Root user's `nix.conf` should not be inherited by other users

[asymmetric]

Describe the bug

The configuration in /root/config/nix/nix.conf is inherited by all users of the system.

Steps To Reproduce

• Have sandbox = true in /etc/nix/nix.conf
• Have sandbox = false in /root/.config/nix/nix.conf
• The sandbox is disabled for all users of the system

Expected behavior

~User configuration should not take precedence over system configuration, even if the user is root.~

Root's configuration should not take precedence over the system configuration, for other users of the system.

nix-env --version output

nix-env (Nix) 2.5.1

[nixos-discourse]

This issue has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/why-can-my-builds-access-the-network/17035/18

[thufschmitt]

User configuration should not take precedence over system configuration

In general it should : I want my nix.conf to take precedence over the system nix.conf. But indeed, root’s nix.conf shouldn’t be taken into account here.

I think the issue is that since the daemon is running as root, it uses root’s nix.conf. In which case, the proper fix would likely be to redirect HOME in the systemd unit file (although that might break other stuff :/ )

[asymmetric]

In general it should : I want my nix.conf to take precedence over the system nix.conf.

Right, so basically this should say: "Root's configuration should not take precedence over the system's, for other users"