3

I'm trying to use nix on repl.it. I'm using static-nix from https://matthewbauer.us/blog/static-nix.html. If I run the following code:

mkdir -p "$HOME/.cache/nix/"
curl https://matthewbauer.us/nix > "$HOME/.cache/nix/nix.exe"
cat "$HOME/.cache/nix/nix.exe" | bash -s run --no-sandbox --store "$HOME/.cache/nix/store" -f channel:nixpkgs-unstable bash graphviz -c sh -c 'dot --help'

I get this error:

error: setting up a private mount namespace: Operation not permitted

I tried --no-sandbox, --option sandbox false and --option build-use-sandbox false, none of these have any effect on the error.

This is executed as non-root on a machine for which it is not possible for me to change kernel settings.

Here's a REPL reproducing the issue (it runs for a short while before displaying the error): https://repl.it/@suzannesoy/AgonizingWittyCoding#main.sh

Suzanne Soy
  • 3,027
  • 6
  • 38
  • 56
  • This is most likely needed for `--store` – Sebastian Ullrich Feb 24 '21 at 12:04
  • 2
    Thanks for pointing this out… I was using `--store` precisely because I don't have root access… if root is needed to use `--store`, I'm stuck in a loop :) . I thought Nix would rebuild everything as needed using a different --prefix, instead of trying to bind mount the store to /nix/store… IIRC that was the behaviour a while ago :-/ – Suzanne Soy Feb 26 '21 at 00:07
  • 2
    `--store` (that is, unrestricted user namespaces) does not need root on mainline Linux, but apparently on that platform it does. To outright change the store path prefix, I believe you have to rebuild Nix from source. – Sebastian Ullrich Feb 27 '21 at 09:43
  • You might also be interested in https://discourse.nixos.org/t/nix-portable-nix-static-permissionless-install-free-pre-configured/11719 – Sebastian Ullrich Mar 03 '21 at 14:21

0 Answers0