From 0bf66bd8d1a1db8c512c66069731bf67a9836a44 Mon Sep 17 00:00:00 2001
From: aszlig <aszlig@redmoonstudios.org>
Date: Tue, 3 Oct 2017 21:32:35 +0200
Subject: pkgs/sandbox: Mount paths from path-like variables

On NixOS the LD_LIBRARY_PATH looks similar to this (depending on the
configuration):

/run/opengl-driver/lib:/run/opengl-driver-32/lib

However, we don't have these paths available within the sandbox, because
so far we've only used exportReferencesGraph to gather the runtime
dependencies after the build has succeeded.

This obviously doesn't take into account runtime dependencies from the
system itself.

We are now taking care of this by using the Nix store library to query
the requisities of all the paths that are contained inside path-like
variables (multiple paths delimited by colons) and mount them during
sandbox setup.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
---
 pkgs/games/build-support/build-sandbox/src/setup.c | 66 ++++++++++++++++++++++
 1 file changed, 66 insertions(+)

(limited to 'pkgs/games/build-support/build-sandbox/src/setup.c')

diff --git a/pkgs/games/build-support/build-sandbox/src/setup.c b/pkgs/games/build-support/build-sandbox/src/setup.c
index 72b2f80e..3251a861 100644
--- a/pkgs/games/build-support/build-sandbox/src/setup.c
+++ b/pkgs/games/build-support/build-sandbox/src/setup.c
@@ -18,6 +18,7 @@
 #include <unistd.h>
 
 #include "params.h"
+#include "nix-query.h"
 
 static bool write_proc(int proc_pid_fd, const char *fname, const char *buf,
                        size_t buflen, bool ignore_errors)
@@ -193,6 +194,7 @@ static bool bind_file(const char *path)
         return false;
     }
 
+    free(target);
     return true;
 }
 
@@ -480,6 +482,67 @@ static bool setup_xauthority(void)
     return result;
 }
 
+static bool mount_requisites(struct query_state *qs, const char *path)
+{
+    const char *requisite;
+
+    if (!query_requisites(qs, path)) {
+        fprintf(stderr, "Unable to get requisites for %s.\n", path);
+        return false;
+    }
+
+    while ((requisite = next_query_result(qs)) != NULL) {
+        if (!bind_mount(requisite, true, false))
+            return false;
+    }
+
+    return true;
+}
+
+bool mount_from_path_var(struct query_state *qs, const char *name)
+{
+    char *buf, *ptr, *value = getenv(name);
+
+    if (value == NULL)
+        return true;
+
+    if ((buf = strdup(value)) == NULL) {
+        fprintf(stderr, "strdup %s: %s\n", value, strerror(errno));
+        return false;
+    }
+
+    ptr = strtok(buf, ":");
+
+    while (ptr != NULL) {
+        if (!mount_requisites(qs, ptr)) {
+            free(buf);
+            return false;
+        }
+        ptr = strtok(NULL, ":");
+    }
+
+    free(buf);
+    return true;
+}
+
+static bool setup_runtime_paths(void)
+{
+    struct query_state *qs;
+
+    if ((qs = new_query()) == NULL) {
+        fputs("Unable to allocate Nix query state.\n", stderr);
+        return false;
+    }
+
+    if (!mount_runtime_path_vars(qs)) {
+        free_query(qs);
+        return false;
+    }
+
+    free_query(qs);
+    return true;
+}
+
 static bool setup_chroot(void)
 {
     int mflags;
@@ -512,6 +575,9 @@ static bool setup_chroot(void)
     if (!bind_mount("/tmp", true, false))
         return false;
 
+    if (!setup_runtime_paths())
+        return false;
+
     if (!setup_app_paths())
         return false;
 
-- 
cgit 1.4.1