Nix store mounted into container
BeatScherrer opened this issue · 4 comments
Describe the bug
When entering a container with distrobox on NixOS the nix store gets mounted.
To Reproduce
create a container, e.g. ubuntu:
distrobox create --image ubuntu:22.04 --name jammy
- Enter container:
distrobox enter jammy - nix store is mounted:
ls /nix/store
Expected behavior
I expect distrobox to not map the nix store into the container
#Desktop
- podman
5.2.2 - distrobox
1.7.2.1 - NixOS unstable (
9d757ec498666cc1dcc6f2be26db4fd3e1e9ab37)
installed with the following configuration.nix entry:
{ pkgs, ... }:
{
virtualisation = {
# containers
containers.enable = true;
podman = {
enable = true;
dockerCompat = true; # create a `docker` alias
# Required for containers under podman-compose to be able to talk to each other.
defaultNetwork.settings.dns_enabled = true;
};
# VM
libvirtd = {
enable = true;
qemu = {
package = pkgs.qemu_kvm;
ovmf = {
enable = true;
packages = [ pkgs.OVMFFull.fd ];
};
swtpm.enable = true;
};
};
};
programs.virt-manager.enable = true;
environment.systemPackages = with pkgs; [
virt-manager
virt-viewer
spice
spice-gtk
spice-protocol
win-virtio
win-spice
quickemu
distrobox
];
users.users.beat.extraGroups = [ "libvirtd" ];
}
Additional context
Also googled for this exact same issue and found this nix discourse thread. Albeit the issue still occurred in my case but only /nix is mounted and the other dirs (/gnu /run/current-system/sw) are not present.
Let me know if I should provide any logs, or my NixOS configuration/flake/flake.lock
have found the following logs:
distrobox create -v test
+ '[' -z '' ']'
+ '[' -z '' ']'
+ container_image=registry.fedoraproject.org/fedora-toolbox:39
+ '[' -z test ']'
+ '[' -z test ']'
+ '[' -z '' ']'
++ uname -n
+ container_hostname=trident
+ '[' 0 -eq 1 ']'
++ printf %s trident
++ wc -m
+ '[' 7 -gt 64 ']'
+ case "${container_manager}" in
+ command -v podman
+ container_manager=podman
+ command -v podman
+ '[' 1 -ne 0 ']'
+ container_manager='podman --log-level debug'
+ '[' 0 -ne 0 ']'
+ '[' 0 -ne 0 ']'
+ '[' -n /nix:/nix ']'
+ for volume in ${container_additional_volumes}
+ container_manager_additional_flags='
--volume /nix:/nix'
+ '[' -z /run/current-system/sw/bin/distrobox-init ']'
+ '[' -z /run/current-system/sw/bin/distrobox-export ']'
+ '[' 0 -ne 0 ']'
+ podman --log-level debug inspect --type container test
+ printf 'Distrobox named '\''%s'\'' already exists.\n' test
Distrobox named 'test' already exists.
+ printf 'To enter, run:\n\n'
To enter, run:
+ '[' 0 -eq 1 ']'
+ '[' 1000 -eq 0 ']'
+ '[' 0 -eq 0 ']'
+ printf 'distrobox enter %s\n\n' test
distrobox enter test
+ exit 0
Further this might be related?
$ ls -l .bashrc
lrwxrwxrwx 1 beat beat 70 Sep 3 21:10 .bashrc -> /nix/store/rkpirsy4gynskz2b45sb6zxkd4l34y06-home-manager-files/.bashrc
c05b6a43769bfa56d572a457f1420e0e2589fe3b does not mount /nix into the container but on the other hand in my case has a broken bashrc obviously. But that's not distrobox's fault I guess.
This is a configuration of the repo package https://github.com/NixOS/nixpkgs/blob/nixos-24.05/pkgs/applications/virtualization/distrobox/default.nix#L40
Open a bug there, distrobox by itself does not mount /nix