Admins will be upgrading ORNL GitLab Servers on Saturday, 16 May 2026, from 7 AM until 11 AM EST. Repositories will experience intermittent outages during this time.

Commit 2697d346 authored Jan 22, 2024 by WxNzEMof

streamLayeredImage: Change mode of /nix, /nix/store to 755

The change is insignificant when the owner is root.  However, when it
is not root, this change is needed to allow using Nix (as an
unprivileged user) inside the container.

parent 0ec13cdb

nixos/tests/docker-tools.nix

+1 −1

Original line number	Diff line number	Diff line
		@@ -181,7 +181,7 @@ in {
		):
		docker.succeed(
		"docker load --input='${examples.bashLayeredWithUser}'",
		"docker run -u somebody --rm ${examples.bashLayeredWithUser.imageName} ${pkgs.bash}/bin/bash -c 'test 555 == $(stat --format=%a /nix) && test 555 == $(stat --format=%a /nix/store)'",
		"docker run -u somebody --rm ${examples.bashLayeredWithUser.imageName} ${pkgs.bash}/bin/bash -c 'test 755 == $(stat --format=%a /nix) && test 755 == $(stat --format=%a /nix/store)'",
		"docker rmi ${examples.bashLayeredWithUser.imageName}",
		)

pkgs/build-support/docker/stream_layered_image.py

+1 −1

Original line number	Diff line number	Diff line
		@@ -70,7 +70,7 @@ def archive_paths_to(obj, paths, mtime, uid, gid, uname, gname):
		return ti

		def nix_root(ti):
		ti.mode = 0o0555 # r-xr-xr-x
		ti.mode = 0o0755 # rwxr-xr-x
		return ti

		def dir(path):