diff options
| author | Eelco Dolstra <edolstra@gmail.com> | 2018-02-07 16:50:47 +0100 |
|---|---|---|
| committer | Eelco Dolstra <edolstra@gmail.com> | 2018-02-07 16:54:23 +0100 |
| commit | df117acab7bf345500ffada26c240c9f815b7c21 (patch) | |
| tree | c10f92b8a64f59d0aa51557bd0d8aa734bc11442 /nixos/lib/make-squashfs.nix | |
| parent | 5193807750853a592bb7d0202a998d1f2c780cf2 (diff) | |
ISO images: Initialize the Nix database with correct NAR hashes/sizes
The boot test now runs "nix verify" to ensure that all hashes are correct.
Diffstat (limited to 'nixos/lib/make-squashfs.nix')
| -rw-r--r-- | nixos/lib/make-squashfs.nix | 42 |
1 files changed, 5 insertions, 37 deletions
diff --git a/nixos/lib/make-squashfs.nix b/nixos/lib/make-squashfs.nix index 9d47a3222cc27..7ab84e47f53b5 100644 --- a/nixos/lib/make-squashfs.nix +++ b/nixos/lib/make-squashfs.nix @@ -1,4 +1,4 @@ -{ stdenv, squashfsTools, perl, pathsFromGraph +{ stdenv, squashfsTools, closureInfo , # The root directory of the squashfs filesystem is filled with the # closures of the Nix store paths listed here. @@ -8,50 +8,18 @@ stdenv.mkDerivation { name = "squashfs.img"; - nativeBuildInputs = [perl squashfsTools]; - - # For obtaining the closure of `storeContents'. - exportReferencesGraph = - map (x: [("closure-" + baseNameOf x) x]) storeContents; + nativeBuildInputs = [ squashfsTools ]; buildCommand = '' - # Add the closures of the top-level store objects. - storePaths=$(perl ${pathsFromGraph} closure-*) - - # If a Hydra slave happens to have store paths with bad permissions/mtime, - # abort now so that they don't end up in ISO images in the channel. - # https://github.com/NixOS/nixpkgs/issues/32242 - hasBadPaths="" - for path in $storePaths; do - if [ -h "$path" ]; then - continue - fi - - mtime=$(stat -c %Y "$path") - mode=$(stat -c %a "$path") - - if [ "$mtime" != 1 ]; then - echo "Store path '$path' has an invalid mtime." - hasBadPaths=1 - fi - if [ "$mode" != 444 ] && [ "$mode" != 555 ]; then - echo "Store path '$path' has invalid permissions ($mode)." - hasBadPaths=1 - fi - done - - if [ -n "$hasBadPaths" ]; then - echo "You have bad paths in your store, please fix them." - exit 1 - fi + closureInfo=${closureInfo { rootPaths = storeContents; }} # Also include a manifest of the closures in a format suitable # for nix-store --load-db. - printRegistration=1 perl ${pathsFromGraph} closure-* > nix-path-registration + cp $closureInfo/registration nix-path-registration # Generate the squashfs image. - mksquashfs nix-path-registration $storePaths $out \ + mksquashfs nix-path-registration $(cat $closureInfo/store-paths) $out \ -keep-as-directory -all-root -b 1048576 -comp xz -Xdict-size 100% ''; } |