nix
nix copied to clipboard
NixOS
error: could not set permissions on '/nix/var/nix/profiles/per-user' to 755: Operation not permitted
After installing multi-user nix, the following error occurs when running nix-shell:
andrewmckinlay@imac ~ % nix-shell -p nix-info --run "nix-info -m"
error: could not set permissions on '/nix/var/nix/profiles/per-user' to 755: Operation not permitted
andrewmckinlay@imac ~ % ls -ld /nix/var/nix/profiles/per-user
drwxr-xr-x 3 root staff 96 Mar 21 13:01 /nix/var/nix/profiles/per-user
Having same issue since upgrading to osx 10.15.4
It broke my nix installation and I tried full reinstall, having this issue now.
Followed the workaround here:
https://github.com/NixOS/nix/issues/2925#issuecomment-539570232
Weird thing is, it's already 755:
Last login: Wed Mar 25 17:52:51 on ttys001
thomas.busby@Thomass-MacBook-Pro ~/.../kontrakcja/workspace/nix-ghc-8.6.5 % nix-shell -p nix-info --run "nix-info -m"
error: could not set permissions on '/nix/var/nix/profiles/per-user' to 755: Operation not permitted
thomas.busby@Thomass-MacBook-Pro ~/.../kontrakcja/workspace/nix-ghc-8.6.5 % cd /nix/var/nix/profiles/per-user
thomas.busby@Thomass-MacBook-Pro /nix/.../nix/profiles/per-user % ll
total 0
drwxr-xr-x 3 root admin 96B 25 Mar 17:52 ./
drwxr-xr-x 6 root admin 192B 25 Mar 17:52 ../
drwxr-xr-x 4 root wheel 128B 25 Mar 17:52 root/
thomas.busby@Thomass-MacBook-Pro /nix/.../nix/profiles/per-user % cd ..
thomas.busby@Thomass-MacBook-Pro /nix/var/nix/profiles % ll
total 0
drwxr-xr-x 6 root admin 192B 25 Mar 17:52 ./
drwxr-xr-x 8 root admin 256B 25 Mar 17:52 ../
lrwxr-xr-x 1 root admin 14B 25 Mar 17:52 default@ -> default-2-link
lrwxr-xr-x 1 root admin 60B 25 Mar 17:52 default-1-link@ -> /nix/store/lpyk9jn33gzp8rsy3bvr1wi9bb323djc-user-environment
lrwxr-xr-x 1 root admin 60B 25 Mar 17:52 default-2-link@ -> /nix/store/83jp9wdmba1m82qbvdl9kixk1nsf70cm-user-environment
drwxr-xr-x 3 root admin 96B 25 Mar 17:52 per-user/
thomas.busby@Thomass-MacBook-Pro /nix/var/nix/profiles % cd ..
thomas.busby@Thomass-MacBook-Pro /nix/var/nix % ll
total 0
drwxr-xr-x 8 root admin 256B 25 Mar 17:52 ./
drwxr-xr-x 4 root admin 128B 25 Mar 17:51 ../
drwxr-xr-x 6 root admin 192B 25 Mar 17:52 db/
-rw------- 1 root admin 0B 25 Mar 17:52 gc.lock
drwxr-xr-x 3 root admin 96B 25 Mar 17:51 gcroots/
drwxr-xr-x 6 root admin 192B 25 Mar 17:52 profiles/
drwxr-xr-x 2 root admin 64B 25 Mar 17:52 temproots/
drwxr-xr-x 3 root admin 96B 25 Mar 17:52 userpool/
thomas.busby@Thomass-MacBook-Pro /nix/var/nix % cd ..
thomas.busby@Thomass-MacBook-Pro /nix/var % ll
total 0
drwxr-xr-x 4 root admin 128B 25 Mar 17:51 ./
drwxr-xr-x 6 root admin 192B 25 Mar 17:51 ../
drwxr-xr-x 3 root admin 96B 25 Mar 17:51 log/
drwxr-xr-x 8 root admin 256B 25 Mar 17:52 nix/
thomas.busby@Thomass-MacBook-Pro /nix/var % cd ..
