We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
--store
Describe the bug
addDependency uses setns which needs privileges to enter the mount namespace to add bind mounts. With --store when not run as root, this fails.
addDependency
setns
When using Recursive Nix with --store and root, it fails here instead for some yet unknown reason.
In practice, this means that any non-trivial derivation built inside the sandbox will fail as it causes addDependency to be called.
Steps To Reproduce
{ pkgs ? import <nixpkgs> {} }: let hello-nix = pkgs.writeText "hello.nix" '' with import ${pkgs.path} {}; hello ''; in pkgs.runCommand "djE" { nativeBuildInputs = [ pkgs.nixUnstable ]; requiredSystemFeatures = [ "recursive-nix" ]; } '' nix-build ${hello-nix} cp -L ./result $out ''
Expected behavior
It should work.
nix-env --version output
nix-env --version
nix (Nix) 2.4pre20210922_bcd73eb
The text was updated successfully, but these errors were encountered:
This bug seems to have existed from the start.
Sorry, something went wrong.
Make recursive-nix work even when not privileged
a7ac388
Before this, `setns` would fail when switching to the mount namespace, since we did not have the privileges to do so when not root. Closes NixOS#5360
4e0f851
8388d2c
Successfully merging a pull request may close this issue.
Describe the bug
addDependency
usessetns
which needs privileges to enter the mount namespace to add bind mounts. With--store
when not run as root, this fails.When using Recursive Nix with
--store
and root, it fails here instead for some yet unknown reason.In practice, this means that any non-trivial derivation built inside the sandbox will fail as it causes
addDependency
to be called.Steps To Reproduce
Expected behavior
It should work.
nix-env --version
outputnix (Nix) 2.4pre20210922_bcd73eb
The text was updated successfully, but these errors were encountered: