Obě strany předchozí revizePředchozí verze | Následující verzeObě strany příští revize |
navody:distribuce:nixos [2017/10/14 03:04] – mention future seccomp config option jtojnar | navody:distribuce:nixos [2017/10/31 08:48] – [Common issues] ssh, systemd232/233 rmarko |
---|
| |
==== Common issues ==== | ==== Common issues ==== |
| |
| === SSH public key deployment fails === |
| |
| This can occur on first boot of the template when there's no ''/root'' yet. Disable automatic key deployment and deploy key manually **after** the containers boot. |
| |
=== error: while setting up the build environment: unable to load seccomp BPF program: Invalid argument === | === error: while setting up the build environment: unable to load seccomp BPF program: Invalid argument === |
| |
<code> | <code> |
nix.package = (import (pkgs.fetchFromGitHub { | nix.package = (import (pkgs.fetchFromGitHub { |
owner = "NixOS"; | owner = "NixOS"; |
repo = "nixpkgs"; | repo = "nixpkgs"; |
rev = "300fa462b31ad2106d37fcdb4b504ec60dfd62aa"; | rev = "300fa462b31ad2106d37fcdb4b504ec60dfd62aa"; |
sha256 = "1cbjmi34ll5xa2nafz0jlsciivj62mq78qr3zl4skgdk6scl328s"; | sha256 = "1cbjmi34ll5xa2nafz0jlsciivj62mq78qr3zl4skgdk6scl328s"; |
}) {}).nix; | }) {}).nix; |
</code> | </code> |
| |
In the future, it will be possible to [[https://github.com/NixOS/nix/commit/1dd29d7aebae706f3e90a18bbfae727f2ed03c70|disable seccomp usage]]. | In the future, it will be possible to [[https://github.com/NixOS/nix/commit/1dd29d7aebae706f3e90a18bbfae727f2ed03c70|disable seccomp usage]]. |
| |
| === systemd 233+ compatibility issues === |
| |
| Causes boot failures, workaround is pinning systemd to version 232: |
| <code> |
| nixpkgs.config.packageOverrides = super: |
| let systemdGperfCompat = super.systemd.override { gperf = super.gperf_3_0; }; |
| in { |
| systemd = systemdGperfCompat.overrideAttrs ( oldAttrs: rec { |
| version = "232"; |
| name = "systemd-${version}"; |
| src = pkgs.fetchFromGitHub { |
| owner = "nixos"; |
| repo = "systemd"; |
| rev = "66e778e851440fde7f20cff0c24d23538144be8d"; |
| sha256 = "1valz8v2q4cj0ipz2b6mh5p0rjxpy3m88gg9xa2rcc4gcmscndzk"; |
| }; |
| }); |
| }; |
| </code> |
| |
| ==== Details ==== |
| |
| Log contents |
| <code> |
| Failed to canonicalize path /etc/systemd/system/local-fs.target.d: Too many levels of symbolic links |
| |
| $ journalctl -o verbose |
| _EXE=/nix/store/n5ksbh1hx275zfbqbalhghzpxp1w73lf-systemd-234/lib/systemd/systemd |
| _CMDLINE=/run/current-system/systemd/lib/systemd/systemd --system --deserialize 19 |
| CODE_FILE=src/shared/dropin.c |
| CODE_LINE=133 |
| CODE_FUNC=unit_file_find_dir |
| ERRNO=40 |
| MESSAGE=Failed to canonicalize path /etc/systemd/system/local-fs.target.d: Too many levels of symbolic links |
| |
| $ # strace output |
| open("/etc/systemd/system/local-fs.target", O_RDONLY|O_NOCTTY|O_NOFOLLOW|O_CLOEXEC) = -1 ELOOP (Too many levels of symbolic links) |
| readlinkat(AT_FDCWD, "/etc/systemd/system/local-fs.target", "/nix/store/n5ksbh1hx275zfbqbalhg"..., 99) = 94 |
| open("/nix/store/n5ksbh1hx275zfbqbalhghzpxp1w73lf-systemd-234/example/systemd/system/local-fs.target", O_RDONLY|O_NOCTTY|O_NOFOLLOW|O_CLOEXEC) = 12 |
| fcntl(12, F_GETFL) = 0xa8000 (flags O_RDONLY|O_LARGEFILE|O_NOFOLLOW|O_CLOEXEC) |
| fstat(12, {st_mode=S_IFREG|0444, st_size=507, ...}) = 0 |
| fstat(12, {st_mode=S_IFREG|0444, st_size=507, ...}) = 0 |
| getpid() = 1 |
| fstat(12, {st_mode=S_IFREG|0444, st_size=507, ...}) = 0 |
| read(12, "# This file is part of systemd."..., 512) = 507 |
| open("/dev/urandom", O_RDONLY|O_NOCTTY|O_CLOEXEC) = 13 |
| read(13, "\26\265jV\260\276\7\3300\22J\264m~j\37", 16) = 16 |
| close(13) = 0 |
| read(12, "", 512) = 0 |
| close(12) = 0 |
| open("/", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|0x200000) = 12 |
| openat(12, "etc", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|0x200000) = 13 |
| fstat(13, {st_mode=S_IFDIR|0755, st_size=50, ...}) = 0 |
| close(12) = 0 |
| openat(13, "systemd", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|0x200000) = 12 |
| fstat(12, {st_mode=S_IFDIR|0755, st_size=10, ...}) = 0 |
| close(13) = 0 |
| openat(12, "system", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|0x200000) = -1 ELOOP (Too many levels of symbolic links) |
| close(12) = 0 |
| writev(3, [{"Failed to canonicalize path /etc"..., 104}, {"\n", 1}], 2) = 105 |
| open("/", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|0x200000) = 12 |
| openat(12, "etc", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|0x200000) = 13 |
| fstat(13, {st_mode=S_IFDIR|0755, st_size=50, ...}) = 0 |
| close(12) = 0 |
| openat(13, "systemd", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|0x200000) = 12 |
| fstat(12, {st_mode=S_IFDIR|0755, st_size=10, ...}) = 0 |
| close(13) = 0 |
| openat(12, "system", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|0x200000) = -1 ELOOP (Too many levels of symbolic links) |
| close(12) = 0 |
| writev(3, [{"Failed to canonicalize path /etc"..., 100}, {"\n", 1}], 2) = 101 |
| open("/etc/systemd/system/emergency.target", O_RDONLY|O_NOCTTY|O_NOFOLLOW|O_CLOEXEC) = -1 ELOOP (Too many levels of symbolic links) |
| readlinkat(AT_FDCWD, "/etc/systemd/system/emergency.target", "/nix/store/n5ksbh1hx275zfbqbalhg"..., 99) = 95 |
| open("/nix/store/n5ksbh1hx275zfbqbalhghzpxp1w73lf-systemd-234/example/systemd/system/emergency.target", O_RDONLY|O_NOCTTY|O_NOFOLLOW|O_CLOEXEC) = 12 |
| fcntl(12, F_GETFL) = 0xa8000 (flags O_RDONLY|O_LARGEFILE|O_NOFOLLOW|O_CLOEXEC |
| </code> |