nix-channel: do not set empty nix-path when disabling channels

[CyberShadow]

Description of changes

Continuation of #273170.

An empty nix-path in nix.conf will disable NIX_PATH environment variable entirely, which is not necessarily implied by users who want to disable nix channels. NIX_PATH also has some usages in tools like nixos-rebuild or just as user aliases.

That change is surprising and debatable, and also caused breakages in nixpkgs-review and user configs.

See:

• https://github.com/NixOS/nixpkgs/pull/242098/files#r1269891427
• os.environ["NIX_PATH"] = self.nixpkgs_path() silently get ignored when nix-path is set in nix.conf Mic92/nixpkgs-review#343
• docs: fix description of how NIX_PATH / nix-path interact nix#10998

Changes since #273170: implements @roberth's suggestion to warn when channel data still exists, as Nix (in the absence of a NIX_PATH) will still use it.

In this circumstance, Nix will now complain:

warning: Nix search path entry '/root/.nix-defexpr/channels' does not exist, ignoring
warning: Nix search path entry '/nix/var/nix/profiles/per-user/root/channels' does not exist, ignoring

It is a little annoying, but also in a way reassuring.

Things done

• Built on platform(s)
  • x86_64-linux
  • aarch64-linux
  • x86_64-darwin
  • aarch64-darwin
• For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
  • sandbox = relaxed
  • sandbox = true
• Tested, as applicable:
  • NixOS test(s) (look inside nixos/tests)
  • and/or package tests
  • or, for functions and "core" functionality, tests in lib/tests or pkgs/test
  • made sure NixOS tests are linked to the relevant packages
• Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
• Tested basic functionality of all binary files (usually in ./result/bin/)
• 24.11 Release Notes (or backporting 23.11 and 24.05 Release notes)
  • (Package updates) Added a release notes entry if the change is major or breaking
  • (Module updates) Added a release notes entry if the change is significant
  • (Module addition) Added a release notes entry if adding a new NixOS module
• Fits CONTRIBUTING.md.

---

Add a 👍 reaction to pull requests you find important.

[roberth]

@fricklerhandwerk and I are making progress on a fix in Nix proper, and while I wish we could do just that, not this, and keep it simple, realistically NixOS has to deal with the buggy behavior for some time to come.
We can - later - make the warning conditional or tone it down depending on config.nix.package.version.

All that context aside, one small question.

In this circumstance, Nix will now complain:

warning: Nix search path entry '/root/.nix-defexpr/channels' does not exist, ignoring
warning: Nix search path entry '/nix/var/nix/profiles/per-user/root/channels' does not exist, ignoring

It is a little annoying, but also in a way reassuring.

Do I understand correctly that NIX_PATH is set to "" by the configuration, and it would take for example unset NIX_PATH in a shellHook to cause these warnings to be printed?
That seems beneficial, because the intent of unset NIX_PATH is probably to ignore external NIX_PATH configuration such as system channels, and probably not "I don't care; use the system stuff", which is quite the opposite of what they probably want!

[roberth]

Shouldn't we also check for user channels?

[CyberShadow]

Yes, good idea. Even though we can't enumerate all possible values of HOME that Nix could be invoked with, we could at least check the home directories in the user catalog. Added.

[roberth]

That easily catches 99% of users in my estimate, and that's a big win. 👍

[CyberShadow]

Do I understand correctly that NIX_PATH is set to "" by the configuration

Yes.

and it would take for example unset NIX_PATH in a shellHook to cause these warnings to be printed?

The warnings are printed regardless of whether NIX_PATH is set. They're printed by the NixOS activation script.

The circumstance that I ran into where Nix was using an unintended default was running things with env -i, but I imagine the situation you described applies as well.

That seems beneficial, because the intent of unset NIX_PATH is probably to ignore external NIX_PATH configuration such as system channels, and probably not "I don't care; use the system stuff", which is quite the opposite of what they probably want!

Agreed! In my case, I expected the script to fail with 'nixpkgs' was not found in the Nix search path, instead of using the channels from when I installed NixOS :)

[roberth]

I've adjusted the warnings a bit (plus added the infra to make it nice; sorry for the scope creep), and I've done some testing, with the NixOS test as well as manually with a VM.

I think we may have an issue, which is that since recently NixOS sets a NIX_PATH=nixpkgs=flake:nixpkgs anyway, which I think is really bad, but that's a separate issue.

This PR is good now! 🚀

[CyberShadow]

Good stuff!

[roberth]

@ofborg build nixosTests.installer.switchToFlake
@ofborg build nixosTests.nix-channel
@ofborg build nixosTests.activation-lib

[CyberShadow]

and it would take for example unset NIX_PATH in a shellHook to cause these warnings to be printed?

Apologies, I've only just now realized that you meant the warnings printed by Nix, not the ones printed by the activation script added here.

And... I can no longer recall how I got Nix to print those warnings. 🤦

[github-actions]

Successfully created backport PR for release-24.05:

• [Backport release-24.05] nix-channel: do not set empty nix-path when disabling channels #330623