| 26 Nov 2025 |
 dramforever | * either as a sqlite db file or some exported textual format nix-store --dump-db | 13:19:07 |
 Jens Petersen | Right now I need to rebuild the whole nix package to change /nix, so it is a bit expensive to experiment (I believe you of course) | 13:19:52 |
| dramforever | but if you somehow ship just /usr/bin/nix, in general, nix would happily do everything by itself, starting all the way from creating /nix. but in practice users might not like it if installing nix from fedora leaves nix "installed" but in a way where the daemon is not working | 13:20:39 |
| Jens Petersen | Okay I can try force removing /nix and seeing what it happens that is easy enough | 13:21:21 |
| Jens Petersen | Anyway regardless we like to own the relevant directories for rpm packaging :-) | 13:23:04 |
| Jens Petersen | * Anyway regardless indeed we like to own the relevant directories for rpm packaging :-) | 13:23:26 |
| dramforever | this is fine but going into the details of what exactly in /nix/var/nix is very suspicious | 13:23:50 |
| dramforever | * this is fine but going into the details of what exactly is in /nix/var/nix is very suspicious | 13:23:59 |
| Jens Petersen | Okay | 13:23:59 |
| Jens Petersen | * Okay and sounds like more directories may show up anyway 🤷♂️ from what you said | 13:24:28 |
| Jens Petersen | So maybe it is not necessary indeed - also/further currently nixbld owns the fedora /nix/var/nix but seems that is also incorrect... | 13:26:09 |
| Jens Petersen | I wonder if that was the case in the past? | 13:26:46 |
| Jens Petersen | * Okay and sounds like more directories may show up there anyway 🤷♂️ from what you said | 13:27:12 |
| Jens Petersen | * So maybe it is not necessary indeed - also/further currently nixbld owns the fedora /nix/var/nix but seems that may also be incorrect for nix-daemon hmm | 13:49:38 |
 hexa | unlikely | 14:03:53 |
| hexa | the daemon who owns those runs as root | 14:04:05 |
| Jens Petersen | Okay then maybe something I introduced for non nix-daemon | 14:12:32 |
| dramforever | still doesn't really make sense since for non nix-daemon only one user has access to nix | 14:13:40 |
 Mic92 | Yeah, if you already provide a Fedora package than nix-daemon is the way to go. | 14:14:16 |
| Jens Petersen | Mm okay but nixbld group also works without nix-daemon but maybe that is wrong.
Earlier in my personal repo I was suggesting user to own /nix/* but I thought nixbld is better | 14:15:14 |
| Jens Petersen | nix-daemon may not work in containers for example | 14:16:11 |
| dramforever | i think nix special-cases root in a few places | 14:17:13 |
| dramforever | build-users-group is one of them, if you're root it defaults to nixbld | 14:17:38 |
| Mic92 | Yeah in container, root could by-pass the daemon transparently as well if this was ever an issue. | 14:17:43 |
| dramforever | in general nix kinda assumes the "root is only for admin" paradigm | 14:17:58 |
| Jens Petersen | I guess I am wishing I had come here a bit earlier, sounds like I may need to tweak my packaging... | 14:18:51 |
| dramforever | honestly i was really surprised i heard on "the news" that fedora is adding a nix package, instead of from here 😆 | 14:19:36 |
| dramforever | okay okay, here's a question, before you mess this up | 14:19:46 |
| dramforever | how are you adding in the "sandbox shell"? | 14:19:54 |
| Jens Petersen | But want to support as many types as possible | 14:19:56 |
