GNU bug report logs - #45069
BUG: Re: guix environment: error: cannot create container: unprivileged user cannot create user namespaces

Previous Next

Full log

View this message in rfc822 format

From: zimoun <zimon.toutoune <at> gmail.com>
To: yasu <at> yasuaki.com, 45069 <at> debbugs.gnu.org, pgarlick <at> tourbillion-technology.com, pjotr.public12 <at> thebird.nl
Cc: Guix Devel <guix-devel <at> gnu.org>
Subject: bug#45069: BUG: Re: guix environment: error: cannot create container: unprivileged user cannot create user namespaces
Date: Sun, 06 Dec 2020 17:56:56 +0100

Hi,

Please try the recommendation. Have you tried it?

  please set /proc/sys/kernel/unprivileged_userns_clone to "1"

As root, you just do:

  echo 1 > /proc/sys/kernel/unprivileged_userns_clone

then “guix environment -C” should work as expected.  To do the trick
automatically with Sheperd, I do not know, but I am sure that the
systemd equivalent 

  echo "kernel.unprivileged_userns_clone = 1" > /etc/sysctl.d/local.conf
  sysctl --system

seems doable with Guix System.


On my system, and I need explanations if it does not work similarly on
yours, I simply do:

--8<---------------cut here---------------start------------->8---
$ guix environment -C --ad-hoc hello -- hello 
guix environment: error: cannot create container: unprivileged user cannot create user namespaces
guix environment: error: please set /proc/sys/kernel/unprivileged_userns_clone to "1"

$ su -
Password:
# echo 1 > /proc/sys/kernel/unprivileged_userns_clone 
# logout

$ guix environment -C --ad-hoc hello -- hello 
Hello, world!
--8<---------------cut here---------------end--------------->8---

Hope that helps,
simon

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.