Summary
Sharing the Nix store (/nix) between containers can eliminate repeated package downloads and speed up workflows, but it introduces security, reproducibility, and garbage‑collection concerns that must be managed carefully.
Root Cause
- The Nix store is designed as an immutable, content‑addressed database of build outputs.
- Containers that write to
/nixcan corrupt the store’s immutability guarantees. - Simultaneous read/write access leads to race conditions on the underlying filesystem.
- Garbage collection (
nix-collect-garbage) may delete packages still in use by another container.
Why This Happens in Real Systems
- Nix expects a single, trusted nix-daemon managing the store; multiple containers bypass this mediation.
- OverlayFS or bind‑mounts used for container isolation expose the store as a regular directory, allowing accidental writes.
- The store’s hard‑link‑based layout assumes stable inodes; container layering can break those links.
- CI/CTF workflows often run privileged containers, increasing the chance of unintended modifications.
Real-World Impact
- Non‑deterministic builds if a package is altered or removed mid‑process.
- Security exposure: a compromised container could inject malicious binaries into the shared store.
- Cache thrash: frequent garbage collection forces re‑downloads, negating the intended benefit.
- Debugging complexity: errors appear only when containers intersect, making root cause hard to trace.
Example or Code (if necessary and relevant)
docker run -v /host/nix:/nix:ro -it mynfctf-image
How Senior Engineers Fix It
- Mount
/nixread‑only (:ro) to prevent accidental writes. - Use a nix daemon running on the host and configure containers to talk to it via UNIX socket.
- Leverage nix‑cache or binary caches (e.g., Cachix) to share pre‑built artifacts without exposing the store.
- Isolate the store per‑container with copy‑on‑write snapshots (e.g., using
btrfssubvolumes orzfsclones) when write access is truly needed. - Schedule garbage collection only during host maintenance windows, ensuring no container relies on the store at that moment.
Why Juniors Miss It
- Assuming that a shared directory is inherently safe for any workload.
- Overlooking the immutability model of Nix and treating it like a regular package cache.
- Not recognizing the risks of concurrent garbage collection in multi‑tenant environments.
- Failing to differentiate between read‑only sharing and read‑write sharing when designing container volumes.