[Nix#9579] Permission denied error when building symlink derivation #195

New issue

Closed

opened 2024-03-28 19:33:46 +00:00 by lix-bot · 5 comments

lix-bot commented

2024-03-28 19:33:46 +00:00

Member

Upstream-Issue: NixOS/nix#9579

Describe the bug

My apologies if this is already fixed on master branch, but I couldn't identify any particular issue or PR which describes this issue.

Nix 1.19.2 fails to build a derivation containing a symlink to store path.

# test-symlink.nix
{ local ? "/home/rodney/ops/nixpkgs"
, pkgs ? import local {}
}: rec {
  direct-symlink = pkgs.runCommand "direct-symlink" {} ''
    ln -vs ${local}/.version $out
  '';
  indirect-symlink = pkgs.runCommand "indirect-symlink" {} ''
    ln -vs ${direct-symlink} $out
  '';
}

Steps To Reproduce

The error message is:

rodney@tethys:~/ops/nixpkgs % nix build --experimental-features "nix-command" -f test-symlink.nix && readlink -f result*
warning: Nix search path entry '/nix/var/nix/profiles/per-user/root/channels' does not exist, ignoring
warning: Ignoring setting 'auto-allocate-uids' because experimental feature 'auto-allocate-uids' is not enabled
warning: Ignoring setting 'impure-env' because experimental feature 'configurable-impure-env' is not enabled
error:
       … while setting up the build environment

       error: getting attributes of path '/nix/store/ws9yl6ph10v79gx4p9ilhyxg214xf7i7-direct-symlink': Permission denied

Expected behavior

I expected both derivations to build and for the resulting store paths to be resolvable symlinks.

This is what happens with nix-2.18.1:

rodney@tethys:~/ops/nixpkgs % nix build --experimental-features "nix-command" -f test-symlink.nix && readlink -f result*
warning: Nix search path entry '/nix/var/nix/profiles/per-user/root/channels' does not exist, ignoring
/home/rodney/ops/nixpkgs/.version
/home/rodney/ops/nixpkgs/.version

nix-env --version output

This is the nixUnstable package, corresponding to revision 2c7f3c0fb7c08a0814627611d9d7d45ab6d75335 of nixpkgs.

nix (Nix) 2.19.2

Additional context

Introduced by

https://github.com/nixos/nix/pull/8965

You might ask, why build such a silly derivation? Well, it's how mkOutOfStoreSymlink works under home-manager.

See: https://github.com/nix-community/home-manager/issues/4692

Priorities

Add 👍 to issues you find important.

Upstream-Issue: https://git.lix.systems/NixOS/nix/issues/9579 **Describe the bug** My apologies if this is already fixed on master branch, but I couldn't identify any particular issue or PR which describes this issue. Nix 1.19.2 fails to build a derivation containing a symlink to store path. ```nix # test-symlink.nix { local ? "/home/rodney/ops/nixpkgs" , pkgs ? import local {} }: rec { direct-symlink = pkgs.runCommand "direct-symlink" {} '' ln -vs ${local}/.version $out ''; indirect-symlink = pkgs.runCommand "indirect-symlink" {} '' ln -vs ${direct-symlink} $out ''; } ``` **Steps To Reproduce** The error message is: ``` rodney@tethys:~/ops/nixpkgs % nix build --experimental-features "nix-command" -f test-symlink.nix && readlink -f result* warning: Nix search path entry '/nix/var/nix/profiles/per-user/root/channels' does not exist, ignoring warning: Ignoring setting 'auto-allocate-uids' because experimental feature 'auto-allocate-uids' is not enabled warning: Ignoring setting 'impure-env' because experimental feature 'configurable-impure-env' is not enabled error: … while setting up the build environment error: getting attributes of path '/nix/store/ws9yl6ph10v79gx4p9ilhyxg214xf7i7-direct-symlink': Permission denied ``` **Expected behavior** I expected both derivations to build and for the resulting store paths to be resolvable symlinks. This is what happens with nix-2.18.1: ``` rodney@tethys:~/ops/nixpkgs % nix build --experimental-features "nix-command" -f test-symlink.nix && readlink -f result* warning: Nix search path entry '/nix/var/nix/profiles/per-user/root/channels' does not exist, ignoring /home/rodney/ops/nixpkgs/.version /home/rodney/ops/nixpkgs/.version ``` **`nix-env --version` output** This is the `nixUnstable` package, corresponding to revision 2c7f3c0fb7c08a0814627611d9d7d45ab6d75335 of nixpkgs. ``` nix (Nix) 2.19.2 ``` **Additional context** Introduced by - https://github.com/nixos/nix/pull/8965 You might ask, why build such a silly derivation? Well, it's how `mkOutOfStoreSymlink` works under home-manager. See: https://github.com/nix-community/home-manager/issues/4692 **Priorities** Add :+1: to [issues you find important](https://github.com/NixOS/nix/issues?q=is%3Aissue+is%3Aopen+sort%3Areactions-%2B1-desc).