about summary refs log tree commit diff
path: root/pkgs/stdenv/pure-darwin/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/stdenv/pure-darwin/default.nix')
-rw-r--r--pkgs/stdenv/pure-darwin/default.nix56
1 files changed, 31 insertions, 25 deletions
diff --git a/pkgs/stdenv/pure-darwin/default.nix b/pkgs/stdenv/pure-darwin/default.nix
index d13dc98cd742..bc3b433e9226 100644
--- a/pkgs/stdenv/pure-darwin/default.nix
+++ b/pkgs/stdenv/pure-darwin/default.nix
@@ -5,18 +5,9 @@
 }:
 
 let
-  # libSystem and its transitive dependencies. Get used to this; it's a recurring theme in darwin land
-  libSystemClosure = [
-    "/usr/lib/libSystem.dylib"
-    "/usr/lib/libSystem.B.dylib"
-    "/usr/lib/libobjc.A.dylib"
-    "/usr/lib/libobjc.dylib"
-    "/usr/lib/libauto.dylib"
-    "/usr/lib/libc++abi.dylib"
-    "/usr/lib/libc++.1.dylib"
-    "/usr/lib/libDiagnosticMessagesClient.dylib"
-    "/usr/lib/system"
-  ];
+  libSystemProfile = ''
+    (import "${./standard-sandbox.sb}")
+  '';
 
   fetch = { file, sha256, executable ? true }: import <nix/fetchurl.nix> {
     url = "http://tarballs.nixos.org/stdenv-darwin/x86_64/4f07c88d467216d9692fefc951deb5cd3c4cc722/${file}";
@@ -46,7 +37,9 @@ in rec {
   '';
 
   # The one dependency of /bin/sh :(
-  binShClosure = [ "/usr/lib/libncurses.5.4.dylib" ];
+  binShClosure = ''
+    (allow file-read* (literal "/usr/lib/libncurses.5.4.dylib"))
+  '';
 
   bootstrapTools = derivation rec {
     inherit system tarball;
@@ -57,7 +50,7 @@ in rec {
 
     inherit (bootstrapFiles) mkdir bzip2 cpio;
 
-    __impureHostDeps  = binShClosure ++ libSystemClosure;
+    __sandboxProfile = binShClosure + libSystemProfile;
   };
 
   stageFun = step: last: {shell             ? "${bootstrapTools}/bin/sh",
@@ -100,8 +93,8 @@ in rec {
         };
 
         # The stdenvs themselves don't use mkDerivation, so I need to specify this here
-        __stdenvImpureHostDeps = binShClosure ++ libSystemClosure;
-        __extraImpureHostDeps  = binShClosure ++ libSystemClosure;
+        stdenvSandboxProfile = binShClosure + libSystemProfile;
+        extraSandboxProfile  = binShClosure + libSystemProfile;
 
         extraAttrs = { inherit platform; };
         overrides  = pkgs: (overrides pkgs) // { fetchurl = thisStdenv.fetchurlBoot; };
@@ -178,10 +171,14 @@ in rec {
   };
 
   stage2 = with stage1; stageFun 2 stage1 {
+    extraPreHook = ''
+      export PATH_LOCALE=${pkgs.darwin.locale}/share/locale
+    '';
+
     allowedRequisites =
       [ bootstrapTools ] ++
       (with pkgs; [ xz libcxx libcxxabi icu ]) ++
-      (with pkgs.darwin; [ dyld Libsystem CF ]);
+      (with pkgs.darwin; [ dyld Libsystem CF locale ]);
 
     overrides = persistent1;
   };
@@ -196,7 +193,7 @@ in rec {
 
     darwin = orig.darwin // {
       inherit (darwin)
-        dyld Libsystem xnu configd libdispatch libclosure launchd libiconv;
+        dyld Libsystem xnu configd libdispatch libclosure launchd libiconv locale;
     };
   };
 
@@ -209,10 +206,14 @@ in rec {
     # patches our shebangs back to point at bootstrapTools. This makes sure bash comes first.
     extraInitialPath = [ pkgs.bash ];
 
+    extraPreHook = ''
+      export PATH_LOCALE=${pkgs.darwin.locale}/share/locale
+    '';
+
     allowedRequisites =
       [ bootstrapTools ] ++
       (with pkgs; [ icu bash libcxx libcxxabi ]) ++
-      (with pkgs.darwin; [ dyld Libsystem ]);
+      (with pkgs.darwin; [ dyld Libsystem locale ]);
 
     overrides = persistent2;
   };
@@ -230,13 +231,16 @@ in rec {
     };
 
     darwin = orig.darwin // {
-      inherit (darwin) dyld Libsystem libiconv;
+      inherit (darwin) dyld Libsystem libiconv locale;
     };
   };
 
   stage4 = with stage3; stageFun 4 stage3 {
     shell = "${pkgs.bash}/bin/bash";
     extraInitialPath = [ pkgs.bash ];
+    extraPreHook = ''
+      export PATH_LOCALE=${pkgs.darwin.locale}/share/locale
+    '';
     overrides = persistent3;
   };
 
@@ -251,7 +255,7 @@ in rec {
     };
 
     darwin = orig.darwin // {
-      inherit (darwin) dyld Libsystem cctools CF libiconv;
+      inherit (darwin) dyld Libsystem cctools libiconv;
     };
   };
 
@@ -261,10 +265,12 @@ in rec {
 
     name = "stdenv-darwin";
 
-    preHook = commonPreHook;
+    preHook = commonPreHook + ''
+      export PATH_LOCALE=${pkgs.darwin.locale}/share/locale
+    '';
 
-    __stdenvImpureHostDeps = binShClosure ++ libSystemClosure;
-    __extraImpureHostDeps  = binShClosure ++ libSystemClosure;
+    stdenvSandboxProfile = binShClosure + libSystemProfile;
+    extraSandboxProfile  = binShClosure + libSystemProfile;
 
     initialPath = import ../common-path.nix { inherit pkgs; };
     shell       = "${pkgs.bash}/bin/bash";
@@ -292,7 +298,7 @@ in rec {
       coreutils ed diffutils gnutar gzip ncurses gnused bash gawk
       gnugrep llvmPackages.clang-unwrapped patch pcre binutils-raw binutils gettext
     ]) ++ (with pkgs.darwin; [
-      dyld Libsystem CF cctools libiconv
+      dyld Libsystem CF cctools libiconv locale
     ]);
 
     overrides = orig: persistent4 orig // {
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-16 18:11:52 +0000