Nix flake and trusted users

Help
1

Hello,

I’m trying to use nix flake following this tutorial, but I get an error:

$ nix shell github:edolstra/dwarffs --command dwarffs --version
warning: ignoring the user-specified setting 'experimental-features', because it is a restricted setting and you are not a trusted user

However, if you look at the documentation of nix, it’s written:

Adding a user to trusted-users is essentially equivalent to giving that user root access to the system.

But I don’t really want to give root access to my user (not great from a security point of view), but I still want to use nix flake… Do I have any solution?

1 Like
2

Enable the experimentat features in your systems configuration, rather than the users configuration.

3 Likes
3

It is already what I did by adding in my configuration.nix:

  nix = {
     package = pkgs.nixFlakes;
     extraOptions = lib.optionalString (config.nix.package == pkgs.nixFlakes)
       "experimental-features = nix-command flakes";
  };
4

Are you sure you haven’t also set it for the user, by an environment variable or in your users config?

I have no other trusted-user than root in my /etc/nix/nix.conf and do not see that warning.

5

Oh good point, it works now thanks. Just, if you don’t have nixos, just nix, do you also need to configure trusted users?

6

For non-nixOS installation you need at least one trusted user as well.

If you did a single-user installation, the user that installed usually is the only trusted user and the only allowed user. Not sure if it would work to add more users there.

In a multi-user installation the default is root as trusted, everyone else as allowed, IIRC.

I have no clue how to properly configure nix in a single user installation, though back when I used Arch Linux + nix, I was able to edit /etc/nix/nix.conf directly.

7

Nice, thank you very much!