Nixpkgs: uid-map gets corrupted by Unicode usernames
/var/lib/nixos/uid-map seems to get corrupted by usernames containing Unicode characters. With every boot and nixos-rebuild switch, the size of the file increases. On my live system, this file grew to 2.1GB.
While running nixos-rebuild switch, update-users-groups.pl will rapidly increase in memory usage (using up all ~62GB of RAM available) until triggering the OOM killer, thus terminating the build process.
In my case, I had created a user with the name of ๐ (U+1F61B), but quickly removed it with the next build. Several rebuilds and reboots later, my system became increasingly slow to boot (1+ min). After trying to fix the issue (several rebuilds later), booting/rebuilding would take 5+ minutes.
When trying to boot, the system would hang on "running activation script..." at the beginning of stage 2.
Artifacts:
/var/lib/nixos/uid-map after running nixos-rebuild build-vm then launching the VM a couple times (4-5):
hexdump -C /var/lib/nixos/uid-map: uid-map-corrupted.hexdump.bin- raw file: uid-map-corrupted.raw.bin
Steps to reproduce:
- Add user
๐to users.users:
{ lib, config, pkgs, ... }:
{
# ...
users.users.myuser = { uid = 1000; extraGroups = [ "wheel" "docker" "libvirtd" ]; };
users.users."๐" = { uid = 1001; };
}
nixos-rebuild build-vm- Execute the generated run-vm script
- In the VM, observe the file size with
du -b /var/lib/nixos/uid-map - Repeat from step 2 until system/build becomes unresponsive
Thanks to @cleverca22 for helping me figure this out.
LouisTakePILLz
All 8 comments
Hello, I'm a bot and I thank you in the name of the community for opening this issue.
To help our human contributors focus on the most-relevant reports, I check up on old issues to see if they're still relevant. This issue has had no activity for 180 days, and so I marked it as stale, but you can rest assured it will never be closed by a non-human.
The community would appreciate your effort in checking if the issue is still valid. If it isn't, please close it.
If the issue persists, and you'd like to remove the stale label, you simply need to leave a comment. Your comment can be as simple as "still important to me". If you'd like it to get more attention, you can ask for help by searching for maintainers and people that previously touched related code and @ mention them in a comment. You can use Git blame or GitHub's web interface on the relevant files to find them.
Lastly, you can always ask for help at our Discourse Forum or at #nixos' IRC channel.
![stale[bot] picture](https://avatars3.githubusercontent.com/in/1724?v=4&s=40)
stale[bot]
on 17 Aug 2020
Still relevant
LouisTakePILLz
on 17 Aug 2020
This issue has been mentioned on NixOS Discourse. There might be relevant details there:
https://discourse.nixos.org/t/running-activation-script-takes-several-minutes/9085/7
nixos-discourse
on 22 Sep 2020
just cc'ing some people @Mic92 @Ma27 @aanderse @volth as I don't know perl
jonringer
on 22 Sep 2020
ping @stigtsp as well.
aanderse
on 22 Sep 2020
In long-term we should consider using https://systemd.io/USERDB_AND_DESKTOPS/ which is close to the concept of our database and also compatible with the rest of the Linux ecosystem.
Mic92
on 23 Sep 2020
I noticed when testing the example configuration of https://github.com/NixOS/nixpkgs/issues/80426#issue-566802577 in nixos-shell that it tries to remove the user on every activation:
% /nix/store/hk1np5bxy22awzdkb1hclvqiai5y23dm-nixos-system-nixos-21.03.git.3a3da0950d5/activate test
removing user โ๐โ
setting up /etc...
$ /nix/store/hk1np5bxy22awzdkb1hclvqiai5y23dm-nixos-system-nixos-21.03.git.3a3da0950d5/activate test
removing user โ๐โ
setting up /etc...
For simplicity it should tried the user name as a series of bytes instead of trying to decode it.
Mic92
on 23 Sep 2020
Mic92
on 23 Sep 2020
Related issues
ThomasMader
ยท
65Comments
tfc
ยท
68Comments
Infinisil
ยท
146Comments
joepie91
ยท
102Comments
purefn
ยท
68Comments
Most helpful comment
Fixed by https://github.com/NixOS/nixpkgs/pull/98544