From 9a35ad60ad8b80320d4fe2617eb5764da56c6157 Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@matterlabs.dev>
Date: Tue, 2 Jul 2024 12:12:22 +0200
Subject: [PATCH] fix: get rid of `/dev/` in containers

`enableFakechroot = true` somehow triggered the inclusion of `/dev`.

Some fake chroots included `/dev/kvm` with different permissions,
so the produced container was not the same.

As this fake chroot is not needed anymore with using `--chroot` for `gramine-sgx-sign`,
it can be turned off.

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
---
 overlays/nixsgxLib/default.nix | 1 -
 1 file changed, 1 deletion(-)

diff --git a/overlays/nixsgxLib/default.nix b/overlays/nixsgxLib/default.nix
index 43f5326..be0133a 100644
--- a/overlays/nixsgxLib/default.nix
+++ b/overlays/nixsgxLib/default.nix
@@ -211,7 +211,6 @@ final: _:
                   inherit fromImage;
 
                   includeStorePaths = false;
-                  enableFakechroot = true;
                   extraCommands = (mkNixStore contents) + ''
                     (
                       set -e