-
-
Notifications
You must be signed in to change notification settings - Fork 13.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
p11-kit fails to build locally on non-NixOS systems (single-user install) due to failing tests on master #96715
Comments
This is labeled as a channel blocker because p11-kit is in the gnome3 closure. |
I couldn't reproduce this @mjlbach on NixOS 20.09
|
@worldofpeace Thanks for checking, I'm not sure what it could be about my local system then. I can try to debug/test on a couple vms. edit: I've reproduced now on two non-nixos systems (fedora 32 and ubuntu 18.04) |
@mjlbach Yeah, from looking at https://hydra.nixos.org/job/nixpkgs/trunk/p11-kit.x86_64-linux it seems on nixos linux the build is successful. We actually happen to have the tests on darwin disabled (perhaps for a similar reason). I'm not sure there's a way to detect in stdenv non-nixos linux to disable the test as well. Though there could be an actual issue. |
Updated the issue title and description to make it more clear this does not affect NixOS, but rather linux systems using nix. |
One option would be to have an "allowlist" for tests. Something like (not sure if this is the right platform name)
Although i'm curious why exactly it fails on non-nixos systems. |
My $ nix eval -f '<nixpkgs>' hostPlatform.system
"x86_64-linux" which I assume is the same as non-NixOS. |
Yes, that's what I was hoping was not the case (my nixos machine is unfortunately inaccessible right now) . Maybe there should be a stdenv.isNixOS... Not sure how widespread these sorts of failures are. |
Based on looking at the |
Yes, that seems to be the case:
Although this seems to be standard for systemd managed systems? (ubuntu, fedora, etc.) |
Actually, the callers of |
|
I'm not sure how to verify that, but based on the issue description I tried
And still reproduced my issue |
This doesn't block a channel, right? |
BTW, I don't reproduce the issue on my sandboxed non-NixOS builder (Ubuntu 18.04 as well) or a NixOS one; both have nosuid /tmp. Current master, result |
Yep, I forgot to unlabel it. |
@vcunat Thanks for the info. Are you using a single or multi-user install? I have sandboxing (explicitly) enabled on both the ubuntu and fedora vms, but it's installed via single-user (not sure if this matters, but I have no idea what other substantive difference there could be). |
Yes, multi-user. |
I've confirmed this issue only affects systems in single-user install. |
One issue is that in order to use multi-user installs on redhat based linux distributions, it seems you have to disable SELinux |
I marked this as stale due to inactivity. → More info |
I think I might be running into this issue too (single-user install, Ubuntu).
|
It sounds OK to me to just disable this problematic tests (in nixpkgs), if it helps some users. Feel free to try that out and send a pull request. |
The two problematic tests are I think the next option is to patch the |
Yes, that does sound OK to me. |
Looks like this was actually done in p11-glue/p11-kit#17 precisely to work around this problem. And apparently, you also made a PR to skip the tests that need suid on nosuid file systems: p11-glue/p11-kit#319 So I would expect this to be resolved. Maybe @jonathanlking is experiencing a different issue? |
Looking at the diff, maybe we need to bring back the |
@jtojnar good spot, thanks! |
Describe the bug
p11-kit builds on nixos/hydra, but fails on non-nixos systems in single-user installs (not multi-user) due to failing test.
Similar issue: #72838
To Reproduce
Steps to reproduce the behavior:
nix-shell -I nixpkgs=https://github.com/nixos/nixpkgs/archive/master.tar.gz -p p11-kit --check
Expected behavior
p11-kit succeeded on hydra, so I assumed it would succeed locally
Additional context
I ran into this issue trying to review #94637
Notify maintainers
None, recent/involved: @worldofpeace @FRidh
Metadata
The text was updated successfully, but these errors were encountered: