Add NXC System #125
Draft
Add NXC System #125
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Used for compute
NiXium-dev-shell> $ nix run github:nix-community/nixos-anywhere -- --flake '.#nxc' root@somewhereinthedark.onion
### Uploading install SSH keys ###
/run/current-system/sw/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/tmp/tmp.QGtktSJo5g/nixos-anywhere.pub"
/run/current-system/sw/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/run/current-system/sw/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Warning: Permanently added 'somewhereinthedark.onion' (ED25519) to the list of known hosts.
Number of key(s) added: 1
Now try logging into the machine, with: "ssh -o 'ConnectTimeout=10' -o 'UserKnownHostsFile=/dev/null' -o 'StrictHostKeyChecking=no' 'root@somewhereinthedark.onion'"
and check to make sure that only the key(s) you wanted were added.
### Gathering machine facts ###
Pseudo-terminal will not be allocated because stdin is not a terminal.
Warning: Permanently added 'somewhereinthedark.onion' (ED25519) to the list of known hosts.
### Switching system into kexec ###
Pseudo-terminal will not be allocated because stdin is not a terminal.
Warning: Permanently added 'somewhereinthedark.onion' (ED25519) to the list of known hosts.
Warning: Permanently added 'somewhereinthedark.onion' (ED25519) to the list of known hosts.
kexec/
kexec/initrd
kexec/kexec
kexec/bzImage
kexec/run
kexec/ip
Connection to somewhereinthedark.onion closed.
Pseudo-terminal will not be allocated because stdin is not a terminal.
Warning: Permanently added 'somewhereinthedark.onion' (ED25519) to the list of known hosts.
Linux nxc 6.9.10-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.9.10-1 (2024-07-19) x86_64
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
+ kexec_extra_flags=
+ [ 2 -gt 0 ]
+ kexec_extra_flags=
+ shift
+ shift
+ [ 0 -gt 0 ]
+ init=/nix/store/lcffi0wsbplc787h3va2c9qnjbf76p3b-nixos-system-nixos-installer-24.05pre-git/init
+ kernelParams=console=tty0 console=ttyS0,115200 root=fstab loglevel=4
+ readlink -f /root/kexec/kexec/run
+ dirname /root/kexec/kexec/run
+ SCRIPT_DIR=/root/kexec/kexec
+ TMPDIR=/root/kexec/kexec mktemp -d
+ INITRD_TMP=/root/kexec/kexec/tmp.b7DCDU3kAj
+ cd /root/kexec/kexec/tmp.b7DCDU3kAj
+ trap cleanup EXIT
+ mkdir -p ssh
+ extractPubKeys /root
+ home=/root
+ key=/root/.ssh/authorized_keys
+ test -e /root/.ssh/authorized_keys
+ grep -o \(\(ssh\|ecdsa\|sk\)-[^ ]* .*\) /root/.ssh/authorized_keys
+ key=/root/.ssh/authorized_keys2
+ test -e /root/.ssh/authorized_keys2
+ test -n
+ test -n
+ test -e /etc/ssh/authorized_keys.d/root
+ test -n
+ test -e /etc/ssh/ssh_host_ecdsa_key
+ cp -a /etc/ssh/ssh_host_ecdsa_key ssh
+ test -e /etc/ssh/ssh_host_ecdsa_key.pub
+ cp -a /etc/ssh/ssh_host_ecdsa_key.pub ssh
+ test -e /etc/ssh/ssh_host_ed25519_key
+ cp -a /etc/ssh/ssh_host_ed25519_key ssh
+ test -e /etc/ssh/ssh_host_ed25519_key.pub
+ cp -a /etc/ssh/ssh_host_ed25519_key.pub ssh
+ test -e /etc/ssh/ssh_host_rsa_key
+ cp -a /etc/ssh/ssh_host_rsa_key ssh
+ test -e /etc/ssh/ssh_host_rsa_key.pub
+ cp -a /etc/ssh/ssh_host_rsa_key.pub ssh
+ /root/kexec/kexec/ip --json addr
+ /root/kexec/kexec/ip -4 --json route
+ /root/kexec/kexec/ip -6 --json route
+ [ -f /etc/machine-id ]
+ cp /etc/machine-id machine-id
+ find .
+ cpio -o -H newc
+ gzip -9
16 blocks
+ kexecSyscallFlags=
+ sort -c -V
+ uname -r
+ printf %s\n 6.1 6.9.10-amd64
+ kexecSyscallFlags=--kexec-syscall-auto
+ sh -c '/root/kexec/kexec/kexec' --load '/root/kexec/kexec/bzImage' --kexec-syscall-auto --initrd='/root/kexec/kexec/initrd' --no-checks --command-line 'init=/nix/store/lcffi0wsbplc787h3va2c9qnjbf76p3b-nixos-system-nixos-installer-24.05pre-git/init console=tty0 console=ttyS0,115200 root=fstab loglevel=4'
kexec failed, dumping dmesg
kexec_file_load failed: Operation not permitted
+ echo kexec failed, dumping dmesg
+ dmesg
+ tail -n 100
[ 12.731832] systemd[1]: Mounting dev-hugepages.mount - Huge Pages File System...
[ 12.734220] systemd[1]: Mounting dev-mqueue.mount - POSIX Message Queue File System...
[ 12.736490] systemd[1]: Mounting run-lock.mount - Legacy Locks Directory /run/lock...
[ 12.738893] systemd[1]: Mounting sys-kernel-debug.mount - Kernel Debug File System...
[ 12.741482] systemd[1]: Mounting sys-kernel-tracing.mount - Kernel Trace File System...
[ 12.745279] systemd[1]: Starting keyboard-setup.service - Set the console keyboard layout...
[ 12.747812] systemd[1]: Starting kmod-static-nodes.service - Create List of Static Device Nodes...
[ 12.750567] systemd[1]: Starting modprobe@configfs.service - Load Kernel Module configfs...
[ 12.752993] systemd[1]: Starting modprobe@drm.service - Load Kernel Module drm...
[ 12.755329] systemd[1]: Starting modprobe@efi_pstore.service - Load Kernel Module efi_pstore...
[ 12.757995] systemd[1]: Starting modprobe@fuse.service - Load Kernel Module fuse...
[ 12.758084] systemd[1]: systemd-fsck-root.service - File System Check on Root Device was skipped because of an unmet condition check (ConditionPathExists=!/run/initramfs/fsck-root).
[ 12.758147] systemd[1]: systemd-hibernate-clear.service - Clear Stale Hibernate Storage Info was skipped because of an unmet condition check (ConditionPathExists=/sys/firmware/efi/efivars/HibernateLocation-8cf2644b-4b0b-428f-9387-6d876050dc67).
[ 12.763720] systemd[1]: Starting systemd-journald.service - Journal Service...
[ 12.767104] systemd[1]: Starting systemd-modules-load.service - Load Kernel Modules...
[ 12.767140] systemd[1]: systemd-pcrmachine.service - TPM PCR Machine ID Measurement was skipped because of an unmet condition check (ConditionSecurity=measured-uki).
[ 12.769890] systemd[1]: Starting systemd-remount-fs.service - Remount Root and Kernel File Systems...
[ 12.769977] systemd[1]: systemd-tpm2-setup-early.service - Early TPM SRK Setup was skipped because of an unmet condition check (ConditionSecurity=measured-uki).
[ 12.772319] systemd[1]: Starting systemd-udev-load-credentials.service - Load udev Rules from Credentials...
[ 12.774799] systemd[1]: Starting systemd-udev-trigger.service - Coldplug All udev Devices...
[ 12.780470] systemd[1]: Mounted dev-hugepages.mount - Huge Pages File System.
[ 12.780805] systemd[1]: Mounted dev-mqueue.mount - POSIX Message Queue File System.
[ 12.781200] systemd[1]: Mounted run-lock.mount - Legacy Locks Directory /run/lock.
[ 12.781529] systemd[1]: Mounted sys-kernel-debug.mount - Kernel Debug File System.
[ 12.781853] systemd[1]: Mounted sys-kernel-tracing.mount - Kernel Trace File System.
[ 12.782622] systemd[1]: Finished kmod-static-nodes.service - Create List of Static Device Nodes.
[ 12.783646] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
[ 12.784152] systemd[1]: Finished modprobe@efi_pstore.service - Load Kernel Module efi_pstore.
[ 12.785307] systemd[1]: modprobe@fuse.service: Deactivated successfully.
[ 12.785842] systemd[1]: Finished modprobe@fuse.service - Load Kernel Module fuse.
