Hello all!
In the past I used the command-line-parameter “–netrc-file” to provide Nix with credentials for git-repositories with restricted access. However, since upgrading from version 2.18 to 2.24, I get a warning on the command-line telling me that this was a restricted setting and I am not a trusted user: warning: ignoring the client-specified setting 'netrc-file', because it is a restricted setting and you are not a trusted user
My question is, why this change was made?
In advance, this is not a problem right now because it seems like the setting (contrary to the warning) does not get ignored. So it still works for me. But now my issue: The second question would be if it is really a good change. Regarding my scenario: Imagine working in a company with a terminal server where several people work, sharing one Nix-daemon. Each developer (or development-group) there may have her/his own restricted repositories and may provide different netrc-files for building and installing Nix-packages. Sharing one netrc-file for all is obviously not an option. Making users trusted is not an option as well since users are not managed locally and you won’t find them in “/etc/passwd” or “/etc/group” (rather managed by " System Security Services Daemon" instead). So adding them to “trusted-users” won’t work as well. What do you think? Can we somehow have (again) the feature that each developer may provide his/her own credentials without sharing them?