diff options
author | Vladimír Čunát <vcunat@gmail.com> | 2015-04-26 22:52:08 +0200 |
---|---|---|
committer | Vladimír Čunát <vcunat@gmail.com> | 2015-04-26 22:52:08 +0200 |
commit | 30f31c9afcc34336d1d47c62ad4ed39d2dee402a (patch) | |
tree | e3549d198c833f11e5f6062e10a3fefb9d25a670 /pkgs/build-support | |
parent | c1cc2348e4d49ab742e964593a7f74cc53c7f9b7 (diff) | |
parent | 2cb3dc68120701406ac48d7a4da5ff097b092f85 (diff) | |
download | nixlib-30f31c9afcc34336d1d47c62ad4ed39d2dee402a.tar nixlib-30f31c9afcc34336d1d47c62ad4ed39d2dee402a.tar.gz nixlib-30f31c9afcc34336d1d47c62ad4ed39d2dee402a.tar.bz2 nixlib-30f31c9afcc34336d1d47c62ad4ed39d2dee402a.tar.lz nixlib-30f31c9afcc34336d1d47c62ad4ed39d2dee402a.tar.xz nixlib-30f31c9afcc34336d1d47c62ad4ed39d2dee402a.tar.zst nixlib-30f31c9afcc34336d1d47c62ad4ed39d2dee402a.zip |
Merge 'master' into staging
(relatively simple conflicts)
Diffstat (limited to 'pkgs/build-support')
-rw-r--r-- | pkgs/build-support/build-fhs-chrootenv/env.nix | 106 | ||||
-rw-r--r-- | pkgs/build-support/build-fhs-chrootenv/load.sh.in | 1 | ||||
-rwxr-xr-x | pkgs/build-support/build-fhs-userenv/chroot-user.rb | 23 | ||||
-rw-r--r-- | pkgs/build-support/build-fhs-userenv/default.nix | 44 | ||||
-rw-r--r-- | pkgs/build-support/emacs/wrapper.nix | 71 |
5 files changed, 153 insertions, 92 deletions
diff --git a/pkgs/build-support/build-fhs-chrootenv/env.nix b/pkgs/build-support/build-fhs-chrootenv/env.nix index d80e2869e5e6..b659655f74b9 100644 --- a/pkgs/build-support/build-fhs-chrootenv/env.nix +++ b/pkgs/build-support/build-fhs-chrootenv/env.nix @@ -65,25 +65,56 @@ let gnutar gzip bzip2 xz glibcLocales ]; - # Compose a global profile for the chroot environment - profilePkg = nixpkgs.stdenv.mkDerivation { - name = "${name}-chrootenv-profile"; + # Compose /etc for the chroot environment + etcPkg = nixpkgs.stdenv.mkDerivation { + name = "${name}-chrootenv-etc"; buildCommand = '' mkdir -p $out/etc - cat >> $out/etc/profile << "EOF" + cd $out/etc + + # environment variables + cat >> profile << "EOF" export PS1='${name}-chrootenv:\u@\h:\w\$ ' export LOCALE_ARCHIVE='/usr/lib${if is64Bit then "64" else ""}/locale/locale-archive' export LD_LIBRARY_PATH=/run/opengl-driver/lib:/run/opengl-driver-32/lib:/lib:/lib32:/lib64 export PATH='/bin:/sbin' ${profile} EOF + + # compatibility with NixOS + ln -s /host-etc/static static + + # symlink some NSS stuff + ln -s /host-etc/passwd passwd + ln -s /host-etc/group group + ln -s /host-etc/shadow shadow + ln -s /host-etc/hosts hosts + ln -s /host-etc/resolv.conf resolv.conf + ln -s /host-etc/nsswitch.conf nsswitch.conf + + # symlink other core stuff + ln -s /host-etc/localtime localtime + ln -s /host-etc/machine-id machine-id + + # symlink PAM stuff + ln -s /host-etc/pam.d pam.d + + # symlink fonts stuff + ln -s /host-etc/fonts fonts + + # symlink ALSA stuff + ln -s /host-etc/asound.conf asound.conf + + # symlink SSL certs + mkdir -p ssl + ln -s /host-etc/ssl/certs ssl/certs ''; }; # Composes a /usr like directory structure staticUsrProfileTarget = nixpkgs.buildEnv { - name = "system-profile-target"; - paths = basePkgs ++ [ profilePkg ] ++ targetPaths; + name = "${name}-usr-target"; + paths = [ etcPkg ] ++ basePkgs ++ targetPaths; ignoreCollisions = true; }; @@ -94,7 +125,7 @@ let }; linkProfile = profile: '' - for i in ${profile}/{bin,sbin,share,var}; do + for i in ${profile}/{bin,sbin,share,var,etc}; do if [ -x "$i" ] then ln -s "$i" @@ -102,18 +133,6 @@ let done ''; - # the target profile is the actual profile that will be used for the chroot - setupTargetProfile = '' - ${linkProfile staticUsrProfileTarget} - ${setupLibDirs} - - mkdir -m0755 usr - cd usr - ${linkProfile staticUsrProfileTarget} - ${setupLibDirs} - cd .. - ''; - # this will happen on x86_64 host: # /x86 -> links to the whole profile defined by multiPaths # /lib, /lib32 -> links to 32bit binaries @@ -126,15 +145,12 @@ let cd .. ''; - setupLibDirs = if isTargetBuild then setupLibDirs_target - else setupLibDirs_multi; - # setup library paths only for the targeted architecture setupLibDirs_target = '' mkdir -m0755 lib # copy content of targetPaths - cp -rsf ${staticUsrProfileTarget}/lib/* lib/ && chmod u+w -R lib/ + cp -rsf ${staticUsrProfileTarget}/lib/* lib/ ''; # setup /lib, /lib32 and /lib64 @@ -144,7 +160,7 @@ let ln -s lib lib32 # copy glibc stuff - cp -rsf ${staticUsrProfileTarget}/lib/32/* lib/ + cp -rsf ${staticUsrProfileTarget}/lib/32/* lib/ && chmod u+w -R lib/ # copy content of multiPaths (32bit libs) [ -d ${staticUsrProfileMulti}/lib ] && cp -rsf ${staticUsrProfileMulti}/lib/* lib/ && chmod u+w -R lib/ @@ -163,38 +179,21 @@ let cp -rsf ${chosenGcc.cc}/lib64/* lib64/ ''; - setupEtc = '' - mkdir -m0755 etc - - # copy profile content - cp -rsf ${staticUsrProfileTarget}/etc/* etc/ && chmod u+w -R etc/ - [ -d ${staticUsrProfileMulti}/etc ] && cp -rsf ${staticUsrProfileMulti}/etc/* etc/ && chmod u+w -R etc/ - - # compatibility with NixOS - ln -s /host-etc/static etc/static - - # symlink some NSS stuff - ln -s /host-etc/passwd etc/passwd - ln -s /host-etc/group etc/group - ln -s /host-etc/shadow etc/shadow - ln -s /host-etc/hosts etc/hosts - ln -s /host-etc/resolv.conf etc/resolv.conf - ln -s /host-etc/nsswitch.conf etc/nsswitch.conf - - # symlink other core stuff - ln -s /host-etc/localtime etc/localtime - ln -s /host-etc/machine-id etc/machine-id + setupLibDirs = if isTargetBuild then setupLibDirs_target + else setupLibDirs_multi; - # symlink PAM stuff - rm -rf etc/pam.d - ln -s /host-etc/pam.d etc/pam.d - # symlink fonts stuff - rm -rf etc/fonts - ln -s /host-etc/fonts etc/fonts + # the target profile is the actual profile that will be used for the chroot + setupTargetProfile = '' + ${linkProfile staticUsrProfileTarget} + ${setupLibDirs} - # symlink ALSA stuff - ln -s /host-etc/asound.conf etc/asound.conf + mkdir -m0755 usr + cd usr + ${linkProfile staticUsrProfileTarget} + ${setupLibDirs} + cd .. + rm -rf usr/etc usr/var ''; in nixpkgs.stdenv.mkDerivation { @@ -204,7 +203,6 @@ in nixpkgs.stdenv.mkDerivation { cd $out ${setupTargetProfile} ${setupMultiProfile} - ${setupEtc} cd $out ${extraBuildCommands} cd $out diff --git a/pkgs/build-support/build-fhs-chrootenv/load.sh.in b/pkgs/build-support/build-fhs-chrootenv/load.sh.in index 99da20c34b21..f3a6d13e8ff7 100644 --- a/pkgs/build-support/build-fhs-chrootenv/load.sh.in +++ b/pkgs/build-support/build-fhs-chrootenv/load.sh.in @@ -9,4 +9,5 @@ sudo chroot --userspec "$USER:${GROUPS[0]}" --groups "${GROUPS[0]}" $chrootenvDe HOME="$HOME" \ XDG_RUNTIME_DIR="$XDG_RUNTIME_DIR" \ LANG="$LANG" \ + SSL_CERT_FILE="$SSL_CERT_FILE" \ /bin/bash --login diff --git a/pkgs/build-support/build-fhs-userenv/chroot-user.rb b/pkgs/build-support/build-fhs-userenv/chroot-user.rb index 3e140fac97e2..c555f053875a 100755 --- a/pkgs/build-support/build-fhs-userenv/chroot-user.rb +++ b/pkgs/build-support/build-fhs-userenv/chroot-user.rb @@ -11,12 +11,21 @@ mounts = [ ['/nix/store', nil], ['/var', nil], ['/run', nil], ['/root', nil], - ].map! { |x| [ x[0], x[1].nil? ? x[0].sub(/^\/*/, '') : x[1] ] } + ] # Create directories mkdirs = ['tmp', ] +# Propagate environment variables +envvars = [ 'TERM', + 'DISPLAY', + 'HOME', + 'XDG_RUNTIME_DIR', + 'LANG', + 'SSL_CERT_FILE', + ] + require 'tmpdir' require 'fileutils' require 'pathname' @@ -59,6 +68,9 @@ abort "Usage: chrootenv swdir program args..." unless ARGV.length >= 2 swdir = Pathname.new ARGV[0] execp = ARGV.drop 1 +# Set destination paths for mounts +mounts.map! { |x| [x[0], x[1].nil? ? x[0].sub(/^\/*/, '') : x[1]] } + # Create temporary directory for root and chdir root = Dir.mktmpdir 'chrootenv' @@ -88,7 +100,7 @@ if $cpid == 0 write_file '/proc/self/gid_map', "#{gid} #{gid} 1" # Do mkdirs - mkdirs.each { |x| FileUtils.mkdir_p x } + mkdirs.each { |x| FileUtils.mkdir_p "#{root}/#{x}" } # Do rbind mounts. mounts.each do |x| @@ -120,12 +132,7 @@ if $cpid == 0 link_swdir.call swdir, Pathname.new('') # New environment - ENV.replace({ 'TERM' => ENV['TERM'], - 'DISPLAY' => ENV['DISPLAY'], - 'HOME' => ENV['HOME'], - 'XDG_RUNTIME_DIR' => ENV['XDG_RUNTIME_DIR'], - 'LANG' => ENV['LANG'], - }) + ENV.replace(Hash[ envvars.map { |x| [x, ENV[x]] } ]) # Finally, exec! exec *execp diff --git a/pkgs/build-support/build-fhs-userenv/default.nix b/pkgs/build-support/build-fhs-userenv/default.nix index 67484857ee16..546345c7e6c2 100644 --- a/pkgs/build-support/build-fhs-userenv/default.nix +++ b/pkgs/build-support/build-fhs-userenv/default.nix @@ -1,37 +1,21 @@ -{ writeTextFile, stdenv, ruby } : { env, runScript } : +{ writeText, writeScriptBin, stdenv, ruby } : { env, runScript } : let name = env.pname; # Sandboxing script - chroot-user = writeTextFile { - name = "chroot-user"; - executable = true; - destination = "/bin/chroot-user"; - text = '' - #! ${ruby}/bin/ruby - ${builtins.readFile ./chroot-user.rb} - ''; - }; + chroot-user = writeScriptBin "chroot-user" '' + #! ${ruby}/bin/ruby + ${builtins.readFile ./chroot-user.rb} + ''; -in stdenv.mkDerivation { - name = "${name}-userenv"; - buildInputs = [ ruby ]; - preferLocalBuild = true; - buildCommand = '' - mkdir -p $out/bin - cat > $out/bin/${name} <<EOF - #! ${stdenv.shell} - exec ${chroot-user}/bin/chroot-user ${env} $out/libexec/run "\$@" - EOF - chmod +x $out/bin/${name} + init = writeText "init" '' + [ -d "$1" ] && [ -r "$1" ] && cd "$1" + shift + exec "${runScript}" "$@" + ''; - mkdir -p $out/libexec - cat > $out/libexec/run <<EOF - #! ${stdenv.shell} - source /etc/profile - ${runScript} "\$@" - EOF - chmod +x $out/libexec/run - ''; -} +in writeScriptBin name '' + #! ${stdenv.shell} + exec ${chroot-user}/bin/chroot-user ${env} bash -l ${init} "$(pwd)" "$@" +'' diff --git a/pkgs/build-support/emacs/wrapper.nix b/pkgs/build-support/emacs/wrapper.nix new file mode 100644 index 000000000000..678ba4502112 --- /dev/null +++ b/pkgs/build-support/emacs/wrapper.nix @@ -0,0 +1,71 @@ +{ stdenv, makeWrapper, emacs }: + +with stdenv.lib; + +explicitRequires: # packages explicitly requested by the user + +stdenv.mkDerivation { + name = (appendToName "with-packages" emacs).name; + nativeBuildInputs = [ emacs makeWrapper ]; + inherit emacs explicitRequires; + phases = [ "installPhase" ]; + installPhase = '' + requires="" + for pkg in $explicitRequires; do + findInputs $pkg requires propagated-user-env-packages + done + # requires now holds all requested packages and their transitive dependencies + + siteStart="$out/share/emacs/site-lisp/site-start.el" + + addEmacsPath() { + local list=$1 + local path=$2 + # Add the path to the search path list, but only if it exists + if [[ -d "$path" ]]; then + echo "(add-to-list '$list \"$path\")" >>"$siteStart" + fi + } + + # Add a dependency's paths to site-start.el + addToEmacsPaths() { + addEmacsPath "exec-path" "$1/bin" + addEmacsPath "load-path" "$1/share/emacs/site-lisp" + addEmacsPath "package-directory-list" "$1/share/emacs/site-lisp/elpa" + } + + mkdir -p $out/share/emacs/site-lisp + # Begin the new site-start.el by loading the original, which sets some + # NixOS-specific paths. Paths are searched in the reverse of the order + # they are specified in, so user and system profile paths are searched last. + echo "(load-file \"$emacs/share/emacs/site-lisp/site-start.el\")" >"$siteStart" + echo "(require 'package)" >>"$siteStart" + + # Set paths for the dependencies of the requested packages. These paths are + # searched before the profile paths, but after the explicitly-required paths. + for pkg in $requires; do + # The explicitly-required packages are also in the list, but we will add + # those paths last. + if ! ( echo "$explicitRequires" | grep "$pkg" >/dev/null ) ; then + addToEmacsPaths $pkg + fi + done + + # Finally, add paths for all the explicitly-required packages. These paths + # will be searched first. + for pkg in $explicitRequires; do + addToEmacsPaths $pkg + done + + # Byte-compiling improves start-up time only slightly, but costs nothing. + emacs --batch -f batch-byte-compile "$siteStart" + + mkdir -p $out/bin + # Wrap emacs and friends so they find our site-start.el before the original. + for prog in $emacs/bin/*; do # */ + makeWrapper "$prog" $out/bin/$(basename "$prog") \ + --suffix EMACSLOADPATH ":" "$out/share/emacs/site-lisp:" + done + ''; + inherit (emacs) meta; +} |