pyrox.dev
Merge pull request #225748 from Atemu/buildFHSEnvBubblewrap-by-default
buildFHSEnv: use bubblewrap by default
+3
-3
doc/builders/special/fhs-environments.section.md
+3
-3
doc/builders/special/fhs-environments.section.md
···
1
-
# buildFHSUserEnv {#sec-fhs-environments}
1
+
# buildFHSEnv {#sec-fhs-environments}
2
2
3
-
`buildFHSUserEnv` provides a way to build and run FHS-compatible lightweight sandboxes. It creates an isolated root with bound `/nix/store`, so its footprint in terms of disk space needed is quite small. This allows one to run software which is hard or unfeasible to patch for NixOS -- 3rd-party source trees with FHS assumptions, games distributed as tarballs, software with integrity checking and/or external self-updated binaries. It uses Linux namespaces feature to create temporary lightweight environments which are destroyed after all child processes exit, without root user rights requirement. Accepted arguments are:
3
+
`buildFHSEnv` provides a way to build and run FHS-compatible lightweight sandboxes. It creates an isolated root with bound `/nix/store`, so its footprint in terms of disk space needed is quite small. This allows one to run software which is hard or unfeasible to patch for NixOS -- 3rd-party source trees with FHS assumptions, games distributed as tarballs, software with integrity checking and/or external self-updated binaries. It uses Linux namespaces feature to create temporary lightweight environments which are destroyed after all child processes exit, without root user rights requirement. Accepted arguments are:
4
4
5
5
- `name`
6
6
Environment name.
···
26
26
```nix
27
27
{ pkgs ? import <nixpkgs> {} }:
28
28
29
-
(pkgs.buildFHSUserEnv {
29
+
(pkgs.buildFHSEnv {
30
30
name = "simple-x11-env";
31
31
targetPkgs = pkgs: (with pkgs;
32
32
[ udev
+1
-1
nixos/doc/manual/configuration/adding-custom-packages.section.md
+1
-1
nixos/doc/manual/configuration/adding-custom-packages.section.md
···
94
94
Then instead of running the AppImage "as-is", run `appimage-run foo.appimage`.
95
95
96
96
To make other pre-built executables work on NixOS, you need to package them
97
-
with Nix and special helpers like `autoPatchelfHook` or `buildFHSUserEnv`. See
97
+
with Nix and special helpers like `autoPatchelfHook` or `buildFHSEnv`. See
98
98
the [Nixpkgs manual](https://nixos.org/nixpkgs/manual) for details. This
99
99
is complex and often doing a source build is easier.
+1
-1
nixos/modules/services/computing/boinc/client.nix
+1
-1
nixos/modules/services/computing/boinc/client.nix
···
6
6
cfg = config.services.boinc;
7
7
allowRemoteGuiRpcFlag = optionalString cfg.allowRemoteGuiRpc "--allow_remote_gui_rpc";
8
8
9
-
fhsEnv = pkgs.buildFHSUserEnv {
9
+
fhsEnv = pkgs.buildFHSEnv {
10
10
name = "boinc-fhs-env";
11
11
targetPkgs = pkgs': [ cfg.package ] ++ cfg.extraEnvPackages;
12
12
runScript = "/bin/boinc_client";
+2
-2
pkgs/applications/blockchains/sparrow/fhsenv.nix
+2
-2
pkgs/applications/blockchains/sparrow/fhsenv.nix
+2
-2
pkgs/applications/editors/android-studio/common.nix
+2
-2
pkgs/applications/editors/android-studio/common.nix
···
2
2
3
3
{ alsa-lib
4
4
, bash
5
-
, buildFHSUserEnv
5
+
, buildFHSEnv
6
6
, cacert
7
7
, coreutils
8
8
, dbus
···
178
178
# Android Studio downloads prebuilt binaries as part of the SDK. These tools
179
179
# (e.g. `mksdcard`) have `/lib/ld-linux.so.2` set as the interpreter. An FHS
180
180
# environment is used as a work around for that.
181
-
fhsEnv = buildFHSUserEnv {
181
+
fhsEnv = buildFHSEnv {
182
182
name = "${drvName}-fhs-env";
183
183
multiPkgs = pkgs: [
184
184
ncurses5
+2
-2
pkgs/applications/editors/android-studio/default.nix
+2
-2
pkgs/applications/editors/android-studio/default.nix
···
1
-
{ callPackage, makeFontsConf, gnome2, buildFHSUserEnv, tiling_wm ? false }:
1
+
{ callPackage, makeFontsConf, gnome2, buildFHSEnv, tiling_wm ? false }:
2
2
3
3
let
4
4
mkStudio = opts: callPackage (import ./common.nix opts) {
···
6
6
fontDirectories = [];
7
7
};
8
8
inherit (gnome2) GConf gnome_vfs;
9
-
inherit buildFHSUserEnv;
9
+
inherit buildFHSEnv;
10
10
inherit tiling_wm;
11
11
};
12
12
stableVersion = {
+3
-3
pkgs/applications/editors/quartus-prime/default.nix
+3
-3
pkgs/applications/editors/quartus-prime/default.nix
···
1
-
{ stdenv, lib, buildFHSUserEnv, callPackage, makeDesktopItem, writeScript
1
+
{ stdenv, lib, buildFHSEnvChroot, callPackage, makeDesktopItem, writeScript
2
2
, supportedDevices ? [ "Arria II" "Cyclone V" "Cyclone IV" "Cyclone 10 LP" "MAX II/V" "MAX 10 FPGA" ]
3
3
, unwrapped ? callPackage ./quartus.nix { inherit supportedDevices; }
4
4
}:
···
13
13
categories = [ "Development" ];
14
14
};
15
15
# I think modelsim_ase/linux/vlm checksums itself, so use FHSUserEnv instead of `patchelf`
16
-
in buildFHSUserEnv rec {
16
+
in buildFHSEnvChroot rec {
17
17
name = "quartus-prime-lite"; # wrapped
18
18
19
19
targetPkgs = pkgs: with pkgs; [
···
44
44
xorg.libXext
45
45
xorg.libXrender
46
46
libudev0-shim
47
-
libxcrypt
47
+
libxcrypt-legacy
48
48
];
49
49
50
50
passthru = { inherit unwrapped; };
+3
-3
pkgs/applications/editors/vscode/generic.nix
+3
-3
pkgs/applications/editors/vscode/generic.nix
···
1
1
{ stdenv, lib, makeDesktopItem
2
2
, unzip, libsecret, libXScrnSaver, libxshmfence, buildPackages
3
3
, atomEnv, at-spi2-atk, autoPatchelfHook
4
-
, systemd, fontconfig, libdbusmenu, glib, buildFHSUserEnvBubblewrap, wayland
4
+
, systemd, fontconfig, libdbusmenu, glib, buildFHSEnv, wayland
5
5
6
6
# Populate passthru.tests
7
7
, tests
···
150
150
# in order to create or update extensions.
151
151
# See: #83288 #91179 #73810 #41189
152
152
#
153
-
# buildFHSUserEnv allows for users to use the existing vscode
153
+
# buildFHSEnv allows for users to use the existing vscode
154
154
# extension tooling without significant pain.
155
-
fhs = { additionalPkgs ? pkgs: [] }: buildFHSUserEnvBubblewrap {
155
+
fhs = { additionalPkgs ? pkgs: [] }: buildFHSEnv {
156
156
# also determines the name of the wrapped command
157
157
name = executableName;
158
158
+3
-3
pkgs/applications/graphics/unigine-superposition/default.nix
+3
-3
pkgs/applications/graphics/unigine-superposition/default.nix
···
22
22
, mkDerivation
23
23
, xkeyboard_config
24
24
, fetchurl
25
-
, buildFHSUserEnv
25
+
, buildFHSEnv
26
26
, openal
27
27
, makeDesktopItem
28
28
}:
···
94
94
in
95
95
96
96
# We can patch the "/bin/superposition", but "/bin/launcher" checks it for changes.
97
-
# For that we need use a buildFHSUserEnv.
97
+
# For that we need use a buildFHSEnv.
98
98
99
-
buildFHSUserEnv {
99
+
buildFHSEnv {
100
100
name = "Superposition";
101
101
102
102
targetPkgs = pkgs: [
+3
-3
pkgs/applications/misc/bottles/fhsenv.nix
+3
-3
pkgs/applications/misc/bottles/fhsenv.nix
···
1
1
{ lib
2
-
, buildFHSUserEnvBubblewrap
2
+
, buildFHSEnv
3
3
, symlinkJoin
4
4
, bottles-unwrapped
5
5
, gst_all_1
···
99
99
symlinkJoin {
100
100
name = "bottles";
101
101
paths = [
102
-
(buildFHSUserEnvBubblewrap (fhsEnv // { name = "bottles"; runScript = "bottles"; }))
103
-
(buildFHSUserEnvBubblewrap (fhsEnv // { name = "bottles-cli"; runScript = "bottles-cli"; }))
102
+
(buildFHSEnv (fhsEnv // { name = "bottles"; runScript = "bottles"; }))
103
+
(buildFHSEnv (fhsEnv // { name = "bottles-cli"; runScript = "bottles-cli"; }))
104
104
];
105
105
postBuild = ''
106
106
mkdir -p $out/share
+2
-2
pkgs/applications/misc/houdini/default.nix
+2
-2
pkgs/applications/misc/houdini/default.nix
···
1
-
{ lib, stdenv, writeScript, callPackage, buildFHSUserEnv, unwrapped ? callPackage ./runtime.nix {} }:
1
+
{ lib, stdenv, writeScript, callPackage, buildFHSEnv, unwrapped ? callPackage ./runtime.nix {} }:
2
2
3
-
buildFHSUserEnv rec {
3
+
buildFHSEnv rec {
4
4
name = "houdini-${unwrapped.version}";
5
5
6
6
targetPkgs = pkgs: with pkgs; [
+2
-2
pkgs/applications/misc/lutris/fhsenv.nix
+2
-2
pkgs/applications/misc/lutris/fhsenv.nix
···
1
-
{ lib, buildFHSUserEnv, lutris-unwrapped
1
+
{ lib, buildFHSEnv, lutris-unwrapped
2
2
, extraPkgs ? pkgs: [ ]
3
3
, extraLibraries ? pkgs: [ ]
4
4
, steamSupport ? true
···
13
13
libXxf86vm libXinerama libSM libXv libXaw libXi libXcursor libXcomposite
14
14
];
15
15
16
-
in buildFHSUserEnv {
16
+
in buildFHSEnv {
17
17
name = "lutris";
18
18
19
19
runScript = "lutris";
+4
-2
pkgs/applications/misc/pdfstudio/common.nix
+4
-2
pkgs/applications/misc/pdfstudio/common.nix
···
5
5
, version
6
6
, desktopName
7
7
, longDescription
8
-
, buildFHSUserEnv
8
+
, broken ? false
9
+
, buildFHSEnv
9
10
, extraBuildInputs ? [ ]
