New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nixos/nix-daemon: default nix.useSandbox
to true
.
#44190
Conversation
Related NixOS/nix#179 |
Would be really nice if this could make it into 18.09. |
@@ -127,7 +127,7 @@ in | |||
|
|||
useSandbox = mkOption { | |||
type = types.either types.bool (types.enum ["relaxed"]); | |||
default = false; | |||
default = true; | |||
description = " | |||
If set, Nix will perform builds in a sandboxed environment that it | |||
will set up automatically for each build. This prevents impurities |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"This isn't enabled by default" below should be updated (if this is making it in)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks! I updated the change.
3da4ce4
to
c2401c1
Compare
the initial setup time of a sandbox for each build. It doesn't affect | ||
derivation hashes, so changing this option will not trigger a rebuild | ||
of packages. | ||
This is enabled by default even thought it has a possible performance |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/thought/though/ :-)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks! Fixed :)
c2401c1
to
4f6df27
Compare
Judging by the amount of 👍 reactions to the initial post there seems to be a broad base of support for this. I did read through the other issue and I can not come up with a reason why someone knowledgeable wouldn't just turn it off if it really bothers them... |
</listitem> | ||
</listitem> | ||
<listitem> | ||
<para>The module option <option>nix.useSandbox</option> is now defaulted to <literal>true</literal>. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I got the following error:
release-notes/rl-1809.xml:376: parser error : Opening and ending tag mismatch: para line 375 and itemizedlist
</itemizedlist>
^
release-notes/rl-1809.xml:377: parser error : Opening and ending tag mismatch: listitem line 374 and section
</section>
^
release-notes/rl-1809.xml:378: parser error : Opening and ending tag mismatch: itemizedlist line 167 and section
</section>
^
release-notes/rl-1809.xml:379: parser error : Premature end of data in tag section line 160
^
release-notes/rl-1809.xml:379: parser error : Premature end of data in tag section line 1
^
release-notes/release-notes.xml:11: element include: XInclude error : could not load release-notes/rl-1809.xml, and no fallback was found
It needs closing tags </para></listitem>
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry for that. Fixed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
iirc the reason it was disabled by default for nixos in particular is that nixos involves many trivial builds (unit files and such), where the startup cost can increase the build time by a significant factor. Still I'm fully 👍 on this change! |
Motivation for this change
After some discussions on IRC we thought that enabling sanboxing per default might be a good idea. The initial concern was the comment about a performance penalty when using sandboxing. The penalty is supposedly only significant during the startup of build. IMHO the gained level of security does warrant the extra bit of slowness.
Please leave you opinions here.
There was a recent rephrasing of the
description
of said option with f098e60. It would be great to know if that also originated from thoughts of enabling it. (CC @LnL7 @bbarker)CC those people involved in the discussion on IRC: @manveru @cleverca22
CC some of the people that might know more about the impact: @edolstra @LnL7 @grahamc