I just spent some time diagnosing an issue that only occurs in the sandbox and it was fairly tedious. Is there any way to get nix-shell
to spin up a sandboxed shell so I can just experiment with that directly?
This is on macOS, if that matters.
I just spent some time diagnosing an issue that only occurs in the sandbox and it was fairly tedious. Is there any way to get nix-shell
to spin up a sandboxed shell so I can just experiment with that directly?
This is on macOS, if that matters.
I would first try with nix-shell --pure
since it overrides all the environment variables. Sometimes it’s possible to reproduce the error that way. It doesn’t sandbox the build though.
Then the next best thing that I know of is only available on Linux: add breakpointHook
to the derivation buildInputs
. Once the build fails it will halt and display the instructions to run cntr
and enter the build sandbox directly.
nix-shell --pure
isn’t sufficient for my issue, I was specifically seeing an issue that only reproduced in the sandbox and I was trying to report an upstream bug (the package had failing tests when run in the sandbox).