| 26 Nov 2025 |
 Jens Petersen | Is /nix/var/nix/builds/ only used/needed for nix-2.30 and later? | 13:02:44 |
 dramforever | yes, it's the default for 2.30+, but uh... why do you want to know? | 13:03:31 |
| dramforever | https://nix.dev/manual/nix/2.30/release-notes/rl-2.30 | 13:03:41 |
| Jens Petersen | Or was it also backported for the cve? | 13:04:38 |
| Jens Petersen | Well because I want to include the directory in fedora... | 13:04:59 |
| Jens Petersen | But for Fedora EPEL I will ship nix | 13:05:17 |
| Jens Petersen | * But for Fedora EPEL I will ship older nix | 13:05:27 |
| dramforever | uh... do you need to know the internal structure of /nix/var/nix? | 13:05:35 |
| Jens Petersen | Yes | 13:05:46 |
| Jens Petersen | This is an installation issue really | 13:06:25 |
 hexa | to 2.24 I think | 13:09:32 |
| hexa | https://github.com/NixOS/nix/commits/2.24-maintenance/
https://github.com/NixOS/nix/commit/b0fab9f90b397a2b02f41df5f467ae3cf8b91c3c | 13:09:48 |
| Jens Petersen | Hmm interesting so in nixos seems only /nix/store has "special treatment" eg is owned by nixbld and has sticky bit | 13:10:11 |
| dramforever | yes | 13:10:45 |
| dramforever | i ... don't see the backporting of /nix/var/nix/build in 2.24 | 13:11:09 |
| dramforever | i don't think it was backported | 13:11:53 |
| hexa | I don't think that was ever backported | 13:12:06 |
| dramforever | so the answer is no | 13:12:19 |
| hexa | but what I linked is the remainder of the security fixes | 13:12:28 |
| dramforever | it's 2.30+ only | 13:12:23 |
| hexa | * but what I linked is the remainder of the security fixes that were | 13:12:32 |
| dramforever | but yeah i don't really understand what the deal with having to touch the internal structure of /nix/var/nix is | 13:12:58 |
| dramforever | well, there's tmpfiles | 13:13:08 |
| dramforever | but i don't get the "installation issue" | 13:13:19 |
| dramforever | does fedora need to manually approve every directory under /nix/var/nix? | 13:14:35 |
| Jens Petersen | dramforever: well either fedora provides /nix/var/nix/build or it doesn't - that is all (along with db/ gc.lock gcroots/ profiles/ temproots/) | 13:14:52 |
| dramforever | okay but why does it need to provide those | 13:15:28 |
| Jens Petersen | nixos does too, no? | 13:15:47 |
| dramforever | the nix daemon will happily make one by itself if one doesn't exist | 13:16:06 |
| dramforever | and also along with current-load, cgroups, profiles, userpool, just to name a few that apparently exists on my system | 13:16:31 |