10
11
, jdk
11
12
, stdenv
···
68
69
69
70
in
70
71
# Package with cups in FHS sandbox, because JAVA bin expects "/usr/bin/lpr" for printing.
71
-
buildFHSUserEnv {
72
+
buildFHSEnv {
72
73
name = pname;
73
74
targetPkgs = pkgs: [
74
75
cups
···
94
95
];
95
96
license = licenses.unfree;
96
97
platforms = platforms.linux;
98
+
inherit broken;
97
99
mainProgram = pname;
98
100
maintainers = [ maintainers.pwoelfel ];
99
101
};
+4
pkgs/applications/misc/pdfstudio/default.nix
+4
pkgs/applications/misc/pdfstudio/default.nix
···
40
40
sha256 = "sha256-cc8YjrMsYZqgmwp5+AA+HsqzjxzFcTT/ga31NQz/OWc=";
41
41
};
42
42
jdk = jdk11;
43
+
44
+
broken = true; # Bad hash, probably unstable
43
45
};
44
46
45
47
pdfstudio2021 = callPackage ./common.nix rec {
···
66
68
(lib.getLib stdenv.cc.cc) # for libstdc++.so.6 and libgomp.so.1
67
69
];
68
70
jdk = jdk17;
71
+
72
+
broken = true; # URL 404s, probably unstable
69
73
};
70
74
}.${pname}
+2
-2
pkgs/applications/misc/sidequest/default.nix
+2
-2
pkgs/applications/misc/sidequest/default.nix
···
1
-
{ stdenv, lib, fetchurl, buildFHSUserEnv, makeDesktopItem, makeWrapper, atomEnv, libuuid, at-spi2-atk, icu, openssl, zlib }:
1
+
{ stdenv, lib, fetchurl, buildFHSEnv, makeDesktopItem, makeWrapper, atomEnv, libuuid, at-spi2-atk, icu, openssl, zlib }:
2
2
let
3
3
pname = "sidequest";
4
4
version = "0.10.24";
···
38
38
"$out/lib/SideQuest/sidequest"
39
39
'';
40
40
};
41
-
in buildFHSUserEnv {
41
+
in buildFHSEnv {
42
42
name = "SideQuest";
43
43
44
44
passthru = {
+2
-2
pkgs/applications/networking/cisco-packet-tracer/7.nix
+2
-2
pkgs/applications/networking/cisco-packet-tracer/7.nix
···
1
1
{ stdenv
2
2
, lib
3
-
, buildFHSUserEnvBubblewrap
3
+
, buildFHSEnv
4
4
, copyDesktopItems
5
5
, dpkg
6
6
, lndir
···
40
40
mimeTypes = [ "application/x-pkt" "application/x-pka" "application/x-pkz" ];
41
41
};
42
42
43
-
fhs = buildFHSUserEnvBubblewrap {
43
+
fhs = buildFHSEnv {
44
44
name = "packettracer7";
45
45
runScript = "${ptFiles}/bin/packettracer7";
46
46
+2
-2
pkgs/applications/networking/cisco-packet-tracer/8.nix
+2
-2
pkgs/applications/networking/cisco-packet-tracer/8.nix
···
2
2
, lib
3
3
, alsa-lib
4
4
, autoPatchelfHook
5
-
, buildFHSUserEnvBubblewrap
5
+
, buildFHSEnv
6
6
, copyDesktopItems
7
7
, dbus
8
8
, dpkg
···
97
97
mimeTypes = [ "application/x-pkt" "application/x-pka" "application/x-pkz" ];
98
98
};
99
99
100
-
fhs = buildFHSUserEnvBubblewrap {
100
+
fhs = buildFHSEnv {
101
101
name = "packettracer8";
102
102
runScript = "${ptFiles}/bin/packettracer";
103
103
targetPkgs = pkgs: [ libudev0-shim ];
+2
-2
pkgs/applications/networking/dropbox/default.nix
+2
-2
pkgs/applications/networking/dropbox/default.nix
···
1
-
{ stdenv, lib, buildFHSUserEnv, writeScript, makeDesktopItem }:
1
+
{ stdenv, lib, buildFHSEnv, writeScript, makeDesktopItem }:
2
2
3
3
let platforms = [ "i686-linux" "x86_64-linux" ]; in
4
4
···
30
30
};
31
31
in
32
32
33
-
buildFHSUserEnv {
33
+
buildFHSEnv {
34
34
name = "dropbox";
35
35
36
36
targetPkgs = pkgs: with pkgs; with xorg; [
+2
-2
pkgs/applications/networking/expressvpn/default.nix
+2
-2
pkgs/applications/networking/expressvpn/default.nix
···
1
1
{ autoPatchelfHook
2
-
, buildFHSUserEnv
2
+
, buildFHSEnv
3
3
, dpkg
4
4
, fetchurl
5
5
, inotify-tools
···
41
41
'';
42
42
};
43
43
44
-
expressvpndFHS = buildFHSUserEnv {
44
+
expressvpndFHS = buildFHSEnv {
45
45
name = "expressvpnd";
46
46
47
47
# When connected, it directly creates/deletes resolv.conf to change the DNS entries.
+1
-1
pkgs/applications/networking/pcloud/default.nix
+1
-1
pkgs/applications/networking/pcloud/default.nix
···
3
3
# of applications.
4
4
#
5
5
# What Nix does, simplifying a bit, is that it extracts an AppImage and starts
6
-
# it via buildFHSUserEnv - this is totally fine for majority of apps, but makes
6
+
# it via buildFHSEnv - this is totally fine for majority of apps, but makes
7
7
# it by-design *impossible* to launch SUID wrappers [^1]; in case of pCloud,
8
8
# it's fusermount.
9
9
# (so pCloud starts, but silently fails to mount the FUSE drive.)
+2
-2
pkgs/applications/networking/remote/vmware-horizon-client/default.nix
+2
-2
pkgs/applications/networking/remote/vmware-horizon-client/default.nix
···
1
1
{ stdenv
2
2
, lib
3
-
, buildFHSUserEnv
3
+
, buildFHSEnv
4
4
, fetchurl
5
5
, gsettings-desktop-schemas
6
6
, makeDesktopItem
···
57
57
'';
58
58
};
59
59
60
-
vmwareFHSUserEnv = name: buildFHSUserEnv {
60
+
vmwareFHSUserEnv = name: buildFHSEnv {
61
61
inherit name;
62
62
63
63
runScript = "${vmwareHorizonClientFiles}/bin/${name}_wrapper";
+2
-2
pkgs/applications/science/electronics/bitscope/common.nix
+2
-2
pkgs/applications/science/electronics/bitscope/common.nix
···
1
1
{ atk
2
-
, buildFHSUserEnv
2
+
, buildFHSEnv
3
3
, cairo
4
4
, dpkg
5
5
, gdk-pixbuf
···
56
56
${(wrapBinary libs) attrs.toolName}
57
57
'';
58
58
});
59
-
in buildFHSUserEnv {
59
+
in buildFHSEnv {
60
60
name = "${attrs.toolName}-${attrs.version}";
61
61
runScript = "${pkg.outPath}/bin/${attrs.toolName}";
62
62
} // { inherit (pkg) meta name; }
+2
-2
pkgs/applications/science/misc/foldingathome/client.nix
+2
-2
pkgs/applications/science/misc/foldingathome/client.nix
+2
-2
pkgs/applications/video/davinci-resolve/default.nix
+2
-2
pkgs/applications/video/davinci-resolve/default.nix
···
8
8
, addOpenGLRunpath
9
9
, libGLU
10
10
, xorg
11
-
, buildFHSUserEnv
11
+
, buildFHSEnv
12
12
, bash
13
13
, writeText
14
14
, ocl-icd
···
133
133
}
134
134
);
135
135
in
136
-
buildFHSUserEnv {
136
+
buildFHSEnv {
137
137
name = "davinci-resolve";
138
138
targetPkgs = pkgs: with pkgs; [
139
139
librsvg
+2
-2
pkgs/applications/video/lightworks/default.nix
+2
-2
pkgs/applications/video/lightworks/default.nix
···
1
-
{ lib, stdenv, fetchurl, dpkg, makeWrapper, buildFHSUserEnv
1
+
{ lib, stdenv, fetchurl, dpkg, makeWrapper, buildFHSEnv
2
2
, gtk3, gdk-pixbuf, cairo, libjpeg_original, glib, pango, libGLU
3
3
, libGL, nvidia_cg_toolkit, zlib, openssl, libuuid , alsa-lib, udev, libjack2
4
4
}:
···
73
73
};
74
74
75
75
# Lightworks expects some files in /usr/share/lightworks
76
-
in buildFHSUserEnv {
76
+
in buildFHSEnv {
77
77
name = lightworks.name;
78
78
79
79
targetPkgs = pkgs: [
+2
-2
pkgs/applications/video/webtorrent_desktop/default.nix
+2
-2
pkgs/applications/video/webtorrent_desktop/default.nix
···
2
2
## - export ELECTRON_SKIP_BINARY_DOWNLOAD=1
3
3
## - jq "del(.scripts.preinstall)" node_modules/shellcheck/package.json | sponge node_modules/shellcheck/package.json
4
4
{
5
-
lib, stdenv, buildFHSUserEnvBubblewrap, runCommand, writeScript, fetchurl, fetchzip
5
+
lib, stdenv, buildFHSEnv, runCommand, writeScript, fetchurl, fetchzip
6
6
}:
7
7
let
8
8
pname = "webtorrent-desktop";
···
20
20
else
21
21
throw "Webtorrent is not currently supported on ${stdenv.hostPlatform.system}";
22
22
23
-
fhs = buildFHSUserEnvBubblewrap rec {
23
+
fhs = buildFHSEnv rec {
24
24
name = "fhsEnterWebTorrent";
25
25
runScript = "${src}/WebTorrent";
26
26
## use the trampoline, if you need to shell into the fhsenv
+2
-2
pkgs/applications/virtualization/vmware-workstation/default.nix
+2
-2
pkgs/applications/virtualization/vmware-workstation/default.nix
+2
-2
pkgs/build-support/appimage/default.nix
+2
-2
pkgs/build-support/appimage/default.nix
pkgs/build-support/build-fhs-userenv-bubblewrap/buildFHSEnv.nix
pkgs/build-support/build-fhsenv-bubblewrap/buildFHSEnv.nix
pkgs/build-support/build-fhs-userenv-bubblewrap/buildFHSEnv.nix
pkgs/build-support/build-fhsenv-bubblewrap/buildFHSEnv.nix
pkgs/build-support/build-fhs-userenv-bubblewrap/default.nix
pkgs/build-support/build-fhsenv-bubblewrap/default.nix
pkgs/build-support/build-fhs-userenv-bubblewrap/default.nix
pkgs/build-support/build-fhsenv-bubblewrap/default.nix
pkgs/build-support/build-fhs-userenv/chrootenv/default.nix
pkgs/build-support/build-fhsenv-chroot/chrootenv/default.nix
pkgs/build-support/build-fhs-userenv/chrootenv/default.nix
pkgs/build-support/build-fhsenv-chroot/chrootenv/default.nix
pkgs/build-support/build-fhs-userenv/chrootenv/src/chrootenv.c
pkgs/build-support/build-fhsenv-chroot/chrootenv/src/chrootenv.c
pkgs/build-support/build-fhs-userenv/chrootenv/src/chrootenv.c
pkgs/build-support/build-fhsenv-chroot/chrootenv/src/chrootenv.c
pkgs/build-support/build-fhs-userenv/chrootenv/src/meson.build
pkgs/build-support/build-fhsenv-chroot/chrootenv/src/meson.build
pkgs/build-support/build-fhs-userenv/chrootenv/src/meson.build
pkgs/build-support/build-fhsenv-chroot/chrootenv/src/meson.build
pkgs/build-support/build-fhs-userenv/default.nix
pkgs/build-support/build-fhsenv-chroot/default.nix
pkgs/build-support/build-fhs-userenv/default.nix
pkgs/build-support/build-fhsenv-chroot/default.nix
pkgs/build-support/build-fhs-userenv/env.nix
pkgs/build-support/build-fhsenv-chroot/env.nix
pkgs/build-support/build-fhs-userenv/env.nix
pkgs/build-support/build-fhsenv-chroot/env.nix
+2
-2
pkgs/development/compilers/flutter/flutter.nix
+2
-2
pkgs/development/compilers/flutter/flutter.nix
···
6
6
}:
7
7
8
8
{ bash
9
-
, buildFHSUserEnv
9
+
, buildFHSEnv
10
10
, cacert
11
11
, git
12
12
, runCommand
···
100
100
101
101
# Wrap flutter inside an fhs user env to allow execution of binary,
102
102
# like adb from $ANDROID_HOME or java from android-studio.
103
-
fhsEnv = buildFHSUserEnv {
103
+
fhsEnv = buildFHSEnv {
104
104
name = "${drvName}-fhs-env";
105
105
multiPkgs = pkgs: [
106
106
# Flutter only use these certificates
+3
-3
pkgs/development/embedded/arduino/arduino-cli/default.nix
+3
-3
pkgs/development/embedded/arduino/arduino-cli/default.nix
···
1
-
{ lib, stdenv, buildGoModule, fetchFromGitHub, buildFHSUserEnv, installShellFiles }:
1
+
{ lib, stdenv, buildGoModule, fetchFromGitHub, buildFHSEnv, installShellFiles }:
2
2
3
3
let
4
4
···
48
48
49
49
in
50
50
if stdenv.isLinux then
51
-
# buildFHSUserEnv is needed because the arduino-cli downloads compiler
51
+
# buildFHSEnv is needed because the arduino-cli downloads compiler
52
52
# toolchains from the internet that have their interpreters pointed at
53
53
# /lib64/ld-linux-x86-64.so.2
54
-
buildFHSUserEnv
54
+
buildFHSEnv
55
55
{
56
56
inherit (pkg) name meta;
57
57
+2
-2
pkgs/development/embedded/arduino/arduino-core/chrootenv.nix
+2
-2
pkgs/development/embedded/arduino/arduino-core/chrootenv.nix
···
1
-
{ lib, buildFHSUserEnv, arduino-core-unwrapped, withGui ? false, withTeensyduino ? false }:
1
+
{ lib, buildFHSEnv, arduino-core-unwrapped, withGui ? false, withTeensyduino ? false }:
2
2
let
3
3
arduino-unwrapped = arduino-core-unwrapped.override { inherit withGui withTeensyduino; };
4
4
in
5
-
buildFHSUserEnv {
5
+
buildFHSEnv {
6
6
name = "arduino";
7
7
8
8
targetPkgs =
+2
-2
pkgs/development/embedded/platformio/chrootenv.nix
+2
-2
pkgs/development/embedded/platformio/chrootenv.nix
+2
-2
pkgs/development/interpreters/nextflow/default.nix
+2
-2
pkgs/development/interpreters/nextflow/default.nix
+1
-1
pkgs/development/python-modules/mlflow/default.nix
+1
-1
pkgs/development/python-modules/mlflow/default.nix
···
94
94
95
95
# no tests in PyPI dist
96
96
# run into https://stackoverflow.com/questions/51203641/attributeerror-module-alembic-context-has-no-attribute-config
97
-
# also, tests use conda so can't run on NixOS without buildFHSUserEnv
97
+
# also, tests use conda so can't run on NixOS without buildFHSEnv
98
98
doCheck = false;
99
99
100
100
meta = with lib; {
+2
-2
pkgs/development/tools/electron-fiddle/default.nix
+2
-2
pkgs/development/tools/electron-fiddle/default.nix
···
1
-
{ buildFHSUserEnv
1
+
{ buildFHSEnv
2
2
, electron_22
3
3
, fetchFromGitHub
4
4
, fetchYarnDeps
···
86
86
};
87
87
88
88
in
89
-
buildFHSUserEnv {
89
+
buildFHSEnv {
90
90
name = "electron-fiddle";
91
91
runScript = "${electron}/bin/electron ${unwrapped}/lib/electron-fiddle/resources/app.asar";
92
92
+2
-2
pkgs/development/tools/hover/default.nix
+2
-2
pkgs/development/tools/hover/default.nix
+2
-2
pkgs/development/tools/unityhub/default.nix
+2
-2
pkgs/development/tools/unityhub/default.nix
···
1
-
{ lib, stdenv, fetchurl, dpkg, makeWrapper, buildFHSUserEnv
1
+
{ lib, stdenv, fetchurl, dpkg, makeWrapper, buildFHSEnv
2
2
, extraPkgs ? pkgs: [ ]
3
3
, extraLibs ? pkgs: [ ]
4
4
}:
···
17
17
makeWrapper
18
18
];
19
19
20
-
fhsEnv = buildFHSUserEnv {
20
+
fhsEnv = buildFHSEnv {
21
21
name = "${pname}-fhs-env";
22
22
runScript = "";
23
23
+3
-3
pkgs/games/anki/bin.nix
+3
-3
pkgs/games/anki/bin.nix
···
1
-
{ fetchurl, stdenv, lib, buildFHSUserEnv, appimageTools, writeShellScript, anki, undmg, zstd, commandLineArgs ? [] }:
1
+
{ fetchurl, stdenv, lib, buildFHSEnv, appimageTools, writeShellScript, anki, undmg, zstd, commandLineArgs ? [] }:
