Avoid top-level with ...; in pkgs/build-support/build-fhsenv-bubblewrap/default.nix
This commit is contained in:
Philip Taron
Valentin Gagarin
parent
e0611b7ba7
commit
a14127aa64
1 changed files with 25 additions and 15 deletions
|
|
@ -31,10 +31,20 @@
|
||||||
|
|
||||||
assert (pname != null || version != null) -> (name == null && pname != null); # You must declare either a name or pname + version (preferred).
|
assert (pname != null || version != null) -> (name == null && pname != null); # You must declare either a name or pname + version (preferred).
|
||||||
|
|
||||||
with builtins;
|
|
||||||
let
|
let
|
||||||
|
inherit (lib)
|
||||||
|
concatLines
|
||||||
|
concatStringsSep
|
||||||
|
escapeShellArgs
|
||||||
|
filter
|
||||||
|
optionalString
|
||||||
|
splitString
|
||||||
|
;
|
||||||
|
|
||||||
|
inherit (lib.attrsets) removeAttrs;
|
||||||
|
|
||||||
pname = if args ? name && args.name != null then args.name else args.pname;
|
pname = if args ? name && args.name != null then args.name else args.pname;
|
||||||
versionStr = lib.optionalString (version != null) ("-" + version);
|
versionStr = optionalString (version != null) ("-" + version);
|
||||||
name = pname + versionStr;
|
name = pname + versionStr;
|
||||||
|
|
||||||
buildFHSEnv = callPackage ./buildFHSEnv.nix { };
|
buildFHSEnv = callPackage ./buildFHSEnv.nix { };
|
||||||
|
|
@ -116,10 +126,10 @@ let
|
||||||
exec ${run} "$@"
|
exec ${run} "$@"
|
||||||
'';
|
'';
|
||||||
|
|
||||||
indentLines = str: lib.concatLines (map (s: " " + s) (filter (s: s != "") (lib.splitString "\n" str)));
|
indentLines = str: concatLines (map (s: " " + s) (filter (s: s != "") (splitString "\n" str)));
|
||||||
bwrapCmd = { initArgs ? "" }: ''
|
bwrapCmd = { initArgs ? "" }: ''
|
||||||
${extraPreBwrapCmds}
|
${extraPreBwrapCmds}
|
||||||
ignored=(/nix /dev /proc /etc ${lib.optionalString privateTmp "/tmp"})
|
ignored=(/nix /dev /proc /etc ${optionalString privateTmp "/tmp"})
|
||||||
ro_mounts=()
|
ro_mounts=()
|
||||||
symlinks=()
|
symlinks=()
|
||||||
etc_ignored=()
|
etc_ignored=()
|
||||||
|
|
@ -156,7 +166,7 @@ let
|
||||||
ro_mounts+=(--ro-bind /etc /.host-etc)
|
ro_mounts+=(--ro-bind /etc /.host-etc)
|
||||||
fi
|
fi
|
||||||
|
|
||||||
for i in ${lib.escapeShellArgs etcBindEntries}; do
|
for i in ${escapeShellArgs etcBindEntries}; do
|
||||||
if [[ "''${etc_ignored[@]}" =~ "$i" ]]; then
|
if [[ "''${etc_ignored[@]}" =~ "$i" ]]; then
|
||||||
continue
|
continue
|
||||||
fi
|
fi
|
||||||
|
|
@ -187,7 +197,7 @@ let
|
||||||
x11_args+=(--ro-bind-try "$local_socket" "$local_socket")
|
x11_args+=(--ro-bind-try "$local_socket" "$local_socket")
|
||||||
fi
|
fi
|
||||||
|
|
||||||
${lib.optionalString privateTmp ''
|
${optionalString privateTmp ''
|
||||||
# sddm places XAUTHORITY in /tmp
|
# sddm places XAUTHORITY in /tmp
|
||||||
if [[ "$XAUTHORITY" == /tmp/* ]]; then
|
if [[ "$XAUTHORITY" == /tmp/* ]]; then
|
||||||
x11_args+=(--ro-bind-try "$XAUTHORITY" "$XAUTHORITY")
|
x11_args+=(--ro-bind-try "$XAUTHORITY" "$XAUTHORITY")
|
||||||
|
|
@ -212,15 +222,15 @@ let
|
||||||
--dev-bind /dev /dev
|
--dev-bind /dev /dev
|
||||||
--proc /proc
|
--proc /proc
|
||||||
--chdir "$(pwd)"
|
--chdir "$(pwd)"
|
||||||
${lib.optionalString unshareUser "--unshare-user"}
|
${optionalString unshareUser "--unshare-user"}
|
||||||
${lib.optionalString unshareIpc "--unshare-ipc"}
|
${optionalString unshareIpc "--unshare-ipc"}
|
||||||
${lib.optionalString unsharePid "--unshare-pid"}
|
${optionalString unsharePid "--unshare-pid"}
|
||||||
${lib.optionalString unshareNet "--unshare-net"}
|
${optionalString unshareNet "--unshare-net"}
|
||||||
${lib.optionalString unshareUts "--unshare-uts"}
|
${optionalString unshareUts "--unshare-uts"}
|
||||||
${lib.optionalString unshareCgroup "--unshare-cgroup"}
|
${optionalString unshareCgroup "--unshare-cgroup"}
|
||||||
${lib.optionalString dieWithParent "--die-with-parent"}
|
${optionalString dieWithParent "--die-with-parent"}
|
||||||
--ro-bind /nix /nix
|
--ro-bind /nix /nix
|
||||||
${lib.optionalString privateTmp "--tmpfs /tmp"}
|
${optionalString privateTmp "--tmpfs /tmp"}
|
||||||
# Our glibc will look for the cache in its own path in `/nix/store`.
|
# Our glibc will look for the cache in its own path in `/nix/store`.
|
||||||
# As such, we need a cache to exist there, because pressure-vessel
|
# As such, we need a cache to exist there, because pressure-vessel
|
||||||
# depends on the existence of an ld cache. However, adding one
|
# depends on the existence of an ld cache. However, adding one
|
||||||
|
|
@ -234,7 +244,7 @@ let
|
||||||
--symlink /etc/ld.so.cache ${glibc}/etc/ld.so.cache \
|
--symlink /etc/ld.so.cache ${glibc}/etc/ld.so.cache \
|
||||||
--ro-bind ${glibc}/etc/rpc ${glibc}/etc/rpc \
|
--ro-bind ${glibc}/etc/rpc ${glibc}/etc/rpc \
|
||||||
--remount-ro ${glibc}/etc \
|
--remount-ro ${glibc}/etc \
|
||||||
'' + lib.optionalString (stdenv.isx86_64 && stdenv.isLinux) (indentLines ''
|
'' + optionalString (stdenv.isx86_64 && stdenv.isLinux) (indentLines ''
|
||||||
--tmpfs ${pkgsi686Linux.glibc}/etc \
|
--tmpfs ${pkgsi686Linux.glibc}/etc \
|
||||||
--symlink /etc/ld.so.conf ${pkgsi686Linux.glibc}/etc/ld.so.conf \
|
--symlink /etc/ld.so.conf ${pkgsi686Linux.glibc}/etc/ld.so.conf \
|
||||||
--symlink /etc/ld.so.cache ${pkgsi686Linux.glibc}/etc/ld.so.cache \
|
--symlink /etc/ld.so.cache ${pkgsi686Linux.glibc}/etc/ld.so.cache \
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue