Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Derivation: src with symbolic link behaves strange #1232

Open
ck3d opened this issue Feb 12, 2017 · 9 comments
Open

Derivation: src with symbolic link behaves strange #1232

ck3d opened this issue Feb 12, 2017 · 9 comments
Assignees
@copumpkin
Labels
documentation UX The way in which users interact with Nix. Higher level than UI.

Comments

@ck3d
Copy link

ck3d commented Feb 12, 2017

I defined a derivation where src is a path to a symbolic link which itself points to a directory.
I tried to use a symbolic link to keep the Nix expression untouched, while I am able to change src path with normal command line tools.

By using this mechanism you get following behavior:

  • the build is performed in src path. Patches are applied in your source folder and the intermediate build output is stored also there.
  • once a build was successful, no re-build can be triggered, although the content of that src path changed. Nix do use the path as drv input.
  • in multi-user Nix store mode, the build is performed by nix-daemon, which needs full access to that path to perform building the derivation

Resolving the symbolic link with Nix functions is not possible (as far I understand).
@ck3d
Copy link
Author

ck3d commented Feb 25, 2017

Some related issues are #145 and #897 .

@ck3d
Copy link
Author

ck3d commented Mar 2, 2017

The following minimal derivation realization shows on a multi-user nix store that the symbolic link is copied and not the directory it self:

$ ln -s $(mktemp -d) symlink
$ nix-store -r $(nix-instantiate -E 'derivation {name="test-symlink"; src=./symlink; builder="/bin/sh"; args = ["-xec" "cd $src"]; system=builtins.currentSystem; }')
warning: you did not specify ‘--add-root’; the result might be removed by the garbage collector
these derivations will be built:
  /nix/store/q5jh7c3wzcsa07cld77dnj52xbcssi78-test-symlink.drv
building path(s) ‘/nix/store/qilsbhimnj83wyvxgwys7j5lz0i7r0p9-test-symlink’
+ cd /nix/store/98ndpdd41ccp3373bc3sxs74hm9d8hzb-symlink
sh: line 0: cd: /nix/store/98ndpdd41ccp3373bc3sxs74hm9d8hzb-symlink: Permission denied
builder for ‘/nix/store/q5jh7c3wzcsa07cld77dnj52xbcssi78-test-symlink.drv’ failed with exit code 1
error: build of ‘/nix/store/q5jh7c3wzcsa07cld77dnj52xbcssi78-test-symlink.drv’ failed

The cd command can not be performed, because /nix/store/98ndpdd41ccp3373bc3sxs74hm9d8hzb-symlink is a symbolic link to the created temp directory which is exclusively owned by the calling user.

@johnramsden johnramsden mentioned this issue Apr 20, 2017
Merged
6 tasks
@TomSmeets
Copy link

This issue is annoys me a lot.
The target directory of symbolic links should be copied directly to the store.

@TomSmeets TomSmeets mentioned this issue Mar 24, 2018
Closed
8 tasks
@shlevy shlevy added the backlog label Apr 1, 2018
@roberth roberth mentioned this issue Jan 15, 2019
Closed
roberth added a commit to NixOS/nixpkgs that referenced this issue Jan 15, 2019
@roberth
Revert "nixos/modules/misc/nixpkgs.nix: Use pure Nixpkgs function"
db70173 
As a workaround for #51025 and
NixOS/nix#1232

This reverts commit 5f894a6.
@lheckemann
Copy link
Member

I'm pretty sure allowing symlinks pointing out of the store is intended — it allow referring to paths outside the store for programs that rely on being able to modify parts of their working directories, like gitlab does. Admittedly this is far from being a beautiful solution…

@zimbatm
Copy link
Member

zimbatm commented Jan 16, 2019

I am using this trick in a few private packages as well. Rails and Java apps.

At build time, it's too late to resolve symlinks. The build sandbox is not supposed to be able to go outside.

@ck3d
Copy link
Author

ck3d commented Sep 3, 2019

This issue is still valid for nix version 2.2.2 .

@nixos-discourse
Copy link

This issue has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/how-to-stop-nix-from-unpacking-a-directory/6866/4

@stale
Copy link

stale bot commented Feb 15, 2021

I marked this as stale due to inactivity. → More info

@stale stale bot added the stale label Feb 15, 2021
@drozdziak1 drozdziak1 mentioned this issue Apr 25, 2021
Closed
@fricklerhandwerk fricklerhandwerk added UX The way in which users interact with Nix. Higher level than UI. documentation labels Sep 12, 2022
@fricklerhandwerk
Copy link
Contributor

This could partially alleviated by documenting the behavior.

@stale stale bot removed the stale label Sep 12, 2022
@jsoo1 jsoo1 mentioned this issue Feb 6, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@copumpkin copumpkin

Labels
documentation UX The way in which users interact with Nix. Higher level than UI.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
9 participants
@copumpkin @zimbatm @domenkozar @lheckemann @shlevy @fricklerhandwerk @TomSmeets @ck3d @nixos-discourse