Re: [Nix-dev] multi-user Nix store access problem
Hi Peter, nix-prefetch-git is used by fetchgit, but fetchgitlocal behaves a little bit other. So they are not compatible. But your hint raised an idea. What I need is a switch local/remote for the source. And nix-prefetch-git can also be used to pass my local sources to Nix and I do not need fetchgitlocal at all. Thanks for the fast answer. Best regards Christian Gesendet: Samstag, 11. Februar 2017 um 10:52 Uhr Von: "Peter Hoeg" <pe...@hoeg.com> An: c...@gmx.de Cc: nix-...@science.uu.nl Betreff: Re: [Nix-dev] multi-user Nix store access problem > I do not want to grant nix-daemon access rights to my private folder, > otherwise other users on that machine have access to my data. > Is there a way to build the derivation as my user and pass it to > nix-daemon? Or does somebody has a differen aproach? Maybe I'm misunderstanding you, but if you 'nix-prefetch-git' the sources, it should already be there. /Peter ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] multi-user Nix store access problem
Hi Vladimir, I understand now why my issue is. I used a path to a symbolic link, which points to my source folder. Nix do handle symbolic links to folders different to real folders. Now I understand more wired problems I had with symbolic links. In a single-user Nix store, Nix used this path as build environment. All pathes and fixed have been applied in my source folder. I will forward this issue to Nix. Thanks for the fast help. Best regards Christian Gesendet: Samstag, 11. Februar 2017 um 10:53 Uhr Von: "Vladimír Čunát" <vcu...@gmail.com> An: "Christian Kögler" <c...@gmx.de> Cc: nix-...@science.uu.nl Betreff: Re: [Nix-dev] multi-user Nix store access problem Hello, your'e welcome! On 02/11/2017 10:35 AM, "Christian Kögler" wrote: > I do not want to grant nix-daemon access rights to my private folder, > otherwise other users on that machine have access to my data. Note that after fetching into nix store the data becomes world-readable. For my development I combine the following two approaches. For less frequent builds I use `src = "" # or some other path`. That causes nix to copy the whole directory to the nix store and pass that path into the variable. You can use such values as inputs to `fetchgit` and similar, but the approach has multiple disadvantages. For standard development cycle - edit, compile, run tests - I use nix-shell --pure to set up an environment in the current git checkout and compile by `make` invocation directly in the checkout. --Vladimir ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] multi-user Nix store access problem
Hello, your'e welcome! On 02/11/2017 10:35 AM, "Christian Kögler" wrote: > I do not want to grant nix-daemon access rights to my private folder, > otherwise other users on that machine have access to my data. Note that after fetching into nix store the data becomes world-readable. For my development I combine the following two approaches. For less frequent builds I use `src = ./.; # or some other path`. That causes nix to copy the whole directory to the nix store and pass that path into the variable. You can use such values as inputs to `fetchgit` and similar, but the approach has multiple disadvantages. For standard development cycle - edit, compile, run tests - I use nix-shell --pure to set up an environment in the current git checkout and compile by `make` invocation directly in the checkout. --Vladimir smime.p7s Description: S/MIME Cryptographic Signature ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] multi-user Nix store access problem
I do not want to grant nix-daemon access rights to my private folder, otherwise other users on that machine have access to my data. Is there a way to build the derivation as my user and pass it to nix-daemon? Or does somebody has a differen aproach? Maybe I'm misunderstanding you, but if you 'nix-prefetch-git' the sources, it should already be there. /Peter ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
[Nix-dev] multi-user Nix store access problem
Hello Nix-enthusiasts, befor telling you about my problem, I want to say thanks for the great Nix world you created! It is incredible how precise systems can be built with NixOS/Nix. I try so mirgrate my systems and development environment to NixOS. In a view weeks my first PR will be on start to get VDR [1] and some plugins into Nixpkgs. But before that I have to establish my developement process. And here I have some questionmarks. I run NixOS which brings nix-daemon in multi-user mode to control the Nix store. My code I want to build a derivation from is stored in my home folder. I use fetchgitlocal to store my code in Nix, but the commands are invoked by nix-daemon, which has no access rights. By the way, fetchgitlocal needs write access to folder .git/ . But that is no problem, if me as my user could build that derivation and not nix-daemon. I do not want to grant nix-daemon access rights to my private folder, otherwise other users on that machine have access to my data. Is there a way to build the derivation as my user and pass it to nix-daemon? Or does somebody has a differen aproach? A similar problem was reported last year [2], but without a solution. Best regards Christian [1] http://www.tvdr.de/ [2] http://lists.science.uu.nl/pipermail/nix-dev/2016-June/020701.html ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
