Skip to content

feat: add NixOS support#93

Draft
Filirom1 wants to merge 1 commit into
GreyhavenHQ:mainfrom
Filirom1:feat/nixos-support
Draft

feat: add NixOS support#93
Filirom1 wants to merge 1 commit into
GreyhavenHQ:mainfrom
Filirom1:feat/nixos-support

Conversation

@Filirom1
Copy link
Copy Markdown

@Filirom1 Filirom1 commented May 19, 2026
edited
Loading

Problem

On NixOS, executables live under /nix/store and PATH entries such as /run/current-system/sw/bin are symlink chains into the store. Inside the bwrap sandbox, /run is replaced with a tmpfs, so those symlinks become dangling — tools cannot be found and the sandbox fails.

Additionally, the network namespace probe hardcoded /bin/true which does not exist on NixOS, causing greywall check to falsely report ✗ network isolation.

Fixes #81. Related to #22.

Changes

  • linux_features.go: resolve true from PATH instead of hardcoding /bin/true so the network namespace probe works on NixOS and any distro without /bin/true.
  • linux.go: mount /nix read-only (like /usr, /opt); resolve shell and sleep paths through resolveToolPath so the directory component points into /nix/store rather than the hidden /run/current-system/sw/bin.
  • linux_landlock.go: add /nix to Landlock read-allowed paths.
  • sanitize.go: rewrite PATH entries through symlinks before passing them into the sandbox, so the sandbox PATH is consistent with what is actually mounted.

Tests

On NixOS:

$ cat /etc/os-release |grep PRETTY
PRETTY_NAME="NixOS 25.11 (Xantusia)"

Before

$ greywall --linux-features
Linux Sandbox Features:
  Kernel: 6.6
  Bubblewrap (bwrap): true
  Socat: true
  Network namespace (--unshare-net): false
  Seccomp: true (log level: 2)
  Landlock: true (ABI v3)
  eBPF: false (CAP_BPF: false, root: false)
  ip (iproute2): true
  /dev/net/tun: true
  tun2socks: true (embedded)

Feature Status:
  ✓ Minimum requirements met (bwrap + socat)
  ⚠ Network namespace unavailable (containerized environment?)
    Sandbox will still work but with reduced network isolation.
    This is common in Docker, GitHub Actions, and other CI systems.
  ○ Transparent proxy not available (needs ip, /dev/net/tun, network namespace)
  ✓ Landlock available for enhanced filesystem control
  ✓ Violation monitoring available
  ○ eBPF monitoring not available (needs CAP_BPF or root)
  
$  greywall -- claude -p '1+1'
bwrap: execvp /nix/store/lfbzxs5wyqd2122mpbj5azkxhxspw9cd-bash-interactive-5.3p3/bin/bash: No such file or directory

After

$ greywall --linux-features
Linux Sandbox Features:
  Kernel: 6.6
  Bubblewrap (bwrap): true
  Socat: true
  Network namespace (--unshare-net): true
  Seccomp: true (log level: 2)
  Landlock: true (ABI v3)
  eBPF: false (CAP_BPF: false, root: false)
  ip (iproute2): true
  /dev/net/tun: true
  tun2socks: true (embedded)

Feature Status:
  ✓ Minimum requirements met (bwrap + socat)
  ✓ Network namespace isolation available
  ✓ Transparent proxy available (tun2socks + TUN device)
  ✓ Landlock available for enhanced filesystem control
  ✓ Violation monitoring available
  ○ eBPF monitoring not available (needs CAP_BPF or root)
  
  $ greywall -- claude -p '1+1'
2

@Filirom1
feat: add NixOS support
72dcf95 
On NixOS, executables live under /nix/store and PATH entries such as
/run/current-system/sw/bin are symlinks into the store. Inside the bwrap
sandbox /run is replaced with a tmpfs, so those symlinks become
dangling.

- Replaces the hardcoded /bin/true probe with exec.LookPath("true"),
which
  works on NixOS and any distro that does not provide /bin/true.
- Mount /nix read-only in bwrap (like /usr, /opt) and add it to Landlock
  read paths so store binaries are reachable inside the sandbox.
- resolveToolPath: resolve the directory component of shell/sleep paths
to
  their real /nix/store location while preserving the basename so
  multi-call binaries (coreutils) still dispatch via argv[0].
- resolvePathInEnv: rewrite PATH entries in the hardened env to their
real
  paths and deduplicate, making the sandbox PATH consistent with what is
  actually mounted.
@Filirom1 Filirom1 marked this pull request as draft May 19, 2026 16:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Bug on NixOS

1 participant

@Filirom1