GNU bug report logs - #79321
A pile of problems with unprivileged Guix daemon and 'guix gc'

Previous Next

Package: guix;

Reported by: "Zack Weinberg" <zack <at> owlfolio.org>

Date: Tue, 26 Aug 2025 21:19:02 UTC

Severity: normal

Full log

Message #11 received at 79321 <at> debbugs.gnu.org (full text, mbox):

From: "Zack Weinberg" <zack <at> owlfolio.org>
To: Rutherther <rutherther <at> ditigal.xyz>, help-guix <at> gnu.org,
 79321 <at> debbugs.gnu.org
Subject: Re: A pile of problems with unprivileged Guix daemon and 'guix gc'
Date: Wed, 27 Aug 2025 11:24:32 -0400

On Wed, Aug 27, 2025, at 2:23 AM, Rutherther wrote:
> On August 26, 2025 11:17:22 PM GMT+02:00, Zack Weinberg wrote:
>># guix gc
>>guix gc: error: making `var/empty' writable: Operation not permitted
>>
>>Well yeah! /var/empty is supposed to be empty at all times!  Is this
>>not how it's supposed to be?
>>
>># ls -ld /var/empty
>>dr-xr-xr-x 2 root root 4096 Jul 22  2024 /var/empty/
>>
>>But if I set it to be world-writable I still get the same error.  In
>>fact, even if I make it *owned by guix-daemon*, I still get the same
>>error!
>
> I think that resolving the /var/guix permissions might solve this issue 
> as well. The error says var/empty, not /var/empty, implying it is under 
> whatever the guix daemon's pwd is. 

The guix daemon's pwd is '/'.

> Well, I unfortunately am just on 
> phone and since recently I decided to try update emacs on it and ended 
> up with emacs without git or anything, I cannot check now what file it 
> is actually trying to create from source like I usually would (with 
> search feature).

I happen to have a full checkout of Guix on my workstation.   The computer
with all the problems was stuck on an old Guix (because unattended-upgrade
failed because the store had consumed all available disk space); if I'm
interpreting the contents of the old system profile correctly,
it was stuck on commit b7ac124f3cfadca9a6fc9829628f84c9d9d1b27b.

The string "var/empty" does not appear anywhere in the Guix source tree,
except as part of "/var/empty", either on that commit or the tip of
master (currently commit aad612c143e19c1a4b64ae066a1fdfbe16c71226).

I'm reluctant to screw with permissions without understanding what
actually went wrong here.

> PS: please dont send same emails both to guix help and bug guix. This 
> means anyone who replies all will make a new bug report! Omitting the 
> fact that this bug tracker is deprecated in favor of codeberg issues, 
> you should rather use X-Debbugs-Cc to let debbugs send the email with 
> proper email address to reply to - id of the bug. 

So noted.

zw
This bug report was last modified 12 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.