@otini did you have a stray root, perhaps?
@otini if something called a gc has effects observable inside the system it's broken imo. if you can't detect all real roots you must be conservative
@migratory Probably something that I compiled inside a Nix shell. Since Nix shells don't create GC roots, the things we create in them can end up missing dependencies after a GC.
This is a very frustrating thing with Nix: anything that is not perfectly integrated into the package system risks to become unusable at any moment.
I guess sandboxing should help with catching the undeclared dependencies:
My own stance on Nix is like that on Git — hard to navigate and could be better, but still worth using, in place of the conventional approaches anyway.
I've always felt Nix should have implemented its path magic kernelside so it could be robust. the kernel would read tags on executables indicating which deps they have access to, then it would direct their fs accesses to corresponding versions of dependencies (and disallow other access to /usr and /lib). it would disallow single programs depending on multiple versions of dependencies, but the upside in being able to run software that wasn't compiled for NixOS once you tag it with dependency versions would be huge. and you couldn't "accidentally" reach into the store and break the whole abstraction
@migratory @otini Nix is essentially a quick and dirty implementation of an ideas described in a thesis. Safety and security has never been it's primary goal. It uses symlinks for it's data-structures and everything is visible to everyone. People voiced the opinion that it should provide better isolation, but e.g. Qubes OS in comparison doesn't let the access to GPU etc.
To recap: Nix is a trade-off, this is not "fool-proof". Sure you can hurt yourself with it, if not careful enough.
@Ninjatrappeur looks interesting!
@Ninjatrappeur What's IFD?
@otini WRT the GC breaking stuff, you must have forgotten to declare a dependencies.
WRT Nix's complexity, you must have not used Guix…
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!