Open mickael9 opened 6 months ago
I can reproduce this when running the nix flake update
command as root.
My (strong) intuition is that the command will run in a mount namespace with write access to the store (because some operations require it), and Nix doesn't check that the lockfile is in the store, so overwrites it.
Quick workaround: set the NIX_REMOTE
environment variable to daemon
(or set the store
option to daemon
in /etc/nix/nix.conf
) to force using the daemon, even when running as root.
Describe the bug
Using
--update-input
can allow nix to modify the lockfile in the nix store, rendering it corruptedSteps To Reproduce
Expected behavior
The store should not be modified (there should be an error, or
--no-write-lock-file
should be implied)nix-env --version
output nix-env (Nix) 2.20.4Additional context
This was discovered by following the wiki guide here: https://nixos.wiki/wiki/Automatic_system_upgrades
With this configuration, the auto update script will run commands such as: