nixpkgs/pkgs
aszlig 42a0b11450
dockerTools.pullImage: Fix build with sandboxing
Regression introduced in 736848723e.

This commit most certainly hasn't been tested with sandboxing enabled
and breaks not only pullImage but also the docker-tools NixOS VM test
because it doesn't find it's certificate path and also relies on
/var/tmp being there.

Fixing the certificate path is the easiest one because it can be done
via environment variable.

I've used overrideAttrs for changing the hardcoded path to /tmp (which
is available in sandboxed builds and even hardcoded in Nix), so that
whenever someone uses Skopeo from all-packages.nix the path is still
/var/tmp.

The reason why this is hardcoded to /var/tmp can be seen in a comment in
vendor/github.com/containers/image/storage/storage_image.go:

  Do not use the system default of os.TempDir(), usually /tmp, because
  with systemd it could be a tmpfs.

With sandboxed builds this isn't the case, however for using Nix without
NixOS this could turn into a problem if this indeed is the case.

So in the long term this needs to have a proper solution.

In addition to that, I cleaned up the expression a bit.

Tested by building dockerTools.examples.nixFromDockerHub and the
docker-tools NixOS VM test.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @nlewo, @Mic92, @Profpatsch, @globin, @LnL7
2018-05-06 04:57:24 +02:00
..
applications Merge pull request #39985 from jtojnar/drop-legacy-gst 2018-05-05 23:53:04 +02:00
build-support dockerTools.pullImage: Fix build with sandboxing 2018-05-06 04:57:24 +02:00
common-updater common-updater: support updating source URL 2018-03-16 23:17:07 +09:00
data iconpack-obsidian: init at 4.0.1 2018-05-03 15:45:57 -03:00
desktops Merge pull request #39902 from romildo/fix.enlightenment 2018-05-05 20:08:45 +00:00
development Merge pull request #39985 from jtojnar/drop-legacy-gst 2018-05-05 23:53:04 +02:00
games treewide: remove platform assertions 2018-05-03 13:09:20 -05:00
misc Merge pull request #39797 from r-ryantm/auto-update/adapta-gtk-theme 2018-05-05 00:57:22 +02:00
os-specific Merge pull request #38961 from bachp/cryptsetup-generator 2018-05-05 17:41:40 +02:00
servers Merge pull request #39895 from r-ryantm/auto-update/groonga 2018-05-05 16:11:31 -05:00
shells nix-zsh-completions: 0.3.9 -> 0.4.0 2018-05-02 12:45:18 +02:00
stdenv check-meta.nix: specify meta.timeout 2018-04-27 00:25:37 +02:00
test tree-wide: autorename gnome packages to use dashes 2018-02-25 17:41:16 +01:00
tools Merge pull request #40012 from bfortz/eid-mw-4.4.1 2018-05-06 00:05:39 +02:00
top-level Merge pull request #40012 from bfortz/eid-mw-4.4.1 2018-05-06 00:05:39 +02:00