nixpkgs/pkgs/build-support/build-fhs-userenv/default.nix

55 lines
1.6 KiB
Nix
Raw Normal View History

{ callPackage, runCommand, lib, writeScript, stdenv, coreutils, ruby }:
let buildFHSEnv = callPackage ./env.nix { }; in
args@{ name, runScript ? "bash", extraBindMounts ? [], extraInstallCommands ? "", meta ? {}, passthru ? {}, ... }:
2015-02-05 16:14:28 +01:00
let
env = buildFHSEnv (removeAttrs args [ "runScript" "extraBindMounts" "extraInstallCommands" "meta" "passthru" ]);
2015-02-05 16:14:28 +01:00
# Sandboxing script
chroot-user = writeScript "chroot-user" ''
#! ${ruby}/bin/ruby
${builtins.readFile ./chroot-user.rb}
'';
2015-02-05 16:14:28 +01:00
init = run: writeScript "${name}-init" ''
#! ${stdenv.shell}
for i in ${env}/* /host/*; do
path="/''${i##*/}"
[ -e "$path" ] || ${coreutils}/bin/ln -s "$i" "$path"
2015-08-26 18:37:48 +02:00
done
2015-08-26 18:37:48 +02:00
[ -d "$1" ] && [ -r "$1" ] && cd "$1"
shift
source /etc/profile
2015-08-26 18:37:48 +02:00
exec ${run} "$@"
'';
2015-02-05 16:14:28 +01:00
2015-08-26 18:37:48 +02:00
in runCommand name {
2016-04-03 03:14:19 +02:00
inherit meta;
passthru = passthru // {
env = runCommand "${name}-shell-env" {
2015-08-26 18:37:48 +02:00
shellHook = ''
${lib.optionalString (extraBindMounts != []) ''export CHROOTENV_EXTRA_BINDS="${lib.concatStringsSep ":" extraBindMounts}:$CHROOTENV_EXTRA_BINDS"''}
exec ${chroot-user} ${init "bash"} "$(pwd)"
2015-08-26 18:37:48 +02:00
'';
} ''
echo >&2 ""
echo >&2 "*** User chroot 'env' attributes are intended for interactive nix-shell sessions, not for building! ***"
echo >&2 ""
exit 1
'';
2016-04-03 03:14:19 +02:00
};
2015-08-26 18:37:48 +02:00
} ''
mkdir -p $out/bin
cat <<EOF >$out/bin/${name}
#! ${stdenv.shell}
${lib.optionalString (extraBindMounts != []) ''export CHROOTENV_EXTRA_BINDS="${lib.concatStringsSep ":" extraBindMounts}:$CHROOTENV_EXTRA_BINDS"''}
exec ${chroot-user} ${init runScript} "\$(pwd)" "\$@"
2015-08-26 18:37:48 +02:00
EOF
chmod +x $out/bin/${name}
${extraInstallCommands}
''