mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-24 22:50:49 +00:00
fhs-chrootenv-env: refactor /etc build and add ssl certs
This commit is contained in:
Nikolay Amiantov
parent
2339c2a969
commit
7a01374bf3
|
|
@ -65,25 +65,56 @@ let
|
|||
gnutar gzip bzip2 xz glibcLocales
|
||||
];
|
||||
|
||||
# Compose a global profile for the chroot environment
|
||||
profilePkg = nixpkgs.stdenv.mkDerivation {
|
||||
name = "${name}-chrootenv-profile";
|
||||
# Compose /etc for the chroot environment
|
||||
etcPkg = nixpkgs.stdenv.mkDerivation {
|
||||
name = "${name}-chrootenv-etc";
|
||||
buildCommand = ''
|
||||
mkdir -p $out/etc
|
||||
cat >> $out/etc/profile << "EOF"
|
||||
cd $out/etc
|
||||
|
||||
# environment variables
|
||||
cat >> profile << "EOF"
|
||||
export PS1='${name}-chrootenv:\u@\h:\w\$ '
|
||||
export LOCALE_ARCHIVE='/usr/lib${if is64Bit then "64" else ""}/locale/locale-archive'
|
||||
export LD_LIBRARY_PATH=/run/opengl-driver/lib:/run/opengl-driver-32/lib:/lib:/lib32:/lib64
|
||||
export PATH='/bin:/sbin'
|
||||
${profile}
|
||||
EOF
|
||||
|
||||
# compatibility with NixOS
|
||||
ln -s /host-etc/static static
|
||||
|
||||
# symlink some NSS stuff
|
||||
ln -s /host-etc/passwd passwd
|
||||
ln -s /host-etc/group group
|
||||
ln -s /host-etc/shadow shadow
|
||||
ln -s /host-etc/hosts hosts
|
||||
ln -s /host-etc/resolv.conf resolv.conf
|
||||
ln -s /host-etc/nsswitch.conf nsswitch.conf
|
||||
|
||||
# symlink other core stuff
|
||||
ln -s /host-etc/localtime localtime
|
||||
ln -s /host-etc/machine-id machine-id
|
||||
|
||||
# symlink PAM stuff
|
||||
ln -s /host-etc/pam.d pam.d
|
||||
|
||||
# symlink fonts stuff
|
||||
ln -s /host-etc/fonts fonts
|
||||
|
||||
# symlink ALSA stuff
|
||||
ln -s /host-etc/asound.conf asound.conf
|
||||
|
||||
# symlink SSL certs
|
||||
mkdir -p ssl
|
||||
ln -s /host-etc/ssl/certs ssl/certs
|
||||
'';
|
||||
};
|
||||
|
||||
# Composes a /usr like directory structure
|
||||
staticUsrProfileTarget = nixpkgs.buildEnv {
|
||||
name = "system-profile-target";
|
||||
paths = basePkgs ++ [ profilePkg ] ++ targetPaths;
|
||||
name = "${name}-usr-target";
|
||||
paths = [ etcPkg ] ++ basePkgs ++ targetPaths;
|
||||
ignoreCollisions = true;
|
||||
};
|
||||
|
||||
|
|
@ -94,7 +125,7 @@ let
|
|||
};
|
||||
|
||||
linkProfile = profile: ''
|
||||
for i in ${profile}/{bin,sbin,share,var}; do
|
||||
for i in ${profile}/{bin,sbin,share,var,etc}; do
|
||||
if [ -x "$i" ]
|
||||
then
|
||||
ln -s "$i"
|
||||
|
|
@ -102,18 +133,6 @@ let
|
|||
done
|
||||
'';
|
||||
|
||||
# the target profile is the actual profile that will be used for the chroot
|
||||
setupTargetProfile = ''
|
||||
${linkProfile staticUsrProfileTarget}
|
||||
${setupLibDirs}
|
||||
|
||||
mkdir -m0755 usr
|
||||
cd usr
|
||||
${linkProfile staticUsrProfileTarget}
|
||||
${setupLibDirs}
|
||||
cd ..
|
||||
'';
|
||||
|
||||
# this will happen on x86_64 host:
|
||||
# /x86 -> links to the whole profile defined by multiPaths
|
||||
# /lib, /lib32 -> links to 32bit binaries
|
||||
|
|
@ -126,9 +145,6 @@ let
|
|||
cd ..
|
||||
'';
|
||||
|
||||
setupLibDirs = if isTargetBuild then setupLibDirs_target
|
||||
else setupLibDirs_multi;
|
||||
|
||||
# setup library paths only for the targeted architecture
|
||||
setupLibDirs_target = ''
|
||||
mkdir -m0755 lib
|
||||
|
|
@ -163,38 +179,21 @@ let
|
|||
cp -rsf ${chosenGcc.cc}/lib64/* lib64/
|
||||
'';
|
||||
|
||||
setupEtc = ''
|
||||
mkdir -m0755 etc
|
||||
setupLibDirs = if isTargetBuild then setupLibDirs_target
|
||||
else setupLibDirs_multi;
|
||||
|
||||
# copy profile content
|
||||
cp -rsf ${staticUsrProfileTarget}/etc/* etc/ && chmod u+w -R etc/
|
||||
[ -d ${staticUsrProfileMulti}/etc ] && cp -rsf ${staticUsrProfileMulti}/etc/* etc/ && chmod u+w -R etc/
|
||||
|
||||
# compatibility with NixOS
|
||||
ln -s /host-etc/static etc/static
|
||||
# the target profile is the actual profile that will be used for the chroot
|
||||
setupTargetProfile = ''
|
||||
${linkProfile staticUsrProfileTarget}
|
||||
${setupLibDirs}
|
||||
|
||||
# symlink some NSS stuff
|
||||
ln -s /host-etc/passwd etc/passwd
|
||||
ln -s /host-etc/group etc/group
|
||||
ln -s /host-etc/shadow etc/shadow
|
||||
ln -s /host-etc/hosts etc/hosts
|
||||
ln -s /host-etc/resolv.conf etc/resolv.conf
|
||||
ln -s /host-etc/nsswitch.conf etc/nsswitch.conf
|
||||
|
||||
# symlink other core stuff
|
||||
ln -s /host-etc/localtime etc/localtime
|
||||
ln -s /host-etc/machine-id etc/machine-id
|
||||
|
||||
# symlink PAM stuff
|
||||
rm -rf etc/pam.d
|
||||
ln -s /host-etc/pam.d etc/pam.d
|
||||
|
||||
# symlink fonts stuff
|
||||
rm -rf etc/fonts
|
||||
ln -s /host-etc/fonts etc/fonts
|
||||
|
||||
# symlink ALSA stuff
|
||||
ln -s /host-etc/asound.conf etc/asound.conf
|
||||
mkdir -m0755 usr
|
||||
cd usr
|
||||
${linkProfile staticUsrProfileTarget}
|
||||
${setupLibDirs}
|
||||
cd ..
|
||||
rm -rf usr/etc usr/var
|
||||
'';
|
||||
|
||||
in nixpkgs.stdenv.mkDerivation {
|
||||
|
|
@ -204,7 +203,6 @@ in nixpkgs.stdenv.mkDerivation {
|
|||
cd $out
|
||||
${setupTargetProfile}
|
||||
${setupMultiProfile}
|
||||
${setupEtc}
|
||||
cd $out
|
||||
${extraBuildCommands}
|
||||
cd $out
|
||||
|
|
|
|||
Loading…
Reference in a new issue