2
2
3
3
let
4
4
pname = "anki-bin";
···
50
50
51
51
passthru = { inherit sources; };
52
52
53
-
fhsUserEnvAnki = buildFHSUserEnv (appimageTools.defaultFhsEnvArgs // {
53
+
fhsEnvAnki = buildFHSEnv (appimageTools.defaultFhsEnvArgs // {
54
54
inherit pname version;
55
55
name = null; # Appimage sets it to "appimage-env"
56
56
···
75
75
});
76
76
in
77
77
78
-
if stdenv.isLinux then fhsUserEnvAnki
78
+
if stdenv.isLinux then fhsEnvAnki
79
79
else stdenv.mkDerivation {
80
80
inherit pname version passthru;
81
81
+2
-2
pkgs/games/clonehero/fhs-wrapper.nix
+2
-2
pkgs/games/clonehero/fhs-wrapper.nix
···
1
1
{ clonehero-unwrapped
2
2
, makeDesktopItem
3
-
, buildFHSUserEnv
3
+
, buildFHSEnv
4
4
, liberation_ttf
5
5
, callPackage
6
6
}:
···
16
16
categories = [ "Game" ];
17
17
};
18
18
in
19
-
buildFHSUserEnv {
19
+
buildFHSEnv {
20
20
inherit name;
21
21
inherit (clonehero-unwrapped) meta;
22
22
+2
-2
pkgs/games/heroic/fhsenv.nix
+2
-2
pkgs/games/heroic/fhsenv.nix
+2
-2
pkgs/games/left4gore/default.nix
+2
-2
pkgs/games/left4gore/default.nix
···
1
-
{ stdenvNoCC, lib, fetchurl, buildFHSUserEnv }:
1
+
{ stdenvNoCC, lib, fetchurl, buildFHSEnv }:
2
2
3
3
let
4
4
version = "2.3";
···
20
20
};
21
21
22
22
# FHS env, as patchelf will not work
23
-
env = buildFHSUserEnv {
23
+
env = buildFHSEnv {
24
24
name = "left4gore-env-${version}";
25
25
targetPkgs = _: [ left4gore-unwrapped ];
26
26
runScript = "left4gore";
+3
-3
pkgs/games/runescape-launcher/default.nix
+3
-3
pkgs/games/runescape-launcher/default.nix
···
1
1
{ stdenv
2
2
, lib
3
3
, autoPatchelfHook
4
-
, buildFHSUserEnv
4
+
, buildFHSEnv
5
5
, cairo
6
6
, dpkg
7
7
, fetchurl
···
109
109
110
110
/*
111
111
* We can patch the runescape launcher, but it downloads a client at runtime and checks it for changes.
112
-
* For that we need use a buildFHSUserEnv.
112
+
* For that we need use a buildFHSEnv.
113
113
* FHS simulates a classic linux shell
114
114
*/
115
-
buildFHSUserEnv {
115
+
buildFHSEnv {
116
116
name = "RuneScape";
117
117
targetPkgs = pkgs: [
118
118
runescape
+2
-2
pkgs/games/shticker-book-unwritten/default.nix
+2
-2
pkgs/games/shticker-book-unwritten/default.nix
···
1
-
{ buildFHSUserEnv, callPackage, lib }:
1
+
{ buildFHSEnv, callPackage, lib }:
2
2
let
3
3
4
4
shticker-book-unwritten-unwrapped = callPackage ./unwrapped.nix { };
5
5
6
-
in buildFHSUserEnv {
6
+
in buildFHSEnv {
7
7
name = "shticker_book_unwritten";
8
8
targetPkgs = pkgs: with pkgs; [
9
9
alsa-lib
+2
-2
pkgs/games/steam/default.nix
+2
-2
pkgs/games/steam/default.nix
···
1
1
{ makeScopeWithSplicing, generateSplicesForMkScope
2
-
, stdenv, buildFHSUserEnv, pkgsi686Linux
2
+
, stdenv, buildFHSEnv, pkgsi686Linux
3
3
}:
4
4
5
5
let
···
19
19
if self.steamArch == "amd64"
20
20
then pkgsi686Linux.steamPackages.steam-runtime-wrapped
21
21
else null;
22
-
inherit buildFHSUserEnv;
22
+
inherit buildFHSEnv;
23
23
};
24
24
steam-fhsenv-small = steam-fhsenv.override { withGameSpecificLibraries = false; };
25
25
steamcmd = callPackage ./steamcmd.nix { };
+3
-3
pkgs/games/steam/fhsenv.nix
+3
-3
pkgs/games/steam/fhsenv.nix
···
1
-
{ lib, stdenv, writeShellScript, buildFHSUserEnv, steam, glxinfo-i686
1
+
{ lib, stdenv, writeShellScript, buildFHSEnv, steam, glxinfo-i686
2
2
, steam-runtime-wrapped, steam-runtime-wrapped-i686 ? null
3
3
, extraPkgs ? pkgs: [ ] # extra packages to add to targetPkgs
4
4
, extraLibraries ? pkgs: [ ] # extra packages to add to multiPkgs
···
55
55
56
56
envScript = lib.toShellVars extraEnv;
57
57
58
-
in buildFHSUserEnv rec {
58
+
in buildFHSEnv rec {
59
59
name = "steam";
