[Nix-dev] In multi-user Nix, let the daemon handle creation of GC roots
Tuomas Tynkkynen
tuomas.tynkkynen at iki.fi
Mon Jun 19 12:18:04 CEST 2017
2017-06-18 5:49 GMT+03:00 <sbaugh at catern.com>:
>
> My understanding is that currently GC roots (symlinks in
> profiles/gcroots) are created and deleted directly by the various Nix
> tools, even in multi-user configurations. (whether on NixOS or on
> another Linux distribution)
>
> It seems to me that it would be useful for the daemon to handle making
> GC roots, and forbid users to directly create GC roots.
How would deleting indirect roots work? Keep in mind that currently
users can simply delete any result symlinks from nix-build with 'rm' or
any other file management tool to remove the root. That won't work
over NFS because such an indirect root could be created on a different
filesystem (e.g. any local fs) that the machine running nix-daemon can't
access to verify whether the symlink is still there.
Additionally there's the problem of paths being in use by running processes
on other machines being garbage collected under their feet.
More information about the nix-dev
mailing list