| 29 Jul 2025 |
 WeetHet | Yep | 16:32:22 |
 raitobezarius | 
Download clipboard.png | 16:32:39 |
| raitobezarius | this sort of things | 16:32:41 |
| WeetHet | I need to build the devenv but then yeah | 16:33:05 |
 emily | meanwhile Sandbox: libarchive_test(91665) deny(1) file-write-create /nix/var/nix/builds/nix-build-libarchive-3.8.1.drv-6/btar.md.CvYd75 | 16:33:45 |
| emily | so much macOS fun lately | 16:34:20 |
| WeetHet | diff --git a/lix/libstore/build/local-derivation-goal.cc b/lix/libstore/build/local-derivation-goal.cc
index e0e14b09f..bc402d00a 100644
--- a/lix/libstore/build/local-derivation-goal.cc
+++ b/lix/libstore/build/local-derivation-goal.cc
@@ -1249,8 +1249,6 @@ void LocalDerivationGoal::runChild()
"non-functional."
);
}
-
- setupConfiguredCertificateAuthority();
}
for (auto & i : ss) pathsInChroot.emplace(i, i);
@@ -1406,11 +1404,8 @@ void LocalDerivationGoal::runChild()
}
#endif
- if (!useChroot) {
- /* When chroot is not used, FODs still requires a CA to be available as well. */
- if (!derivationType->isSandboxed()) {
- setupConfiguredCertificateAuthority();
- }
+ if (!derivationType->isSandboxed()) {
+ setupConfiguredCertificateAuthority();
}
if (chdir(tmpDirInSandbox.c_str()) == -1)
| 16:34:36 |
| WeetHet | I think this is the patch | 16:34:41 |
| WeetHet | Let me rebuild and check | 16:34:46 |
| emily | it looks like we were passing in the certs to non-FODs on Linux? | 16:35:24 |
| emily | so that's a fun purity bug | 16:35:37 |
| WeetHet | I think so yeah | 16:35:47 |
| WeetHet | Well it didn't even reach stable so it's all good | 16:36:02 |
| emily | btw was https://gerrit.lix.systems/c/lix/+/3765/8/lix/libstore/build/local-derivation-goal.cc#920 fixed | 16:36:02 |
| emily | because maybe want to tackle that at the same time | 16:36:07 |
| emily | no the previous logic was doing it too it looks like | 16:36:13 |
| emily | oh | 16:36:22 |
| emily | no it's in an if ok | 16:36:25 |
| raitobezarius | In reply to @emilazy:matrix.org
btw was https://gerrit.lix.systems/c/lix/+/3765/8/lix/libstore/build/local-derivation-goal.cc#920 fixed nope | 16:36:48 |
| emily | oh wait | 16:38:49 |
| emily | /btar | 16:38:51 |
| emily | lol | 16:38:52 |
| emily | so | 16:39:02 |
| emily | $TMPDIR ends with a / normally on macOS | 16:39:08 |
| emily | e.g. /var/folders/1v/jtp_4pzx7xq371f8j_xdnrvm0000gn/T/ | 16:39:15 |
| emily | /nix/var/nix/builds/nix-build-libarchive-3.8.1.drv-6/b does not | 16:39:28 |
| emily | do we want to work around that when things concatenate without the slash or just say it's an upstream bug? | 16:39:41 |
| emily | (I mean it is an upstream bug) | 16:39:45 |
| emily | ok, I just fixed it upstream | 16:59:47 |
| emily | previously the $TMPDIR would have been /private/tmp/nix-build-libarchive-3.8.1.drv-6 | 16:59:58 |
