diff options
| author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2014-08-04 16:45:05 +0200 |
|---|---|---|
| committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2014-08-04 16:46:39 +0200 |
| commit | b35770818d70924b2b71ae41ead270fe0be8c826 (patch) | |
| tree | 7483b913cfaea8a53a30ff7b9c53cdd95b5cf989 /nixos | |
| parent | 166fbcaf28995fb50c59b86de8a53a2d56072334 (diff) | |
| download | nixlib-b35770818d70924b2b71ae41ead270fe0be8c826.tar nixlib-b35770818d70924b2b71ae41ead270fe0be8c826.tar.gz nixlib-b35770818d70924b2b71ae41ead270fe0be8c826.tar.bz2 nixlib-b35770818d70924b2b71ae41ead270fe0be8c826.tar.lz nixlib-b35770818d70924b2b71ae41ead270fe0be8c826.tar.xz nixlib-b35770818d70924b2b71ae41ead270fe0be8c826.tar.zst nixlib-b35770818d70924b2b71ae41ead270fe0be8c826.zip | |
In Nix chroots, provide plain bash, not bash-interactive
This way we don't get ncurses in the chroot. Also, use a bind-mount of /bin/sh to bash, rather than the entire /bin from the host filesystem.
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/services/misc/nix-daemon.nix | 17 |
1 files changed, 6 insertions, 11 deletions
diff --git a/nixos/modules/services/misc/nix-daemon.nix b/nixos/modules/services/misc/nix-daemon.nix index 1ebd3c3643df..c98c0511b566 100644 --- a/nixos/modules/services/misc/nix-daemon.nix +++ b/nixos/modules/services/misc/nix-daemon.nix @@ -22,14 +22,11 @@ let nixConf = let - # Tricky: if we're using a chroot for builds, then we need - # /bin/sh in the chroot (our own compromise to purity). - # However, since /bin/sh is a symlink to some path in the - # Nix store, which furthermore has runtime dependencies on - # other paths in the store, we need the closure of /bin/sh - # in `build-chroot-dirs' - otherwise any builder that uses - # /bin/sh won't work. - binshDeps = pkgs.writeReferencesToFile config.system.build.binsh; + # If we're using a chroot for builds, then provide /bin/sh in + # the chroot as a bind-mount to bash. This means we also need to + # include the entire closure of bash. + sh = pkgs.stdenv.shell; + binshDeps = pkgs.writeReferencesToFile sh; in pkgs.runCommand "nix.conf" {extraOptions = cfg.extraOptions; } '' extraPaths=$(for i in $(cat ${binshDeps}); do if test -d $i; then echo $i; fi; done) @@ -40,7 +37,7 @@ let build-users-group = nixbld build-max-jobs = ${toString (cfg.maxJobs)} build-use-chroot = ${if cfg.useChroot then "true" else "false"} - build-chroot-dirs = ${toString cfg.chrootDirs} $(echo $extraPaths) + build-chroot-dirs = ${toString cfg.chrootDirs} /bin/sh=${sh} $(echo $extraPaths) binary-caches = ${toString cfg.binaryCaches} trusted-binary-caches = ${toString cfg.trustedBinaryCaches} $extraOptions @@ -253,8 +250,6 @@ in config = { - nix.chrootDirs = [ "/bin" ]; - environment.etc."nix/nix.conf".source = nixConf; # List of machines for distributed Nix builds in the format |