| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
So far I mostly used this implementation for the games we have packaged,
where we pretty much patch out all commands that execute external
programs.
However in order to be useful in a more generic way, it makes sense to
provide a /bin/sh implementation, especially when you have to deal with
scripting languages.
I'm using dash here, because it's a more minimal implementation rather
than the default shell (bash) we use in nixpkgs and it practically only
needs to be able to run constructs like "/bin/sh -c foo".
Signed-off-by: aszlig <aszlig@nix.build>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We're not directly using Boost but some headers are included in the
headers we use, which causes the build to fail on newer Nix versions.
In theory, this should be propagated by the Nix derivation. See also
this comment:
https://github.com/NixOS/nixpkgs/issues/39001#issuecomment-381949306
However, when looking at the Nix derivation, it already contains code
that takes care of not propagating the boost dependency.
Nevertheless, adding the dependency on our end even though it could
become redundant some day certainly won't hurt.
Signed-off-by: aszlig <aszlig@nix.build>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While the Nix store should be read-only by default, we can't guarantee
this as the Nix store could be mounted read-write (for example on
non-NixOS systems).
For paths other than store directories, I took a conservative approach
here where only /etc is mounted read-only, for all the pseudo-
filesystems such as /proc, /sys or /dev write access might still be
needed, for example to write to a hardware device exposed via /dev (eg.
a gamepad with rumble support).
Signed-off-by: aszlig <aszlig@nix.build>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since the introduction and move of a few packages to use the sandbox, we
no longer have XDG desktop entries, because the sandbox only creates
wrappers for all programs in $drv/bin.
This now also copies the XDG desktop files and replaces absolute paths
to binaries to refer to the sandboxed binaries.
I also modified the test to go through the XDG desktop file by default
so we can ensure that this works properly.
Signed-off-by: aszlig <aszlig@nix.build>
|
|
This is not only useful for packaging games, so let's make it available
from the vuizvui scope, so we can use it from other packages as well.
Signed-off-by: aszlig <aszlig@nix.build>
|