thomas.busby@Thomass-MacBook-Pro /nix % ll
total 0
drwxr-xr-x 6 root admin 192B 25 Mar 17:51 ./
drwxr-xr-x 22 root admin 704B 25 Mar 16:48 ../
drwx------ 4 root wheel 128B 12 Feb 21:53 .Spotlight-V100/
d-wx--x--t 3 root wheel 96B 12 Feb 21:53 .Trashes/
drwxrwxr-t 59 root nixbld 1.8K 25 Mar 17:52 store/
drwxr-xr-x 4 root admin 128B 25 Mar 17:51 var/
thomas.busby@Thomass-MacBook-Pro /nix %
Is this also a multi-user install right?
What's the output of nix doctor and ls -la /nix/var/nix/db?
Unfortunately, I just binned and it did a single-user install, which doesn't seem to suffer the same issue, so I can't assist further. But seems to be the latest Catalina update that was pushed out today that's done it, so I'm sure you'll be seeing plenty more soon.
I think this happens in multi-user installation if nix-daemon is not running (for example during a boot, restart, etc).
To reproduce on darwin:
- install nix
- change nix.conf and pkill nix-daemon
- run quickly nix-build
Explanation: at step 3, nix-daemon is not yet up (takes a few seconds) and nix-build will fallback to client and try to ensure those directories are created, but fails to do so since it doesn't have permissions
I am wondering why it should change permissions on /nix/var/nix/profiles/per-user especially if they are already correct. That can be avoided.
I had this issue as well, though it really did turn out to be that the nix-daemon wasn't running. No matter whether or not the chmod should have actually been attempted, without the daemon running I would likely have screwed something up further down the line if it had gotten past this point.
The chmod failure led me to this thread, so likely detecting a multi-user install and failing with an error message if the daemon is not running would be preferable.
When/if it lands, I think #4289 will fix enough of this that I'm going to mark it as closing this one (but I'll explain how and un-mark it if there's disagreement).
In the process of working on that PR and it's predecessor (#4181), which further complicate the install process, feedback made it (even more) obvious that the installer needs to carry more of the weight of smoothing out previous-install cruft.
While working on that functionality, I did a lot of uninstall/reinstall testing and ran into this issue occasionally. I made this change to try to fix it. My confidence in making the fix wasn't terribly high, but I haven't seen the issue recur since.
I am still facing this issue could not set permissions on '/nix/var/nix/profiles/per-user' to 755: Operation not permitted On Mac OS Big Sur.
I'm still getting this issue when inside nixos-enter sessions:
iso$ sudo nixos-enter
chroot-root# su skainswo
chroot-skainswo$ nix-channel --update
error: could not set permissions on '/nix/var/nix/profiles/per-user' to 755: Operation not permitted
I'm running the 21.05 minimal ISO in virtualbox.
This issue has been mentioned on NixOS Discourse. There might be relevant details there:
https://discourse.nixos.org/t/cant-run-nix-channel-update-in-nixos-enter-session/13551/1
I am running into the original issue, where none of the nix-commands work on MacOS
nix-shell -p nix-info --run "nix-info -m"
error: could not set permissions on '/nix/var/nix/profiles/per-user' to 755: Operation not permitted
I guess I am in a bit of a special situation since I did have nix installed previously in single user mode, however I tried everything the installer tells you uninstall nix, before starting with the multi-user installation
Situation prior to the upgrade Months ago I had created the unencrypted APFS volume for /nix and used the normal single user install, which worked perfectly for many months. For newer projects I was interested to switch to multi-user mode.
