GNU bug report logs - #78355
guix-ownership inconsistent state

Previous Next

Package: guix;

Reported by: Rutherther <rutherther <at> ditigal.xyz>

Date: Sat, 10 May 2025 15:35:01 UTC

Severity: normal

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Ludovic Courtès <ludo <at> gnu.org>
To: Rutherther <rutherther <at> ditigal.xyz>
Cc: 78355 <at> debbugs.gnu.org
Subject: bug#78355: guix-ownership inconsistent state
Date: Wed, 14 May 2025 22:33:09 +0200

Hi,

Rutherther <rutherther <at> ditigal.xyz> writes:

> There are reports from users with inconsistencies in ownership, it seems that at
> least /var/guix is sometimes left with wrong owner, but maybe even parts
> of the store? I cannot verify that.

Would be nice to get their reports here, otherwise we’re left
speculating.

> The guix-ownership service checks /gnu/store ownership to check if the
> whole store and all files important for the daemon (/etc/guix,
> /var/guix) are owned by the appropriate user.
>
> If the folder isn't owned by appropriate user, it moves to those steps:
> 1. Fix permissions in /gnu/store - first under it, then /gnu/store
> itself as last step
> 2. Fix /var/guix
> 3. Fix /etc/guix
> 4. Fix /var/log/guix
>
> So from those laid out steps it should be obvious that if guix-ownership
> service somehow stops between steps 1 and 2, it will never recover
> ownerships of /var/guix, /etc/guix and /var/log/guix. /gnu/store should
> change owner as last.

Well, the fundamental assumption is that ‘guix-ownership’ is not
interrupted during its work; manual intervention is needed to repair
things if it is interrupted.

I don’t see any way around that but perhaps we should warn about it more
clearly?

> On the other hand it feels much of a coincidence users would be
> consistently hitting reboots between those steps. So maybe I am
> overlooking another thing. I checked the file-system-fold, it goes to
> /gnu/store as last, so that would mean putting step 1 after 4 should fix
> that. Still, maybe only /gnu/store itself should be skipped instead of moving
> the step, and done as last, step 5 to ensure it's fine even if
> file-system-fold somehow changed the ordering? Not sure how exactly it
> should behave in that regard.

Doing /gnu/store last is a good idea because it reduces the window
during which the inconsistent state could go undetected.

Feel free to propose a patch; otherwise I’ll give it a try, but not
before next week.

Thanks,
Ludo’.
This bug report was last modified 10 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.