From 75ea0523c41372cea4450f748c5ef59b0d01702e Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov Date: Thu, 9 Jun 2016 18:20:56 +0300 Subject: doc: update buildFHSUserEnv documentation --- doc/functions.xml | 84 ++++++++++++++++++++++--------------------------------- 1 file changed, 33 insertions(+), 51 deletions(-) (limited to 'doc/functions.xml') diff --git a/doc/functions.xml b/doc/functions.xml index e6bb6b7deefb..73b178b061f9 100644 --- a/doc/functions.xml +++ b/doc/functions.xml @@ -171,42 +171,18 @@ c = lib.makeOverridable f { a = 1; b = 2; }
- buildFHSChrootEnv/buildFHSUserEnv + buildFHSUserEnv - buildFHSChrootEnv and - buildFHSUserEnv provide a way to build and run - FHS-compatible lightweight sandboxes. They get their own isolated root with - binded /nix/store, so their footprint in terms of disk + buildFHSUserEnv provides a way to build and run + FHS-compatible lightweight sandboxes. It creates an isolated root with + bound /nix/store, so its footprint in terms of disk space needed is quite small. This allows one to run software which is hard or unfeasible to patch for NixOS -- 3rd-party source trees with FHS assumptions, games distributed as tarballs, software with integrity checking and/or external - self-updated binaries. - - - - buildFHSChrootEnv allows to create persistent - environments, which can be constructed, deconstructed and entered by - multiple users at once. A downside is that it requires - root access for both those who create and destroy and - those who enter it. It can be useful to create environments for daemons that - one can enter and observe. - - - - buildFHSUserEnv uses Linux namespaces feature to create + self-updated binaries. It uses Linux namespaces feature to create temporary lightweight environments which are destroyed after all child - processes exit. It does not require root access, and can be useful to create - sandboxes and wrap applications. - - - - Those functions both rely on buildFHSEnv, which creates - an actual directory structure given a list of necessary packages and extra - build commands. - buildFHSChrootEnv and buildFHSUserEnv - both accept those arguments which are passed to - buildFHSEnv: + processes exit, without root user rights requirement. Accepted arguments are: @@ -220,14 +196,16 @@ c = lib.makeOverridable f { a = 1; b = 2; } targetPkgs Packages to be installed for the main host's architecture - (i.e. x86_64 on x86_64 installations). + (i.e. x86_64 on x86_64 installations). Along with libraries binaries are also + installed. multiPkgs Packages to be installed for all architectures supported by - a host (i.e. i686 and x86_64 on x86_64 installations). + a host (i.e. i686 and x86_64 on x86_64 installations). Only libraries are + installed by default. @@ -240,29 +218,33 @@ c = lib.makeOverridable f { a = 1; b = 2; } extraBuildCommandsMulti - Like extraBuildCommandsMulti, but + Like extraBuildCommands, but executed only on multilib architectures. + + + extraOutputsToInstall + + Additional derivation outputs to be linked for both + target and multi-architecture packages. + + + + extraInstallCommands + + Additional commands to be executed for finalizing the + derivation with runner script. + + + + runScript + + A command that would be executed inside the sandbox and + passed all the command line arguments. It defaults to + bash. + - - Additionally, buildFHSUserEnv accepts - runScript parameter, which is a command that would be - executed inside the sandbox and passed all the command line arguments. It - default to bash. - - - It also uses CHROOTENV_EXTRA_BINDS environment variable - for binding extra directories in the sandbox to outside places. The format of - the variable is /mnt=test-mnt:/data, where - /mnt would be mounted as /test-mnt - and /data would be mounted as /data. - extraBindMounts array argument to - buildFHSUserEnv function is prepended to this variable. - Latter entries take priority if defined several times -- i.e. in case of - /data=data1:/data=data2 the actual bind path would be - /data2. - One can create a simple environment using a shell.nix like that: -- cgit 1.4.1