Improve error when can't acquire db lock#13340
Conversation
github-actions
bot
added
with-tests
src/libstore/local-store.cc
Outdated
| /* It might be more robust to check permissions earlier in this method, | ||
| but for now take the least invasive approach of providing a better error | ||
| when the database lock can't be acquired. */ |
There was a problem hiding this comment.
I wasn't sure whether an explicit check earlier in the method would be less brittle (if e.g. something earlier in the method needs to be root), but that seemed like it had more potential to break something than only changing behavior when an error's already been thrown
There was a problem hiding this comment.
Changed it a bit to just augment the existing error. Can you check?
There was a problem hiding this comment.
error:
… This command may have been run as non-root in a single-user Nix installation,
or the Nix daemon may have crashed.
error: opening lock file '/path/to/big-lock': Permission denied
There was a problem hiding this comment.
Looks good, thanks!
Add helpful context when opening the Nix database lock fails due to permission errors. Instead of just showing "Permission denied", now provides guidance about possible causes: - Running as non-root in a single-user Nix installation - Nix daemon may have crashed
| if (e.errNo == EACCES || e.errNo == EPERM) { | ||
| e.addTrace({}, | ||
| "This command may have been run as non-root in a single-user Nix installation,\n" | ||
| "or the Nix daemon may have crashed."); |
There was a problem hiding this comment.
Why would a daemon crash cause this issue?
There was a problem hiding this comment.
I had gleaned that from open issues, although maybe that's no longer the case? I just tried e.g. this reproducer and didn't get the error #3435 (comment)
There was a problem hiding this comment.
I do see the error if I sudo rm /nix/var/nix/daemon-socket/socket
| } catch (SysError & e) { | ||
| if (e.errNo == EACCES || e.errNo == EPERM) { | ||
| e.addTrace({}, | ||
| "This command may have been run as non-root in a single-user Nix installation,\n" |
There was a problem hiding this comment.
I'm confused by the tense ("may have been") here. Is the current command being run as non-root, or was a previous command run as non-root?
There was a problem hiding this comment.
I mean the current command
There was a problem hiding this comment.
we could probably also check check "isNonRootuser()" to make a more concrete error.
There was a problem hiding this comment.
I think in the general case where the file isn't owned by the current uid, we can add the hint that maybe you wanted to connect to a nix daemon instead.
There was a problem hiding this comment.
I guess we could say "you may want to start a Nix daemon", but the user doesn't really connect to the Nix daemon themselves so I don't think "you may want to connect to a Nix daemon instead" would be very helpful, because it's not actionable. Did you have something in mind?
|
@edolstra could you take another look at this? |
|
optimistic merging: additional tweaks to message can be in follow up |
Drops the patches for * NixOS/nix#12580 * NixOS/nix#12642 * NixOS/nix#13340 All three have been merged upstream in the current release of nix (v2.31.2).
Drops the patches for * NixOS/nix#12580 * NixOS/nix#12642 * NixOS/nix#13340 All three have been merged upstream in the current release of nix (v2.31.2).
Drops the patches for * NixOS/nix#12580 * NixOS/nix#12642 * NixOS/nix#13340 All three have been merged upstream in the current release of nix (v2.31.2).
Drops the patches for * NixOS/nix#12580 * NixOS/nix#12642 * NixOS/nix#13340 All three have been merged upstream in the current release of nix (v2.31.2).
5 participants
Give some hints about what could be going wrong when Nix can't acquire the db lock.
Currently running Nix as a non-root user on a single-user install prints the error:
The error printed in this situation was indirectly changed recently by #12391,
but people have frequently run into the prior error:
There seems to be a lot of confusion about the prior error, and the current error doesn't seem to give much more of a hint about how to resolve the problem. Modify the error to provide some hints at what could be going wrong, instead erroring with: