Release 2.12 (2022-12-06)
-
On Linux, Nix can now run builds in a user namespace where they run as root (UID 0) and have 65,536 UIDs available.
This is primarily useful for running containers such as
systemd-nspawninside a Nix build. For an example, seetests/systemd-nspawn/nix.A build can enable this by setting the derivation attribute:
requiredSystemFeatures = [ "uid-range" ];The
uid-rangesystem feature requires theauto-allocate-uidssetting to be enabled. -
Nix can now automatically pick UIDs for builds, removing the need to create
nixbld*user accounts. Seeauto-allocate-uids. -
On Linux, Nix has experimental support for running builds inside a cgroup. See
use-cgroups. -
<nix/fetchurl.nix>now accepts an additional argumentimpurewhich defaults tofalse. If it is set totrue, thehashandsha256arguments will be ignored and the resulting derivation will have__impureset totrue, making it an impure derivation. -
If
builtins.readFileis called on a file with context, then only the parts of the context that appear in the content of the file are retained. This avoids a lot of spurious errors where strings end up having a context just because they are read from a store path (#7260). -
nix build --jsonnow prints some statistics about top-level derivations, such as CPU statistics when cgroups are enabled.