nix build sandbox on macOS #1354
Comments
|
I would rather getting rid of the sandbox option on the makes CLI and let users configure nix however they want on their nix.conf |
dsalaza4
added a commit
to dsalaza4/makes
that referenced
this issue
Aug 13, 2024
- Deprecate sandbox option from CLI as it only works on privileged containers or machines with multi-user nix with a trusted user executing makes. Ideally deciding whether or not to use sandbox should be done by the user via nix.conf. - Deprecate MAKES_K8S_COMPAT as it is only used for disabling sandbox, which is now done by the user via nix.conf. - Update design principles
dsalaza4
added a commit
to dsalaza4/makes
that referenced
this issue
Aug 13, 2024
- Deprecate sandbox option from CLI as it only works on privileged containers or machines with multi-user nix with a trusted user executing makes. Ideally deciding whether or not to use sandbox should be done by the user via nix.conf. - Deprecate MAKES_K8S_COMPAT as it is only used for disabling sandbox, which is now done by the user via nix.conf. - Update design principles Signed-off-by: Daniel Salazar <[email protected]>
dsalaza4
added a commit
that referenced
this issue
Aug 13, 2024
refac(back): #1354 deprecate sandbox
|
Sandboxing configurations were removed. Using sandbox or not is up to the user's nix.conf |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
some large derivations (mainly the ones that build from node packages) exceed this limit when running on a sandbox NixOS/nix#4119
even if the user disables sandbox mode at /etc/nix/nix.conf, the --option sandbox takes priority
https://github.com/fluidattacks/makes/blob/main/src/cli/main/cli.py#L291
current workaround is to
export MAKES_K8S_COMPAT=1before running the command through makesThe text was updated successfully, but these errors were encountered: