commit 7a01374bf324cd979559fcebe49b71fe8e948da5 · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

fhs-chrootenv-env: refactor /etc build and add ssl certs

Nikolay Amiantov 10 years ago 7a01374b 2339c2a9

+50 -52

1 changed file

expand all

unified split

pkgs

build-support

build-fhs-chrootenv

env.nix

+50 -52

pkgs/build-support/build-fhs-chrootenv/env.nix

··· 65 65 gnutar gzip bzip2 xz glibcLocales 66 66 ]; 67 67 68 - # Compose a global profile for the chroot environment 69 - profilePkg = nixpkgs.stdenv.mkDerivation { 70 - name = "${name}-chrootenv-profile"; 68 + # Compose /etc for the chroot environment 69 + etcPkg = nixpkgs.stdenv.mkDerivation { 70 + name = "${name}-chrootenv-etc"; 71 71 buildCommand = '' 72 72 mkdir -p $out/etc 73 - cat >> $out/etc/profile << "EOF" 73 + cd $out/etc 74 + 75 + # environment variables 76 + cat >> profile << "EOF" 74 77 export PS1='${name}-chrootenv:\u@\h:\w\$ ' 75 78 export LOCALE_ARCHIVE='/usr/lib${if is64Bit then "64" else ""}/locale/locale-archive' 76 79 export LD_LIBRARY_PATH=/run/opengl-driver/lib:/run/opengl-driver-32/lib:/lib:/lib32:/lib64 77 80 export PATH='/bin:/sbin' 78 81 ${profile} 79 82 EOF 83 + 84 + # compatibility with NixOS 85 + ln -s /host-etc/static static 86 + 87 + # symlink some NSS stuff 88 + ln -s /host-etc/passwd passwd 89 + ln -s /host-etc/group group 90 + ln -s /host-etc/shadow shadow 91 + ln -s /host-etc/hosts hosts 92 + ln -s /host-etc/resolv.conf resolv.conf 93 + ln -s /host-etc/nsswitch.conf nsswitch.conf 94 + 95 + # symlink other core stuff 96 + ln -s /host-etc/localtime localtime 97 + ln -s /host-etc/machine-id machine-id 98 + 99 + # symlink PAM stuff 100 + ln -s /host-etc/pam.d pam.d 101 + 102 + # symlink fonts stuff 103 + ln -s /host-etc/fonts fonts 104 + 105 + # symlink ALSA stuff 106 + ln -s /host-etc/asound.conf asound.conf 107 + 108 + # symlink SSL certs 109 + mkdir -p ssl 110 + ln -s /host-etc/ssl/certs ssl/certs 80 111 ''; 81 112 }; 82 113 83 114 # Composes a /usr like directory structure 84 115 staticUsrProfileTarget = nixpkgs.buildEnv { 85 - name = "system-profile-target"; 86 - paths = basePkgs ++ [ profilePkg ] ++ targetPaths; 116 + name = "${name}-usr-target"; 117 + paths = [ etcPkg ] ++ basePkgs ++ targetPaths; 87 118 ignoreCollisions = true; 88 119 }; 89 120 ··· 94 125 }; 95 126 96 127 linkProfile = profile: '' 97 - for i in ${profile}/{bin,sbin,share,var}; do 128 + for i in ${profile}/{bin,sbin,share,var,etc}; do 98 129 if [ -x "$i" ] 99 130 then 100 131 ln -s "$i" ··· 102 133 done 103 134 ''; 104 135 105 - # the target profile is the actual profile that will be used for the chroot 106 - setupTargetProfile = '' 107 - ${linkProfile staticUsrProfileTarget} 108 - ${setupLibDirs} 109 - 110 - mkdir -m0755 usr 111 - cd usr 112 - ${linkProfile staticUsrProfileTarget} 113 - ${setupLibDirs} 114 - cd .. 115 - ''; 116 - 117 136 # this will happen on x86_64 host: 118 137 # /x86 -> links to the whole profile defined by multiPaths 119 138 # /lib, /lib32 -> links to 32bit binaries ··· 125 144 ${linkProfile staticUsrProfileMulti} 126 145 cd .. 127 146 ''; 128 - 129 - setupLibDirs = if isTargetBuild then setupLibDirs_target 130 - else setupLibDirs_multi; 131 147 132 148 # setup library paths only for the targeted architecture 133 149 setupLibDirs_target = '' ··· 163 179 cp -rsf ${chosenGcc.cc}/lib64/* lib64/ 164 180 ''; 165 181 166 - setupEtc = '' 167 - mkdir -m0755 etc 182 + setupLibDirs = if isTargetBuild then setupLibDirs_target 183 + else setupLibDirs_multi; 168 184 169 - # copy profile content 170 - cp -rsf ${staticUsrProfileTarget}/etc/* etc/ && chmod u+w -R etc/ 171 - [ -d ${staticUsrProfileMulti}/etc ] && cp -rsf ${staticUsrProfileMulti}/etc/* etc/ && chmod u+w -R etc/ 172 185 173 - # compatibility with NixOS 174 - ln -s /host-etc/static etc/static 186 + # the target profile is the actual profile that will be used for the chroot 187 + setupTargetProfile = '' 188 + ${linkProfile staticUsrProfileTarget} 189 + ${setupLibDirs} 175 190 176 - # symlink some NSS stuff 177 - ln -s /host-etc/passwd etc/passwd 178 - ln -s /host-etc/group etc/group 179 - ln -s /host-etc/shadow etc/shadow 180 - ln -s /host-etc/hosts etc/hosts 181 - ln -s /host-etc/resolv.conf etc/resolv.conf 182 - ln -s /host-etc/nsswitch.conf etc/nsswitch.conf 183 - 184 - # symlink other core stuff 185 - ln -s /host-etc/localtime etc/localtime 186 - ln -s /host-etc/machine-id etc/machine-id 187 - 188 - # symlink PAM stuff 189 - rm -rf etc/pam.d 190 - ln -s /host-etc/pam.d etc/pam.d 191 - 192 - # symlink fonts stuff 193 - rm -rf etc/fonts 194 - ln -s /host-etc/fonts etc/fonts 195 - 196 - # symlink ALSA stuff 197 - ln -s /host-etc/asound.conf etc/asound.conf 191 + mkdir -m0755 usr 192 + cd usr 193 + ${linkProfile staticUsrProfileTarget} 194 + ${setupLibDirs} 195 + cd .. 196 + rm -rf usr/etc usr/var 198 197 ''; 199 198 200 199 in nixpkgs.stdenv.mkDerivation { ··· 204 203 cd $out 205 204 ${setupTargetProfile} 206 205 ${setupMultiProfile} 207 - ${setupEtc} 208 206 cd $out 209 207 ${extraBuildCommands} 210 208 cd $out