diff options
| author | Yegor Timoshenko <yegortimoshenko@gmail.com> | 2017-11-03 12:07:45 +0000 |
|---|---|---|
| committer | Yegor Timoshenko <yegortimoshenko@gmail.com> | 2017-11-09 19:58:55 +0000 |
| commit | edb59ee7bdd0e419d35ea9202feba251692f821e (patch) | |
| tree | 4af8247996088bbe367a3fc9894cda3f9e0b18ae /pkgs/build-support/build-fhs-userenv/default.nix | |
| parent | d03678c227bf40192a353939c61cb533c7abe5a0 (diff) | |
| download | nixpkgs-edb59ee7bdd0e419d35ea9202feba251692f821e.tar nixpkgs-edb59ee7bdd0e419d35ea9202feba251692f821e.tar.gz nixpkgs-edb59ee7bdd0e419d35ea9202feba251692f821e.tar.bz2 nixpkgs-edb59ee7bdd0e419d35ea9202feba251692f821e.tar.lz nixpkgs-edb59ee7bdd0e419d35ea9202feba251692f821e.tar.xz nixpkgs-edb59ee7bdd0e419d35ea9202feba251692f821e.tar.zst nixpkgs-edb59ee7bdd0e419d35ea9202feba251692f821e.zip | |
chroot-user: rewrite in C, drop CHROOTENV_EXTRA_BINDS
Formatted via clang-format.
Diffstat (limited to 'pkgs/build-support/build-fhs-userenv/default.nix')
| -rw-r--r-- | pkgs/build-support/build-fhs-userenv/default.nix | 23 |
1 files changed, 12 insertions, 11 deletions
diff --git a/pkgs/build-support/build-fhs-userenv/default.nix b/pkgs/build-support/build-fhs-userenv/default.nix index d91cdffcf39..5f3ec4dc8ea 100644 --- a/pkgs/build-support/build-fhs-userenv/default.nix +++ b/pkgs/build-support/build-fhs-userenv/default.nix @@ -2,16 +2,19 @@ let buildFHSEnv = callPackage ./env.nix { }; in -args@{ name, runScript ? "bash", extraBindMounts ? [], extraInstallCommands ? "", meta ? {}, passthru ? {}, ... }: +args@{ name, runScript ? "bash", extraInstallCommands ? "", meta ? {}, passthru ? {}, ... }: let - env = buildFHSEnv (removeAttrs args [ "runScript" "extraBindMounts" "extraInstallCommands" "meta" "passthru" ]); + env = buildFHSEnv (removeAttrs args [ "runScript" "extraInstallCommands" "meta" "passthru" ]); - # Sandboxing script - chroot-user = writeScript "chroot-user" '' - #! ${ruby}/bin/ruby - ${builtins.readFile ./chroot-user.rb} - ''; + chrootenv = stdenv.mkDerivation { + name = "chrootenv"; + + unpackPhase = "cp ${./chrootenv.c} chrootenv.c"; + installPhase = "cp chrootenv $out"; + + makeFlags = [ "chrootenv" ]; + }; init = run: writeScript "${name}-init" '' #! ${stdenv.shell} @@ -32,8 +35,7 @@ in runCommand name { passthru = passthru // { env = runCommand "${name}-shell-env" { shellHook = '' - ${lib.optionalString (extraBindMounts != []) ''export CHROOTENV_EXTRA_BINDS="${lib.concatStringsSep ":" extraBindMounts}:$CHROOTENV_EXTRA_BINDS"''} - exec ${chroot-user} ${init "bash"} "$(pwd)" + exec ${chrootenv} ${init "bash"} "$(pwd)" ''; } '' echo >&2 "" @@ -46,8 +48,7 @@ in runCommand name { mkdir -p $out/bin cat <<EOF >$out/bin/${name} #! ${stdenv.shell} - ${lib.optionalString (extraBindMounts != []) ''export CHROOTENV_EXTRA_BINDS="${lib.concatStringsSep ":" extraBindMounts}:$CHROOTENV_EXTRA_BINDS"''} - exec ${chroot-user} ${init runScript} "\$(pwd)" "\$@" + exec ${chrootenv} ${init runScript} "\$(pwd)" "\$@" EOF chmod +x $out/bin/${name} ${extraInstallCommands} |