Hello
This has been confusing me for a while, the nix store is mounted read-only, but yet Nix is able to add files in it. How does it work?
Afaik it’s basically the same way containers work. The mounts are different for the nix daemon compared to the rest of the system.
Technically, the store is mounted read-write, then bind-mounted read-only on top of itself. The nix daemon just doesn’t have that bind mount.
4 Likes
Yea this is correct:
$ mount | grep /nix/store
pyromancer/crypt/system/nix/store on /nix/store type zfs (rw,relatime,xattr,posixacl)
pyromancer/crypt/system/nix/store on /nix/store type zfs (ro,relatime,xattr,posixacl)
$ nsenter -m -t $(pgrep nix-daemon) mount | grep /nix/store
pyromancer/crypt/system/nix/store on /nix/store type zfs (rw,relatime,xattr,posixacl)
pyromancer/crypt/system/nix/store on /nix/store type zfs (rw,relatime,xattr,posixacl)
Two mounts, one for my actual /nix/store file system, one for the ro bind mount. But in the daemon’s mount name space, the latter has been remounted rw.
5 Likes
Thank you very much for your replies 
1 Like
Which system part ensures this mount? I.e. “who does the mount”? It’s not in fstab, nor in systemd mount target:
[motiejus@vno1-op5p:~]$ sudo systemctl cat nix-store.mount
No files found for nix-store.mount.
[motiejus@vno1-op5p:~]$ grep /nix/store /etc/fstab
[motiejus@vno1-op5p:~]$
I was about to raise a separate topic “where does it come from”, but found this instead.
4 Likes