From a14127aa647d31582aaf481cec6b4112bc744973 Mon Sep 17 00:00:00 2001 From: Philip Taron Date: Tue, 12 Mar 2024 16:03:30 -0700 Subject: Avoid top-level `with ...;` in pkgs/build-support/build-fhsenv-bubblewrap/default.nix --- .../build-fhsenv-bubblewrap/default.nix | 40 ++++++++++++++-------- 1 file changed, 25 insertions(+), 15 deletions(-) (limited to 'pkgs/build-support/build-fhsenv-bubblewrap') diff --git a/pkgs/build-support/build-fhsenv-bubblewrap/default.nix b/pkgs/build-support/build-fhsenv-bubblewrap/default.nix index 3292f4039a637..56dce551870e8 100644 --- a/pkgs/build-support/build-fhsenv-bubblewrap/default.nix +++ b/pkgs/build-support/build-fhsenv-bubblewrap/default.nix @@ -31,10 +31,20 @@ assert (pname != null || version != null) -> (name == null && pname != null); # You must declare either a name or pname + version (preferred). -with builtins; let + inherit (lib) + concatLines + concatStringsSep + escapeShellArgs + filter + optionalString + splitString + ; + + inherit (lib.attrsets) removeAttrs; + pname = if args ? name && args.name != null then args.name else args.pname; - versionStr = lib.optionalString (version != null) ("-" + version); + versionStr = optionalString (version != null) ("-" + version); name = pname + versionStr; buildFHSEnv = callPackage ./buildFHSEnv.nix { }; @@ -116,10 +126,10 @@ let exec ${run} "$@" ''; - indentLines = str: lib.concatLines (map (s: " " + s) (filter (s: s != "") (lib.splitString "\n" str))); + indentLines = str: concatLines (map (s: " " + s) (filter (s: s != "") (splitString "\n" str))); bwrapCmd = { initArgs ? "" }: '' ${extraPreBwrapCmds} - ignored=(/nix /dev /proc /etc ${lib.optionalString privateTmp "/tmp"}) + ignored=(/nix /dev /proc /etc ${optionalString privateTmp "/tmp"}) ro_mounts=() symlinks=() etc_ignored=() @@ -156,7 +166,7 @@ let ro_mounts+=(--ro-bind /etc /.host-etc) fi - for i in ${lib.escapeShellArgs etcBindEntries}; do + for i in ${escapeShellArgs etcBindEntries}; do if [[ "''${etc_ignored[@]}" =~ "$i" ]]; then continue fi @@ -187,7 +197,7 @@ let x11_args+=(--ro-bind-try "$local_socket" "$local_socket") fi - ${lib.optionalString privateTmp '' + ${optionalString privateTmp '' # sddm places XAUTHORITY in /tmp if [[ "$XAUTHORITY" == /tmp/* ]]; then x11_args+=(--ro-bind-try "$XAUTHORITY" "$XAUTHORITY") @@ -212,15 +222,15 @@ let --dev-bind /dev /dev --proc /proc --chdir "$(pwd)" - ${lib.optionalString unshareUser "--unshare-user"} - ${lib.optionalString unshareIpc "--unshare-ipc"} - ${lib.optionalString unsharePid "--unshare-pid"} - ${lib.optionalString unshareNet "--unshare-net"} - ${lib.optionalString unshareUts "--unshare-uts"} - ${lib.optionalString unshareCgroup "--unshare-cgroup"} - ${lib.optionalString dieWithParent "--die-with-parent"} + ${optionalString unshareUser "--unshare-user"} + ${optionalString unshareIpc "--unshare-ipc"} + ${optionalString unsharePid "--unshare-pid"} + ${optionalString unshareNet "--unshare-net"} + ${optionalString unshareUts "--unshare-uts"} + ${optionalString unshareCgroup "--unshare-cgroup"} + ${optionalString dieWithParent "--die-with-parent"} --ro-bind /nix /nix - ${lib.optionalString privateTmp "--tmpfs /tmp"} + ${optionalString privateTmp "--tmpfs /tmp"} # Our glibc will look for the cache in its own path in `/nix/store`. # As such, we need a cache to exist there, because pressure-vessel # depends on the existence of an ld cache. However, adding one @@ -234,7 +244,7 @@ let --symlink /etc/ld.so.cache ${glibc}/etc/ld.so.cache \ --ro-bind ${glibc}/etc/rpc ${glibc}/etc/rpc \ --remount-ro ${glibc}/etc \ - '' + lib.optionalString (stdenv.isx86_64 && stdenv.isLinux) (indentLines '' + '' + optionalString (stdenv.isx86_64 && stdenv.isLinux) (indentLines '' --tmpfs ${pkgsi686Linux.glibc}/etc \ --symlink /etc/ld.so.conf ${pkgsi686Linux.glibc}/etc/ld.so.conf \ --symlink /etc/ld.so.cache ${pkgsi686Linux.glibc}/etc/ld.so.cache \ -- cgit 1.4.1