nixos/lxd-container: add /run to squashfs

[mkg20001]

Without /run the system won't boot with the following error:

To detach from the console, press: <ctrl>+a q
setting up /etc...
ln: failed to create symbolic link '/run/current-system': No such file or directory
ln: failed to create symbolic link '/run/booted-system': No such file or directory
error: getting status of '/run/current-system': No such file or directory
starting systemd...
/sbin/init: line 146: /run/current-system/systemd/lib/systemd/systemd: No such file or directory
Error: write /dev/pts/ptmx: file already closed

Creating it fixes the error

I'm not entierly sure if this is an lxd error or if nix is actually supposed to create /run if it doesn't exist

Description of changes

Things done

• Built on platform(s)
  • x86_64-linux
  • aarch64-linux
  • x86_64-darwin
  • aarch64-darwin
• For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
  • sandbox = relaxed
  • sandbox = true
• Tested, as applicable:
  • NixOS test(s) (look inside nixos/tests)
  • and/or package tests
  • or, for functions and "core" functionality, tests in lib/tests or pkgs/test
  • made sure NixOS tests are linked to the relevant packages
• Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
• Tested basic functionality of all binary files (usually in ./result/bin/)
• 23.11 Release Notes (or backporting 23.05 Release notes)
  • (Package updates) Added a release notes entry if the change is major or breaking
  • (Module updates) Added a release notes entry if the change is significant
  • (Module addition) Added a release notes entry if adding a new NixOS module
• Fits CONTRIBUTING.md.

[natsukium]

@ofborg eval

[adamcstephens]

Hmm, can you share your lxd container config? Or at least which options you're setting outside the defaults?

[adamcstephens]

Adding a pre-created directory probably doesn't hurt anything, but I've never run into an issue with /run getting created and I've run a variant of this squashfs image for many months.

─❯ git log --max-count 1 --oneline 
63678e9f3d3a (HEAD -> nixos-unstable, upstream/nixos-unstable) Merge pull request #263491 from marsam/update-plpgsql_check

─❯ lxc image import --alias nixos/test $(nix-build -A lxdContainerMeta.x86_64-linux ./nixos/release.nix)/tarball/nixos-system-x86_64-linux.tar.xz $(nix-build -A lxdContainerImageSquashfs.x86_64-linux ./nixos/release.nix)
Image imported with fingerprint: 0236ccea0f1860fe32f65b3a1a227d4119118718be1ce746ef010985c686ce1b

─❯ lxc launch nixos/test t1 --ephemeral
Creating t1
Starting t1                               

─❯ lxc exec t1 ls /run
agetty.reload  booted-system  current-system  dhcpcd  lock  mount  nscd        systemd	user  wrappers
binfmt	      credentials    dbus	``     keys    log   nixos  resolvconf  udev	utmp

─❯ lxc --version
5.18

[mkg20001]

From my own image server I used the unstable squashfs image https://images.mkg20001.io/

No extra flags, security.nesting and security.privileged are both false

Have you tested since systemd-run was introduced for the? There were other issues like "ln" being missing d156ab6 . Maybe this is new since that was introduced.

You can test it yourself

lxc remote add mkg https://images.mkg20001.io --protocol=simplestreams
lxc launch mkg:nixos/unstable/amd64/default

LXD version is 5.18

[adamcstephens]

Have you tested since systemd-run was introduced for the? There were other issues like "ln" being missing d156ab6 . Maybe this is new since that was introduced.

Yeah, the image I built and ran above includes that commit.

Do you know what commit your image is built off of? I can confirm yours does fail to start.

[mkg20001]

It's from here https://hydra.nixos.org/build/239669483

(Unrelated: the squashfs image doesn't have build products, the .tar.xz one has - we should look into that aswell https://hydra.nixos.org/build/239408325)

[adamcstephens]

This issue was resolved with the revert in #264200

Master as of 7378978 is working.

[adamcstephens]

It's unclear to me whether we will need something like this PR if and when the reverted change is added back.

[mkg20001]

It seems to me that nix is supposed to handle /run not existing. Unless that is a stage 1 only thing, in which case we need thispr.
The other directories are necesarry so LXD can setup the mounts for the various things stage 1 would usually handle afaik. (/proc, etc)

[adamcstephens]

Do we want to revisit this?

[mkg20001]

Is there any new trouble with the images? Otherwise if nixos is supposed to create /run anyways and there's no issues then we can close this PR.

[adamcstephens]

I think resolved. Will close for now.