writableStore=false still makes the host store writable in build-vm

[viric]

I have a virtual machine, of nixos master, with writableStore=false.

I can't see any 'aufs' in "mount" listings, and it can write files to the host /nix/store.

I was just running "nix-channels --update" in the guest, and it complained unpacking the nixexprs.tar about some "utime: Operation not permitted". But the manifest got unpacked into the store, and that file is also in my host store, while "nix-store --check-validity" reports that it's not valid.

[viric]

I'm using linuxPackages_3_4 as kernelPackages, and I don't seem to have any 'aufs' module in the booted system.

[viric]

Only now I noticed that 'writableStore==false' was meant NOT to use aufs, but also to leave the store read-only. Well, in my case, it is not read-only.

[viric]

Stage 2 has this line at boot, related to some EC2 thing:

mount -n -o remount,rw /

Maybe this is related?

[viric]

As a note, it shouldn't be a problem if the vm script weren't run by root.

[stale]

I marked this as stale due to inactivity. → More info

[stale]

I closed this issue due to inactivity. → More info