nixpkgs implicit global configuration file is an hidden source of non reproducibility

NixOS / nixpkgs

Nix Packages collection & NixOS

MIT License

17.28k stars 13.53k forks source link

nixpkgs implicit global configuration file is an hidden source of non reproducibility #62513

Open guibou opened 5 years ago

guibou commented 5 years ago

Issue description

Implicitly, when we import a nixpkgs clone, using nixpkgs = import (tarballOfNixpkgs) {} and without providing a config or overlays attribute, nixpkgs implicitly loads a global configuration file. See: https://github.com/NixOS/nixpkgs/blob/fc277721f0aca26bb1753aadc60deb4fda64d326/pkgs/top-level/impure.nix#L29-L73

This can lead to hermeticity issues if the global configuration contains packageOverrides or some other settings which have an impact on the final build.

This behavior is enabled by default in nixpkgs.

I understand the reasons to get it by default when using the "global" <nixpkgs> package, for example when using nix-env -i or nix-shell in a directory without default.nix.

Could it be possible to insert a new attribute to nixpkgs, such as useGlobalConfiguration, which will default to false and will be overrode to true by tools such as nix-env or nix-shell in the right context?

matthewbauer commented 5 years ago

You can always set config = {} when instantiating Nixpkgs to override the default

guibou commented 5 years ago

@matthewbauer

Yes, you are right, it is possible to override config.

However that's still a problem of discoverability and safe defaults. By default it is non hermetic and it becomes hermetic if the user is aware of the problem and think about overriding the default behavior.

edolstra commented 5 years ago

The nix flakes branch changes the nix command to run in pure mode by default, making it impossible to depend on the Nixpkgs configuration file accidentally. (In pure mode, you can't access environment variables like HOME or read arbitrary files.)

guibou commented 5 years ago

The same is true for overlays setting which will be read from the global configuration file too. I updated my description accordingly.

stale[bot] commented 4 years ago

Thank you for your contributions.

This has been automatically marked as stale because it has had no activity for 180 days.

If this is still important to you, we ask that you leave a comment below. Your comment can be as simple as "still important to me". This lets people see that at least one person still cares about this. Someone will have to do this at most twice a year if there is no other activity.

Here are suggestions that might help resolve this more quickly:

Search for maintainers and people that previously touched the related code and @ mention them in a comment.
Ask on the NixOS Discourse.
Ask on the #nixos channel on irc.freenode.net.

tomprince commented 2 years ago

It would be nice to have a documented way of getting a pure evaluation, even when not using flakes. It looks like flakes currently does execute impure.nix, depending on the flake evaluation machinery to ensure that it is in fact pure; which I suspect doesn't work with flake-compat.

This could just be importing pkgs/top-level (if that was documented, and guaranteed to keep working). I'd prefer it not be passing {config = {}; overlays = [];} as it seems likely that the set of things needing to be passed could increase in the future.

stale[bot] commented 2 years ago

I marked this as stale due to inactivity. → More info