@grahamc, thanks for your PR! By analyzing the history of the files in this pull request, we identified @stapelberg, @mbravenboer and @MarcWeber to be potential reviewers.

@edolstra @globin

See NixOS/nix#179.

Is NixOS/nix#179 a blolcker on this, though? /cc @copumpkin @vcunat

It's a policy decision, really. I think keeping sandboxes on is a better default, more in keeping with the "nix philosophy" as I interpret it, and will also get more people caring about the sandbox speed and offering to fix it 😉

I think it'd be a huge step forward for the 17.03 release. @edolstra are functions like pkgs.writeText and other applications of builtins.toFile even affected by sandboxes? It seems like the biggest concern here would be a ton of tiny config files on NixOS, but don't many of them get generated by toFile?

with the approval from globin, copumpkin's enthusiasm, and vcunat's 👍 I'm taking Eelco's link as just "for reference" than an objection, and merging :)

I'm 👎 on this. The performance problem affects everybody, while the purity issue isn't much of a big deal.

Reverted in 7483ba0

I think the purity issue is a pretty big deal, but mostly outside of NixOS, so I'm not too hung up on this 😄 lack of default purity on darwin and non-NixOS linuxes can be very annoying, leading to countless hours of wasted time because some build tool "helpfully" decided to pick up something from the host's FHS filesystem.

But Nix packages should build with and without sandboxing, since sandboxing is not compulsory. So it's not wasted time :-)

Well, I'd like for it to become compulsory eventually (once we resolve the performance issues and the darwin sandbox problems), because those types of failures are generally quiet and very hard to diagnose, and I'd rather spend my time packaging rather than struggling with cmake's arcane rules for reaching into all sorts of places it shouldn't be looking.

I agree it's about policy. It's machine time vs. human time.

@edolstra i understand the efficiency argument but for those who want fast builds, they can disable sandboxing. basically a priority swap which i would like very much.