nixos/nix
1
1
Fork 0
mirror of https://github.com/NixOS/nix.git synced 2025-11-23 10:49:36 +01:00
Code Activity

Enable socket-only daemon operations without filesystem access

Browse source 
Allows the Nix daemon to serve store paths purely over Unix domain
sockets without requiring the client to have filesystem access to
the store directory. This can be useful for VM setups where the host
serves paths to the guest via socket.

Tests verify socket-only operations work for copying, substitution,
and remote building (tested on Linux), with both local and binary cache stores.
This commit is contained in:
Robert Hensing 2025-11-04 16:32:17 +01:00
parent 341c42f321
commit 6a017a2a87
6 changed files with 174 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

10
doc/manual/rl-next/socket-only-daemon.md Normal file
View file

@ -0,0 +1,10 @@
---
synopsis: "Nix daemon can serve store paths over sockets without filesystem access"
---
The Nix daemon can now serve store paths purely over Unix domain sockets without
requiring the client to have filesystem access to the store directory. This can be
useful for VM setups where the host serves store paths to the guest via socket,
with the guest having no direct access to the host's `/nix/store`.
This works for copying paths, substitution, and building.