Release 2.12 (2022-12-06)
On Linux, Nix can now run builds in a user namespace where they run as root (UID 0) and have 65,536 UIDs available.
This is primarily useful for running containers such as
systemd-nspawninside a Nix build. For an example, see
A build can enable this by setting the derivation attribute:
requiredSystemFeatures = [ "uid-range" ];
uid-rangesystem feature requires the
auto-allocate-uidssetting to be enabled.
Nix can now automatically pick UIDs for builds, removing the need to create
nixbld*user accounts. See
On Linux, Nix has experimental support for running builds inside a cgroup. See
<nix/fetchurl.nix>now accepts an additional argument
impurewhich defaults to
false. If it is set to
sha256arguments will be ignored and the resulting derivation will have
true, making it an impure derivation.
builtins.readFileis called on a file with context, then only the parts of the context that appear in the content of the file are retained. This avoids a lot of spurious errors where strings end up having a context just because they are read from a store path (#7260).
nix build --jsonnow prints some statistics about top-level derivations, such as CPU statistics when cgroups are enabled.