Cloudef
commented
2 years ago I also filled bug in nix as nix probably should detect this kind of misconfiguration early: https://github.com/NixOS/nix/issues/6113
Open Cloudef opened 2 years ago
Cloudef
commented
2 years ago I also filled bug in nix as nix probably should detect this kind of misconfiguration early: https://github.com/NixOS/nix/issues/6113
github-actions[bot]
commented
2 years ago Issues become stale 90 days after last activity and are closed 14 days after that. If this issue is still relevant bump it or assign it.
Cloudef
commented
2 years ago Still relevant
github-actions[bot]
commented
1 year ago Issues become stale 90 days after last activity and are closed 14 days after that. If this issue is still relevant bump it or assign it.
Cloudef
commented
1 year ago Still relevant
github-actions[bot]
commented
1 year ago Issues become stale 90 days after last activity and are closed 14 days after that. If this issue is still relevant bump it or assign it.
System
Expected behavior
/etc/nix.conf should have sandbox on, and should build packages as expected in such isolated environment.
Actual behavior
/etc/nix.conf has sandbox turned off by default, and it fails unexpectedly when turned on due to a misconfiguration with sandbox-paths. Nix mounts
/bin/shinto the sandboxed namespace, but this binary is linked against musl libc and thus fails to work in such a sandboxed environment.The workaround is to install busybox-static and edit sandbox-paths in /etc/nix.conf so that /bin/sh points to busybox.static instead.
Steps to reproduce the behavior
pkgs.buildPackages.rustPlatform.buildRustPackage rec { pname = "diesel-cli-ext"; version = "0.3.6"; cargoSha256 = "1npmr1sy7d6gv7j3r8c03c7k7c9fv0kvipl96cm6g1c90qqba2hx"; src = pkgs.fetchCrate { inherit version; crateName = "diesel_cli_ext"; sha256 = "0zf98kydxgb9mc77x7r4d0vmkfzgi5h4h6n1dhpgq2if9ybyci0b"; }; }
tar (child): gzip: Cannot exec: No such file or directory tar (child): Error is not recoverable: exiting now