tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
fork atom

mesos: 1.0.1 -> 1.1.0

Charles Strahan 7ebcada0 da70d3da

+749 -372
unified split
+21
nixos/modules/services/misc/mesos-master.nix
··· 16 16 type = types.bool; 17 17 }; 18 18 19 + ip = mkOption { 20 + description = "IP address to listen on."; 21 + default = "0.0.0.0"; 22 + type = types.str; 23 + }; 24 + 19 25 port = mkOption { 20 26 description = "Mesos Master port"; 21 27 default = 5050; 22 28 type = types.int; 29 + }; 30 + 31 + advertiseIp = mkOption { 32 + description = "IP address advertised to reach this master."; 33 + default = null; 34 + type = types.nullOr types.str; 35 + }; 36 + 37 + advertisePort = mkOption { 38 + description = "Port advertised to reach this Mesos master."; 39 + default = null; 40 + type = types.nullOr types.int; 23 41 }; 24 42 25 43 zk = mkOption { ··· 84 102 serviceConfig = { 85 103 ExecStart = '' 86 104 ${pkgs.mesos}/bin/mesos-master \ 105 + --ip=${cfg.ip} \ 87 106 --port=${toString cfg.port} \ 107 + ${optionalString (cfg.advertiseIp != null) "--advertise_ip=${cfg.advertiseIp}"} \ 108 + ${optionalString (cfg.advertisePort != null) "--advertise_port=${toString cfg.advertisePort}"} \ 88 109 ${if cfg.quorum == 0 89 110 then "--registry=in_memory" 90 111 else "--zk=${cfg.zk} --registry=replicated_log --quorum=${toString cfg.quorum}"} \
+94 -4
nixos/modules/services/misc/mesos-slave.nix
··· 12 12 attribsArg = optionalString (cfg.attributes != {}) 13 13 "--attributes=${mkAttributes cfg.attributes}"; 14 14 15 - containerizers = [ "mesos" ] ++ (optional cfg.withDocker "docker"); 15 + containerizersArg = concatStringsSep "," ( 16 + lib.unique ( 17 + cfg.containerizers ++ (optional cfg.withDocker "docker") 18 + ) 19 + ); 20 + 21 + imageProvidersArg = concatStringsSep "," ( 22 + lib.unique ( 23 + cfg.imageProviders ++ (optional cfg.withDocker "docker") 24 + ) 25 + ); 26 + 27 + isolationArg = concatStringsSep "," ( 28 + lib.unique ( 29 + cfg.isolation ++ (optionals cfg.withDocker [ "filesystem/linux" "docker/runtime"]) 30 + ) 31 + ); 16 32 17 33 in { 18 34 ··· 27 43 ip = mkOption { 28 44 description = "IP address to listen on."; 29 45 default = "0.0.0.0"; 30 - type = types.string; 46 + type = types.str; 31 47 }; 32 48 33 49 port = mkOption { ··· 36 52 type = types.int; 37 53 }; 38 54 55 + advertiseIp = mkOption { 56 + description = "IP address advertised to reach this agent."; 57 + default = null; 58 + type = types.nullOr types.str; 59 + }; 60 + 61 + advertisePort = mkOption { 62 + description = "Port advertised to reach this agent."; 63 + default = null; 64 + type = types.nullOr types.int; 65 + }; 66 + 67 + containerizers = mkOption { 68 + description = '' 69 + List of containerizer implementations to compose in order to provide 70 + containerization. Available options are mesos and docker. 71 + The order the containerizers are specified is the order they are tried. 72 + ''; 73 + default = [ "mesos" ]; 74 + type = types.listOf types.str; 75 + }; 76 + 77 + imageProviders = mkOption { 78 + description = "List of supported image providers, e.g., APPC,DOCKER."; 79 + default = [ ]; 80 + type = types.listOf types.str; 81 + }; 82 + 83 + imageProvisionerBackend = mkOption { 84 + description = '' 85 + Strategy for provisioning container rootfs from images, 86 + e.g., aufs, bind, copy, overlay. 87 + ''; 88 + default = "copy"; 89 + type = types.str; 90 + }; 91 + 92 + isolation = mkOption { 93 + description = '' 94 + Isolation mechanisms to use, e.g., posix/cpu,posix/mem, or 95 + cgroups/cpu,cgroups/mem, or network/port_mapping, or `gpu/nvidia` for nvidia 96 + specific gpu isolation. 97 + ''; 98 + default = [ "posix/cpu" "posix/mem" ]; 99 + type = types.listOf types.str; 100 + }; 101 + 39 102 master = mkOption { 40 103 description = '' 41 104 May be one of: ··· 57 120 type = types.bool; 58 121 }; 59 122 123 + dockerRegistry = mkOption { 124 + description = '' 125 + The default url for pulling Docker images. 126 + It could either be a Docker registry server url, 127 + or a local path in which Docker image archives are stored. 128 + ''; 129 + default = null; 130 + type = types.nullOr (types.either types.str types.path); 131 + }; 132 + 60 133 workDir = mkOption { 61 134 description = "The Mesos work directory."; 62 135 default = "/var/lib/mesos/slave"; ··· 96 169 host = "aabc123"; 97 170 os = "nixos"; }; 98 171 }; 172 + 173 + executorEnvironmentVariables = mkOption { 174 + description = '' 175 + The environment variables that should be passed to the executor, and thus subsequently task(s). 176 + ''; 177 + default = { 178 + PATH = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"; 179 + }; 180 + type = types.attrsOf types.str; 181 + }; 99 182 }; 100 183 101 184 }; 102 - 103 185 104 186 config = mkIf cfg.enable { 105 187 systemd.services.mesos-slave = { 106 188 description = "Mesos Slave"; 107 189 wantedBy = [ "multi-user.target" ]; 108 190 after = [ "network.target" ]; 109 - environment.MESOS_CONTAINERIZERS = concatStringsSep "," containerizers; 191 + path = [ pkgs.stdenv.shellPackage ]; 110 192 serviceConfig = { 111 193 ExecStart = '' 112 194 ${pkgs.mesos}/bin/mesos-slave \ 195 + --containerizers=${containerizersArg} \ 196 + --image_providers=${imageProvidersArg} \ 197 + --image_provisioner_backend=${cfg.imageProvisionerBackend} \ 198 + --isolation=${isolationArg} \ 113 199 --ip=${cfg.ip} \ 114 200 --port=${toString cfg.port} \ 201 + ${optionalString (cfg.advertiseIp != null) "--advertise_ip=${cfg.advertiseIp}"} \ 202 + ${optionalString (cfg.advertisePort != null) "--advertise_port=${toString cfg.advertisePort}"} \ 115 203 --master=${cfg.master} \ 116 204 --work_dir=${cfg.workDir} \ 117 205 --logging_level=${cfg.logLevel} \ 118 206 ${attribsArg} \ 119 207 ${optionalString cfg.withHadoop "--hadoop-home=${pkgs.hadoop}"} \ 120 208 ${optionalString cfg.withDocker "--docker=${pkgs.docker}/libexec/docker/docker"} \ 209 + ${optionalString (cfg.dockerRegistry != null) "--docker_registry=${cfg.dockerRegistry}"} \ 210 + --executor_environment_variables=${lib.escapeShellArg (builtins.toJSON cfg.executorEnvironmentVariables)} \ 121 211 ${toString cfg.extraCmdLineOptions} 122 212 ''; 123 213 PermissionsStartOnly = true;
+78 -19
nixos/tests/mesos.nix
··· 1 - import ./make-test.nix ({ pkgs, ...} : { 2 - name = "simple"; 1 + import ./make-test.nix ({ pkgs, ...} : rec { 2 + name = "mesos"; 3 3 meta = with pkgs.stdenv.lib.maintainers; { 4 - maintainers = [ offline ]; 4 + maintainers = [ offline kamilchm cstrahan ]; 5 5 }; 6 6 7 - machine = { config, pkgs, ... }: { 8 - services.zookeeper.enable = true; 9 - virtualisation.docker.enable = true; 10 - services.mesos = { 11 - slave = { 12 - enable = true; 13 - master = "zk://localhost:2181/mesos"; 14 - attributes = { 15 - tag1 = "foo"; 16 - tag2 = "bar"; 7 + nodes = { 8 + master = { config, pkgs, ... }: { 9 + networking.firewall.enable = false; 10 + services.zookeeper.enable = true; 11 + services.mesos.master = { 12 + enable = true; 13 + zk = "zk://master:2181/mesos"; 14 + }; 15 + }; 16 + 17 + slave = { config, pkgs, ... }: { 18 + networking.firewall.enable = false; 19 + networking.nat.enable = true; 20 + virtualisation.docker.enable = true; 21 + services.mesos = { 22 + slave = { 23 + enable = true; 24 + master = "master:5050"; 25 + dockerRegistry = registry; 26 + executorEnvironmentVariables = { 27 + PATH = "/run/current-system/sw/bin"; 28 + }; 17 29 }; 18 30 }; 19 - master = { 20 - enable = true; 21 - zk = "zk://localhost:2181/mesos"; 22 - }; 31 + }; 32 + }; 33 + 34 + simpleDocker = pkgs.dockerTools.buildImage { 35 + name = "echo"; 36 + contents = [ pkgs.stdenv.shellPackage pkgs.coreutils ]; 37 + config = { 38 + Env = [ 39 + # When shell=true, mesos invokes "sh -c '<cmd>'", so make sure "sh" is 40 + # on the PATH. 41 + "PATH=${pkgs.stdenv.shellPackage}/bin:${pkgs.coreutils}/bin" 42 + ]; 43 + Entrypoint = [ "echo" ]; 23 44 }; 24 45 }; 25 46 47 + registry = pkgs.runCommand "registry" { } '' 48 + mkdir -p $out 49 + cp ${simpleDocker} $out/echo:latest.tar 50 + ''; 51 + 52 + testFramework = pkgs.pythonPackages.buildPythonPackage { 53 + name = "mesos-tests"; 54 + propagatedBuildInputs = [ pkgs.mesos ]; 55 + catchConflicts = false; 56 + src = ./mesos_test.py; 57 + phases = [ "installPhase" "fixupPhase" ]; 58 + installPhase = '' 59 + mkdir $out 60 + cp $src $out/mesos_test.py 61 + chmod +x $out/mesos_test.py 62 + 63 + echo "done" > test.result 64 + tar czf $out/test.tar.gz test.result 65 + ''; 66 + }; 67 + 26 68 testScript = 27 69 '' 28 70 startAll; 29 - $machine->waitForUnit("mesos-master.service"); 30 - $machine->waitForUnit("mesos-slave.service"); 71 + $master->waitForUnit("mesos-master.service"); 72 + $slave->waitForUnit("mesos-slave.service"); 73 + 74 + $master->waitForOpenPort(5050); 75 + $slave->waitForOpenPort(5051); 76 + 77 + # is slave registred? 