Nikolay Amiantov
230898ceb2
chrootenv-user: don't unshare user namespace if we are root
2015-12-17 14:21:06 +03:00
Kevin Cox
2f26b82411
Remove PATH assumption from fhs-userenv.
...
Previously is was assumed that bash was in the path when calling the
environment setup script. This changes all of the references of bash to
be absolute paths so that the user doesn't have to worry about the
environment they call it with.
2015-12-14 11:14:53 -05:00
zimbatm
9b33ec1764
build-fhs-userenv: don't leak file descriptors
...
This re-uses the capabilities documented in `Process.spawn` to avoid leaking
unecessary file-descriptors to the sandbox
2015-12-10 16:01:04 +00:00
Nikolay Amiantov
00f6ce133c
buildFHS{Chroot,User}Env: support extraInstallCommands
2015-12-04 00:58:47 +03:00
Nikolay Amiantov
46de04489b
build-fhs-userenv: fix extraBindMounts
2015-10-07 14:58:37 +03:00
Nikolay Amiantov
5897433b31
build-fhs-userenv: add extraBindMounts support
2015-10-06 15:32:37 +03:00
Nikolay Amiantov
47ea8c097c
buildFHSUserEnv: add .env support
2015-08-26 19:39:08 +03:00
Nikolay Amiantov
f1187c5b14
build-fhs-userenv: move /tmp handling to bash part
2015-08-24 02:01:00 +03:00
Nikolay Amiantov
ec27ba44d0
build-fhs-{chroot,user}env: expose sockets in /tmp
2015-08-24 01:47:19 +03:00
Nikolay Amiantov
19c497050e
fhs-userenv: refactor and try to chdir to the current directory
...
runScript now expects a filename instead of a Bash snippet; thus, "exec" should be
omitted.
2015-04-22 17:50:41 +03:00
Nikolay Amiantov
508ef7e629
fhs-userenv: fix mkdirs
2015-04-22 17:50:41 +03:00
Nikolay Amiantov
b66be2a549
fhs-userenv: move mounts map
2015-04-22 17:50:40 +03:00
Nikolay Amiantov
97931361d7
fhs-userenv: refactor envvars and propagate SSL_CERT_FILE
2015-04-22 17:50:40 +03:00
Luca Bruno
b1adfeb23d
fhs-userenv: Make it work on kernel < 3.19 cc @abbradar
...
It may not be very secure, but I think it's better to make it work
with older kernel since 3.19 is not the default on nixos.
2015-03-10 18:12:38 +01:00
lethalman
fcfe8ecc33
Merge pull request #6737 from anderspapitto/fhs
...
build-fhs-userenv passes through command line args
2015-03-10 17:53:32 +01:00
Anders Papitto
4bcc817521
build-fhs-userenv passes through command line args
...
The motivation for this change is to allow things like the
following derivation, which wraps the debian-packaged
hello binary.
let nixpkgs = import <nixpkgs> {};
stdenv = nixpkgs.stdenv;
in rec {
dumb-hello = stdenv.mkDerivation {
name = "dumb-hello";
builder = ./builder.sh;
dpkg = nixpkgs.dpkg;
src = nixpkgs.fetchurl {
url = "http://ftp.us.debian.org/debian/pool/main/h/hello-traditional/hello-traditional_2.9-2_amd64.deb ";
md5 = "f5f3c28b65221dae44dda6f242c23316";
};
};
full-hello = nixpkgs.buildFHSUserEnv {
name = "full-hello";
targetPkgs = pkgs: [ dumb-hello ];
multiPkgs = pkgs: [ pkgs.dpkg ];
runScript = "hello";
};
}
2015-03-09 23:44:51 -07:00
Nikolay Amiantov
3e395b71da
chroot-env: add locales, refactor environment
2015-03-09 17:29:43 +03:00
Nikolay Amiantov
4aba7639c8
chroot-env: build /etc
2015-03-09 17:29:43 +03:00
Nikolay Amiantov
3500978b8f
build-fhs-*: prefer local build
2015-02-05 20:39:01 +03:00
Nikolay Amiantov
4b3bb7b448
userFHSEnv: add build tool
2015-02-05 19:46:25 +03:00