> Gary Johnson <[email protected]> writes: > > Hi Guix, > > I just ran into an extremely odd error today when I tried to include the > iproute2 package in a Guix container created with the --emulate-fhs (-F) > option. > > ============================================================= > > $ guix shell -CFN iproute2 > guix shell: error: symlink: File exists: "/etc/group" > > ============================================================= > > If I drop the -F option, it works fine, but for my use case, I need to be in > an FHS-emulating container. Any idea how to fix this?
>Rutherther <[email protected]> writes: > > I think this is a bug of `(@ (guix scripts environment) > launch-environment/container)` that doesn't take into account those > files could already exist. This problem will arise even with other > files. I think the easiest solution would be to modify it to > remove those files if they exist already before the script tries to > create them. > > Rutherther Thanks to the folks who responded to my original question. As I look a bit closer though, it looks like the /etc/group file in the iproute2 package might simply be problematic. First, let's look at the /etc/group file that is created by `guix shell --container`: ============================================================= $ guix shell -C coreutils -- cat /etc/group users:x:998: overflow:x:65534: ============================================================= This is the same output that we get with `guix shell --container --emulate-fhs` or `guix shell --container --emulate-fhs --network`: ============================================================= $ guix shell -CF coreutils -- cat /etc/group users:x:998: overflow:x:65534: $ guix shell -CFN coreutils -- cat /etc/group users:x:998: overflow:x:65534: ============================================================= Next, let's take a look at the /etc/group file included in the iproute2 package: ============================================================= $ cat $(guix build iproute2)/etc/group # device group names 0 default ============================================================= Well...that doesn't even look like the right format. Hmm... Now, let's include the iproute2 package in `guix shell --container` but WITHOUT the --emulate-fhs option: ============================================================= $ guix shell -CN coreutils iproute2 -- cat /etc/group users:x:998: overflow:x:65534: ============================================================= Okay, that worked fine, and the /etc/group injected by the container environment appears to have overwritten the invalid(?) /etc/group from the iproute2 package. Now, let's add the --emulate-fhs option to our command: ============================================================= $ guix shell -CFN coreutils iproute2 -- cat /etc/group guix shell: error: symlink: File exists: "/etc/group" ============================================================= Here that funky /etc/group file from iproute2 presumably conflicts with the built-in /etc/group provided by the container environment. So it seems as though the --emulate-fhs option triggers a different pathway for initializing /etc that doesn't override the /etc/group in iproute2. This feels like a bug to me. Of course, the inclusion of that strangely formatted /etc/group file in the iproute2 package also feels like a bug to me. Does anyone have any thoughts on how to proceed here? Thanks, Gary -- GPG Key ID: C4FBEDBD Use `gpg --search-keys [email protected]' to find me Protect yourself from surveillance: https://emailselfdefense.fsf.org ======================================================================= () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments Why is HTML email a security nightmare? See https://useplaintext.email/ Please avoid sending me MS-Office attachments. See http://www.gnu.org/philosophy/no-word-attachments.html