78 + $master->waitUntilSucceeds("curl -s --fail http://master:5050/master/slaves". 79 + " | grep -q \"\\\"hostname\\\":\\\"slave\\\"\""); 80 + 81 + # try to run docker image 82 + $master->succeed("${pkgs.mesos}/bin/mesos-execute --master=master:5050". 83 + " --resources=\"cpus:0.1;mem:32\" --name=simple-docker". 84 + " --containerizer=mesos --docker_image=echo:latest". 85 + " --shell=true --command=\"echo done\" | grep -q TASK_FINISHED"); 86 + 87 + # simple command with .tar.gz uri 88 + $master->succeed("${testFramework}/mesos_test.py master ". 89 + "${testFramework}/test.tar.gz"); 31 90 ''; 32 91 })
+72
nixos/tests/mesos_test.py
··· 1 + #!/usr/bin/env python 2 + import uuid 3 + import time 4 + import subprocess 5 + import os 6 + 7 + import sys 8 + 9 + from mesos.interface import Scheduler 10 + from mesos.native import MesosSchedulerDriver 11 + from mesos.interface import mesos_pb2 12 + 13 + def log(msg): 14 + process = subprocess.Popen("systemd-cat", stdin=subprocess.PIPE) 15 + (out,err) = process.communicate(msg) 16 + 17 + class NixosTestScheduler(Scheduler): 18 + def __init__(self): 19 + self.master_ip = sys.argv[1] 20 + self.download_uri = sys.argv[2] 21 + 22 + def resourceOffers(self, driver, offers): 23 + log("XXX got resource offer") 24 + 25 + offer = offers[0] 26 + task = self.new_task(offer) 27 + uri = task.command.uris.add() 28 + uri.value = self.download_uri 29 + task.command.value = "cat test.result" 30 + driver.launchTasks(offer.id, [task]) 31 + 32 + def statusUpdate(self, driver, update): 33 + log("XXX status update") 34 + if update.state == mesos_pb2.TASK_FAILED: 35 + log("XXX test task failed with message: " + update.message) 36 + driver.stop() 37 + sys.exit(1) 38 + elif update.state == mesos_pb2.TASK_FINISHED: 39 + driver.stop() 40 + sys.exit(0) 41 + 42 + def new_task(self, offer): 43 + task = mesos_pb2.TaskInfo() 44 + id = uuid.uuid4() 45 + task.task_id.value = str(id) 46 + task.slave_id.value = offer.slave_id.value 47 + task.name = "task {}".format(str(id)) 48 + 49 + cpus = task.resources.add() 50 + cpus.name = "cpus" 51 + cpus.type = mesos_pb2.Value.SCALAR 52 + cpus.scalar.value = 0.1 53 + 54 + mem = task.resources.add() 55 + mem.name = "mem" 56 + mem.type = mesos_pb2.Value.SCALAR 57 + mem.scalar.value = 32 58 + 59 + return task 60 + 61 + if __name__ == '__main__': 62 + log("XXX framework started") 63 + 64 + framework = mesos_pb2.FrameworkInfo() 65 + framework.user = "root" 66 + framework.name = "nixos-test-framework" 67 + driver = MesosSchedulerDriver( 68 + NixosTestScheduler(), 69 + framework, 70 + sys.argv[1] + ":5050" 71 + ) 72 + driver.run()
+74 -20
pkgs/applications/networking/cluster/mesos/default.nix
··· 2 2 , automake115x, libtool, unzip, gnutar, jdk, maven, python, wrapPython 3 3 , setuptools, boto, pythonProtobuf, apr, subversion, gzip, systemd 4 4 , leveldb, glog, perf, utillinux, libnl, iproute, openssl, libevent 5 - , ethtool, coreutils 5 + , ethtool, coreutils, which, iptables 6 6 , bash 7 7 }: 8 8 9 9 let 10 10 mavenRepo = import ./mesos-deps.nix { inherit stdenv curl; }; 11 11 soext = if stdenv.system == "x86_64-darwin" then "dylib" else "so"; 12 + # `tar -z` requires gzip on $PATH, so wrap tar. 13 + # At some point, we should try to patch mesos so we add gzip to the PATH when 14 + # tar is invoked. I think that only needs to be done here: 15 + # src/common/command_utils.cpp 16 + # https://github.com/NixOS/nixpkgs/issues/13783 17 + tarWithGzip = lib.overrideDerivation gnutar (oldAttrs: { 18 + buildInputs = (oldAttrs.buildInputs or []) ++ [ makeWrapper ]; 19 + postInstall = (oldAttrs.postInstall or "") + '' 20 + wrapProgram $out/bin/tar --prefix PATH ":" "${gzip}/bin" 21 + ''; 22 + }); 12 23 13 24 in stdenv.mkDerivation rec { 14 - version = "1.0.1"; 25 + version = "1.1.0"; 15 26 name = "mesos-${version}"; 16 27 17 28 enableParallelBuilding = true; ··· 19 30 20 31 src = fetchurl { 21 32 url = "mirror://apache/mesos/${version}/${name}.tar.gz"; 22 - sha256 = "1hdh2wh11ck98ycfrxfzgivgk2pjl3638vkyw14xj7faj9qxjlz0"; 33 + sha256 = "1hdjd4syyp88l0bnh88bhzvn9466ad2ysfp9pq3kwj3qzwg5jv8g"; 23 34 }; 24 35 25 36 patches = [ 26 37 # https://reviews.apache.org/r/36610/ 38 + # TODO: is this still needed? 27 39 ./rb36610.patch 28 40 29 - # https://issues.apache.org/jira/browse/MESOS-6013 30 - ./rb51324.patch 31 - ./rb51325.patch 32 - 33 41 # see https://github.com/cstrahan/mesos/tree/nixos-${version} 34 42 ./nixos.patch 35 43 ]; ··· 46 54 pythonProtobuf 47 55 ]; 48 56 57 + # note that we *must* statically link libprotobuf. 58 + # if we dynamically link the lib, we get these errors: 59 + # https://github.com/NixOS/nixpkgs/pull/19064#issuecomment-255082684 49 60 preConfigure = '' 61 + substituteInPlace 3rdparty/stout/include/stout/os/posix/chown.hpp \ 62 + --subst-var-by chown ${coreutils}/bin/chown 63 + 64 + substituteInPlace 3rdparty/stout/Makefile.am \ 65 + --replace "-lprotobuf" \ 66 + "${pythonProtobuf.protobuf.lib}/lib/libprotobuf.a" 67 + 50 68 substituteInPlace 3rdparty/stout/include/stout/os/posix/fork.hpp \ 51 69 --subst-var-by sh ${bash}/bin/bash 52 70 53 - substituteInPlace 3rdparty/stout/include/stout/os/posix/shell.hpp \ 54 - --subst-var-by sh ${bash}/bin/bash 55 - 56 - substituteInPlace src/Makefile.am \ 57 - --subst-var-by mavenRepo ${mavenRepo} 71 + substituteInPlace 3rdparty/stout/include/stout/posix/os.hpp \ 72 + --subst-var-by tar ${tarWithGzip}/bin/tar 58 73 59 74 substituteInPlace src/cli/mesos-scp \ 60 75 --subst-var-by scp ${openssh}/bin/scp 61 76 77 + substituteInPlace src/common/command_utils.cpp \ 78 + --subst-var-by curl ${curl}/bin/curl \ 79 + --subst-var-by gzip ${gzip}/bin/gzip \ 80 + --subst-var-by sha512sum ${coreutils}/bin/sha512sum \ 81 + --subst-var-by tar ${tarWithGzip}/bin/tar 82 + 62 83 substituteInPlace src/launcher/fetcher.cpp \ 84 + --subst-var-by cp ${coreutils}/bin/cp \ 63 85 --subst-var-by gzip ${gzip}/bin/gzip \ 64 - --subst-var-by tar ${gnutar}/bin/tar \ 86 + --subst-var-by tar ${tarWithGzip}/bin/tar \ 65 87 --subst-var-by unzip ${unzip}/bin/unzip 66 88 67 89 substituteInPlace src/python/cli/src/mesos/cli.py \ 68 90 --subst-var-by mesos-resolve $out/bin/mesos-resolve 69 91 92 + substituteInPlace src/python/native_common/ext_modules.py.in \ 93 + --replace "-lprotobuf" \ 94 + "${pythonProtobuf.protobuf.lib}/lib/libprotobuf.a" 95 + 96 + substituteInPlace src/slave/containerizer/mesos/isolators/gpu/volume.cpp \ 97 + --subst-var-by cp ${coreutils}/bin/cp \ 98 + --subst-var-by which ${which}/bin/which 99 + 70 100 substituteInPlace src/slave/containerizer/mesos/isolators/posix/disk.cpp \ 71 - --subst-var-by du ${coreutils}/bin/du \ 72 - --subst-var-by cp ${coreutils}/bin/cp 101 + --subst-var-by du ${coreutils}/bin/du 73 102 74 103 substituteInPlace src/slave/containerizer/mesos/provisioner/backends/copy.cpp \ 75 - --subst-var-by cp ${coreutils}/bin/cp 104 + --subst-var-by cp ${coreutils}/bin/cp \ 105 + --subst-var-by rm ${coreutils}/bin/rm 76 106 77 107 substituteInPlace src/uri/fetchers/copy.cpp \ 78 108 --subst-var-by cp ${coreutils}/bin/cp ··· 83 113 substituteInPlace src/uri/fetchers/docker.cpp \ 84 114 --subst-var-by curl ${curl}/bin/curl 85 115 116 + substituteInPlace src/Makefile.am \ 117 + --subst-var-by mavenRepo ${mavenRepo} \ 118 + --replace "-lprotobuf" \ 119 + "${pythonProtobuf.protobuf.lib}/lib/libprotobuf.a" 120 + 86 121 '' + lib.optionalString stdenv.isLinux '' 87 122 88 123 substituteInPlace src/linux/perf.cpp \ 89 124 --subst-var-by perf ${perf}/bin/perf 90 125 126 + substituteInPlace src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp \ 127 + --subst-var-by mount ${utillinux}/bin/mount 128 + 129 + substituteInPlace src/slave/containerizer/mesos/isolators/filesystem/linux.cpp \ 130 + --subst-var-by mount ${utillinux}/bin/mount 131 + 91 132 substituteInPlace src/slave/containerizer/mesos/isolators/filesystem/shared.cpp \ 92 133 --subst-var-by mount ${utillinux}/bin/mount 93 134 135 + substituteInPlace src/slave/containerizer/mesos/isolators/gpu/isolator.cpp \ 136 + --subst-var-by mount ${utillinux}/bin/mount 137 + 94 138 substituteInPlace src/slave/containerizer/mesos/isolators/namespaces/pid.cpp \ 95 139 --subst-var-by mount ${utillinux}/bin/mount 96 140 141 + substituteInPlace src/slave/containerizer/mesos/isolators/network/cni/cni.cpp \ 142 + --subst-var-by mount ${utillinux}/bin/mount 143 + 144 + substituteInPlace src/slave/containerizer/mesos/isolators/network/cni/plugins/port_mapper/port_mapper.cpp \ 145 + --subst-var-by iptables ${iptables}/bin/iptables 146 + 97 147 substituteInPlace src/slave/containerizer/mesos/isolators/network/port_mapping.cpp \ 98 - --subst-var-by tc ${iproute}/bin/tc \ 148 + --subst-var-by ethtool ${ethtool}/sbin/ethtool \ 99 149 --subst-var-by ip ${iproute}/bin/ip \ 100 150 --subst-var-by mount ${utillinux}/bin/mount \ 101 - --subst-var-by sh ${stdenv.shell} \ 102 - --subst-var-by ethtool ${ethtool}/sbin/ethtool 151 + --subst-var-by tc ${iproute}/bin/tc 152 + 153 + substituteInPlace src/slave/containerizer/mesos/isolators/volume/image.cpp \ 154 + --subst-var-by mount ${utillinux}/bin/mount 155 + 156 + substituteInPlace src/slave/containerizer/mesos/isolators/volume/sandbox_path.cpp \ 157 + --subst-var-by mount ${utillinux}/bin/mount 103 158 ''; 104 159 105 160 configureFlags = [ ··· 107 162 "--with-apr=${apr.dev}" 108 163 "--with-svn=${subversion.dev}" 109 164 "--with-leveldb=${leveldb}" 110 - "--with-glog=${glog}" 111 165 "--with-glog=${glog}" 112 166 "--enable-optimize" 113 167 "--disable-python-dependency-install"
-13
pkgs/applications/networking/cluster/mesos/maven_repo.patch
··· 1 - diff --git a/src/Makefile.am b/src/Makefile.am 2 - index ae2740a..1df91a7 100644 3 - --- a/src/Makefile.am 4 - +++ b/src/Makefile.am 5 - @@ -1310,7 +1310,7 @@ if HAS_JAVA 6 - 7 - $(MESOS_JAR): $(MESOS_JAR_SOURCE) $(MESOS_JAR_GENERATED) java/mesos.pom 8 - @echo "Building mesos-$(PACKAGE_VERSION).jar ..." 9 - - @cd $(abs_top_builddir)/src/java && $(MVN) -f mesos.pom clean package 10 - + @cd $(abs_top_builddir)/src/java && $(MVN) -f mesos.pom -Dmaven.repo.local=@mavenRepo@ clean package 11 - 12 - # Convenience library for JNI bindings. 13 - # TODO(Charles Reiss): We really should be building the Java library
+364 -80
pkgs/applications/networking/cluster/mesos/nixos.patch
··· 1 + diff --git a/3rdparty/stout/include/stout/os/posix/chown.hpp b/3rdparty/stout/include/stout/os/posix/chown.hpp 2 + index c82e2e574..15d332107 100644 3 + --- a/3rdparty/stout/include/stout/os/posix/chown.hpp 4 + +++ b/3rdparty/stout/include/stout/os/posix/chown.hpp 5 + @@ -34,7 +34,7 @@ inline Try<Nothing> chown( 6 + // TODO(bmahler): Consider walking the file tree instead. We would need 7 + // to be careful to not miss dotfiles. 8 + std::string command = 9 + - "chown -R " + stringify(uid) + ':' + stringify(gid) + " '" + path + "'"; 10 + + "@chown@ -R " + stringify(uid) + ':' + stringify(gid) + " '" + path + "'"; 11 + 12 + int status = os::system(command); 13 + if (status != 0) { 1 14 diff --git a/3rdparty/stout/include/stout/os/posix/fork.hpp b/3rdparty/stout/include/stout/os/posix/fork.hpp 2 - index a29967d..290b98b 100644 15 + index a29967dcb..290b98b50 100644 3 16 --- a/3rdparty/stout/include/stout/os/posix/fork.hpp 4 17 +++ b/3rdparty/stout/include/stout/os/posix/fork.hpp 5 18 @@ -369,7 +369,7 @@ private: ··· 11 24 EXIT(EXIT_FAILURE) 12 25 << "Failed to execute '" << command << "': " << os::strerror(errno); 13 26 } else if (wait.isSome()) { 14 - diff --git a/3rdparty/stout/include/stout/os/posix/shell.hpp b/3rdparty/stout/include/stout/os/posix/shell.hpp 15 - index 1d73ae5..9bf89b5 100644 16 - --- a/3rdparty/stout/include/stout/os/posix/shell.hpp 17 - +++ b/3rdparty/stout/include/stout/os/posix/shell.hpp 18 - @@ -37,7 +37,7 @@ namespace Shell { 19 - // received by the callee, usually the command name and `arg1` is the 20 - // second command argument received by the callee. 21 - 22 - -constexpr const char* name = "sh"; 23 - +constexpr const char* name = "@sh@"; 24 - constexpr const char* arg0 = "sh"; 25 - constexpr const char* arg1 = "-c"; 27 + diff --git a/3rdparty/stout/include/stout/posix/os.hpp b/3rdparty/stout/include/stout/posix/os.hpp 28 + index c37e64db6..d3d87b7f0 100644 29 + --- a/3rdparty/stout/include/stout/posix/os.hpp 30 + +++ b/3rdparty/stout/include/stout/posix/os.hpp 31 + @@ -375,7 +375,7 @@ inline Option<std::string> getenv(const std::string& key) 32 + inline Try<Nothing> tar(const std::string& path, const std::string& archive) 33 + { 34 + Try<std::string> tarOut = 35 + - os::shell("tar %s %s %s", "-czf", archive.c_str(), path.c_str()); 36 + + os::shell("@tar@ %s %s %s", "-czf", archive.c_str(), path.c_str()); 26 37 38 + if (tarOut.isError()) { 39 + return Error("Failed to archive " + path + ": " + tarOut.error()); 27 40 diff --git a/src/Makefile.am b/src/Makefile.am 28 - index 28dd151..36fc6ec 100644 41 + index 3bcc0f2df..e5cbc57e8 100644 29 42 --- a/src/Makefile.am 30 43 +++ b/src/Makefile.am 31 - @@ -1528,7 +1528,8 @@ if HAS_JAVA 44 + @@ -1545,7 +1545,7 @@ if HAS_JAVA 32 45 33 46 $(MESOS_JAR): $(MESOS_JAR_SOURCE) $(MESOS_JAR_GENERATED) java/mesos.pom 34 47 @echo "Building mesos-$(PACKAGE_VERSION).jar ..." 35 48 - @cd $(abs_top_builddir)/src/java && $(MVN) -B -f mesos.pom clean package 36 49 + @cd $(abs_top_builddir)/src/java && $(MVN) -B -f mesos.pom -Dmaven.repo.local=@mavenRepo@ clean package 37 - + 38 50 39 51 # Convenience library for JNI bindings. 40 52 # TODO(Charles Reiss): We really should be building the Java library 41 53 diff --git a/src/cli/mesos-scp b/src/cli/mesos-scp 42 - index a71ab07..feed8c4 100755 54 + index a71ab0708..1043d1b3c 100755 43 55 --- a/src/cli/mesos-scp 44 56 +++ b/src/cli/mesos-scp 45 - @@ -19,7 +19,7 @@ if sys.version_info < (2,6,0): 57 + @@ -19,7 +19,8 @@ if sys.version_info < (2,6,0): 46 58 47 59 48 60 def scp(host, src, dst): 49 61 - cmd = 'scp -pr %s %s' % (src, host + ':' + dst) 50 62 + cmd = '@scp@ -pr %s %s' % (src, host + ':' + dst) 63 + + 51 64 try: 52 65 process = subprocess.Popen( 53 66 cmd, 67 + diff --git a/src/common/command_utils.cpp b/src/common/command_utils.cpp 68 + index 09e805140..90bf65896 100644 69 + --- a/src/common/command_utils.cpp 70 + +++ b/src/common/command_utils.cpp 71 + @@ -140,7 +140,7 @@ Future<Nothing> tar( 72 + 73 + argv.emplace_back(input); 74 + 75 + - return launch("tar", argv) 76 + + return launch("@tar@", argv) 77 + .then([]() { return Nothing(); }); 78 + } 79 + 80 + @@ -162,7 +162,7 @@ Future<Nothing> untar( 81 + argv.emplace_back(directory.get()); 82 + } 83 + 84 + - return launch("tar", argv) 85 + + return launch("@tar@", argv) 86 + .then([]() { return Nothing(); }); 87 + } 88 + 89 + @@ -170,7 +170,7 @@ Future<Nothing> untar( 90 + Future<string> sha512(const Path& input) 91 + { 92 + #ifdef __linux__ 93 + - const string cmd = "sha512sum"; 94 + + const string cmd = "@sha512sum@"; 95 + vector<string> argv = { 96 + cmd, 97 + input // Input file to compute shasum. 98 + @@ -206,7 +206,7 @@ Future<Nothing> gzip(const Path& input) 99 + input 100 + }; 101 + 102 + - return launch("gzip", argv) 103 + + return launch("@gzip@", argv) 104 + .then([]() { return Nothing(); }); 105 + } 106 + 107 + @@ -219,7 +219,7 @@ Future<Nothing> decompress(const Path& input) 108 + input 109 + }; 110 + 111 + - return launch("gzip", argv) 112 + + return launch("@gzip@", argv) 113 + .then([]() { return Nothing(); }); 114 + } 115 + 54 116 diff --git a/src/launcher/fetcher.cpp b/src/launcher/fetcher.cpp 55 - index 4456c28..e22c8fc 100644 117 + index 4456c2813..e22c8fc03 100644 56 118 --- a/src/launcher/fetcher.cpp 57 119 +++ b/src/launcher/fetcher.cpp 58 120 @@ -68,13 +68,13 @@ static Try<bool> extract( ··· 82 144 LOG(INFO) << "Copying resource with command:" << command; 83 145 84 146 diff --git a/src/linux/perf.cpp b/src/linux/perf.cpp 85 - index ea823b3..170f54d 100644 147 + index aa31982eb..8b5331b17 100644 86 148 --- a/src/linux/perf.cpp 87 149 +++ b/src/linux/perf.cpp 88 - @@ -125,7 +125,7 @@ private: 89 - // NOTE: The watchdog process places perf in its own process group 150 + @@ -127,7 +127,7 @@ private: 151 + // NOTE: The supervisor childhook places perf in its own process group 90 152 // and will kill the perf process when the parent dies. 91 153 Try<Subprocess> _perf = subprocess( 92 154 - "perf", ··· 104 166 command << " --event " << event; 105 167 } 106 168 diff --git a/src/linux/systemd.cpp b/src/linux/systemd.cpp 107 - index 619aa27..c1cbfe4 100644 169 + index 6318f48fc..394d88d47 100644 108 170 --- a/src/linux/systemd.cpp 109 171 +++ b/src/linux/systemd.cpp 110 - @@ -196,12 +196,19 @@ bool exists() 172 + @@ -196,13 +196,21 @@ bool exists() 111 173 // This is static as the init system should not change while we are running. 112 174 static const bool exists = []() -> bool { 113 175 // (1) Test whether `/sbin/init` links to systemd. 114 176 - const Result<string> realpath = os::realpath("/sbin/init"); 115 177 - if (realpath.isError() || realpath.isNone()) { 116 178 - LOG(WARNING) << "Failed to test /sbin/init for systemd environment: " 117 - - << realpath.error(); 179 + - << (realpath.isError() ? realpath.error() 180 + - : "does not exist"); 118 181 - 119 182 - return false; 120 - + // cstrahan: first assume we're on NixOS, then try non-NixOS 183 + + // cstrahan(nixos): first assume we're on NixOS, then try non-NixOS 121 184 + Result<string> realpath = os::realpath("/run/current-system/systemd/lib/systemd/systemd"); 122 185 + Result<string> realpathNixOS = realpath; 123 186 + if (realpathNixOS.isError() || realpathNixOS.isNone()) { 124 187 + Result<string> realpathNonNixOS = realpath = os::realpath("/sbin/init"); 125 188 + if (realpathNonNixOS.isError() || realpathNonNixOS.isNone()) { 126 189 + LOG(WARNING) << "Failed to test /run/current-system/systemd/lib/systemd/systemd for systemd environment: " 127 - + << realpathNixOS.error(); 190 + + << (realpathNixOS.isError() ? realpathNixOS.error() 191 + + : "does not exist"); 128 192 + LOG(WARNING) << "Failed to test /sbin/init for systemd environment: " 129 - + << realpathNonNixOS.error(); 193 + + << (realpathNonNixOS.isError() ? realpathNonNixOS.error() 194 + + : "does not exist"); 130 195 + 131 196 + return false; 132 197 + } 133 198 } 134 199 135 200 CHECK_SOME(realpath); 201 + @@ -278,6 +286,10 @@ Path hierarchy() 202 + 203 + Try<Nothing> daemonReload() 204 + { 205 + + // cstrahan(nixos): should we patch these `systemctl`s? 206 + + // probably don't want to hard-code a particular systemd store path here, 207 + + // but if we use /run/current-system/sw/bin/systemctl, 208 + + // we won't be able to support non-NixOS distros. 209 + Try<string> daemonReload = os::shell("systemctl daemon-reload"); 210 + if (daemonReload.isError()) { 211 + return Error("Failed to reload systemd daemon: " + daemonReload.error()); 136 212 diff --git a/src/python/cli/src/mesos/cli.py b/src/python/cli/src/mesos/cli.py 137 - index f342992..354abf4 100644 213 + index f342992e0..354abf443 100644 138 214 --- a/src/python/cli/src/mesos/cli.py 139 215 +++ b/src/python/cli/src/mesos/cli.py 140 216 @@ -40,7 +40,7 @@ def resolve(master): ··· 146 222 stdin=None, 147 223 stdout=subprocess.PIPE, 148 224 stderr=subprocess.PIPE, 225 + diff --git a/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp b/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp 226 + index af9f3736b..f8554d414 100644 227 + --- a/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp 228 + +++ b/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp 229 + @@ -499,7 +499,7 @@ Future<Option<ContainerLaunchInfo>> DockerVolumeIsolatorProcess::_prepare( 230 + // unsafe arbitrary commands). 231 + CommandInfo* command = launchInfo.add_pre_exec_commands(); 232 + command->set_shell(false); 233 + - command->set_value("mount"); 234 + + command->set_value("@mount@"); 235 + command->add_arguments("mount"); 236 + command->add_arguments("-n"); 237 + command->add_arguments("--rbind"); 238 + diff --git a/src/slave/containerizer/mesos/isolators/filesystem/linux.cpp b/src/slave/containerizer/mesos/isolators/filesystem/linux.cpp 239 + index df16b8fee..4a17475bd 100644 240 + --- a/src/slave/containerizer/mesos/isolators/filesystem/linux.cpp 241 + +++ b/src/slave/containerizer/mesos/isolators/filesystem/linux.cpp 242 + @@ -159,9 +159,9 @@ Try<Isolator*> LinuxFilesystemIsolatorProcess::create(const Flags& flags) 243 + // here because 'create' will only be invoked during 244 + // initialization. 245 + Try<string> mount = os::shell( 246 + - "mount --bind %s %s && " 247 + - "mount --make-private %s && " 248 + - "mount --make-shared %s", 249 + + "@mount@ --bind %s %s && " 250 + + "@mount@ --make-private %s && " 251 + + "@mount@ --make-shared %s", 252 + workDir->c_str(), 253 + workDir->c_str(), 254 + workDir->c_str(), 255 + @@ -180,8 +180,8 @@ Try<Isolator*> LinuxFilesystemIsolatorProcess::create(const Flags& flags) 256 + LOG(INFO) << "Making '" << workDir.get() << "' a shared mount"; 257 + 258 + Try<string> mount = os::shell( 259 + - "mount --make-private %s && " 260 + - "mount --make-shared %s", 261 + + "@mount@ --make-private %s && " 262 + + "@mount@ --make-shared %s", 263 + workDir->c_str(), 264 + workDir->c_str()); 265 + 266 + @@ -404,7 +404,7 @@ Try<vector<CommandInfo>> LinuxFilesystemIsolatorProcess::getPreExecCommands( 267 + 268 + CommandInfo command; 269 + command.set_shell(false); 270 + - command.set_value("mount"); 271 + + command.set_value("@mount@"); 272 + command.add_arguments("mount"); 273 + command.add_arguments("-n"); 274 + command.add_arguments("--rbind"); 275 + @@ -569,7 +569,7 @@ Try<vector<CommandInfo>> LinuxFilesystemIsolatorProcess::getPreExecCommands( 276 + // TODO(jieyu): Consider the mode in the volume. 277 + CommandInfo command; 278 + command.set_shell(false); 279 + - command.set_value("mount"); 280 + + command.set_value("@mount@"); 281 + command.add_arguments("mount"); 282 + command.add_arguments("-n"); 283 + command.add_arguments("--rbind"); 149 284 diff --git a/src/slave/containerizer/mesos/isolators/filesystem/shared.cpp b/src/slave/containerizer/mesos/isolators/filesystem/shared.cpp 150 - index 51d1518..783adb5 100644 285 + index a1283e5ee..a918427bf 100644 151 286 --- a/src/slave/containerizer/mesos/isolators/filesystem/shared.cpp 152 287 +++ b/src/slave/containerizer/mesos/isolators/filesystem/shared.cpp 153 - @@ -204,7 +204,7 @@ Future<Option<ContainerLaunchInfo>> SharedFilesystemIsolatorProcess::prepare( 288 + @@ -207,7 +207,7 @@ Future<Option<ContainerLaunchInfo>> SharedFilesystemIsolatorProcess::prepare( 154 289 } 155 290 156 291 launchInfo.add_pre_exec_commands()->set_value( ··· 159 294 } 160 295 161 296 return launchInfo; 297 + diff --git a/src/slave/containerizer/mesos/isolators/gpu/isolator.cpp b/src/slave/containerizer/mesos/isolators/gpu/isolator.cpp 298 + index e3756c920..cfe458b59 100644 299 + --- a/src/slave/containerizer/mesos/isolators/gpu/isolator.cpp 300 + +++ b/src/slave/containerizer/mesos/isolators/gpu/isolator.cpp 301 + @@ -355,7 +355,7 @@ Future<Option<ContainerLaunchInfo>> NvidiaGpuIsolatorProcess::_prepare( 