60
60
61
61
targetPkgs = pkgs: with pkgs; [
···
270
270
# breaks the ability for application to reference shared memory.
271
271
unsharePid = false;
272
272
273
-
passthru.run = buildFHSUserEnv {
273
+
passthru.run = buildFHSEnv {
274
274
name = "steam-run";
275
275
276
276
targetPkgs = commonTargetPkgs;
+2
-2
pkgs/games/unvanquished/default.nix
+2
-2
pkgs/games/unvanquished/default.nix
···
4
4
, fetchFromGitHub
5
5
, fetchpatch
6
6
, SDL2
7
-
, buildFHSUserEnv
7
+
, buildFHSEnv
8
8
, cmake
9
9
, copyDesktopItems
10
10
, curl
···
95
95
'';
96
96
};
97
97
98
-
fhsEnv = buildFHSUserEnv {
98
+
fhsEnv = buildFHSEnv {
99
99
name = "unvanquished-fhs-wrapper";
100
100
101
101
targetPkgs = pkgs: [ libstdcpp-preload-for-unvanquished-nacl ];
+2
-2
pkgs/servers/onlyoffice-documentserver/default.nix
+2
-2
pkgs/servers/onlyoffice-documentserver/default.nix
···
1
1
{ lib
2
2
, stdenv
3
-
, buildFHSUserEnvBubblewrap
3
+
, buildFHSEnv
4
4
, corefonts
5
5
, dejavu_fonts
6
6
, dpkg
···
57
57
dontStrip = true;
58
58
59
59
passthru = {
60
-
fhs = buildFHSUserEnvBubblewrap {
60
+
fhs = buildFHSEnv {
61
61
name = "onlyoffice-wrapper";
62
62
63
63
targetPkgs = pkgs: [
+2
-2
pkgs/servers/plex/default.nix
+2
-2
pkgs/servers/plex/default.nix
···
1
1
# The actual Plex package that we run is a FHS userenv of the "raw" package.
2
2
{ stdenv
3
-
, buildFHSUserEnvBubblewrap
3
+
, buildFHSEnv
4
4
, writeScript
5
5
, plexRaw
6
6
···
9
9
, dataDir ? "/var/lib/plex"
10
10
}:
11
11
12
-
buildFHSUserEnvBubblewrap {
12
+
buildFHSEnv {
13
13
name = "plexmediaserver";
14
14
15
15
inherit (plexRaw) meta;
+2
-2
pkgs/tools/networking/burpsuite/default.nix
+2
-2
pkgs/tools/networking/burpsuite/default.nix
···
1
-
{ lib, fetchurl, jdk, buildFHSUserEnv, unzip, makeDesktopItem }:
1
+
{ lib, fetchurl, jdk, buildFHSEnv, unzip, makeDesktopItem }:
2
2
let
3
3
version = "2023.2.4";
4
4
···
23
23
};
24
24
25
25
in
26
-
buildFHSUserEnv {
26
+
buildFHSEnv {
27
27
inherit name;
28
28
29
29
runScript = "${jdk}/bin/java -jar ${src}";
+2
-2
pkgs/tools/package-management/appimage-run/default.nix
+2
-2
pkgs/tools/package-management/appimage-run/default.nix
···
1
-
{ appimageTools, buildFHSUserEnv, makeDesktopItem, extraPkgs ? pkgs: [], appimage-run-tests ? null }:
1
+
{ appimageTools, buildFHSEnv, makeDesktopItem, extraPkgs ? pkgs: [], appimage-run-tests ? null }:
2
2
3
3
let
4
4
name = "appimage-run";
···
14
14
mimeTypes = ["application/vnd.appimage" "application/x-iso9660-appimage"];
15
15
categories = ["PackageManager" "Utility"];
16
16
};
17
-
in buildFHSUserEnv (fhsArgs // {
17
+
in buildFHSEnv (fhsArgs // {
18
18
inherit name;
19
19
20
20
targetPkgs = pkgs: [ appimageTools.appimage-exec ]
+2
-2
pkgs/tools/package-management/conda/default.nix
+2
-2
pkgs/tools/package-management/conda/default.nix
···
3
3
, fetchurl
4
4
, runCommand
5
5
, makeWrapper
6
-
, buildFHSUserEnv
6
+
, buildFHSEnv
7
7
, libselinux
8
8
, libarchive
9
9
, libGL
···
63
63
--prefix "LD_LIBRARY_PATH" : "${libPath}"
64
64
'');
65
65
in
66
-
buildFHSUserEnv {
66
+
buildFHSEnv {
67
67
name = "conda-shell";
68
68
targetPkgs = pkgs: (builtins.concatLists [ [ conda ] condaDeps extraPkgs]);
69
69
profile = ''
+2
-2
pkgs/tools/security/beyond-identity/default.nix
+2
-2
pkgs/tools/security/beyond-identity/default.nix
···
1
-
{ lib, stdenv, fetchurl, dpkg, buildFHSUserEnv
1
+
{ lib, stdenv, fetchurl, dpkg, buildFHSEnv
2
2
, glibc, glib, openssl, tpm2-tss
3
3
, gtk3, gnome, polkit, polkit_gnome
4
4
}:
···
70
70
'';
71
71
};
72
72
# /usr/bin/pkcheck is hardcoded in binary - we need FHS
73
-
in buildFHSUserEnv {
73
+
in buildFHSEnv {
74
74
inherit meta;
75
75
name = pname;
76
76
+4
pkgs/top-level/aliases.nix
+4
pkgs/top-level/aliases.nix
···
163
163
bud = throw "bud has been removed: abandoned by upstream"; # Added 2022-03-14
164
164
inherit (libsForQt5.mauiPackages) buho; # added 2022-05-17
165
165
buttersink = throw "buttersink has been removed: abandoned by upstream"; # Added 2022-04-05
166
+
# Shorter names; keep the longer name for back-compat. Added 2023-04-11
167
+
buildFHSUserEnv = buildFHSEnv;
168
+
buildFHSUserEnvChroot = buildFHSEnvChroot;
169
+
buildFHSUserEnvBubblewrap = buildFHSEnvBubblewrap;
166
170
167
171
# bitwarden_rs renamed to vaultwarden with release 1.21.0 (2021-04-30)
168
172
bitwarden_rs = vaultwarden;
+11
-29
pkgs/top-level/all-packages.nix
