Q: Why am i unable to create functional sandbox?

[Kreyren]

kreyren@leonid ~$ cat path/to/script.sh | ix
http://ix.io/3Eod
kreyren@leonid ~$ ~/Repositories/nix-run/script.sh ls
bwrap: execvp ls: No such file or directory

This is in GNU Guix's environment trying to re-create the steam-run solution in NixOS so the script is projected to set up FHS3.0 jail with files from the host

NOTE: Designed to be GPLv3-compatible, set as proprietary due to people blaming me for damages as result of using my unfinished software

[smcv]

Why am i unable to create functional sandbox?

I don't know, I don't use Guix or NixOS.

I think your ld.so(8) might be missing from the sandbox environment. Check what ELF interpreter is hard-coded into your binaries (in particular ls) and make sure your bubblewrap arguments make it visible in the FHS-style environment.

If you want to run third-party binaries that are designed for a FHS environment (like Steam) then you will also need to ensure that the interoperable ELF interpreter paths /lib64/ld-linux-x86-64.so.2 and /lib/ld-linux.so.2 are set up to point to an appropriate ld.so(8), otherwise third-party executables that hard-code those paths won't work, even if those are not the paths that are normally used in Guix. You'll also need to make sure that the executables they expect are available at the paths they expect, like /bin/sh, /usr/bin/python3 and so on.

	--symlink /etc/ld.so.conf "$glibc_dir/etc/ld.so.conf" \
	--symlink /etc/ld.so.cache "$glibc_dir/etc/ld.so.cache" \

Is this correct for Guix? My understanding is that it would be incorrect for NixOS, because NixOS uses a different ELF interpreter and ld.so cache path - but maybe Guix is different.