302 + } 303 + 304 + launchInfo.add_pre_exec_commands()->set_value( 305 + - "mount --no-mtab --rbind --read-only " + 306 + + "@mount@ --no-mtab --rbind --read-only " + 307 + volume.HOST_PATH() + " " + target); 308 + } 309 + 310 + diff --git a/src/slave/containerizer/mesos/isolators/gpu/volume.cpp b/src/slave/containerizer/mesos/isolators/gpu/volume.cpp 311 + index 478752f37..ab527f0cd 100644 312 + --- a/src/slave/containerizer/mesos/isolators/gpu/volume.cpp 313 + +++ b/src/slave/containerizer/mesos/isolators/gpu/volume.cpp 314 + @@ -281,7 +281,7 @@ Try<NvidiaVolume> NvidiaVolume::create() 315 + string path = path::join(hostPath, "bin", binary); 316 + 317 + if (!os::exists(path)) { 318 + - string command = "which " + binary; 319 + + string command = "@which@ " + binary; 320 + Try<string> which = os::shell(command); 321 + 322 + if (which.isSome()) { 323 + @@ -295,7 +295,7 @@ Try<NvidiaVolume> NvidiaVolume::create() 324 + : "No such file or directory")); 325 + } 326 + 327 + - command = "cp " + realpath.get() + " " + path; 328 + + command = "@cp@ " + realpath.get() + " " + path; 329 + Try<string> cp = os::shell(command); 330 + if (cp.isError()) { 331 + return Error("Failed to os::shell '" + command + "': " + cp.error()); 332 + @@ -367,7 +367,7 @@ Try<NvidiaVolume> NvidiaVolume::create() 333 + Path(realpath.get()).basename()); 334 + 335 + if (!os::exists(libraryPath)) { 336 + - string command = "cp " + realpath.get() + " " + libraryPath; 337 + + string command = "@cp@ " + realpath.get() + " " + libraryPath; 338 + Try<string> cp = os::shell(command); 339 + if (cp.isError()) { 340 + return Error("Failed to os::shell '" + command + "':" 162 341 diff --git a/src/slave/containerizer/mesos/isolators/namespaces/pid.cpp b/src/slave/containerizer/mesos/isolators/namespaces/pid.cpp 163 - index b41e266..e07c163 100644 342 + index 0d9ec57d9..a177e4476 100644 164 343 --- a/src/slave/containerizer/mesos/isolators/namespaces/pid.cpp 165 344 +++ b/src/slave/containerizer/mesos/isolators/namespaces/pid.cpp 166 - @@ -163,7 +163,7 @@ Future<Option<ContainerLaunchInfo>> NamespacesPidIsolatorProcess::prepare( 167 - // containers cannot see the namespace bind mount of other 168 - // containers. 169 - launchInfo.add_pre_exec_commands()->set_value( 170 - - "mount -n --bind " + string(PID_NS_BIND_MOUNT_MASK_DIR) + 171 - + "@mount@ -n --bind " + string(PID_NS_BIND_MOUNT_MASK_DIR) + 172 - " " + string(PID_NS_BIND_MOUNT_ROOT)); 173 - 174 - // Mount /proc for the container's pid namespace to show the 175 - @@ -176,9 +176,9 @@ Future<Option<ContainerLaunchInfo>> NamespacesPidIsolatorProcess::prepare( 176 - // -n flag so the mount is not added to the mtab where it will not 177 - // be correctly removed with the namespace terminates. 178 - launchInfo.add_pre_exec_commands()->set_value( 179 - - "mount none /proc --make-private -o rec"); 180 - + "@mount@ none /proc --make-private -o rec"); 345 + @@ -94,7 +94,7 @@ Future<Option<ContainerLaunchInfo>> NamespacesPidIsolatorProcess::prepare( 346 + // 347 + // TOOD(jieyu): Consider unmount the existing /proc. 181 348 launchInfo.add_pre_exec_commands()->set_value( 182 349 - "mount -n -t proc proc /proc -o nosuid,noexec,nodev"); 183 350 + "@mount@ -n -t proc proc /proc -o nosuid,noexec,nodev"); 184 351 185 352 return launchInfo; 186 353 } 354 + diff --git a/src/slave/containerizer/mesos/isolators/network/cni/cni.cpp b/src/slave/containerizer/mesos/isolators/network/cni/cni.cpp 355 + index c87e6715a..6601cd1b3 100644 356 + --- a/src/slave/containerizer/mesos/isolators/network/cni/cni.cpp 357 + +++ b/src/slave/containerizer/mesos/isolators/network/cni/cni.cpp 358 + @@ -262,9 +262,9 @@ Try<Isolator*> NetworkCniIsolatorProcess::create(const Flags& flags) 359 + // here because 'create' will only be invoked during 360 + // initialization. 361 + Try<string> mount = os::shell( 362 + - "mount --bind %s %s && " 363 + - "mount --make-private %s && " 364 + - "mount --make-shared %s", 365 + + "@mount@ --bind %s %s && " 366 + + "@mount@ --make-private %s && " 367 + + "@mount@ --make-shared %s", 368 + rootDir->c_str(), 369 + rootDir->c_str(), 370 + rootDir->c_str(), 371 + @@ -284,8 +284,8 @@ Try<Isolator*> NetworkCniIsolatorProcess::create(const Flags& flags) 372 + LOG(INFO) << "Making '" << rootDir.get() << "' a shared mount"; 373 + 374 + Try<string> mount = os::shell( 375 + - "mount --make-private %s && " 376 + - "mount --make-shared %s", 377 + + "@mount@ --make-private %s && " 378 + + "@mount@ --make-shared %s", 379 + rootDir->c_str(), 380 + rootDir->c_str()); 381 + 382 + diff --git a/src/slave/containerizer/mesos/isolators/network/cni/plugins/port_mapper/port_mapper.cpp b/src/slave/containerizer/mesos/isolators/network/cni/plugins/port_mapper/port_mapper.cpp 383 + index b470f0c82..6110a43ee 100644 384 + --- a/src/slave/containerizer/mesos/isolators/network/cni/plugins/port_mapper/port_mapper.cpp 385 + +++ b/src/slave/containerizer/mesos/isolators/network/cni/plugins/port_mapper/port_mapper.cpp 386 + @@ -303,7 +303,7 @@ Try<Nothing> PortMapper::addPortMapping( 387 + # Check if the `chain` exists in the iptable. If it does not 388 + # exist go ahead and install the chain in the iptables NAT 389 + # table. 390 + - iptables -w -t nat --list %s 391 + + @iptables@ -w -t nat --list %s 392 + if [ $? -ne 0 ]; then 393 + # NOTE: When we create the chain, there is a possibility of a 394 + # race due to which a container launch can fail. This can 395 + @@ -317,25 +317,25 @@ Try<Nothing> PortMapper::addPortMapping( 396 + # since it can happen only when the chain is created the first 397 + # time and two commands for creation of the chain are executed 398 + # simultaneously. 399 + - (iptables -w -t nat -N %s || exit 1) 400 + + (@iptables@ -w -t nat -N %s || exit 1) 401 + 402 + # Once the chain has been installed add a rule in the PREROUTING 403 + # chain to jump to this chain for any packets that are 404 + # destined to a local address. 405 + - (iptables -w -t nat -A PREROUTING \ 406 + + (@iptables@ -w -t nat -A PREROUTING \ 407 + -m addrtype --dst-type LOCAL -j %s || exit 1) 408 + 409 + # For locally generated packets we need a rule in the OUTPUT 410 + # chain as well, since locally generated packets directly hit 411 + # the output CHAIN, bypassing PREROUTING. 412 + - (iptables -w -t nat -A OUTPUT \ 413 + + (@iptables@ -w -t nat -A OUTPUT \ 414 + ! -d 127.0.0.0/8 -m addrtype \ 415 + --dst-type LOCAL -j %s || exit 1) 416 + fi 417 + 418 + # Within the `chain` go ahead and install the DNAT rule, if it 419 + # does not exist. 420 + - (iptables -w -t nat -C %s || iptables -t nat -A %s))~", 421 + + (@iptables@ -w -t nat -C %s || @iptables@ -t nat -A %s))~", 422 + chain, 423 + chain, 424 + chain, 425 + @@ -362,7 +362,7 @@ Try<Nothing> PortMapper::delPortMapping() 426 + # The iptables command searches for the DNAT rules with tag 427 + # "container_id: <CNI_CONTAINERID>", and if it exists goes ahead 428 + # and deletes it. 429 + - iptables -w -t nat -S %s | sed "/%s/ s/-A/iptables -w -t nat -D/e")~", 430 + + @iptables@ -w -t nat -S %s | sed "/%s/ s/-A/@iptables@ -w -t nat -D/e")~", 431 + chain, 432 + getIptablesRuleTag()).get(); 433 + 187 434 diff --git a/src/slave/containerizer/mesos/isolators/network/port_mapping.cpp b/src/slave/containerizer/mesos/isolators/network/port_mapping.cpp 188 - index 79ee960..d55a353 100644 435 + index 20fb6ab35..46c160977 100644 189 436 --- a/src/slave/containerizer/mesos/isolators/network/port_mapping.cpp 190 437 +++ b/src/slave/containerizer/mesos/isolators/network/port_mapping.cpp 191 - @@ -1392,19 +1392,19 @@ Try<Isolator*> PortMappingIsolatorProcess::create(const Flags& flags) 438 + @@ -1393,19 +1393,19 @@ Try<Isolator*> PortMappingIsolatorProcess::create(const Flags& flags) 192 439 // Check the availability of a few Linux commands that we will use. 193 440 // We use the blocking os::shell here because 'create' will only be 194 441 // invoked during initialization. ··· 211 458 if (checkCommandIp.isError()) { 212 459 return Error("Check command 'ip' failed: " + checkCommandIp.error()); 213 460 } 214 - @@ -1924,9 +1924,9 @@ Try<Isolator*> PortMappingIsolatorProcess::create(const Flags& flags) 461 + @@ -1925,9 +1925,9 @@ Try<Isolator*> PortMappingIsolatorProcess::create(const Flags& flags) 215 462 // visible. It's OK to use the blocking os::shell here because 216 463 // 'create' will only be invoked during initialization. 