9397cd30c8
executed in a chroot that contains just the Nix store, the temporary build directory, and a configurable set of additional directories (/dev and /proc by default). This allows a bit more purity enforcement: hidden build-time dependencies on directories such as /usr or /nix/var/nix/profiles are no longer possible. As an added benefit, accidental network downloads (cf. NIXPKGS-52) are prevented as well (because files such as /etc/resolv.conf are not available in the chroot). However the usefulness of chroots is diminished by the fact that many builders depend on /bin/sh, so you need /bin in the list of additional directories. (And then on non-NixOS you need /lib as well...) |
||
|---|---|---|
| .. | ||
| bin2c | ||
| boost | ||
| bsdiff-4.3 | ||
| libexpr | ||
| libmain | ||
| libstore | ||
| libutil | ||
| nix-env | ||
| nix-hash | ||
| nix-instantiate | ||
| nix-log2xml | ||
| nix-setuid-helper | ||
| nix-store | ||
| nix-worker | ||
| aterm-helper.pl | ||
| Makefile.am | ||