[ 12.790429] systemd[1]: Mounting sys-fs-fuse-connections.mount - FUSE Control File System...
[ 12.792478] systemd[1]: Starting systemd-tmpfiles-setup-dev-early.service - Create Static Device Nodes in /dev gracefully...
[ 12.795281] systemd[1]: modprobe@configfs.service: Deactivated successfully.
[ 12.795755] systemd[1]: Finished modprobe@configfs.service - Load Kernel Module configfs.
[ 12.796607] systemd[1]: Finished systemd-modules-load.service - Load Kernel Modules.
[ 12.797333] systemd[1]: Finished systemd-udev-load-credentials.service - Load udev Rules from Credentials.
[ 12.799451] systemd[1]: Mounting sys-kernel-config.mount - Kernel Configuration File System...
[ 12.801443] systemd[1]: Starting systemd-sysctl.service - Apply Kernel Variables...
[ 12.807117] systemd[1]: Mounted sys-fs-fuse-connections.mount - FUSE Control File System.
[ 12.814458] systemd-journald[477]: Collecting audit messages is disabled.
[ 12.816065] systemd[1]: Mounted sys-kernel-config.mount - Kernel Configuration File System.
[ 12.831175] systemd[1]: Finished systemd-sysctl.service - Apply Kernel Variables.
[ 12.837303] systemd[1]: Finished systemd-tmpfiles-setup-dev-early.service - Create Static Device Nodes in /dev gracefully.
[ 12.845226] EXT4-fs (vda1): re-mounted ce03d880-426c-4066-90b7-2e58c79bc444 r/w. Quota mode: none.
[ 12.847865] systemd[1]: Finished systemd-remount-fs.service - Remount Root and Kernel File Systems.
[ 12.848544] systemd[1]: systemd-hwdb-update.service - Rebuild Hardware Database was skipped because of an unmet condition check (ConditionNeedsUpdate=/etc).
[ 12.848640] systemd[1]: systemd-pstore.service - Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
[ 12.850922] systemd[1]: Starting systemd-random-seed.service - Load/Save OS Random Seed...
[ 12.851063] systemd[1]: systemd-sysusers.service - Create System Users was skipped because no trigger condition checks were met.
[ 12.852931] systemd[1]: Starting systemd-tmpfiles-setup-dev.service - Create Static Device Nodes in /dev...
[ 12.852983] systemd[1]: systemd-tpm2-setup.service - TPM SRK Setup was skipped because of an unmet condition check (ConditionSecurity=measured-uki).
[ 12.876987] ACPI: bus type drm_connector registered
[ 12.879296] systemd[1]: modprobe@drm.service: Deactivated successfully.
[ 12.909734] systemd[1]: Finished modprobe@drm.service - Load Kernel Module drm.
[ 12.917626] systemd[1]: Finished keyboard-setup.service - Set the console keyboard layout.
[ 12.925729] systemd[1]: Finished systemd-random-seed.service - Load/Save OS Random Seed.
[ 12.931162] systemd[1]: Finished systemd-tmpfiles-setup-dev.service - Create Static Device Nodes in /dev.
[ 12.931417] systemd[1]: Reached target local-fs-pre.target - Preparation for Local File Systems.
[ 12.935771] systemd[1]: Starting systemd-udevd.service - Rule-based Manager for Device Events and Files...
[ 12.987593] systemd[1]: Started systemd-journald.service - Journal Service.
[ 13.029448] systemd-journald[477]: Received client request to flush runtime journal.
