Using GNU Guix on Parabola
GNU Guix is a package manager.
1 Installing guix
You can install it from pacman or from the official guix binaries. To install from pacman:
# pacman -Sy guix
To use it on Parabola, make sure you install the guix package (with pacman -S guix) and run the following commands (more detail in the official documentation) as root:
# groupadd --system guixbuild # for i in `seq -w 1 10`; do useradd -g guixbuild -G guixbuild \ -d /var/empty -s `which nologin` \ -c "Guix build user $i" --system \ guixbuilder$i; done
# systemctl enable guix-daemon # systemctl start guix-daemon
2 Configuring guix
2.1 Enabling binary packages
To enable binary pacakges do:
guix archive --authorize < /usr/share/guix/hydra.gnu.org.pub
The official documentation has more information on it.
Make sure to read at least the official section about the (security) implications of enabling binary packages.
After that, you should be able to use Guix normally.
2.2 Not using /tmp
/tmp is by default configured to use at maximum 50% of the RAM, and guix uses /tmp it by default. Because of that, it might not be suitable for machines not having a lot of RAM.
To fix it, first create the respective temporary directory, as root, on your disk:
# mkdir -p /gnu/tmp # chown root:guixbuild /gnu/tmp
Then override the systemd unit for guix-daemon:
# cp /lib/systemd/system/guix-daemon.service /etc/systemd/system/
Add the following line to it to change the temporary directory location:
# This is a "service unit file" for the systemd init system to launch # 'guix-daemon'. Drop it in /etc/systemd/system or similar to have # 'guix-daemon' automatically started. [Unit] Description=Build daemon for GNU Guix [Service] Environment="TMPDIR=/gnu/tmp" ExecStart=/usr/bin/guix-daemon --build-users-group=guixbuild RemainAfterExit=yes StandardOutput=syslog StandardError=syslog [Install] WantedBy=multi-user.target
Note that even if it doesn't use /tmp anymore (you can verify it by doing `ls /tmp/guix-*`) it will continue to show up in build logs, as explained in the official documentation. `ls /gnu/tmp/guix-*` will however contain temporary directory used by guix.
2.3 guix system vm not working
While trying to produce a vm image we have:
# guix system vm-image --image-size=4G ./system.scm substitute: warning: failed to install locale: Invalid argument The following derivation will be built: /gnu/store/07gbaa4h37f9cpn27w10nngq5b0x5c39-qemu-image.drv warning: failed to install locale: Invalid argument Formatting 'image.qcow2', fmt=qcow2 size=4294967296 encryption=off cluster_size=65536 lazy_refcounts=off refcount_bits=16 Could not access KVM kernel module: Permission denied failed to initialize KVM: Permission denied Backtrace: In ice-9/boot-9.scm: 157: 10 [catch #t #<catch-closure 8235900> ...] In unknown file: ?: 9 [apply-smob/1 #<catch-closure 8235900>] In ice-9/boot-9.scm: 63: 8 [call-with-prompt prompt0 ...] In ice-9/eval.scm: 432: 7 [eval # #] In ice-9/boot-9.scm: 2401: 6 [save-module-excursion #<procedure 8246c00 at ice-9/boot-9.scm:4045:3 ()>] 4050: 5 [#<procedure 8246c00 at ice-9/boot-9.scm:4045:3 ()>] 1724: 4 [%start-stack load-stack ...] 1729: 3 [#<procedure 824c498 ()>] In unknown file: ?: 2 [primitive-load "/gnu/store/mbih78alifi0apx1rjx485g5lh3a6qzl-qemu-image-builder"] In ./gnu/build/vm.scm: 127: 1 [load-in-linux-vm "/gnu/store/y305rlz8ack36f8n3gdhvwcbh3lpf6mp-linux-vm-loader" ...] In unknown file: ?: 0 [scm-error misc-error #f "~A ~S" ("qemu failed" "qemu-system-i386") #f] ERROR: In procedure scm-error: ERROR: qemu failed "qemu-system-i386" environment variable `PATH' set to `/gnu/store/myn188rpkzgp6hcrrbds91frf67b1fk0-qemu-minimal-2.6.0/bin:/gnu/store/w7mbdlp22y18xk21l56lp5qfqxw1nqbb-coreutils-8.25/bin' builder for `/gnu/store/07gbaa4h37f9cpn27w10nngq5b0x5c39-qemu-image.drv' failed with exit code 1 guix system: error: build failed: build of `/gnu/store/07gbaa4h37f9cpn27w10nngq5b0x5c39-qemu-image.drv' failed guix system vm-image --image-size=4G ./system.scm 20.61s user 0.51s system 87% cpu 24.002 total
In all this huge log, the important part is: "Could not access KVM kernel module: Permission denied". It's just telling us that the guix-daemon cannot access /dev/kvm.
When we look at /dev/kvm permissions we have:
$ ls -l /dev/kvm crw-rw----+ 1 root kvm 10, 232 Aug 3 10:57 /dev/kvm
We also look at the permissions that one of the guixbuilder users have:
$ id guixbuilder01 uid=617(guixbuilder01) gid=1002(guixbuild) groups=1002(guixbuild)
This clearly cannot access /dev/kvm, we can fix it with:
# for i in `seq -w 1 10` ; do gpasswd -a guixbuilder$i kvm ; done
Which should output something like that:
Adding user guixbuilder01 to group kvm Adding user guixbuilder02 to group kvm Adding user guixbuilder03 to group kvm Adding user guixbuilder04 to group kvm Adding user guixbuilder05 to group kvm Adding user guixbuilder06 to group kvm Adding user guixbuilder07 to group kvm Adding user guixbuilder08 to group kvm Adding user guixbuilder09 to group kvm Adding user guixbuilder10 to group kvm