu store is root owned and I run Jupyter as non-root (hence creating the container in the tmp directory as non-root), this fails. For my system "fs.protected_hardlinks" was set to 1 by default. Setting it to 0 fixes the problem. However, I am not convinced hard linking is the right solution anyway. For one, it is not uncommon to have tmp and the gnu store living on different volumes (which seems to be fixed upstream, but not tagged yet). Copying would be an improvement, as it circumvents these issues, but with the obvious downside that it duplicates all the data. I was thinking it might make more sense to bind mount the file into the container. This would solve the above issues, but not duplicate the data. The raw data would then be completely immutable, however, I do not see this as a downside, since treating raw data as immutable is already a good practice. WDYT? Best wishes, Troy
Troy Figiel <troy@HIDDEN>:bug-guix@HIDDEN.
Full text available.bug-guix@HIDDEN:bug#69708; Package guix.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.