[ 13.183237] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input4
[ 13.188874] sr 0:0:0:0: Attached scsi generic sg0 type 5
[ 13.205199] ACPI: button: Power Button [PWRF]
[ 13.239709] Adding 998396k swap on /dev/vda5. Priority:-2 extents:1 across:998396k
[ 13.264945] input: PC Speaker as /devices/platform/pcspkr/input/input5
[ 13.265550] [drm] pci: virtio-vga detected at 0000:00:01.0
[ 13.266541] virtio-pci 0000:00:01.0: vgaarb: deactivate vga console
[ 13.271168] Console: switching to colour dummy device 80x25
[ 13.271506] [drm] features: -virgl +edid -resource_blob -host_visible
[ 13.271509] [drm] features: -context_init
[ 13.274859] iTCO_vendor_support: vendor-support=0
[ 13.287675] [drm] number of scanouts: 1
[ 13.287690] [drm] number of cap sets: 0
[ 13.291633] [drm] Initialized virtio_gpu 0.1.0 0 for 0000:00:01.0 on minor 0
[ 13.298773] fbcon: virtio_gpudrmfb (fb0) is primary device
[ 13.305178] Console: switching to colour frame buffer device 160x50
[ 13.309742] iTCO_wdt iTCO_wdt.1.auto: Found a ICH9 TCO device (Version=2, TCOBASE=0x0660)
[ 13.310828] virtio-pci 0000:00:01.0: [drm] fb0: virtio_gpudrmfb frame buffer device
[ 13.316215] iTCO_wdt iTCO_wdt.1.auto: initialized. heartbeat=30 sec (nowayout=0)
[ 13.433535] snd_hda_codec_generic hdaudioC0D0: autoconfig for Generic: line_outs=1 (0x3/0x0/0x0/0x0/0x0) type:line
[ 13.433546] snd_hda_codec_generic hdaudioC0D0: speaker_outs=0 (0x0/0x0/0x0/0x0/0x0)
[ 13.433550] snd_hda_codec_generic hdaudioC0D0: hp_outs=0 (0x0/0x0/0x0/0x0/0x0)
[ 13.433553] snd_hda_codec_generic hdaudioC0D0: mono: mono_out=0x0
[ 13.433555] snd_hda_codec_generic hdaudioC0D0: inputs:
[ 13.433557] snd_hda_codec_generic hdaudioC0D0: Line=0x5
[ 13.514419] RAPL PMU: API unit is 2^-32 Joules, 0 fixed counters, 10737418240 ms ovfl timer
[ 13.522992] cryptd: max_cpu_qlen set to 1000
[ 13.543984] AVX version of gcm_enc/dec engaged.
[ 13.544233] AES CTR mode by8 optimization enabled
[ 14.050309] audit: type=1400 audit(1722479238.336:2): apparmor="STATUS" operation="profile_load" profile="unconfined" name="nvidia_modprobe" pid=737 comm="apparmor_parser"
[ 14.050332] audit: type=1400 audit(1722479238.336:3): apparmor="STATUS" operation="profile_load" profile="unconfined" name="nvidia_modprobe//kmod" pid=737 comm="apparmor_parser"
[ 14.051703] audit: type=1400 audit(1722479238.336:4): apparmor="STATUS" operation="profile_load" profile="unconfined" name="lsb_release" pid=736 comm="apparmor_parser"
[ 14.053836] audit: type=1400 audit(1722479238.340:5): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/bin/man" pid=740 comm="apparmor_parser"
[ 14.053859] audit: type=1400 audit(1722479238.340:6): apparmor="STATUS" operation="profile_load" profile="unconfined" name="man_filter" pid=740 comm="apparmor_parser"
[ 14.053882] audit: type=1400 audit(1722479238.340:7): apparmor="STATUS" operation="profile_load" profile="unconfined" name="man_groff" pid=740 comm="apparmor_parser"
[ 14.055091] audit: type=1400 audit(1722479238.340:8): apparmor="STATUS" operation="profile_load" profile="unconfined" name="system_tor" pid=739 comm="apparmor_parser"
[ 14.056743] audit: type=1400 audit(1722479238.340:9): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/lib/NetworkManager/nm-dhcp-client.action" pid=738 comm="apparmor_parser"
[ 14.056792] audit: type=1400 audit(1722479238.340:10): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/lib/NetworkManager/nm-dhcp-helper" pid=738 comm="apparmor_parser"
[ 14.056797] audit: type=1400 audit(1722479238.340:11): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/lib/connman/scripts/dhclient-script" pid=738 comm="apparmor_parser"
+ exit 1
+ cleanup
+ rm -rf /root/kexec/kexec/tmp.b7DCDU3kAj
OptionsAssuming that it's due to secure boot: Disable SecureBoot in QEMU HostNeeds edit of the XML file to disable secure-boot https://andreaskaris.github.io/blog/linux/libvirt-uefi-without-secureboot NixOS Infect WayGet a functional nix daemon and then use it to replace the bootloader |
Kreyren
force-pushed
the
central
branch
11 times, most recently
from
09d138f
to
45abb5a
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Used for compute