217 464 Try<string> mount = os::shell( ··· 224 471 bindMountRoot->c_str(), 225 472 bindMountRoot->c_str(), 226 473 bindMountRoot->c_str(), 227 - @@ -1943,8 +1943,8 @@ Try<Isolator*> PortMappingIsolatorProcess::create(const Flags& flags) 474 + @@ -1944,8 +1944,8 @@ Try<Isolator*> PortMappingIsolatorProcess::create(const Flags& flags) 228 475 // shared mount yet (possibly due to slave crash while preparing 229 476 // the work directory mount). It's safe to re-do the following. 230 477 Try<string> mount = os::shell( ··· 235 482 bindMountRoot->c_str(), 236 483 bindMountRoot->c_str()); 237 484 238 - @@ -1963,8 +1963,8 @@ Try<Isolator*> PortMappingIsolatorProcess::create(const Flags& flags) 485 + @@ -1964,8 +1964,8 @@ Try<Isolator*> PortMappingIsolatorProcess::create(const Flags& flags) 239 486 // so that they are in different peer groups. 240 487 if (entry.shared() == bindMountEntry->shared()) { 241 488 Try<string> mount = os::shell( ··· 246 493 bindMountRoot->c_str(), 247 494 bindMountRoot->c_str()); 248 495 249 - @@ -3916,13 +3916,13 @@ string PortMappingIsolatorProcess::scripts(Info* info) 496 + @@ -3911,6 +3911,8 @@ Try<Nothing> PortMappingIsolatorProcess::removeHostIPFilters( 497 + // TODO(jieyu): Use the Subcommand abstraction to remove most of the 498 + // logic here. Completely remove this function once we can assume a 499 + // newer kernel where 'setns' works for mount namespaces. 500 + +// cstrahan(nixos): this is executed in the container, 501 + +// so we don't want to substitute paths here. 502 + string PortMappingIsolatorProcess::scripts(Info* info) 250 503 { 251 504 ostringstream script; 252 - 253 - - script << "#!/bin/sh\n"; 254 - + script << "#!@sh@\n"; 255 - script << "set -xe\n"; 256 - 505 + @@ -3921,7 +3923,7 @@ string PortMappingIsolatorProcess::scripts(Info* info) 257 506 // Mark the mount point PORT_MAPPING_BIND_MOUNT_ROOT() as slave 258 507 // mount so that changes in the container will not be propagated to 259 508 // the host. ··· 262 511 263 512 // Disable IPv6 when IPv6 module is loaded as IPv6 packets won't be 264 513 // forwarded anyway. 265 - @@ -3930,7 +3930,7 @@ string PortMappingIsolatorProcess::scripts(Info* info) 514 + @@ -3929,7 +3931,7 @@ string PortMappingIsolatorProcess::scripts(Info* info) 266 515 << " echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6\n"; 267 516 268 517 // Configure lo and eth0. ··· 271 520 << " mtu " << hostEth0MTU << " up\n"; 272 521 273 522 // NOTE: This is mostly a kernel issue: in veth_xmit() the kernel 274 - @@ -3939,12 +3939,12 @@ string PortMappingIsolatorProcess::scripts(Info* info) 523 + @@ -3938,12 +3940,12 @@ string PortMappingIsolatorProcess::scripts(Info* info) 275 524 // when we receive a packet with a bad checksum. Disabling rx 276 525 // checksum offloading ensures the TCP layer will checksum and drop 277 526 // it. ··· 288 537 289 538 // Restrict the ephemeral ports that can be used by the container. 290 539 script << "echo " << info->ephemeralPorts.lower() << " " 291 - @@ -3973,19 +3973,19 @@ string PortMappingIsolatorProcess::scripts(Info* info) 540 + @@ -3972,19 +3974,19 @@ string PortMappingIsolatorProcess::scripts(Info* info) 292 541 } 293 542 294 543 // Set up filters on lo and eth0. ··· 312 561 << " protocol ip" 313 562 << " prio " << Priority(IP_FILTER_PRIORITY, NORMAL).get() << " u32" 314 563 << " flowid ffff:0" 315 - @@ -3996,7 +3996,7 @@ string PortMappingIsolatorProcess::scripts(Info* info) 564 + @@ -3995,7 +3997,7 @@ string PortMappingIsolatorProcess::scripts(Info* info) 316 565 foreach (const PortRange& range, 317 566 getPortRanges(info->nonEphemeralPorts + info->ephemeralPorts)) { 318 567 // Local traffic inside a container will not be redirected to eth0. ··· 321 570 << " protocol ip" 322 571 << " prio " << Priority(IP_FILTER_PRIORITY, HIGH).get() << " u32" 323 572 << " flowid ffff:0" 324 - @@ -4005,7 +4005,7 @@ string PortMappingIsolatorProcess::scripts(Info* info) 573 + @@ -4004,7 +4006,7 @@ string PortMappingIsolatorProcess::scripts(Info* info) 325 574 326 575 // Traffic going to host loopback IP and ports assigned to this 327 576 // container will be redirected to lo. ··· 330 579 << " protocol ip" 331 580 << " prio " << Priority(IP_FILTER_PRIORITY, NORMAL).get() << " u32" 332 581 << " flowid ffff:0" 333 - @@ -4017,14 +4017,14 @@ string PortMappingIsolatorProcess::scripts(Info* info) 582 + @@ -4016,14 +4018,14 @@ string PortMappingIsolatorProcess::scripts(Info* info) 334 583 } 335 584 336 585 // Do not forward the ICMP packet if the destination IP is self. ··· 347 596 << " protocol ip" 348 597 << " prio " << Priority(ICMP_FILTER_PRIORITY, NORMAL).get() << " u32" 349 598 << " flowid ffff:0" 350 - @@ -4033,9 +4033,9 @@ string PortMappingIsolatorProcess::scripts(Info* info) 599 + @@ -4032,9 +4034,9 @@ string PortMappingIsolatorProcess::scripts(Info* info) 351 600 << net::IPNetwork::LOOPBACK_V4().address() << "\n"; 352 601 353 602 // Display the filters created on eth0 and lo. ··· 359 608 << " parent " << ingress::HANDLE << "\n"; 360 609 361 610 // If throughput limit for container egress traffic exists, use HTB 362 - @@ -4047,9 +4047,9 @@ string PortMappingIsolatorProcess::scripts(Info* info) 611 + @@ -4046,9 +4048,9 @@ string PortMappingIsolatorProcess::scripts(Info* info) 363 612 // throughput. TBF requires other parameters such as 'burst' that 364 613 // HTB already has default values for. 365 614 if (egressRateLimitPerContainer.isSome()) { ··· 371 620 << CONTAINER_TX_HTB_HANDLE << " classid " 372 621 << CONTAINER_TX_HTB_CLASS_ID << " htb rate " 373 622 << egressRateLimitPerContainer.get().bytes() * 8 << "bit\n"; 374 - @@ -4060,12 +4060,12 @@ string PortMappingIsolatorProcess::scripts(Info* info) 623 + @@ -4059,12 +4061,12 @@ string PortMappingIsolatorProcess::scripts(Info* info) 375 624 // fq_codel, which has a larger buffer and better control on 376 625 // buffer bloat. 377 626 // TODO(cwang): Verity that fq_codel qdisc is available. 378 627 - script << "tc qdisc add dev " << eth0 379 - + script << "@tC@ qdisc add dev " << eth0 628 + + script << "@tc@ qdisc add dev " << eth0 380 629 << " parent " << CONTAINER_TX_HTB_CLASS_ID << " fq_codel\n"; 381 630 382 631 // Display the htb qdisc and class created on eth0. ··· 388 637 389 638 return script.str(); 390 639 diff --git a/src/slave/containerizer/mesos/isolators/posix/disk.cpp b/src/slave/containerizer/mesos/isolators/posix/disk.cpp 391 - index 3dfe7ad..4288666 100644 640 + index db0583386..542586370 100644 392 641 --- a/src/slave/containerizer/mesos/isolators/posix/disk.cpp 393 642 +++ b/src/slave/containerizer/mesos/isolators/posix/disk.cpp 394 - @@ -492,7 +492,7 @@ private: 395 - // NOTE: The monitor watchdog will watch the parent process and kill 643 + @@ -540,7 +540,7 @@ private: 644 + // NOTE: The supervisor childhook will watch the parent process and kill 396 645 // the 'du' process in case that the parent die. 397 646 Try<Subprocess> s = subprocess( 398 647 - "du", ··· 400 649 command, 401 650 Subprocess::PATH("/dev/null"), 402 651 Subprocess::PIPE(), 652 + diff --git a/src/slave/containerizer/mesos/isolators/volume/image.cpp b/src/slave/containerizer/mesos/isolators/volume/image.cpp 653 + index 210e67ad0..60b3a15e4 100644 654 + --- a/src/slave/containerizer/mesos/isolators/volume/image.cpp 655 + +++ b/src/slave/containerizer/mesos/isolators/volume/image.cpp 656 + @@ -214,7 +214,7 @@ Future<Option<ContainerLaunchInfo>> VolumeImageIsolatorProcess::_prepare( 657 + 658 + CommandInfo* command = launchInfo.add_pre_exec_commands(); 