nixos/dockerTools: fixup proot/fakeroot code
Not sure how this ever worked but tar was trying to archive /proc and /sys, which failed to work. Since this is never useful for containers to do, we exclude this now in the proot case. Also fakeroot is not needed when proot is used as it provideds the same feature. We now cleanly seperate those cases as both are kind of hacks and it's more likely that the combination will just trigger new bugs.
This commit is contained in:
parent
0ace63bed8
commit
4911915512
1 changed files with 24 additions and 11 deletions
|
@ -914,17 +914,30 @@ rec {
|
|||
(cd old_out; eval "$extraCommands" )
|
||||
|
||||
mkdir $out
|
||||
${optionalString enableFakechroot ''proot -r $PWD/old_out ${bind-paths} --pwd=/ ''}fakeroot bash -c '
|
||||
source $stdenv/setup
|
||||
${optionalString (!enableFakechroot) ''cd old_out''}
|
||||
eval "$fakeRootCommands"
|
||||
tar \
|
||||
--sort name \
|
||||
--numeric-owner --mtime "@$SOURCE_DATE_EPOCH" \
|
||||
--hard-dereference \
|
||||
-cf $out/layer.tar .
|
||||
'
|
||||
|
||||
${if enableFakechroot then ''
|
||||
proot -r $PWD/old_out ${bind-paths} --pwd=/ --root-id bash -c '
|
||||
source $stdenv/setup
|
||||
eval "$fakeRootCommands"
|
||||
tar \
|
||||
--sort name \
|
||||
--exclude=./proc \
|
||||
--exclude=./sys \
|
||||
--numeric-owner --mtime "@$SOURCE_DATE_EPOCH" \
|
||||
--hard-dereference \
|
||||
-cf $out/layer.tar .
|
||||
'
|
||||
'' else ''
|
||||
fakeroot bash -c '
|
||||
source $stdenv/setup
|
||||
cd old_out
|
||||
eval "$fakeRootCommands"
|
||||
tar \
|
||||
--sort name \
|
||||
--numeric-owner --mtime "@$SOURCE_DATE_EPOCH" \
|
||||
--hard-dereference \
|
||||
-cf $out/layer.tar .
|
||||
'
|
||||
''}
|
||||
sha256sum $out/layer.tar \
|
||||
| cut -f 1 -d ' ' \
|
||||
> $out/checksum
|
||||
|
|
Loading…
Reference in a new issue