Skip to content

Read-only sandbox paths mounts (Linux) #13315

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Read-only sandbox paths mounts (Linux) #13315

wants to merge 5 commits into from

Conversation

SimSaladin
Copy link

@SimSaladin SimSaladin commented Jun 2, 2025
edited
Loading

Motivation

This extends the sandbox-paths syntax to allow the extra optional suffix :ro extended JSON syntax for marking that path so as to be mounted read-only in the sandbox. The suffix is excluded from the mounted source or target path. It will only cause the mount MS_RDONLY flag to be set. The new "readOnly" option enables MS_RDONLY and a few other mount-point flags for the affected bind-mount.

Context

...well, technically we make then another mount(2) call on the target path right after mounting the path for the first time, in order to do a second mount (or rather remount, MS_REMOUNT) with MS_RDONLY. For some reason single mount syscall can't both create a new bind-mount and assign the read-only flag to it (its mount-point really) ... or propagation properties for that matter.

The mount(8) cli from util-linux abstracts over this with a second syscall as necessary as well (more even sometimes, it seems).

There's a better, modern API since about linux 5.12 with open_tree(), mount_setattr() and move_mount(). Probably doesn't really make a difference until there's some need or want for those features though.

One of the commits (2eaca52) is not related to to the bulk of the changes in this. it's a small change to fix a certain edge-case (think user launching nix or running tests with a PATH that still works, for all intents and purposes, but looks like it fell through a slipstream portal sideways).

add 👍 to pull requests you find important.

the nix maintainer team uses a github project board to schedule and track reviews

@SimSaladin SimSaladin requested a review from Ericson2314 as a code owner June 2, 2025 22:52
@tomberek tomberek added the idea approved The given proposal has been discussed and approved by the Nix team. An implementation is welcome. label Jun 4, 2025
edolstra
edolstra reviewed Jun 11, 2025
View reviewed changes
src/libstore/include/nix/store/globals.hh Outdated
for example, `/dev/nvidiactl?` specifies that `/dev/nvidiactl` will
only be mounted in the sandbox if it exists in the host filesystem.
A list of paths bind-mounted into Nix sandbox environments. Use the
syntax `target[=source][:ro][?]` to control the mount:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of ad hoc formats like this, I would prefer that structured options use JSON, e.g.

sandbox-paths = [ {"target": "/foo", "source": "/bar", "readOnly": true, "optional": true} ]

or perhaps

sandbox-paths = { "/foo" : {"source": "/bar", "readOnly": true, "optional": true} }

This also makes it more future-proof when we switch nix.conf to JSON entirely.

For an example of how to do JSON options, see the external-builders setting in this PR:

In this case it's slightly more complex because we have to handle the non-JSON case for backward compatibility, but that should be pretty easy (just check if the first non-whitespace character is [).

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Implemented this and the smaller changes in latest commit, please take a look.

@edolstra edolstra mentioned this pull request Jun 11, 2025
Open
@SimSaladin SimSaladin force-pushed the sim/readonly-sandbox-paths branch from 2eaca52 to 97c779b Compare June 13, 2025 16:34
@SimSaladin SimSaladin mentioned this pull request Jun 13, 2025
Open
@SimSaladin
make sandbox path bind mount read-only on request
8f56724 
Signed-off-by: Samuli Thomasson <[email protected]>
@SimSaladin
throw BadStorePath for empty string
6041531 
some of the functional tests that run config check wouldn't tolerate some
oddities in `PATH`, something like a null string entry (e.g. `::` in the
middle or a trailing `:`) I think. This allows the test pass.

Signed-off-by: Samuli Thomasson <[email protected]>
@SimSaladin
sandbox-paths: rewrite read-only paths to use json config format
c9651a0 
Signed-off-by: Samuli Thomasson <[email protected]>
@SimSaladin
improve linux chroot-related error message
b01dcf8 
Signed-off-by: Samuli Thomasson <[email protected]>
@SimSaladin
clean up
1b2c828 
Signed-off-by: Samuli Thomasson <[email protected]>
@SimSaladin SimSaladin force-pushed the sim/readonly-sandbox-paths branch from 97c779b to 1b2c828 Compare June 14, 2025 09:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@edolstra edolstra edolstra left review comments

@Ericson2314 Ericson2314 Awaiting requested review from Ericson2314 Ericson2314 is a code owner

Assignees
No one assigned
Labels
idea approved The given proposal has been discussed and approved by the Nix team. An implementation is welcome.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@SimSaladin @edolstra @tomberek