| 23 Oct 2024 |
 KFears (tragedy arc) | I'm sorry, I don't understand
stdenv is still stdenv, right? What's the difference whether it's in /nix/store` or any other path? | 15:15:07 |
| KFears (tragedy arc) | Did I just forget to adjust some knob? | 15:15:21 |
 K900 | The files have hardcoded paths to the store | 15:15:39 |
| KFears (tragedy arc) | They what | 15:24:09 |
| K900 | Of course they do? | 15:26:11 |
| K900 | Everything has hardcoded paths | 15:26:16 |
| K900 | It's a lot harder to make them relative to the store root | 15:26:28 |
| KFears (tragedy arc) | Surely that's sarcasm? | 15:27:15 |
| KFears (tragedy arc) | Oh I'm completely out of the loop and insane | 15:27:27 |
| KFears (tragedy arc) | * Or I'm completely out of the loop and insane | 15:27:57 |
 Lily Foster | In reply to @kfears:matrix.org
Oh I'm completely out of the loop and insane me too, just in general | 15:28:02 |
| KFears (tragedy arc) | And what happens if you craft a derivation with malicious paths? ../some-thing? ../../root? /? /home/alice? | 15:29:37 |
| KFears (tragedy arc) | Will it happily substitute over your homedir? | 15:29:56 |
| K900 | No | 15:33:01 |
| K900 | That's verified | 15:33:07 |
| KFears (tragedy arc) | But still, why does it hardcode the path? | 15:34:23 |
| KFears (tragedy arc) | And is there anything I can do for now to, uhh, actually have substitution? | 15:34:50 |
 uep | not just hardcoded paths, but the paths are part of the dependency hash; that's the main / most direct reason that substitution fails | 15:36:37 |
| uep | they just miss cache | 15:36:47 |
| KFears (tragedy arc) | In reply to @uep:matrix.org
not just hardcoded paths, but the paths are part of the dependency hash; that's the main / most direct reason that substitution fails Why is that a thing... | 15:38:18 |
| K900 | In reply to@kfears:matrix.org
But still, why does it hardcode the path? Nix doesn't hardcode the path | 15:42:19 |
| K900 | The actual build products do | 15:42:28 |
| KFears (tragedy arc) | You mean, like, for example, if I build hello in /tmp, it will hardcode the absolute paths to /tmp, so launching from /nix/store doesn't make sense anymore? And there's legacy stuff that really wants to hardcode absolute paths, and there's no patching or wrapping that can fix this? | 15:45:17 |
| K900 | Yes | 15:47:03 |
| K900 | And it's most things | 15:47:08 |
| K900 | Relocatable store is REALLY hard | 15:47:22 |
| KFears (tragedy arc) | Huh | 15:49:22 |
| KFears (tragedy arc) | I thought there are enough ways to make it work | 15:49:44 |
| KFears (tragedy arc) | Like, maybe bind mounts idk | 15:49:57 |
| K900 | Bind mounts can work | 15:50:10 |
