diff --git a/doc/manual/source/store/building.md b/doc/manual/source/store/building.md index dbfe6b5ca..c319ae73b 100644 --- a/doc/manual/source/store/building.md +++ b/doc/manual/source/store/building.md @@ -12,10 +12,11 @@ The [`builder`](./derivation/index.md#builder) is executed as follows: -- A temporary directory is created under the directory specified by - `TMPDIR` (default `/tmp`) where the build will take place. The +- A temporary directory is created where the build will take place. The current directory is changed to this directory. + See the per-store [`build-dir`](@docroot@/store/types/local-store.md#store-local-store-build-dir) setting for more information. + - The environment is cleared and set to the derivation attributes, as specified above. diff --git a/src/libstore/include/nix/store/globals.hh b/src/libstore/include/nix/store/globals.hh index 84e8dccaa..3aa5d9734 100644 --- a/src/libstore/include/nix/store/globals.hh +++ b/src/libstore/include/nix/store/globals.hh @@ -776,6 +776,8 @@ public: "build-dir", R"( Override the `build-dir` store setting for all stores that have this setting. + + See also the per-store [`build-dir`](@docroot@/store/types/local-store.md#store-local-store-build-dir) setting. )"}; Setting allowedImpureHostPrefixes{ diff --git a/src/libstore/include/nix/store/local-store.hh b/src/libstore/include/nix/store/local-store.hh index 91c3f7862..5f3a249f8 100644 --- a/src/libstore/include/nix/store/local-store.hh +++ b/src/libstore/include/nix/store/local-store.hh @@ -61,6 +61,8 @@ private: > `build-dir` must not be set to a world-writable directory. > Placing temporary build directories in a world-writable place allows other users to access or modify build data that is currently in use. > This alone is merely an impurity, but combined with another factor this has allowed malicious derivations to escape the build sandbox. + + See also the global [`build-dir`](@docroot@/command-ref/conf-file.md#conf-build-dir) setting. )"}; public: Path getBuildDir() const;