659 + command->set_shell(false); 660 + - command->set_value("mount"); 661 + + command->set_value("@mount@"); 662 + command->add_arguments("mount"); 663 + command->add_arguments("-n"); 664 + command->add_arguments("--rbind"); 665 + diff --git a/src/slave/containerizer/mesos/isolators/volume/sandbox_path.cpp b/src/slave/containerizer/mesos/isolators/volume/sandbox_path.cpp 666 + index 7b976d292..474dcd486 100644 667 + --- a/src/slave/containerizer/mesos/isolators/volume/sandbox_path.cpp 668 + +++ b/src/slave/containerizer/mesos/isolators/volume/sandbox_path.cpp 669 + @@ -240,7 +240,7 @@ Future<Option<ContainerLaunchInfo>> VolumeSandboxPathIsolatorProcess::prepare( 670 + 671 + CommandInfo* command = launchInfo.add_pre_exec_commands(); 672 + command->set_shell(false); 673 + - command->set_value("mount"); 674 + + command->set_value("@mount@"); 675 + command->add_arguments("mount"); 676 + command->add_arguments("-n"); 677 + command->add_arguments("--rbind"); 403 678 diff --git a/src/slave/containerizer/mesos/provisioner/backends/copy.cpp b/src/slave/containerizer/mesos/provisioner/backends/copy.cpp 404 - index b9f6d7a..0fcf455 100644 679 + index 9c5354e5f..a73a9692e 100644 405 680 --- a/src/slave/containerizer/mesos/provisioner/backends/copy.cpp 406 681 +++ b/src/slave/containerizer/mesos/provisioner/backends/copy.cpp 407 - @@ -141,7 +141,7 @@ Future<Nothing> CopyBackendProcess::_provision( 682 + @@ -147,7 +147,7 @@ Future<Nothing> CopyBackendProcess::_provision( 408 683 #endif // __APPLE__ || __FreeBSD__ 409 684 410 685 Try<Subprocess> s = subprocess( ··· 413 688 args, 414 689 Subprocess::PATH("/dev/null"), 415 690 Subprocess::PATH("/dev/null"), 691 + @@ -180,7 +180,7 @@ Future<bool> CopyBackendProcess::destroy(const string& rootfs) 692 + vector<string> argv{"rm", "-rf", rootfs}; 693 + 694 + Try<Subprocess> s = subprocess( 695 + - "rm", 696 + + "@rm@", 697 + argv, 698 + Subprocess::PATH("/dev/null"), 699 + Subprocess::FD(STDOUT_FILENO), 416 700 diff --git a/src/uri/fetchers/copy.cpp b/src/uri/fetchers/copy.cpp 417 - index f095ad6..ee0c2a7 100644 701 + index 2cfef5ab0..8a62f7699 100644 418 702 --- a/src/uri/fetchers/copy.cpp 419 703 +++ b/src/uri/fetchers/copy.cpp 420 - @@ -88,7 +88,7 @@ Future<Nothing> CopyFetcherPlugin::fetch( 704 + @@ -97,7 +97,7 @@ Future<Nothing> CopyFetcherPlugin::fetch( 421 705 const vector<string> argv = {"cp", "-a", uri.path(), directory}; 422 706 423 707 Try<Subprocess> s = subprocess( ··· 427 711 Subprocess::PATH("/dev/null"), 428 712 Subprocess::PIPE(), 429 713 diff --git a/src/uri/fetchers/curl.cpp b/src/uri/fetchers/curl.cpp 430 - index cc3f9ee..691d2d9 100644 714 + index 7b746d619..12bbb04df 100644 431 715 --- a/src/uri/fetchers/curl.cpp 432 716 +++ b/src/uri/fetchers/curl.cpp 433 - @@ -98,7 +98,7 @@ Future<Nothing> CurlFetcherPlugin::fetch( 717 + @@ -107,7 +107,7 @@ Future<Nothing> CurlFetcherPlugin::fetch( 434 718 }; 435 719 436 720 Try<Subprocess> s = subprocess( ··· 440 724 Subprocess::PATH("/dev/null"), 441 725 Subprocess::PIPE(), 442 726 diff --git a/src/uri/fetchers/docker.cpp b/src/uri/fetchers/docker.cpp 443 - index 211be6f..d7e3771 100644 727 + index 3f38dddfb..fd991ee74 100644 444 728 --- a/src/uri/fetchers/docker.cpp 445 729 +++ b/src/uri/fetchers/docker.cpp 446 - @@ -113,7 +113,7 @@ static Future<http::Response> curl( 730 + @@ -114,7 +114,7 @@ static Future<http::Response> curl( 447 731 448 732 // TODO(jieyu): Kill the process if discard is called. 449 733 Try<Subprocess> s = subprocess( ··· 452 736 argv, 453 737 Subprocess::PATH("/dev/null"), 454 738 Subprocess::PIPE(), 455 - @@ -212,7 +212,7 @@ static Future<int> download( 739 + @@ -213,7 +213,7 @@ static Future<int> download( 456 740 457 741 // TODO(jieyu): Kill the process if discard is called. 458 742 Try<Subprocess> s = subprocess(
+4 -3
pkgs/applications/networking/cluster/mesos/rb36610.patch
··· 1 1 diff --git a/src/linux/fs.cpp b/src/linux/fs.cpp 2 - index ea0891e320154b85a21ed2d138c192821efae9cd..7b24c377c9a28cad91738305c273fb53a4dc7365 100644 2 + index 913e233..c2917a6 100644 3 3 --- a/src/linux/fs.cpp 4 4 +++ b/src/linux/fs.cpp 5 - @@ -19,6 +19,7 @@ 5 + @@ -17,6 +17,7 @@ 6 6 #include <errno.h> 7 7 #include <stdio.h> 8 8 #include <string.h> 9 9 +#include <syscall.h> 10 - 10 + 11 11 #include <linux/limits.h> 12 + #include <linux/unistd.h>
-71
pkgs/applications/networking/cluster/mesos/rb51324.patch
··· 1 - diff --git a/3rdparty/stout/include/stout/os/ls.hpp b/3rdparty/stout/include/stout/os/ls.hpp 2 - index f8da9ef..6d549d3 100644 3 - --- a/3rdparty/stout/include/stout/os/ls.hpp 4 - +++ b/3rdparty/stout/include/stout/os/ls.hpp 5 - @@ -18,6 +18,7 @@ 6 - #else 7 - #include <dirent.h> 8 - #endif // __WINDOWS__ 9 - + 10 - #include <stdlib.h> 11 - 12 - #include <list> 13 - @@ -26,8 +27,6 @@ 14 - #include <stout/error.hpp> 15 - #include <stout/try.hpp> 16 - 17 - -#include <stout/os/direntsize.hpp> 18 - - 19 - 20 - namespace os { 21 - 22 - @@ -36,36 +35,32 @@ inline Try<std::list<std::string>> ls(const std::string& directory) 23 - DIR* dir = opendir(directory.c_str()); 24 - 25 - if (dir == nullptr) { 26 - - // Preserve `opendir` error. 27 - return ErrnoError("Failed to opendir '" + directory + "'"); 28 - } 29 - 30 - - dirent* temp = (dirent*) malloc(os::dirent_size(dir)); 31 - - 32 - - if (temp == nullptr) { 33 - - // Preserve `malloc` error. 34 - - ErrnoError error("Failed to allocate directory entries"); 35 - - closedir(dir); 36 - - return error; 37 - - } 38 - - 39 - std::list<std::string> result; 40 - struct dirent* entry; 41 - - int error; 42 - 43 - - while ((error = readdir_r(dir, temp, &entry)) == 0 && entry != nullptr) { 44 - + // Zero `errno` before starting to call `readdir`. This is necessary 45 - + // to allow us to determine when `readdir` returns an error. 46 - + errno = 0; 47 - + 48 - + while ((entry = readdir(dir)) != NULL) { 49 - if (strcmp(entry->d_name, ".") == 0 || strcmp(entry->d_name, "..") == 0) { 50 - continue; 51 - } 52 - result.push_back(entry->d_name); 53 - } 54 - 55 - - free(temp); 56 - - closedir(dir); 57 - + if (errno != 0) { 58 - + // Preserve `readdir` error. 59 - + Error error = ErrnoError("Failed to read directory"); 60 - + closedir(dir); 61 - + return error; 62 - + } 63 - 64 - - if (error != 0) { 65 - - // Preserve `readdir_r` error. 66 - - return ErrnoError("Failed to read directories"); 67 - + if (closedir(dir) == -1) { 68 - + return ErrnoError("Failed to close directory"); 69 - } 70 - 71 - return result;
-157
pkgs/applications/networking/cluster/mesos/rb51325.patch
··· 1 - diff --git a/3rdparty/stout/include/Makefile.am b/3rdparty/stout/include/Makefile.am 2 - index 1f2ee85..b0b08d8 100644 3 - --- a/3rdparty/stout/include/Makefile.am 4 - +++ b/3rdparty/stout/include/Makefile.am 5 - @@ -64,7 +64,6 @@ nobase_include_HEADERS = \ 6 - stout/os/chroot.hpp \ 7 - stout/os/close.hpp \ 8 - stout/os/constants.hpp \ 9 - - stout/os/direntsize.hpp \ 10 - stout/os/environment.hpp \ 11 - stout/os/exists.hpp \ 12 - stout/os/fcntl.hpp \ 13 - @@ -108,7 +107,6 @@ nobase_include_HEADERS = \ 14 - stout/os/posix/chown.hpp \ 15 - stout/os/posix/chroot.hpp \ 16 - stout/os/posix/close.hpp \ 17 - - stout/os/posix/direntsize.hpp \ 18 - stout/os/posix/exists.hpp \ 19 - stout/os/posix/fcntl.hpp \ 20 - stout/os/posix/fork.hpp \ 21 - @@ -134,7 +132,6 @@ nobase_include_HEADERS = \ 22 - stout/os/windows/bootid.hpp \ 23 - stout/os/windows/chroot.hpp \ 24 - stout/os/windows/close.hpp \ 25 - - stout/os/windows/direntsize.hpp \ 26 - stout/os/windows/exists.hpp \ 27 - stout/os/windows/fcntl.hpp \ 28 - stout/os/windows/fork.hpp \ 29 - diff --git a/3rdparty/stout/include/stout/os/direntsize.hpp b/3rdparty/stout/include/stout/os/direntsize.hpp 30 - deleted file mode 100644 31 - index 819f99a..0000000 32 - --- a/3rdparty/stout/include/stout/os/direntsize.hpp 33 - +++ /dev/null 34 - @@ -1,26 +0,0 @@ 35 - -// Licensed under the Apache License, Version 2.0 (the "License"); 36 - -// you may not use this file except in compliance with the License. 