this post was submitted on 06 Apr 2024
6 points (100.0% liked)

Nix / NixOS

1753 readers
41 users here now

Main links

Videos

founded 1 year ago
MODERATORS
 

Hi all,

For my sins I've been attempting to build my nix configuration on my build server and subsequently push it into a binary cache.

I'm having an issue where the build is currently failing with the following error

error: home directory '/homeless-shelter' exists; please remove it to assure purity of builds without sandboxing

The build is being run on a docker image node:20-bullseye to be precise with the following command.

nix build .#nixosConfigurations.${{ matrix.machine.host }}.config.system.build.toplevel

Any thoughts would be greatly appreciated.

Edit.

Should have mentioned I've ran up the image with docker run and the directory didn't exist

Edit 2.

This is also about 23 minutes into the build when it throws this error; after having built a lot of packages and derivations already. I'm also using cachix/nix-install-action to get nix on the running container.

Edit 3.

Finally got it building this morning, I haven't dug into it but switching from the cachix/nix-install-action to manually installing the determinate systems nix installer (action didn't work for a strange reason).

you are viewing a single comment's thread
view the rest of the comments
[โ€“] Corbin@programming.dev 2 points 7 months ago* (last edited 7 months ago) (1 children)

Either pick a build image that doesn't have /homeless-shelter, like nixos/nix, or remove it with something like:

# UNTESTED
RUN rmdir /homeless-shelter

The root cause is that your build filesystem is dirty. When Nix sandboxes a build, it runs the builders as nobody, a permissionless user with no home directory. On Linux, users with no home directory get their $HOME set to /homeless-shelter, and Nix relies on this directory not existing.

[โ€“] letThemPlay@lemmy.one 2 points 7 months ago

That's the weird thing I've run up the image and the directory isn't there. I did try a similar command in my ci.yml but it didn't work.