From 908129eb2216863e4761730741779b5d21a886f5 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <edolstra@gmail.com>
Date: Fri, 30 May 2025 11:54:54 +0200
Subject: [PATCH] Cleanup

---
 src/libstore/unix/build/derivation-builder.cc | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc
index 232a125e4..eca017487 100644
--- a/src/libstore/unix/build/derivation-builder.cc
+++ b/src/libstore/unix/build/derivation-builder.cc
@@ -2147,13 +2147,11 @@ std::unique_ptr<DerivationBuilder> makeDerivationBuilder(
     }
 
     #ifdef __linux__
-    if (useSandbox) {
-        if (!mountAndPidNamespacesSupported()) {
-            if (!settings.sandboxFallback)
-                throw Error("this system does not support the kernel namespaces that are required for sandboxing; use '--no-sandbox' to disable sandboxing");
-            debug("auto-disabling sandboxing because the prerequisite namespaces are not available");
-            useSandbox = false;
-        }
+    if (useSandbox && !mountAndPidNamespacesSupported()) {
+        if (!settings.sandboxFallback)
+            throw Error("this system does not support the kernel namespaces that are required for sandboxing; use '--no-sandbox' to disable sandboxing");
+        debug("auto-disabling sandboxing because the prerequisite namespaces are not available");
+        useSandbox = false;
     }
 
     if (useSandbox)
@@ -2163,7 +2161,7 @@ std::unique_ptr<DerivationBuilder> makeDerivationBuilder(
             std::move(params));
     #endif
 
-    if (params.drvOptions.useUidRange(params.drv))
+    if (!useSandbox && params.drvOptions.useUidRange(params.drv))
         throw Error("feature 'uid-range' is only supported in sandboxed builds");
 
     #ifdef __APPLE__