Add the pre-build hook.

This hook can be used to set system specific per-derivation build
settings that don't fit into the derivation model and are too complex or
volatile to be hard-coded into nix. Currently, the pre-build hook can
only add chroot dirs/files.

The specific use case for this is systems where the operating system ABI
is more complex than just the kernel-supported system calls. For
example, on OS X there is a set of system-provided frameworks that can
reliably be accessed by any program linked to them, no matter the
version the program is running on. Unfortunately, those frameworks do
not necessarily live in the same locations on each version of OS X, nor
do their dependencies, and thus nix needs to know the specific version
of OS X currently running in order to make those frameworks available.
The pre-build hook is a perfect mechanism for doing just that.
This commit is contained in:
Shea Levy 2015-04-04 21:53:17 -04:00
parent 4ed2187377
commit 1e4a4a2e9f
4 changed files with 145 additions and 0 deletions

View file

@ -562,6 +562,39 @@ flag, e.g. <literal>--option gc-keep-outputs false</literal>.</para>
<varlistentry xml:id="conf-pre-build-hook"><term><literal>pre-build-hook</literal></term>
<para>If set, the path to a program that can set extra
derivation-specific settings for this system. This is used for settings
that can't be captured by the derivation model itself and are too
variable between different versions of the same system to be hard-coded
into nix.</para>
<para>The hook listens on <literal>stdin</literal> for a derivation path.
It can then send a series of commands to modify various settings, followed
by an empty line to indicate completion. The currently recognized commands
<varlistentry xml:id="extra-chroot-dirs"><term><literal>extra-chroot-dirs</literal></term>
<para>Pass a list of files and directories to be included in the
chroot for this build. One entry per line, terminated by an empty

View file

@ -89,6 +89,7 @@ static string pathNullDevice = "/dev/null";
/* Forward definition. */
class Worker;
struct HookInstance;
struct PreBuildHookInstance;
/* A pointer to a goal. */
@ -269,6 +270,8 @@ public:
std::shared_ptr<HookInstance> hook;
std::shared_ptr<PreBuildHookInstance> preBuildHook;
Worker(LocalStore & store);
@ -649,6 +652,72 @@ HookInstance::~HookInstance()
struct PreBuildHookInstance
/* Pipes for talking to the build hook. */
Pipe toHook;
/* Pipe for the hook's standard output/error. */
Pipe fromHook;
/* The process ID of the hook. */
Pid pid;
debug("starting pre-build hook");
/* Create a pipe to get the output of the child. */
/* Create the communication pipes. */
/* Fork the hook. */
pid = startProcess([&]() {
if (chdir("/") == -1) throw SysError("changing into /");
/* Dup the communication pipes. */
if (dup2(toHook.readSide, STDIN_FILENO) == -1)
throw SysError("dupping to-hook read side");
setenv("_NIX_OPTIONS", settings.pack().c_str(), 1);
execl(settings.preBuildHook.c_str(), settings.preBuildHook.c_str(),
throw SysError(format("executing %1%") % settings.preBuildHook);
try {
} catch (...) {
typedef map<string, string> HashRewrites;
@ -813,6 +882,13 @@ private:
/* Is the build hook willing to perform the build? */
HookReply tryBuildHook();
/* Run the pre-build hook, which can set system-specific
per-derivation settings too complex/volatile to hard-code
in nix itself */
void runPreBuildHook();
PathSet extraChrootDirs;
/* Start building a derivation. */
void startBuilder();
@ -1178,6 +1254,9 @@ void DerivationGoal::inputsRealised()
foreach (DerivationOutputs::iterator, i, drv.outputs)
if (i->second.hash == "") fixedOutput = false;
/* Ask the pre-build hook for any required settings */
/* Okay, try to build. Note that here we don't wait for a build
slot to become available, since we don't need one if there is a
build hook. */
@ -1794,6 +1873,7 @@ void DerivationGoal::startBuilder()
PathSet dirs = tokenizeString<StringSet>(settings.get("build-chroot-dirs", defaultChrootDirs));
PathSet dirs2 = tokenizeString<StringSet>(settings.get("build-extra-chroot-dirs", string("")));
dirs.insert(dirs2.begin(), dirs2.end());
dirs.insert(extraChrootDirs.begin(), extraChrootDirs.end());
for (auto & i : dirs) {
size_t p = i.find('=');
@ -2794,6 +2874,33 @@ Path DerivationGoal::addHashRewrite(const Path & path)
void DerivationGoal::runPreBuildHook()
if (settings.preBuildHook == "")
if (!worker.preBuildHook)
worker.preBuildHook = std::make_shared<PreBuildHookInstance>();
writeLine(worker.preBuildHook->toHook.writeSide, drvPath);
while (true) {
string s = readLine(worker.preBuildHook->fromHook.readSide);
if (s == "extra-chroot-dirs") {
while (true) {
string s = readLine(worker.preBuildHook->fromHook.readSide);
if (s == "")
} else if (s == "") {
} else {
throw Error(format("unknown pre-build hook command %1%") % s);

View file

@ -181,6 +181,7 @@ void Settings::update()
_get(logServers, "log-servers");
_get(enableImportNative, "allow-unsafe-native-code-during-evaluation");
_get(useCaseHack, "use-case-hack");
_get(preBuildHook, "pre-build-hook");
string subs = getEnv("NIX_SUBSTITUTERS", "default");
if (subs == "default") {

View file

@ -204,6 +204,10 @@ struct Settings {
/* Whether the importNative primop should be enabled */
bool enableImportNative;
/* The hook to run just before a build to set derivation-specific
build settings */
Path preBuildHook;
SettingsMap settings, overrides;