Commit a1cf2493 authored by Silvan Mosberger's avatar Silvan Mosberger
Browse files

dockerTools.buildNixShellImage: Chown nix directories 

To the user running the docker image. If a Nix binary is available in
the resulting derivation, this then behaves like a single-user Nix
installation, except that already-written /nix/store paths can't be
changed. Most notably it makes Nix work not have to rely on a chroot
store in the image
parent c36f929d

pkgs/build-support/docker/default.nix

+6 −3
Original line number Diff line number Diff line
@@ -1178,9 +1178,12 @@ rec { 
        ];



        fakeRootCommands = ''

          # Allows any user to create new directories in the Nix store (for the build result)

          mkdir -p .${storeDir}

          chmod a+w+t .${storeDir}

          # Effectively a single-user installation of Nix, giving the user full

          # control over the Nix store. Needed for building the derivation this

          # shell is for, but also in case one wants to use Nix inside the

          # image

          mkdir -p ./nix/{store,var/nix} ./etc/nix

          chown -R ${toString uid}:${toString gid} ./nix ./etc/nix



          # Gives the user control over the build directory

          mkdir -p .${sandboxBuildDir}