| 5 Sep 2021 |
 baloo | This is /run/systemd/resolve/stub-resolv.conf managed by man:systemd-resolved(8).\n# Do not edit.\n#\n# This file might be symlinked as /etc/resolv.conf. If you're looking at\n# /etc/resolv.conf and seeing this text, you have followed the symlink.\n#\n# This is a dynamic resolv.conf file for connecting local clients to the\n# internal DNS stub resolver of systemd-resolved. This file lists all\n# configured search domains.\n#\n# Run "resolvectl status" to see details about the uplink DNS servers\n# currently in use.\n#\n# Third party programs should typically not access this file directly, but only\n# through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a\n# different way, replace this symlink by a static file or a different symlink.\n#\n# See man:systemd-resolved.service(8) for details about the supported modes of\n# operation for /etc/resolv.conf.\n\nnameserver 127.0.0.53\noptions edns0 trust-ad\nsearch naive.network\n
| 19:47:47 |
| baloo | oops | 19:47:52 |
| baloo | *
| 19:48:00 |
| baloo | *
| 19:48:04 |
| baloo | * https://github.com/NixOS/nix/issues/5089#issuecomment-913174916
| 19:48:13 |
| *  Zhaofeng Li should pay a bit more attention to sanitizing logs... | 19:48:13 |
| baloo | * # This is /run/systemd/resolve/stub-resolv.conf managed by man:systemd-resolved(8).\n# Do not edit.\n#\n# This file might be symlinked as /etc/resolv.conf. If you're looking at\n# /etc/resolv.conf and seeing this text, you have followed the symlink.\n#\n# This is a dynamic resolv.conf file for connecting local clients to the\n# internal DNS stub resolver of systemd-resolved. This file lists all\n# configured search domains.\n#\n# Run \"resolvectl status\" to see details about the uplink DNS servers\n# currently in use.\n#\n# Third party programs should typically not access this file directly, but only\n# through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a\n# different way, replace this symlink by a static file or a different symlink.\n#\n# See man:systemd-resolved.service(8) for details about the supported modes of\n# operation for /etc/resolv.conf.\n\nnameserver 127.0.0.53\noptions edns0 trust-ad\nsearch naive.network\n
| 19:48:22 |
| baloo | there is a couple interesting bits in there | 19:49:22 |
| baloo | like:
[pid 909751] openat(AT_FDCWD, "/nix/store/9bh3986bpragfjmr32gay8p95k91q4gy-glibc-2.33-47/lib/libnss_dns.so.2", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
| 19:49:45 |
| baloo | I don't believe this is normal | 19:50:14 |
 @rick:matrix.ciphernetics.nl | I thought that library should be loaded before the sandbox is created | 19:50:55 |
| @rick:matrix.ciphernetics.nl | * I thought that library should be loaded before the sandbox is created, or something in that regard | 19:51:18 |
| baloo | there is an "nss hack" in nix. could be that | 19:51:43 |
| baloo | but I'm confused, because on my setup, nix invokes curl which in turn loads nss | 19:52:32 |
| baloo | invokes = execve(/nix/store/..../bin/curl) | 19:53:01 |
| Zhaofeng Li | Wait, the builtin:fetchurl builder should use libcurl? | 19:53:42 |
| baloo | iirc, yeah | 19:53:54 |
| Zhaofeng Li | Are you sure you are running the command above? | 19:53:55 |
| Zhaofeng Li | Because pkgs.fetchurl uses curl CLI and it does work | 19:54:47 |
| Zhaofeng Li | Only <nix/fetchurl.nix> seems to be affected | 19:55:02 |
| baloo | ha could be. | 19:58:29 |
| baloo | running the same strace here, and it looks like you're correct, it does not execve curl | 19:59:10 |
| baloo | but ... I still see: | 19:59:16 |
| baloo | [pid 137791] openat(AT_FDCWD, "/nix/store/9bh3986bpragfjmr32gay8p95k91q4gy-glibc-2.33-47/lib/libnss_dns.so.2", O_RDONLY|O_CLOEXEC) = 10
| 19:59:23 |
| baloo | that works fine ... | 19:59:28 |
| baloo | huuum | 19:59:41 |
| baloo | could you share the output of mount? | 19:59:52 |
| baloo | is /nix/store in the same filesystem than /? | 20:00:11 |
| Zhaofeng Li | No, different filesystem | 20:00:35 |
| baloo | ha! | 20:00:47 |
