英文:
Does nix always create virtual environment deterministically
问题
Here's the translation of the code portion you provided:
{
inputs = {
nixpkgs.url = github:nixos/nixpkgs/nixpkgs-unstable;
flake-utils.url = github:numtide/flake-utils;
};
outputs = { self, nixpkgs, flake-utils }:
flake-utils.lib.eachDefaultSystem (system:
let
pkgs = nixpkgs.legacyPackages.${system};
in
{
devShells.default = with pkgs; mkShell {
packages = [ cargo rustup rustc rust-analyzer rustfmt cmake ];
RUST_SRC_PATH = rustPlatform.rustLibSrc;
};
}
);
}
I won't provide translations for the other parts as per your request. If you have any specific questions or need further assistance, feel free to ask.
英文:
{
inputs = {
nixpkgs.url = github:nixos/nixpkgs/nixpkgs-unstable;
flake-utils.url = github:numtide/flake-utils;
};
outputs = { self, nixpkgs, flake-utils }:
flake-utils.lib.eachDefaultSystem (system:
let
pkgs = nixpkgs.legacyPackages.${system};
in
{
devShells.default = with pkgs; mkShell {
packages = [ cargo rustup rustc rust-analyzer rustfmt cmake ];
RUST_SRC_PATH = rustPlatform.rustLibSrc;
};
}
);
}
This is a flake.nix necessary to set a virtual environment with rust thanks to the command
nix develop -i
the i say only the elements defined in the flake are used. No program other than the program defined in the virtual environment can be used.
rustup toolchain list
> 1.70 //OK
rustup toolchain install 1.69
rustup default 1.69
rustc --version
> rustc 1.69.0 (84c898d65 2023-04-16) // OK
Now I quit the virtual environment
exit
Then I reopen it.
rustc --version
> 1.69
It means that the version of rust has been stored somewhere. It means that nix isn´t deterministic. The same flake can produce different environment.
Is that a bug or are there others things that I should know.
答案1
得分: 2
构建 Nix 组件(在支持并启用的系统上)发生在一个无网络、有限文件系统访问权限的沙盒环境中,只有声明的依赖项可用。(仍然不能百分之百地保证每次输出都相同,因为外部世界的污染,例如系统时钟、各种随机数生成器、进程任务切换时的时间差异和负载差异等等)。
nix develop 做了两件事:首先,它构建了一个开发环境和它的依赖项(构建步骤发生在沙盒中);然后它在用户的常规环境中启动一个交互式的 shell 进程。这后一步,即交互式地使用开发环境,不会在这个沙盒中进行。据我所知,没有任何文档声称会发生在沙盒中。
-
当传递
-i选项时,不会暴露$HOME(通常使用-i/--ignore-env的用户也会使用--keep HOME来覆盖此设置),但如果一个程序能够找到它(例如通过账户查找),它完全有能力将内容缓存到HOME/.cache/rustup或类似的位置。 -
如果你希望每次调用开发环境都有一个新的不同的 HOME 目录,那么你需要自己来做 —— 这很容易;
mkdir "$TMPDIR"/home && HOME=$TMPDIR/home就可以了,因为启动nix develop会创建一个新的唯一的TMPDIR。
英文:
Building Nix components (on systems where this is both supported and enabled) happens in a network-free, limited-filesystem-access sandbox where only declared dependencies are available. (It's still not a 100% guarantee of identical output every time because there's pollution from the outside world via things like the system clock, various random number generators, timing differences and load differences changing when process task switches take place, etc etc).
nix develop does two things: First, it builds a devshell and its dependencies (where the build steps happen in the sandbox); then it starts an interactive shell process in the user's regular environment. This latter step, of interactively using a devshell, does not take place in this sandbox. No documentation I'm aware of claims otherwise.
-
When
-iis passed,$HOMEisn't exposed (usually folks using-i/--ignore-envalso use--keep HOMEto override this), but if a program figures it out (f/e, with an account lookup), it's perfectly capable of caching content underHOME/.cache/rustupor any similar location. -
If you want each devshell invocation to have a new and different HOME directory, it's your job to do this yourself -- which you can do easily;
mkdir "$TMPDIR"/home && HOME=$TMPDIR/homewill do nicely, since startingnix developcreates a new and uniqueTMPDIR.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论