diff options
author | Robert Hensing <robert@roberthensing.nl> | 2021-12-04 13:17:56 +0000 |
---|---|---|
committer | Robert Hensing <robert@roberthensing.nl> | 2021-12-04 13:49:10 +0000 |
commit | ddda5f28e1f85e0f056996dbf2d2d7fa3718da0f (patch) | |
tree | 159db948259734c30a3be40bb6078930c13c15f6 /pkgs/build-support/docker | |
parent | 0e9bc9ffd107c288571af4e3d4a9c2a6b64cf505 (diff) | |
download | nixpkgs-ddda5f28e1f85e0f056996dbf2d2d7fa3718da0f.tar nixpkgs-ddda5f28e1f85e0f056996dbf2d2d7fa3718da0f.tar.gz nixpkgs-ddda5f28e1f85e0f056996dbf2d2d7fa3718da0f.tar.bz2 nixpkgs-ddda5f28e1f85e0f056996dbf2d2d7fa3718da0f.tar.lz nixpkgs-ddda5f28e1f85e0f056996dbf2d2d7fa3718da0f.tar.xz nixpkgs-ddda5f28e1f85e0f056996dbf2d2d7fa3718da0f.tar.zst nixpkgs-ddda5f28e1f85e0f056996dbf2d2d7fa3718da0f.zip |
dockerTools: Keep fakechroot disabled by default
Avoid risk of breaking existing images by making it opt-in.
Diffstat (limited to 'pkgs/build-support/docker')
-rw-r--r-- | pkgs/build-support/docker/default.nix | 3 | ||||
-rw-r--r-- | pkgs/build-support/docker/examples.nix | 1 |
2 files changed, 3 insertions, 1 deletions
diff --git a/pkgs/build-support/docker/default.nix b/pkgs/build-support/docker/default.nix index a6d3109bf6d..9a20df57777 100644 --- a/pkgs/build-support/docker/default.nix +++ b/pkgs/build-support/docker/default.nix @@ -818,7 +818,8 @@ rec { fakeRootCommands ? "" , # Whether to run fakeRootCommands in fakechroot as well, so that they # appear to run inside the image, but have access to the normal Nix store. - enableFakechroot ? pkgs.stdenv.buildPlatform.isLinux + # Perhaps this could be enabled on by default on pkgs.stdenv.buildPlatform.isLinux + enableFakechroot ? false , # We pick 100 to ensure there is plenty of room for extension. I # believe the actual maximum is 128. maxLayers ? 100 diff --git a/pkgs/build-support/docker/examples.nix b/pkgs/build-support/docker/examples.nix index 28b26be1f8a..f2d4f809ae4 100644 --- a/pkgs/build-support/docker/examples.nix +++ b/pkgs/build-support/docker/examples.nix @@ -566,6 +566,7 @@ rec { name = "image-via-fake-chroot"; tag = "latest"; config.Cmd = [ "hello" ]; + enableFakechroot = true; # Crucially, instead of a relative path, this creates /bin, which is # intercepted by fakechroot. # This functionality is not available on darwin as of 2021. |