Nixpkgs: Error updating nix store on NFS: removing extended attribute ‘system.nfs4_acl’

Created on 25 Sep 2017  Â·  14Comments  Â·  Source: NixOS/nixpkgs

Issue description

Was about to update my nix-store a Fedora 25 workstation:

$ nix-channel --update
downloading Nix expressions from ‘https://d3g5gsiof5omrk.cloudfront.net/nixpkgs/nixpkgs-18.03pre116369.14cbeaa892/nixexprs.tar.xz’...
downloading ‘https://d3g5gsiof5omrk.cloudfront.net/nixpkgs/nixpkgs-18.03pre116369.14cbeaa892/nixexprs.tar.xz’... [8991/9145 KiB, 640.3 KiB/s]
$ nix-env -u
error: removing extended attribute ‘system.nfs4_acl’ from ‘/nix/store/ijxblasjbl4l53gd3cg3q49ci8nh6wj1-env-manifest.nix’: Input/output error

This used to work for years.

The store is located on an NFSv4 mount served over network. Its location is
~/.nix-store, bind-mounted at login to /nix.

Steps to reproduce

# set up nix and nixpkgs; then
$ nix-channel --update
$ nix-env -u

Technical details

  • System: (NixOS: nixos-version, Ubuntu/Fedora: lsb_release -a, ...)

    $ uname -a
    Linux drift.m.i2n 4.12.11-200.fc25.x86_64 #1 SMP Fri Sep 8 11:44:51 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

  • Nix version: (run nix-env --version)

    $ nix-env --version
    nix-env (Nix) 1.11.14

  • Nixpkgs version: (run nix-instantiate --eval '<nixpkgs>' -A lib.nixpkgsVersion)

    $ nix-instantiate --eval '' -A lib.nixpkgsVersion
    "18.03pre114739.d0d905668c"

  • Sandboxing enabled: (run grep build-use-sandbox /etc/nix/nix.conf)

Does not apply: Not NixOS.

picture phi-gamma
👍2

All 14 comments

Probably caused by NixOS/nix@d798349ede3d6eb6e92a2e4f95f6b2179407ceb9.

edolstra picture edolstra on 25 Sep 2017

Looks like. Anything I can do?

phi-gamma picture phi-gamma on 25 Sep 2017

We can probably ignore system.nfs4_acl, as with security.selinux, but we'd have to be sure that this leaves no ACLs behind...

edolstra picture edolstra on 25 Sep 2017

Could this be made configurable? I imagine other situations may arise where users need to whitelist attributes because of an exotic setup.

phi-gamma picture phi-gamma on 26 Sep 2017
👍1

Just having the same problem on a Lustre file system:

error: removing extended attribute ‘lustre.lov’ from ‘/nix/store/y2y67fng7drrqlgfwf92mlf62lmgg7zj-perl-5.24.3/bin/perl5.24.3’: Permission denied
knedlsepp picture knedlsepp on 16 Nov 2017

Hello,
Any news? Because of that error I can't even install nix.

tobiasBora picture tobiasBora on 12 Mar 2018

@tobiasBora If you are willing to compile it manually, you can apply the patch supplied by phi-gamma. I've had success with that solution.
After bootstrapping, the following .config/nixpkgs/config.nix might be what you need:

{ 
  packageOverrides = pkgs: {
    nix = pkgs.nix.overrideAttrs(oldAttrs: {
      prePatch = ''
        substituteInPlace src/libstore/local-store.cc \
          --replace '(eaName == "security.selinux")' \
                    '(eaName == "security.selinux" || eaName == "system.nfs4_acl")'
      '';
    });
  };
}
knedlsepp picture knedlsepp on 12 Mar 2018
👍1

@knedlsepp : Thank you for the tip, but do you have any idea why this fix is not included upstream?

tobiasBora picture tobiasBora on 12 Mar 2018
👍1

I'm having this issue in nix 2.0.2, which I just built manually from source. I'm confused as to how to apply the workaround @knedlsepp mentioned (since I'm just learning how to use nix); it looks like after dropping that file (in my home directory? Or somewhere in my nix store or state directories?) I need to use nix to rebuild nix. Is that likely to work if I can't update the channels? And how would I go about doing that?

EDIT: I applied the patch at #1584 by manually patching the nix source and rebuilding. Now I have a new error to solve.

adamnovak picture adamnovak on 31 May 2018

I'm having this error in Nix 2.1.3 with a CephFS filesystem:

error: removing extended attribute 'ceph.dir.entries' from ...: Operation not supported

I'd also appreciate if this were made configurable, since indiscriminately removing xattrs from files can cause problems in unusual setups.

thomasjm picture thomasjm on 26 Jul 2019

Is this error related https://github.com/NixOS/nixpkgs/issues/71900 ?

v217 picture v217 on 24 Oct 2019

Is there an _easier_ workaround like granting the chattr rights to the user, who does the single-user-installation of /nix in ubuntu?
sudo nix-env ... does not work.

v217 picture v217 on 25 Oct 2019

Thank you for your contributions.
This has been automatically marked as stale because it has had no activity for 180 days.
If this is still important to you, we ask that you leave a comment below. Your comment can be as simple as "still important to me". This lets people see that at least one person still cares about this. Someone will have to do this at most twice a year if there is no other activity.
Here are suggestions that might help resolve this more quickly:

  1. Search for maintainers and people that previously touched the
    related code and @ mention them in a comment.
  2. Ask on the NixOS Discourse. 3. Ask on the #nixos channel on
    irc.freenode.net.
stale[bot] picture stale[bot] on 1 Jun 2020

Still important to me. I have the same issue but with btrfs.compression.

ymarco picture ymarco on 12 Oct 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

yawnt picture yawnt  Â·  3Comments
spacekitteh picture spacekitteh  Â·  3Comments
tomberek picture tomberek  Â·  3Comments
matthiasbeyer picture matthiasbeyer  Â·  3Comments
ob7 picture ob7  Â·  3Comments