cm/cm-dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 266 Wiki Activity

Add --no-sandbox flag to nixos-rebuild command

Browse Source 
Fixes kernel namespace sandboxing issues when running as systemd service.
The --no-sandbox flag disables Nix build sandboxing which requires
kernel namespaces not available in restricted service environments.
This commit is contained in:
Christoffer Martinsson 2025-10-25 01:37:21 +02:00
parent 2d3844b5dd
commit f5d2ebeaec
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
agent/src/agent.rs
View File

@ -302,6 +302,7 @@ impl Agent {
tokio::process::Command::new("sudo") tokio::process::Command::new("sudo")
.arg("/run/current-system/sw/bin/nixos-rebuild") .arg("/run/current-system/sw/bin/nixos-rebuild")
.arg("switch") .arg("switch")
.arg("--no-sandbox")
.arg("--flake") .arg("--flake")
.arg(".") .arg(".")
.current_dir(working_dir) .current_dir(working_dir)