mirrors/nixpkgs
1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-02-18 00:49:52 +00:00
Code Issues Wiki Activity

fhs-chrootenv-env: refactor /etc build and add ssl certs

Browse source
This commit is contained in:
Nikolay Amiantov 2015-04-22 15:46:49 +03:00
parent 2339c2a969
commit 7a01374bf3
1 changed files with 50 additions and 52 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

102
pkgs/build-support/build-fhs-chrootenv/env.nix
View file

@ -65,25 +65,56 @@ let
gnutar gzip bzip2 xz glibcLocales gnutar gzip bzip2 xz glibcLocales
]; ];
# Compose a global profile for the chroot environment # Compose /etc for the chroot environment
profilePkg = nixpkgs.stdenv.mkDerivation { etcPkg = nixpkgs.stdenv.mkDerivation {
name = "${name}-chrootenv-profile"; name = "${name}-chrootenv-etc";
buildCommand = '' buildCommand = ''
mkdir -p $out/etc mkdir -p $out/etc
cat >> $out/etc/profile << "EOF" cd $out/etc
# environment variables
cat >> profile << "EOF"
export PS1='${name}-chrootenv:\u@\h:\w\$ ' export PS1='${name}-chrootenv:\u@\h:\w\$ '
export LOCALE_ARCHIVE='/usr/lib${if is64Bit then "64" else ""}/locale/locale-archive' export LOCALE_ARCHIVE='/usr/lib${if is64Bit then "64" else ""}/locale/locale-archive'
export LD_LIBRARY_PATH=/run/opengl-driver/lib:/run/opengl-driver-32/lib:/lib:/lib32:/lib64 export LD_LIBRARY_PATH=/run/opengl-driver/lib:/run/opengl-driver-32/lib:/lib:/lib32:/lib64
export PATH='/bin:/sbin' export PATH='/bin:/sbin'
${profile} ${profile}
EOF EOF
# compatibility with NixOS
ln -s /host-etc/static static
# symlink some NSS stuff
ln -s /host-etc/passwd passwd
ln -s /host-etc/group group
ln -s /host-etc/shadow shadow
ln -s /host-etc/hosts hosts
ln -s /host-etc/resolv.conf resolv.conf
ln -s /host-etc/nsswitch.conf nsswitch.conf
# symlink other core stuff
ln -s /host-etc/localtime localtime
ln -s /host-etc/machine-id machine-id
# symlink PAM stuff
ln -s /host-etc/pam.d pam.d
# symlink fonts stuff
ln -s /host-etc/fonts fonts
# symlink ALSA stuff
ln -s /host-etc/asound.conf asound.conf
# symlink SSL certs
mkdir -p ssl
ln -s /host-etc/ssl/certs ssl/certs
''; '';
}; };
# Composes a /usr like directory structure # Composes a /usr like directory structure
staticUsrProfileTarget = nixpkgs.buildEnv { staticUsrProfileTarget = nixpkgs.buildEnv {
name = "system-profile-target"; name = "${name}-usr-target";
paths = basePkgs ++ [ profilePkg ] ++ targetPaths; paths = [ etcPkg ] ++ basePkgs ++ targetPaths;
ignoreCollisions = true; ignoreCollisions = true;
}; };
@ -94,7 +125,7 @@ let
}; };
linkProfile = profile: '' linkProfile = profile: ''
for i in ${profile}/{bin,sbin,share,var}; do for i in ${profile}/{bin,sbin,share,var,etc}; do
if [ -x "$i" ] if [ -x "$i" ]
then then
ln -s "$i" ln -s "$i"
@ -102,18 +133,6 @@ let
done done
''; '';
# the target profile is the actual profile that will be used for the chroot
setupTargetProfile = ''
${linkProfile staticUsrProfileTarget}
${setupLibDirs}
mkdir -m0755 usr
cd usr
${linkProfile staticUsrProfileTarget}
${setupLibDirs}
cd ..
'';
# this will happen on x86_64 host: # this will happen on x86_64 host:
# /x86 -> links to the whole profile defined by multiPaths # /x86 -> links to the whole profile defined by multiPaths
# /lib, /lib32 -> links to 32bit binaries # /lib, /lib32 -> links to 32bit binaries
@ -126,9 +145,6 @@ let
cd .. cd ..
''; '';
setupLibDirs = if isTargetBuild then setupLibDirs_target
else setupLibDirs_multi;
# setup library paths only for the targeted architecture # setup library paths only for the targeted architecture
setupLibDirs_target = '' setupLibDirs_target = ''
mkdir -m0755 lib mkdir -m0755 lib
@ -163,38 +179,21 @@ let
cp -rsf ${chosenGcc.cc}/lib64/* lib64/ cp -rsf ${chosenGcc.cc}/lib64/* lib64/
''; '';
setupEtc = '' setupLibDirs = if isTargetBuild then setupLibDirs_target
mkdir -m0755 etc else setupLibDirs_multi;
# copy profile content
cp -rsf ${staticUsrProfileTarget}/etc/* etc/ && chmod u+w -R etc/
[ -d ${staticUsrProfileMulti}/etc ] && cp -rsf ${staticUsrProfileMulti}/etc/* etc/ && chmod u+w -R etc/
# compatibility with NixOS # the target profile is the actual profile that will be used for the chroot
ln -s /host-etc/static etc/static setupTargetProfile = ''
${linkProfile staticUsrProfileTarget}
${setupLibDirs}
# symlink some NSS stuff mkdir -m0755 usr
ln -s /host-etc/passwd etc/passwd cd usr
ln -s /host-etc/group etc/group ${linkProfile staticUsrProfileTarget}
ln -s /host-etc/shadow etc/shadow ${setupLibDirs}
ln -s /host-etc/hosts etc/hosts cd ..
ln -s /host-etc/resolv.conf etc/resolv.conf rm -rf usr/etc usr/var
ln -s /host-etc/nsswitch.conf etc/nsswitch.conf
# symlink other core stuff
ln -s /host-etc/localtime etc/localtime
ln -s /host-etc/machine-id etc/machine-id
# symlink PAM stuff
rm -rf etc/pam.d
ln -s /host-etc/pam.d etc/pam.d
# symlink fonts stuff
rm -rf etc/fonts
ln -s /host-etc/fonts etc/fonts
# symlink ALSA stuff
ln -s /host-etc/asound.conf etc/asound.conf
''; '';
in nixpkgs.stdenv.mkDerivation { in nixpkgs.stdenv.mkDerivation {
@ -204,7 +203,6 @@ in nixpkgs.stdenv.mkDerivation {
cd $out cd $out
${setupTargetProfile} ${setupTargetProfile}
${setupMultiProfile} ${setupMultiProfile}
${setupEtc}
cd $out cd $out
${extraBuildCommands} ${extraBuildCommands}
cd $out cd $out