This takes another approach at binding FHS directory structure. We
now bind-mount all the root filesystem to directory "/host" in the target tree.
From that we symlink all the directories into the tree if they do not already
exist in FHS structure.
This probably makes `CHROOTENV_EXTRA_BINDS` unnecessary -- its main usecase was
to add bound directories from the host to the sandbox, and we not just symlink
all of them. I plan to get some feedback on its usage and maybe deprecate it.
This also drops old `buildFHSChrootEnv` infrastructure. The main problem with it
is it's very difficult to unmount a recursive-bound directory when mount is not
sandboxed. This problem is a bug even without these changes -- if
you have for example `/home/alice` mounted to somewhere, you wouldn't see
it in `buildFHSChrootEnv` now. With the new directory structure, it's
impossible to use regular bind at all. After some tackling with this I realized
that the fix would be brittle and dangerous (if you don't unmount everything
clearly and proceed to removing the temporary directory, bye-bye fs!). It also
probably doesn't worth it because I haven't heard that someone actually uses it
for a long time, and `buildFHSUserEnv` should cover most cases while being much
more maintainable and safe for the end-user.
These overrides didn't work, because they created a mixture of different
versions of 'persistent' in the build tree. Furthermore, we cannot pin
specific versions like that in configuration-common.nix because this
breaks builds in other package sets, i.e. the LTS variants.
This update was generated by hackage2nix v20160406-31-gd9dda87 using the following inputs:
- Hackage: 4c643345f3
- LTS Haskell: 1a80e0660e
- Stackage Nightly: 3ba38d9d9e
This reverts commit 112d4c71b2.
This upgrade causes a serious Plasma performance degradation and causes
incorrect font rendering. Reverting until the cause is known.
