Nix-build and pure-eval issues

hmenke · January 26, 2021, 6:27pm

I’m trying to build a derivation in pure evaluation mode to make sure that it will also work with Flakes and possibly on Hydra. So I made a test derivation which should definitely be pure:
default.nix

derivation {
  name = "pure-eval-test";
  builder = ./builder.sh;
  system = "x86_64-linux";
}

builder.sh

#!/bin/sh
echo "" > $out

However, running nix-build with pure evaluation turned on reports:

$ nix-build --option pure-eval true default.nix
error: --- RestrictedPathError --- nix-build
access to path '/home/henri/default.nix' is forbidden in restricted mode

This is of course very pure by not even allowing to read the input file, but I have the feeling that this sort of defeats the purpose. What am I doing wrong here?

colemickens · March 17, 2021, 11:31pm

I just hit this too. I thought this used to work, or something like it?

colemickens · March 18, 2021, 3:24am

I filed https://github.com/NixOS/nix/issues/4651

nrdxp · March 18, 2021, 3:31am

Have you tried running it from a flake? It may actually work in a flake since the flake is uploaded to the store first and relative paths become relative to that store path. If not, putting toString in front of the path will probably fix it.