+11
-29
pkgs/top-level/all-packages.nix
···
194
194
195
195
appflowy = callPackage ../applications/office/appflowy { };
196
196
197
-
appimageTools = callPackage ../build-support/appimage {
198
-
buildFHSUserEnv = buildFHSUserEnvBubblewrap;
199
-
};
197
+
appimageTools = callPackage ../build-support/appimage { };
200
198
201
199
appindicator-sharp = callPackage ../development/libraries/appindicator-sharp { };
202
200
···
373
371
374
372
buildEnv = callPackage ../build-support/buildenv { }; # not actually a package
375
373
376
-
# TODO: eventually migrate everything to buildFHSUserEnvBubblewrap
377
-
buildFHSUserEnv = buildFHSUserEnvChroot;
378
-
buildFHSUserEnvChroot = callPackage ../build-support/build-fhs-userenv { };
379
-
buildFHSUserEnvBubblewrap = callPackage ../build-support/build-fhs-userenv-bubblewrap { };
374
+
buildFHSEnv = buildFHSEnvBubblewrap;
375
+
buildFHSEnvChroot = callPackage ../build-support/build-fhsenv-chroot { }; # Deprecated; use buildFHSEnv/buildFHSEnvBubblewrap
376
+
buildFHSEnvBubblewrap = callPackage ../build-support/build-fhsenv-bubblewrap { };
380
377
381
378
buildMaven = callPackage ../build-support/build-maven.nix { };
382
379
···
12342
12339
openjdk = openjdk.override { enableJavaFX = true; };
12343
12340
};
12344
12341
12345
-
sparrow = callPackage ../applications/blockchains/sparrow/fhsenv.nix {
12346
-
buildFHSUserEnv = buildFHSUserEnvBubblewrap;
12347
-
};
12342
+
sparrow = callPackage ../applications/blockchains/sparrow/fhsenv.nix { };
12348
12343
12349
12344
sparsehash = callPackage ../development/libraries/sparsehash { };
12350
12345
···
16453
16448
16454
16449
z88dk = callPackage ../development/compilers/z88dk { };
16455
16450
16456
-
zulip = callPackage ../applications/networking/instant-messengers/zulip {
16457
-
# Bubblewrap breaks zulip, see https://github.com/NixOS/nixpkgs/pull/97264#issuecomment-704454645
16458
-
appimageTools = pkgs.appimageTools.override {
16459
-
buildFHSUserEnv = pkgs.buildFHSUserEnv;
16460
-
};
16461
-
};
16451
+
zulip = callPackage ../applications/networking/instant-messengers/zulip { };
16462
16452
16463
16453
zulip-term = callPackage ../applications/networking/instant-messengers/zulip-term { };
16464
16454
···
28825
28815
ams-lv2 = callPackage ../applications/audio/ams-lv2 { };
28826
28816
28827
28817
androidStudioPackages = recurseIntoAttrs
28828
-
(callPackage ../applications/editors/android-studio {
28829
-
buildFHSUserEnv = buildFHSUserEnvBubblewrap;
28830
-
});
28818
+
(callPackage ../applications/editors/android-studio { });
28831
28819
android-studio = androidStudioPackages.stable;
28832
28820
28833
28821
animbar = callPackage ../applications/graphics/animbar { };
···
31796
31784
luppp = callPackage ../applications/audio/luppp { };
31797
31785
31798
31786
lutris-unwrapped = python3.pkgs.callPackage ../applications/misc/lutris { };
31799
-
lutris = callPackage ../applications/misc/lutris/fhsenv.nix {
31800
-
buildFHSUserEnv = buildFHSUserEnvBubblewrap;
31801
-
};
31787
+
lutris = callPackage ../applications/misc/lutris/fhsenv.nix { };
31802
31788
lutris-free = lutris.override {
31803
31789
steamSupport = false;
31804
31790
};
···
35563
35549
35564
35550
heroic-unwrapped = callPackage ../games/heroic { };
35565
35551
35566
-
heroic = callPackage ../games/heroic/fhsenv.nix {
35567
-
buildFHSUserEnv = buildFHSUserEnvBubblewrap;
35568
-
};
35552
+
heroic = callPackage ../games/heroic/fhsenv.nix { };
35569
35553
35570
35554
julius = callPackage ../games/julius { };
35571
35555
···
35669
35653
anki = callPackage ../games/anki {
35670
35654
inherit (darwin.apple_sdk.frameworks) CoreAudio;
35671
35655
};
35672
-
anki-bin = callPackage ../games/anki/bin.nix { buildFHSUserEnv = buildFHSUserEnvBubblewrap; };
35656
+
anki-bin = callPackage ../games/anki/bin.nix { };
35673
35657
35674
35658
armagetronad = callPackage ../games/armagetronad { };
35675
35659
···
36502
36486
36503
36487
stockfish = callPackage ../games/stockfish { };
36504
36488
36505
-
steamPackages = dontRecurseIntoAttrs (callPackage ../games/steam {
36506
-
buildFHSUserEnv = buildFHSUserEnvBubblewrap;
36507
-
});
36489
+
steamPackages = dontRecurseIntoAttrs (callPackage ../games/steam { });
36508
36490
36509
36491
steam = steamPackages.steam-fhsenv;
36510
36492
steam-small = steamPackages.steam-fhsenv-small;