movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-13 21:25:30 +03:00
Code Issues Projects Releases Packages Wiki Activity

improve documentation for nix.settings.sandbox (#188541)

Browse source 
* add information on the "relaxed" setting in `nix.settings.sandbox`
This commit is contained in:
Anand Suresh 2023-06-06 04:32:26 -04:00 committed by GitHub
parent 04c41a12cf
commit aa884b8f3d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
nixos/modules/services/misc/nix-daemon.nix
View file

@ -520,10 +520,17 @@ in
will set up automatically for each build. This prevents impurities will set up automatically for each build. This prevents impurities
in builds by disallowing access to dependencies outside of the Nix in builds by disallowing access to dependencies outside of the Nix
store by using network and mount namespaces in a chroot environment. store by using network and mount namespaces in a chroot environment.
This is enabled by default even though it has a possible performance This is enabled by default even though it has a possible performance
impact due to the initial setup time of a sandbox for each build. It impact due to the initial setup time of a sandbox for each build. It
doesn't affect derivation hashes, so changing this option will not doesn't affect derivation hashes, so changing this option will not
trigger a rebuild of packages. trigger a rebuild of packages.
When set to "relaxed", this option permits derivations that set
`__noChroot = true;` to run outside of the sandboxed environment.
Exercise caution when using this mode of operation! It is intended to
be a quick hack when building with packages that are not easily setup
to be built reproducibly.
''; '';
}; };