How I tried switching to multi-user mode
- I ran
sh <(curl -L https://nixos.org/nix/install) --daemon
- I followed the installers prompts to remove the old nix installation via
sudo rm -rf /etc/nix /nix /var/root/.nix-profile /var/root/.nix-defexpr /var/root/.nix-channels /Users/simonbein/.nix-profile /Users/simonbein/.nix-defexpr /Users/simonbein/.nix-channels
- The installer prompted me to double check my /etc/bashrc and /etc/zshrc, which were in order and just required a rollback, which I did
/usr/bin/sudo /bin/mv /etc/bashrc.backup-before-nix /etc/bashrc
/usr/bin/sudo /bin/mv /etc/zshrc.backup-before-nix /etc/zshrc
- On the next try the installer finishes successfully
I also repeated steps 1-4 running sh <(curl -L https://nixos.org/nix/install) --darwin-use-unencrypted-nix-store-volume --daemon, which yieled the same result
Additional info:
- Mac Version: 11.2.3
- nix doctor output
nix doctor error: could not set permissions on '/nix/var/nix/profiles/per-user' to 755: Operation not permitted -
ls -la /nix/var/nix/db total 16504 drwxr-xr-x 6 root admin 192 Jun 11 11:37 . drwxr-xr-x 8 root admin 256 Jun 11 11:36 .. -rw------- 1 root admin 0 Jun 11 11:36 big-lock -rw-r--r-- 1 root admin 57344 Jun 11 11:37 db.sqlite -rw------- 1 root admin 8388608 Jun 11 11:36 reserved -rw-r--r-- 1 root admin 2 Jun 11 11:36 schema -
ls -la /nix/var/nix/profiles total 0 drwxr-xr-x 6 root admin 192 Jun 11 11:36 . drwxr-xr-x 8 root admin 256 Jun 11 11:36 .. lrwxr-xr-x 1 root admin 14 Jun 11 11:36 default -> default-2-link lrwxr-xr-x 1 root admin 60 Jun 11 11:36 default-1-link -> /nix/store/a1fcv441lrhgai6yizbcm8m0dg3hhgps-user-environment lrwxr-xr-x 1 root admin 60 Jun 11 11:36 default-2-link -> /nix/store/kr5xl16f31kpa52dwfvrgysisyrg1rs6-user-environment drwxr-xr-x 3 root admin 96 Jun 11 11:36 per-user
@SimonTheLeg Can you try the removal steps again, and then use the ~test installer mentioned in the Try it out section of #4289? (4289, which sands down a few of the sharp corners here, is merged but not yet released)
That worked like a charm! Thank you so much for that change. Also the installer is really pleasant to use!
~Now onto waiting until home-manager supports nix 2.4 I guess 😄~ Edit: Nevermind. You can actually make it work with home manager, without much effort. I just forgot to add a channel for nixpkgs
nix-channel --add https://channels.nixos.org/nixpkgs-unstable nixpkgs
nix-channel --update
and then you can do the normal home-manager install
I'm facing this issue too at the end of install, and when I try to run nix doctor
$ nix doctor
error: could not set permissions on '/nix/var/nix/profiles/per-user' to 755: Operation not permitted
I have a MacBook 2017 updated to MacOs Monterey (V. 12.1)
Any idea on how to fix this problem?
For anyone hitting this on darwin even after a full reinstall, try to unmount and delete the partition in Disk Utility and reboot before the reinstall. The reboot was the crucial step for me.
I have installed it on Linux Mint, and I needed to completely remove Nix and reinstall it with the single user no-deamon version. Uninstall nix
# Install Nix
sh <(curl -L https://nixos.org/nix/install) --no-daemon
I just encountered this issue again. This time on Ubuntu 18.04.6 after un-installing and re-installing Nix.
I just encountered this issue again. This time on Ubuntu 18.04.6 after un-installing and re-installing Nix.
Reboot fixed it for me 🤷
Just an anecdote that may help someone. I was experiencing this error when running macOS Monterey on an external drive. My macbook pro still had its internal factory SSD with Monterey also. On bootup, I was prompted to enter my password for the "Macintosh HD - Data" (internal) partition, which I provided. When I removed the factory SSD and moved my formerly external SSD to the macbook pro's motherboard, the command (nix-shell -p nix-info --run "nix-info -m") started working.
So in my case, the special nix volume and mounting may have been confused by the existence of additional APFS volumes mounted.
Just an anecdote that may help someone. I was experiencing this error when running macOS Monterey on an external drive. My macbook pro still had its internal factory SSD with Monterey also. On bootup, I was prompted to enter my password for the "Macintosh HD - Data" (internal) partition, which I provided. When I removed the factory SSD and moved my formerly external SSD to the macbook pro's motherboard, the command (nix-shell -p nix-info --run "nix-info -m") started working.
So in my case, the special nix volume and mounting may have been confused by the existence of additional APFS volumes mounted.
Just chiming in to say that I also experienced this issue, and have 2 additional APFS volumes on my laptop - one for Docker, and a case-sensitive volume that I do my coding work in. After rebooting, both the nix-shell -p nix-info --run "nix-info -m" command and nix doctor to function properly.
I just got this, three years hence.
$ nix-shell
error: could not set permissions on '/nix/var/nix/profiles/per-user' to 755: Operation not permitted
$ nix doctor
error: could not set permissions on '/nix/var/nix/profiles/per-user' to 755: Operation not permitted
On master we don't use this directory except for when being root, so I hope this can finally be closed for good soon.
I just got this, three years hence.
$ nix-shell error: could not set permissions on '/nix/var/nix/profiles/per-user' to 755: Operation not permitted $ nix doctor error: could not set permissions on '/nix/var/nix/profiles/per-user' to 755: Operation not permitted
I got this same error when installing on a "new to me" Macbook running Ventura 13.3.1, when installing nix to an external drive (so I don't know if this is the same situation for most people here).
POINT OF INFORMATION: However, I had previously installed nix successfully and had no problems with nix-shell or nix doctor like this, but the default install scripts created a volume on the internal drive.
I bought an external drive to use for nix, because "mo' room" and more affordable than Apple. So, I cleaned up the nix droppings left by the default nix install, deleted the internal drive volume for nix, added a new volume for nix on the external, and restarted the nix install. Everything went fine during the install, but post install I got the above error messages. :(
After banging head on wall, short story is that all I had to do was go to System Settings > Privacy & Security > Full Disk Access and turn the switch on for the nix entry as you see the the screenshot below. Then, nix doctor gave me PASSes (and no errors of course), and all nix operations are working fine. I hope this helps someone. I had no idea about this.
I've had the same issue. I lazily re-installed nix (as I've only just started using it, started 'fresh') which meant removing /nix, *.backup-before-nix, /etc/nix/nix.conf and XDG nix directories.
I notably didn't remove the systemd services (hence lazily).
Reinstalled using multi-user script, and started receiving same error for non-root users.
Came here, read comments etc and issued sudo systemctl daemon-reexec which fixed it (and why a restart will too).
I think it's due to the nix-daemon.service file which includes a line similar to:
ExecStart=@/nix/store/snsjmpdb8hs4jfp82wiykkbb9667rywr-nix-2.16.1/bin/nix-daemon nix-daemon --daemon
Which I'm assuming can change on a reinstall (like mine) as that path may not exist and not be loaded with a simple systemctl restart nix-daemon.service
Then again I have nfi how nix-daemon interacts, though I'm assuming as it's a requirement for multi-user, users probably depend on it whereas root user doesn't (as they have global perms).
I didn't try sudo systemctl daemon-reload which might do the job too?
TLDR:
Try sudo systemctl daemon-reload, if nothing, try sudo systemctl daemon-reexec
TLDR2: you may have to systemctl enable and systemctl start the nix-daemon.service, too, after running into this a second time!
Perhaps we should split this issue out into separate linux/macOS versions? I've personally encountered this error on both. Not sure if the pathogenesis is the same between them however?