diff options
| author | Profpatsch <mail@profpatsch.de> | 2019-04-09 18:19:04 +0200 |
|---|---|---|
| committer | Profpatsch <mail@profpatsch.de> | 2019-04-18 16:10:20 +0200 |
| commit | 09dc1d8ad625b9a1d5b89593b184d316837ba1cc (patch) | |
| tree | efe86ee9c7266a2c5a6416d151944f66d4dedf05 /pkgs/build-support/build-sandbox/src | |
| parent | 2cd8e92813dfda7684d94cf3bf322d4bae7fdfc2 (diff) | |
build-support/build-sandbox: add support for mounting /nix
Enables us to run nix *inside* of a sandbox. We have to mount the whole store, because otherwise realized store paths built inside of the sandbox are not accessible.
Diffstat (limited to 'pkgs/build-support/build-sandbox/src')
| -rw-r--r-- | pkgs/build-support/build-sandbox/src/Makefile | 17 | ||||
| -rw-r--r-- | pkgs/build-support/build-sandbox/src/setup.c | 13 |
2 files changed, 23 insertions, 7 deletions
diff --git a/pkgs/build-support/build-sandbox/src/Makefile b/pkgs/build-support/build-sandbox/src/Makefile index e18ec9d4..8e1218f6 100644 --- a/pkgs/build-support/build-sandbox/src/Makefile +++ b/pkgs/build-support/build-sandbox/src/Makefile @@ -1,19 +1,24 @@ BINARIES = $(wildcard $(BINDIR)/*) WRAPPERS = $(subst $(BINDIR),$(out)/bin,$(BINARIES)) +OBJECTS = path-cache.o params.o setup.o +CFLAGS = -g -Wall -std=gnu11 -DFS_ROOT_DIR=\"$(out)\" +CXXFLAGS = -g -Wall -std=c++14 `pkg-config --cflags nix-main` +LDFLAGS = -Wl,--copy-dt-needed-entries `pkg-config --libs nix-main` + +ifdef FULL_NIX_STORE +CFLAGS += -DFULL_NIX_STORE +else +OBJECTS += nix-query.o NIX_VERSION = `pkg-config --modversion nix-main | \ sed -e 's/^\([0-9]\+\)\.\([0-9][0-9]\).*/\1\2/' \ -e 's/^\([0-9]\+\)\.\([0-9]\).*/\10\2/'` +CXXFLAGS += -DNIX_VERSION=$(NIX_VERSION) +endif -OBJECTS = nix-query.o path-cache.o params.o setup.o - -CFLAGS = -g -Wall -std=gnu11 -DFS_ROOT_DIR=\"$(out)\" ifdef BINSH_EXECUTABLE CFLAGS += -DBINSH_EXECUTABLE=\"$(BINSH_EXECUTABLE)\" endif -CXXFLAGS = -g -Wall -std=c++14 `pkg-config --cflags nix-main` -CXXFLAGS += -DNIX_VERSION=$(NIX_VERSION) -LDFLAGS = -Wl,--copy-dt-needed-entries `pkg-config --libs nix-main` all: $(OBJECTS) diff --git a/pkgs/build-support/build-sandbox/src/setup.c b/pkgs/build-support/build-sandbox/src/setup.c index 8a5d29b5..8af42a06 100644 --- a/pkgs/build-support/build-sandbox/src/setup.c +++ b/pkgs/build-support/build-sandbox/src/setup.c @@ -18,8 +18,10 @@ #include <unistd.h> #include "params.h" -#include "nix-query.h" #include "path-cache.h" +#ifndef FULL_NIX_STORE +#include "nix-query.h" +#endif static path_cache cached_paths = NULL; @@ -604,6 +606,7 @@ static bool setup_binsh(const char *executable) } #endif +#ifndef FULL_NIX_STORE static bool is_dir(const char *path) { struct stat sb; @@ -663,6 +666,9 @@ bool mount_from_path_var(struct query_state *qs, const char *name) return true; } +/* `/etc/static` is a special symlink on NixOS, pointing to a storepath + of configs that have to be available at runtime for some programs + to function. So we need to mount the closure of that storepath. */ static bool setup_static_etc(struct query_state *qs) { char dest[PATH_MAX]; @@ -680,6 +686,7 @@ static bool setup_static_etc(struct query_state *qs) return mount_requisites(qs, dest); } +/* Bind-mount all necessary nix store paths. */ static bool setup_runtime_paths(void) { struct query_state *qs; @@ -702,6 +709,7 @@ static bool setup_runtime_paths(void) free_query(qs); return true; } +#endif static bool setup_runtime_debug(void) { @@ -782,8 +790,11 @@ static bool setup_chroot(void) if (!bind_mount("/tmp", false, true, false)) return false; + // We don’t need to query the nix store if we mount the full store +#ifndef FULL_NIX_STORE if (!setup_runtime_paths()) return false; +#endif if (!setup_app_paths()) return false; |