nixos-rebuild blocked by gitlib2 ownership concerns

Problem

Rebuilding NixOS suddenly stopped working:

sudo nixos-rebuild build '/etc/nixos#'
building the system configuration...
error:
       … while fetching the input 'git+file:///etc/nixos'

       error: opening Git repository '"/etc/nixos"': repository path '/etc/nixos' is not owned by current user

Switching yields the same results:

sudo nixos-rebuild switch --flake '/etc/nixos#'
error:
       … while fetching the input 'git+file:///etc/nixos'

       error: opening Git repository '"/etc/nixos"': repository path '/etc/nixos' is not owned by current user

Running the rebuild as a regular user result in a permission error:

error: filesystem error: cannot create symlink: Permission denied

Solutions

Permanent

sudo git config --global --add safe.directory /etc/nixos

/etc/nixos is a path to flake root directory. Adjust as needed.

This adds your flake directory as an exception. From now on git is not concerned by the current user not being an owner. Proceed with regular build command.

Permanent but undesirable

sudo chown -R root:root /etc/nixos

/etc/nixos is a path to flake root directory. Adjust as needed.

This makes root the owner of .git and all the other files in the repository. I hope you manage your NixOS configuration as a regular user. This method makes regular user’s life in this repository miserable.

Single use

Add --use-remote-sudo to your regular rebuild command and run it as regular user. Like this.

nixos-rebuild switch --use-remote-sudo --flake '/etc/nixos#'

Running as a regular user solves misalignment of the current user and the owner. Unfortunately, a regular user doesn’t have enough rights to actually rebuild the system. Remote sudo option elevates user rights for the switching part.

I haven’t tried this solution because it’s tied to the sudo command. There is no sudo in my configuration.

Explanation

TBD

Sources