From 09dc1d8ad625b9a1d5b89593b184d316837ba1cc Mon Sep 17 00:00:00 2001 From: Profpatsch Date: Tue, 9 Apr 2019 18:19:04 +0200 Subject: build-support/build-sandbox: add support for mounting /nix Enables us to run nix *inside* of a sandbox. We have to mount the whole store, because otherwise realized store paths built inside of the sandbox are not accessible. --- pkgs/build-support/build-sandbox/src/setup.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'pkgs/build-support/build-sandbox/src/setup.c') diff --git a/pkgs/build-support/build-sandbox/src/setup.c b/pkgs/build-support/build-sandbox/src/setup.c index 8a5d29b5..8af42a06 100644 --- a/pkgs/build-support/build-sandbox/src/setup.c +++ b/pkgs/build-support/build-sandbox/src/setup.c @@ -18,8 +18,10 @@ #include #include "params.h" -#include "nix-query.h" #include "path-cache.h" +#ifndef FULL_NIX_STORE +#include "nix-query.h" +#endif static path_cache cached_paths = NULL; @@ -604,6 +606,7 @@ static bool setup_binsh(const char *executable) } #endif +#ifndef FULL_NIX_STORE static bool is_dir(const char *path) { struct stat sb; @@ -663,6 +666,9 @@ bool mount_from_path_var(struct query_state *qs, const char *name) return true; } +/* `/etc/static` is a special symlink on NixOS, pointing to a storepath + of configs that have to be available at runtime for some programs + to function. So we need to mount the closure of that storepath. */ static bool setup_static_etc(struct query_state *qs) { char dest[PATH_MAX]; @@ -680,6 +686,7 @@ static bool setup_static_etc(struct query_state *qs) return mount_requisites(qs, dest); } +/* Bind-mount all necessary nix store paths. */ static bool setup_runtime_paths(void) { struct query_state *qs; @@ -702,6 +709,7 @@ static bool setup_runtime_paths(void) free_query(qs); return true; } +#endif static bool setup_runtime_debug(void) { @@ -782,8 +790,11 @@ static bool setup_chroot(void) if (!bind_mount("/tmp", false, true, false)) return false; + // We don’t need to query the nix store if we mount the full store +#ifndef FULL_NIX_STORE if (!setup_runtime_paths()) return false; +#endif if (!setup_app_paths()) return false; -- cgit 1.4.1