37 - -// You may obtain a copy of the License at 38 - -// 39 - -// http://www.apache.org/licenses/LICENSE-2.0 40 - -// 41 - -// Unless required by applicable law or agreed to in writing, software 42 - -// distributed under the License is distributed on an "AS IS" BASIS, 43 - -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 44 - -// See the License for the specific language governing permissions and 45 - -// limitations under the License. 46 - - 47 - -#ifndef __STOUT_OS_DIRENTSIZE_HPP__ 48 - -#define __STOUT_OS_DIRENTSIZE_HPP__ 49 - - 50 - - 51 - -// For readability, we minimize the number of #ifdef blocks in the code by 52 - -// splitting platform specifc system calls into separate directories. 53 - -#ifdef __WINDOWS__ 54 - -#include <stout/os/windows/direntsize.hpp> 55 - -#else 56 - -#include <stout/os/posix/direntsize.hpp> 57 - -#endif // __WINDOWS__ 58 - - 59 - - 60 - -#endif // __STOUT_OS_DIRENTSIZE_HPP__ 61 - diff --git a/3rdparty/stout/include/stout/os/posix/direntsize.hpp b/3rdparty/stout/include/stout/os/posix/direntsize.hpp 62 - deleted file mode 100644 63 - index 9d8f72e..0000000 64 - --- a/3rdparty/stout/include/stout/os/posix/direntsize.hpp 65 - +++ /dev/null 66 - @@ -1,42 +0,0 @@ 67 - -// Licensed under the Apache License, Version 2.0 (the "License"); 68 - -// you may not use this file except in compliance with the License. 69 - -// You may obtain a copy of the License at 70 - -// 71 - -// http://www.apache.org/licenses/LICENSE-2.0 72 - -// 73 - -// Unless required by applicable law or agreed to in writing, software 74 - -// distributed under the License is distributed on an "AS IS" BASIS, 75 - -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 76 - -// See the License for the specific language governing permissions and 77 - -// limitations under the License. 78 - - 79 - -#ifndef __STOUT_OS_POSIX_DIRENTSIZE_HPP__ 80 - -#define __STOUT_OS_POSIX_DIRENTSIZE_HPP__ 81 - - 82 - -#include <dirent.h> 83 - -#include <unistd.h> 84 - - 85 - - 86 - -namespace os { 87 - - 88 - -inline size_t dirent_size(DIR* dir) 89 - -{ 90 - - // Calculate the size for a "directory entry". 91 - - long name_max = fpathconf(dirfd(dir), _PC_NAME_MAX); 92 - - 93 - - // If we don't get a valid size, check NAME_MAX, but fall back on 94 - - // 255 in the worst case ... Danger, Will Robinson! 95 - - if (name_max == -1) { 96 - - name_max = (NAME_MAX > 255) ? NAME_MAX : 255; 97 - - } 98 - - 99 - - size_t name_end = (size_t) offsetof(dirent, d_name) + name_max + 1; 100 - - 101 - - size_t size = (name_end > sizeof(dirent) ? name_end : sizeof(dirent)); 102 - - 103 - - return size; 104 - -} 105 - - 106 - -} // namespace os { 107 - - 108 - -#endif // __STOUT_OS_POSIX_DIRENTSIZE_HPP__ 109 - diff --git a/3rdparty/stout/include/stout/os/windows/direntsize.hpp b/3rdparty/stout/include/stout/os/windows/direntsize.hpp 110 - deleted file mode 100644 111 - index 7c8c7a0..0000000 112 - --- a/3rdparty/stout/include/stout/os/windows/direntsize.hpp 113 - +++ /dev/null 114 - @@ -1,43 +0,0 @@ 115 - -// Licensed under the Apache License, Version 2.0 (the "License"); 116 - -// you may not use this file except in compliance with the License. 117 - -// You may obtain a copy of the License at 118 - -// 119 - -// http://www.apache.org/licenses/LICENSE-2.0 120 - -// 121 - -// Unless required by applicable law or agreed to in writing, software 122 - -// distributed under the License is distributed on an "AS IS" BASIS, 123 - -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 124 - -// See the License for the specific language governing permissions and 125 - -// limitations under the License. 126 - - 127 - -#ifndef __STOUT_OS_WINDOWS_DIRENTSIZE_HPP__ 128 - -#define __STOUT_OS_WINDOWS_DIRENTSIZE_HPP__ 129 - - 130 - -#include <stout/internal/windows/dirent.hpp> 131 - - 132 - -#include <stout/windows.hpp> 133 - - 134 - - 135 - -namespace os { 136 - - 137 - -inline size_t dirent_size(DIR* dir) 138 - -{ 139 - - // NOTE: Size calculation logic here is much simpler than on POSIX because 140 - - // our implementation of `dirent` is constant-sized. In particular, on POSIX, 141 - - // we usually have to calculate the maximum name size for a path before we 142 - - // can alloc a correctly-size `dirent`, but on Windows, `dirent.d_name` is 143 - - // always `MAX_PATH` bytes in size. 144 - - // 145 - - // This follows closely from the Windows standard API data structures for 146 - - // manipulating and querying directories. For example, the structures 147 - - // `WIN32_FIND_DATA`[1] (which in many ways is the Windows equivalent of 148 - - // `dirent`) has a field `cFileName` (which is much like `d_name`) that is 149 - - // also `MAX_PATH` in size. 150 - - // 151 - - // [1] https://msdn.microsoft.com/en-us/library/windows/desktop/aa365740(v=vs.85).aspx 152 - - return sizeof(dirent); 153 - -} 154 - - 155 - -} // namespace os { 156 - - 157 - -#endif // __STOUT_OS_WINDOWS_DIRENTSIZE_HPP__
+1 -1
pkgs/development/interpreters/python/build-python-package-setuptools.nix
··· 53 53 fi 54 54 ${postShellHook} 55 55 ''; 56 - } 56 + }
+21 -1
pkgs/development/libraries/protobuf/generic.nix
··· 1 - { stdenv, version, src 1 + { stdenv, lib, version, src 2 2 , autoreconfHook, zlib, gtest 3 3 , ... 4 4 }: ··· 20 20 outputs = [ "out" "lib" ]; 21 21 22 22 buildInputs = [ autoreconfHook zlib ]; 23 + 24 + # The generated C++ code uses static initializers which mutate a global data 25 + # structure. This causes problems for an executable when: 26 + # 27 + # 1) it dynamically links to two libs, both of which contain generated C++ for 28 + # the same proto file, and 29 + # 2) the two aforementioned libs both dynamically link to libprotobuf. 30 + # 31 + # One solution is to statically link libprotobuf, that way the global 32 + # variables are not shared; in fact, this is necessary for the python Mesos 33 + # binding to not crash, as the python lib contains two C extensions which 34 + # both refer to the same proto schema. 35 + # 36 + # See: https://github.com/NixOS/nixpkgs/pull/19064#issuecomment-255082684 37 + # https://github.com/google/protobuf/issues/1489 38 + dontDisableStatic = true; 39 + configureFlags = [ 40 + "CFLAGS=-fPIC" 41 + "CXXFLAGS=-fPIC" 42 + ]; 23 43 24 44 doCheck = true; 25 45
+20 -3
pkgs/top-level/python-packages.nix
··· 19146 19146 ''; 19147 19147 19148 19148 preConfigure = optionalString (versionAtLeast protobuf.version "2.6.0") '' 19149 - PROTOCOL_BUFFERS_PYTHON_IMPLEMENTATION=cpp 19150 - PROTOCOL_BUFFERS_PYTHON_IMPLEMENTATION_VERSION=2 19149 + export PROTOCOL_BUFFERS_PYTHON_IMPLEMENTATION=cpp 19150 + export PROTOCOL_BUFFERS_PYTHON_IMPLEMENTATION_VERSION=2 19151 19151 ''; 19152 19152 19153 - checkPhase = if versionAtLeast protobuf.version "2.6.0" then '' 19153 + preBuild = optionalString (versionAtLeast protobuf.version "2.6.0") '' 19154 + ${python}/bin/${python.executable} setup.py build_ext --cpp_implementation 19155 + ''; 19156 + 19157 + checkPhase = '' 19158 + runHook preCheck 19159 + '' + (if versionAtLeast protobuf.version "2.6.0" then '' 19154 19160 ${python.executable} setup.py google_test --cpp_implementation 19161 + echo "sanity checking the C extension . . ." 19162 + echo "import google.protobuf.descriptor" | ${python.executable} 19155 19163 '' else '' 19156 19164 ${python.executable} setup.py test 19165 + '') + '' 19166 + runHook postCheck 19157 19167 ''; 19158 19168 19159 19169 installFlags = optional (versionAtLeast protobuf.version "2.6.0") "--install-option='--cpp_implementation'"; 19170 + 19171 + # the _message.so isn't installed, so we'll do that manually. 19172 + # if someone can figure out a less hacky way to get the _message.so to 19173 + # install, please do replace this. 19174 + postInstall = optionalString (versionAtLeast protobuf.version "2.6.0") '' 19175 + cp -v $(find build -name "_message*") $out/${python.sitePackages}/google/protobuf/pyext 19176 + ''; 19160 19177 19161 19178 doCheck = true; 19162 19179