| 5 Sep 2021 |
 Zhaofeng Li | (more direct repro: nix-build -E 'import <nix/fetchurl.nix> { url = "http://example.com"; sha256 = ""; }') | 19:37:52 |
 baloo | that works here | 19:40:58 |
| baloo | so it's not just that :/ | 19:41:07 |
 Rick (Mindavi) | Hmm, for me it does not:
nix-build -E 'import <nix/fetchurl.nix> { url = "http://example.com"; sha256 = ""; }'
warning: found empty hash, assuming 'sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA='
this derivation will be built:
/nix/store/r4rn52pvm83frvq2q4a2zb3vdq73l5x2-example.com.drv
building '/nix/store/r4rn52pvm83frvq2q4a2zb3vdq73l5x2-example.com.drv'...
warning: error: unable to download 'http://example.com': Couldn't resolve host name (6); retrying in 297 ms
warning: error: unable to download 'http://example.com': Couldn't resolve host name (6); retrying in 502 ms
warning: error: unable to download 'http://example.com': Couldn't resolve host name (6); retrying in 1083 ms
warning: error: unable to download 'http://example.com': Couldn't resolve host name (6); retrying in 2086 ms
error: unable to download 'http://example.com': Couldn't resolve host name (6)
| 19:41:30 |
| baloo | any chance you could strace -Ff -s 1500 -p $(pidof nix-daemon) 2> log and upload that somewhere? | 19:41:49 |
| Zhaofeng Li | Is it Nix 2.4 regression? | 19:42:07 |
| baloo | https://github.com/NixOS/nix/issues/5089#issuecomment-913174916 | 19:42:20 |
| baloo | there is the bug in the nix's bugtracker | 19:42:36 |
| baloo | In reply to @baloo_:matrix.org
any chance you could strace -Ff -s 1500 -p $(pidof nix-daemon) 2> log and upload that somewhere? (and re-trigger the bug in another terminal) | 19:43:15 |
| Zhaofeng Li | * <s>Is it Nix 2.4 regression?</s> No, also happens on 2.3 with or without daemon | 19:43:22 |
| Zhaofeng Li | https://gist.github.com/zhaofengli/e3c51186768971bb40495c83c383f2e0 | 19:46:09 |
| baloo | it ... should be invoking curl | 19:46:43 |
| baloo | and it does not | 19:46:45 |
| Rick (Mindavi) | Doesn't it first try to resolve the hostname? | 19:47:30 |
| baloo | This is /run/systemd/resolve/stub-resolv.conf managed by man:systemd-resolved(8).\n# Do not edit.\n#\n# This file might be symlinked as /etc/resolv.conf. If you're looking at\n# /etc/resolv.conf and seeing this text, you have followed the symlink.\n#\n# This is a dynamic resolv.conf file for connecting local clients to the\n# internal DNS stub resolver of systemd-resolved. This file lists all\n# configured search domains.\n#\n# Run "resolvectl status" to see details about the uplink DNS servers\n# currently in use.\n#\n# Third party programs should typically not access this file directly, but only\n# through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a\n# different way, replace this symlink by a static file or a different symlink.\n#\n# See man:systemd-resolved.service(8) for details about the supported modes of\n# operation for /etc/resolv.conf.\n\nnameserver 127.0.0.53\noptions edns0 trust-ad\nsearch naive.network\n
| 19:47:47 |
| baloo | oops | 19:47:52 |
| baloo | *
| 19:48:00 |
| baloo | *
| 19:48:04 |
| baloo | * https://github.com/NixOS/nix/issues/5089#issuecomment-913174916
| 19:48:13 |
| * Zhaofeng Li should pay a bit more attention to sanitizing logs... | 19:48:13 |
| baloo | * # This is /run/systemd/resolve/stub-resolv.conf managed by man:systemd-resolved(8).\n# Do not edit.\n#\n# This file might be symlinked as /etc/resolv.conf. If you're looking at\n# /etc/resolv.conf and seeing this text, you have followed the symlink.\n#\n# This is a dynamic resolv.conf file for connecting local clients to the\n# internal DNS stub resolver of systemd-resolved. This file lists all\n# configured search domains.\n#\n# Run \"resolvectl status\" to see details about the uplink DNS servers\n# currently in use.\n#\n# Third party programs should typically not access this file directly, but only\n# through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a\n# different way, replace this symlink by a static file or a different symlink.\n#\n# See man:systemd-resolved.service(8) for details about the supported modes of\n# operation for /etc/resolv.conf.\n\nnameserver 127.0.0.53\noptions edns0 trust-ad\nsearch naive.network\n
| 19:48:22 |
| baloo | there is a couple interesting bits in there | 19:49:22 |
| baloo | like:
[pid 909751] openat(AT_FDCWD, "/nix/store/9bh3986bpragfjmr32gay8p95k91q4gy-glibc-2.33-47/lib/libnss_dns.so.2", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
| 19:49:45 |
| baloo | I don't believe this is normal | 19:50:14 |
| Rick (Mindavi) | I thought that library should be loaded before the sandbox is created | 19:50:55 |
| Rick (Mindavi) | * I thought that library should be loaded before the sandbox is created, or something in that regard | 19:51:18 |
| baloo | there is an "nss hack" in nix. could be that | 19:51:43 |
| baloo | but I'm confused, because on my setup, nix invokes curl which in turn loads nss | 19:52:32 |
| baloo | invokes = execve(/nix/store/..../bin/curl) | 19:53:01 |
| Zhaofeng Li | Wait, the builtin:fetchurl builder should use libcurl? | 19:53:42 |
