Nix's build sandbox is one of the key enablers to ensure we can build our packages on every machine in the same way. It normalizes the build environment and restricts access to non-reproducible file and network resources. However at times it can be difficult and time consuming to figure out why a long running build failed. In this talk I will give a brief overview about the anatomy of Nix's sandbox on Linux. Then I will show how we can leverage breakpoints in builder scripts to inspect failures in the sandbox as they happen. Finally I will present dynamic tracing techniques based on the sysdig framework that can show likely impurities in the build process to hint to root cause of build failures. --- Bio: I do my PhD in University of Edinburgh where I work in systems research. When I am not reconstructing program failures from hardware traces and coredumps, I review and merge pull requests in nixpkgs or work on the NUR platform