Mark H Weaver <m...@netris.org> skribis: > Shea Levy <s...@shealevy.com> writes: > >> On 01/24/2014 05:16 AM, Sree Harsha Totakura wrote: >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> >>> On 01/23/2014 08:56 PM, Mark H Weaver wrote: >>>> We should not inherit /dev from the host system at all, but rather >>>> create it from scratch with just the things we need. IMO, that's >>>> the only truly proper solution. >>> We can try creating a fixed set of device nodes, for example: >>> /dev/null, /dev/random, /dev/urandom, /dev/sda etc. Has anyone tried >>> this before? >> >> Another option is to mount a devtmpfs there, for systems which support it. > > The thing is, we don't actually want most of the system's devices to be > in the build environment, do we? These are all impurities. I don't > think we want /dev/sda, for example.
For the record, with <https://github.com/NixOS/nix/commit/3fd01b171a74d28dc8e48b9ee5f2d0e9a3915fb8>, the daemon creates /dev deterministically. (This change landed in guix-daemon with the latest ‘nix-upstream’ update.) Ludo’.