diff options
author | Martin Weinelt <hexa@darmstadt.ccc.de> | 2022-01-03 23:21:08 +0100 |
---|---|---|
committer | Martin Weinelt <hexa@darmstadt.ccc.de> | 2022-01-03 23:21:08 +0100 |
commit | 11a0b617832e2f186ca6754f8f7373772321007d (patch) | |
tree | e51ef1d72b8f22a2d6c88e33b388108c33cf9a7e /pkgs/build-support | |
parent | d69234ac7221ff15869cf13b1b40003afb4294d6 (diff) | |
parent | 3083dde52b0c71e511fbc00a0b509c92a98615fd (diff) | |
download | nixpkgs-11a0b617832e2f186ca6754f8f7373772321007d.tar nixpkgs-11a0b617832e2f186ca6754f8f7373772321007d.tar.gz nixpkgs-11a0b617832e2f186ca6754f8f7373772321007d.tar.bz2 nixpkgs-11a0b617832e2f186ca6754f8f7373772321007d.tar.lz nixpkgs-11a0b617832e2f186ca6754f8f7373772321007d.tar.xz nixpkgs-11a0b617832e2f186ca6754f8f7373772321007d.tar.zst nixpkgs-11a0b617832e2f186ca6754f8f7373772321007d.zip |
Merge remote-tracking branch 'origin/master' into staging-next
Diffstat (limited to 'pkgs/build-support')
-rw-r--r-- | pkgs/build-support/build-fhs-userenv-bubblewrap/default.nix | 4 | ||||
-rw-r--r-- | pkgs/build-support/fetchurl/default.nix | 2 |
2 files changed, 4 insertions, 2 deletions
diff --git a/pkgs/build-support/build-fhs-userenv-bubblewrap/default.nix b/pkgs/build-support/build-fhs-userenv-bubblewrap/default.nix index 4773a1e2cf6..ae7151c31c3 100644 --- a/pkgs/build-support/build-fhs-userenv-bubblewrap/default.nix +++ b/pkgs/build-support/build-fhs-userenv-bubblewrap/default.nix @@ -8,6 +8,7 @@ args @ { , extraInstallCommands ? "" , meta ? {} , passthru ? {} +, extraBwrapArgs ? [] , unshareUser ? true , unshareIpc ? true , unsharePid ? true @@ -23,7 +24,7 @@ let buildFHSEnv = callPackage ./env.nix { }; env = buildFHSEnv (removeAttrs args [ - "runScript" "extraInstallCommands" "meta" "passthru" "dieWithParent" + "runScript" "extraInstallCommands" "meta" "passthru" "extraBwrapArgs" "dieWithParent" "unshareUser" "unshareCgroup" "unshareUts" "unshareNet" "unsharePid" "unshareIpc" ]); @@ -169,6 +170,7 @@ let "''${ro_mounts[@]}" "''${symlinks[@]}" "''${auto_mounts[@]}" + ${concatStringsSep "\n " extraBwrapArgs} ${init runScript}/bin/${name}-init ${initArgs} ) exec "''${cmd[@]}" diff --git a/pkgs/build-support/fetchurl/default.nix b/pkgs/build-support/fetchurl/default.nix index 8ce69a7f187..72af03e03d9 100644 --- a/pkgs/build-support/fetchurl/default.nix +++ b/pkgs/build-support/fetchurl/default.nix @@ -139,7 +139,7 @@ stdenvNoCC.mkDerivation { # New-style output content requirements. inherit (hash_) outputHashAlgo outputHash; - SSL_CERT_FILE = if hash_.outputHash == "" + SSL_CERT_FILE = if (hash_.outputHash == "" || hash_.outputHash == lib.fakeSha256 || hash_.outputHash == lib.fakeSha512 || hash_.outputHash == lib.fakeHash) then "${cacert}/etc/ssl/certs/ca-bundle.crt" else "/no-cert-file.crt"; |