Skip to content

Comments

Address ifdef problem with macOS/BSD sandboxing#13455

Merged
xokdvium merged 2 commits intoNixOS:masterfrom
DeterminateSystems:gustavderdrache/fix-sandbox-ifdef
Jul 11, 2025
Merged

Address ifdef problem with macOS/BSD sandboxing#13455
xokdvium merged 2 commits intoNixOS:masterfrom
DeterminateSystems:gustavderdrache/fix-sandbox-ifdef

Conversation

@gustavderdrache
Copy link
Contributor

@gustavderdrache gustavderdrache commented Jul 11, 2025

Motivation

This PR addresses an issue we identified for macOS users. The #ifdef condition seems impossible, and causes some (but not all) builds to fail.

Based on git bisecting, it looks like this was introduced in #13281.

Context


Add 👍 to pull requests you find important.

The Nix maintainer team uses a GitHub project board to schedule and track reviews.

This works around the macOS issue that the prior commit addresses.
@gustavderdrache gustavderdrache force-pushed the gustavderdrache/fix-sandbox-ifdef branch from 0f65596 to 8e5814d Compare July 11, 2025 22:46
@gustavderdrache
Copy link
Contributor Author

I've had to roll the version back in CI to work around the macOS build failures. Once a release includes this fix, it should no longer be necessary.

@xokdvium
Copy link
Contributor

@gustavderdrache
Copy link
Contributor Author

Yeah. We've had to roll our installer back for the same reason.

@xokdvium xokdvium enabled auto-merge July 11, 2025 23:06
@xokdvium xokdvium merged commit ab3cd76 into NixOS:master Jul 11, 2025
12 checks passed
@xokdvium xokdvium added the backport 2.30-maintenance Automatically creates a PR against the branch label Jul 11, 2025
@cole-h cole-h deleted the gustavderdrache/fix-sandbox-ifdef branch July 11, 2025 23:12
edolstra added a commit that referenced this pull request Jul 12, 2025
…3455

Address ifdef problem with macOS/BSD sandboxing (backport #13455)
@nixos-discourse
Copy link

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/critical-security-issue-in-nix-2-30-on-macos/66506/1

@nixos-discourse
Copy link

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/critical-security-issue-in-nix-2-30-on-macos/66506/3

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

backport 2.30-maintenance Automatically creates a PR against the branch

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants