Commit 54c260e updates the daemon again from upstream Nix code. Few interesting changes this time; interesting changes include:
• Fixed-output derivations (such as downloads) are now also run in a chroot environment. The difference with other derivations is that they do not get a separate network name space, which allows them to access the network, and they get additional files such as /etc/resolv.conf. • pivot_root(2) is used in addition to chroot(2), which is claimed to really prevent getting out of the chroot (though in practice build processes are non-root so I don’t see how they could get away.) • The ‘verifyStore’ RPC (more on that soon.) Please report any issues! Ludo’.