Skip to content

tests: fix sandbox-paths in cancelled-builds test #15071

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Ericson2314 merged 1 commit into from
Jan 24, 2026
Merged

tests: fix sandbox-paths in cancelled-builds test #15071

Ericson2314 merged 1 commit into from
Jan 24, 2026
+14 −2

Conversation

@roberth
Copy link
Member

@roberth roberth commented Jan 24, 2026

Don't add the whole store to sandbox-paths unconditionally. Exposing the entire store defeats the purpose of sandboxing, and when the test store is the same as the system store (NixOS VM), it causes an obscure "Permission denied" error.

Only add sandbox-paths /nix/store when NIX_STORE_DIR is set, indicating a separate test store that needs access to system store build tools.

Motivation

Fix async test failure nix build '.#hydraJobs.tests.functional_root'

Context

Add 👍 to pull requests you find important.

The Nix maintainer team uses a GitHub project board to schedule and track reviews.

@roberth roberth requested a review from edolstra as a code owner January 24, 2026 11:43
@github-actions github-actions bot added the with-tests Issues related to testing. PRs with tests have some priority label Jan 24, 2026
@roberth roberth added the backport 2.33-maintenance Automatically creates a PR against the branch label Jan 24, 2026
@Ericson2314
Copy link
Member

Ericson2314 commented Jan 24, 2026

Should we also check that NIX_STORE_DIR is not /nix/store?

@roberth
tests: fix sandbox-paths in cancelled-builds test
7b4444f 
Don't add the whole store to sandbox-paths unconditionally. Exposing
the entire store defeats the purpose of sandboxing, and when the test
store is the same as the system store (NixOS VM), it causes an obscure
"Permission denied" error.

Only add sandbox-paths when not on NixOS, indicating a separate test
store that needs access to system store build tools.
@roberth roberth force-pushed the fix-concurrent-failure-bug branch from bf885f4 to 7b4444f Compare January 24, 2026 19:10
@roberth
Copy link
Member Author

roberth commented Jan 24, 2026

No, nix build .#checks.x86_64-linux.nix-functional-tests using a different storeDir is already unsupported independent of this code.
It would be good to fix that, but until we do so, the focus of this PR is to get the test suites to pass with minimal added complexity.

I did improve it to be a more standard isTestOnNixOS call, because that lowers the entropy.
Attempting an incomplete and untestable fix of something else only serves to delay fixing master.

@Ericson2314 Ericson2314 enabled auto-merge January 24, 2026 19:17
@Ericson2314 Ericson2314 added this pull request to the merge queue Jan 24, 2026
Merged via the queue into NixOS:master with commit b7d07e4 Jan 24, 2026
14 checks passed
@internal-nix-ci
Copy link

internal-nix-ci bot commented Jan 24, 2026

Successfully created backport PR for 2.33-maintenance:

@internal-nix-ci internal-nix-ci bot mentioned this pull request Jan 24, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@xokdvium xokdvium xokdvium approved these changes

@edolstra edolstra Awaiting requested review from edolstra edolstra is a code owner

Assignees

No one assigned

Labels

backport 2.33-maintenance Automatically creates a PR against the branch with-tests Issues related to testing. PRs with tests have some priority

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@roberth @Ericson2314 @xokdvium