[Nix-dev] Why is there no way to run `nix-shell` in a chroot and without the user's .bashrc?
Ryan Newton
rrnewton at indiana.edu
Sun May 15 06:26:57 CEST 2016
(I posted this question as an issue here
<https://github.com/NixOS/nix/issues/903>, before realizing its more of a
mailing list question.)
I'm using the Haskell stack tool's nix integration, which launches
everything through a nix-shell.
Even running with --pure, nix-shell seems really impure compared to
nix-build. It not only mounts directories, it sources the bashrc from the
host system!
Is there any way to lock down nix-shell more using current configuration
options? If not, is there any plan to make nix-shell more pure?
This is especially concerning because I thought that shebang lines with
nix-shell were a great way to get reproducible scripts. But now I realize
that those scripts are much more impure and less reproducible than I
thought.
Thanks,
-Ryan
Ryan R. Newton
(812) 856-4205
Asst. Professor
Indiana University - School of Informatics & Computing
Lindley Hall 230H
http://www.cs.indiana.edu/~rrnewton/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.science.uu.nl/pipermail/nix-dev/attachments/20160515/8127c65f/attachment.html
More information about the nix-dev
mailing list