!zghijEASpYQWYFzriI:nixos.org

Hydra

369 Members
109 Servers

You have reached the beginning of time (for this room).

SenderMessageTime
24 Apr 2024
@ma27:nicht-so.sexyma27
In reply to @os:matrix.flyingcircus.io

I had wanted to use replaceRuntimeDependencies in a system config to hotfix the latest glibc CVE, but unfortunately Hydra fails to evaluate it due to
error: access to absolute path '/nix/store/anlf335xlh41yjhm114swi87406mq5pw-glibc-2.38-44' is forbidden in restricted mode.

I guess there's a good reason why Hydra uses restricted mode and I better don't just patch evalSettings.restrictEval = false;?

I think the main reason was that h.n.o. is effectively evaluating untrusted Nix code and the devs wanted to have certain restrictions for that (e.g. being unable to fetch stuff from random URLs). I've seen it a few times that people patched it out in their overlays. 		16:01:49

Show newer messages

Back to Room ListRoom Version: 6