Support garbage collection in external daemon#15143
Merged
Ericson2314 merged 1 commit intoNixOS:masterfrom Feb 17, 2026
Merged
Conversation
artemist
commented
Feb 4, 2026
artemist
force-pushed
the
rootless-daemon-minimal
branch
from
e764a10 to
5fe89d4
Compare
This was referenced Feb 4, 2026
artemist
force-pushed
the
rootless-daemon-minimal
branch
2 times, most recently
from
888a478 to
b3efe29
Compare
artemist
force-pushed
the
rootless-daemon-minimal
branch
from
b3efe29 to
ab555f2
Compare
edolstra
reviewed
Feb 4, 2026
artemist
force-pushed
the
rootless-daemon-minimal
branch
2 times, most recently
from
53e8836 to
44ad62e
Compare
github-actions
bot
added
the
store
Ericson2314
reviewed
Feb 5, 2026
artemist
force-pushed
the
rootless-daemon-minimal
branch
from
44ad62e to
494128c
Compare
Ericson2314
reviewed
Feb 6, 2026
Ericson2314
reviewed
Feb 6, 2026
Ericson2314
reviewed
Feb 6, 2026
Ericson2314
reviewed
Feb 6, 2026
Ericson2314
reviewed
Feb 6, 2026
Ericson2314
reviewed
Feb 6, 2026
artemist
force-pushed
the
rootless-daemon-minimal
branch
2 times, most recently
from
5dfc791 to
f3ac1b3
Compare
Ericson2314
force-pushed
the
rootless-daemon-minimal
branch
from
f3ac1b3 to
8df59e4
Compare
Ericson2314
reviewed
Feb 6, 2026
|
|
||
| std::filesystem::path LocalStoreConfig::getRootsSocketPath() const | ||
| { | ||
| return std::filesystem::path(stateDir.get()) / "gc-roots-socket" / "socket"; |
Member
There was a problem hiding this comment.
I changed it to match daemon-socket/socket for the original daemon, but frankly, it's a weird path and I don't know if we rather do something else instead.
Member
Author
There was a problem hiding this comment.
Yes, I agree it's a weird path and would not be against changing it. I'm not sure what 's good though.
Ericson2314
reviewed
Feb 9, 2026
Ericson2314
force-pushed
the
rootless-daemon-minimal
branch
from
8df59e4 to
c2bef2d
Compare
amaanq
force-pushed
the
rootless-daemon-minimal
branch
4 times, most recently
from
e570237 to
c44f623
Compare
artemist
force-pushed
the
rootless-daemon-minimal
branch
from
c44f623 to
d47ef14
Compare
xokdvium
reviewed
Feb 16, 2026
Contributor
xokdvium
left a comment
xokdvium
left a comment
There was a problem hiding this comment.
Should probably document the "protocol" somewhere. Not sure it's a blocker though.
Ericson2314
force-pushed
the
rootless-daemon-minimal
branch
from
d47ef14 to
f7aee9a
Compare
xokdvium
reviewed
Feb 16, 2026
Ericson2314
force-pushed
the
rootless-daemon-minimal
branch
from
f7aee9a to
77fafa8
Compare
xokdvium
reviewed
Feb 16, 2026
Ericson2314
force-pushed
the
rootless-daemon-minimal
branch
from
db84efb to
6c02f9d
Compare
xokdvium
reviewed
Feb 17, 2026
xokdvium
approved these changes
Feb 17, 2026
Contributor
xokdvium
left a comment
xokdvium
left a comment
There was a problem hiding this comment.
SGTM, modulo the release note.
xokdvium
reviewed
Feb 17, 2026
artemist
force-pushed
the
rootless-daemon-minimal
branch
from
6c02f9d to
0249c0b
Compare
This comes in two parts: a `nix store roots-daemon` command that can run as root and list runtime roots, and client logic to find runtime roots for a `LocalStore` by connecting to that daemon. This may be useful with an unprivileged nix daemon, as it would otherwise be unable to find runtime roots from process open files and maps.
artemist
force-pushed
the
rootless-daemon-minimal
branch
from
0249c0b to
96fef69
Compare
Member
Author
|
The actual integration test for this, in the |
xokdvium
approved these changes
Feb 17, 2026
Contributor
xokdvium
left a comment
xokdvium
left a comment
There was a problem hiding this comment.
Thanks, threading solution seems much better to me.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation
Some users may want to run the nix daemon as an unprivileged user, reducing the risk of compromise to their system if the nix daemon is exploited. While there are workarounds for many of the issues faced while running an unprivileged nix daemon, programs need root (or the equivalent
CAP_SYS_PTRACE) to find the list of runtime garbage collector roots.With this PR, users can run the minimal garbage-collector roots daemon as root, then the rest of the nix daemon as an unprivileged user, in order to not sacrifice functionality.
Note from @Ericson2314: The key result from this PR is that fewer GC functional tets are failing within the
hydraJobs.tests.functional_unprivileged-daemonNixOS VM test than before.Context
This replaces the more invasive #15026. The protocol and implementation in this PR were made as simple and non-invasive as possible: roots are sent from the daemon on connection, separated by null bytes. Existing code was reused wherever possible.
Add 👍 to pull requests you find important.
The Nix maintainer team uses a GitHub project board to schedule and track reviews.