nixpkgs/pkgs/build-support
Nikolay Amiantov 74107a7867 buildFHSEnv: refactor and simplify, drop buildFHSChrootEnv
This takes another approach at binding FHS directory structure. We
now bind-mount all the root filesystem to directory "/host" in the target tree.
From that we symlink all the directories into the tree if they do not already
exist in FHS structure.

This probably makes `CHROOTENV_EXTRA_BINDS` unnecessary -- its main usecase was
to add bound directories from the host to the sandbox, and we not just symlink
all of them. I plan to get some feedback on its usage and maybe deprecate it.

This also drops old `buildFHSChrootEnv` infrastructure. The main problem with it
is it's very difficult to unmount a recursive-bound directory when mount is not
sandboxed. This problem is a bug even without these changes -- if
you have for example `/home/alice` mounted to somewhere, you wouldn't see
it in `buildFHSChrootEnv` now. With the new directory structure, it's
impossible to use regular bind at all. After some tackling with this I realized
that the fix would be brittle and dangerous (if you don't unmount everything
clearly and proceed to removing the temporary directory, bye-bye fs!). It also
probably doesn't worth it because I haven't heard that someone actually uses it
for a long time, and `buildFHSUserEnv` should cover most cases while being much
more maintainable and safe for the end-user.
2016-06-07 04:06:35 +03:00
..
agda agda: Remove unused/uneeded abstractions, including postprocess 2015-05-31 01:55:10 +00:00
build-dotnet-package build-dotnet-package: add optional makeWrapperArgs argument 2015-10-29 06:02:18 +03:00
build-fhs-userenv buildFHSEnv: refactor and simplify, drop buildFHSChrootEnv 2016-06-07 04:06:35 +03:00
buildenv buildEnv: fix #14682 evaluation in some edge cases 2016-04-17 08:57:17 +02:00
builder-defs Don't fail if env-vars cannot be written to 2015-11-04 16:32:59 +01:00
cc-wrapper cc-wrapper: add -B flag with cc.lib 2016-05-04 14:23:54 +02:00
docker dockerTools: only add "/nix" if it exists 2016-04-16 01:16:49 +10:00
dotnetbuildhelpers Remove all-packages.nix helperFunctions dependency. 2016-03-20 16:41:20 +00:00
dotnetenv Remove executable bits from non-executable files 2015-01-27 18:54:38 +01:00
emacs emacs: hide wrapper dependencies 2016-05-12 22:43:30 +02:00
fetchadc
fetchbower bower2nix: 2.1.0 -> 3.0.1 2016-03-28 08:23:06 +01:00
fetchbzr nix-prefetch-bzr: match path name to fetchbzr name 2015-12-19 09:32:22 -06:00
fetchcvs
fetchdarcs
fetchegg Infrastructure to build chicken eggs. 2014-10-13 23:29:27 +02:00
fetchfile Update builder.sh 2015-11-25 17:14:03 +08:00
fetchgit Merge pull request #15469 from NixOS/fetchgit 2016-05-16 16:44:55 +02:00
fetchgitlocal fetchgitlocal: be less chatty 2016-02-01 10:57:01 -08:00
fetchgitrevision
fetchhg nix-prefetch-hg: Various bash style improvements, fixes #9511 2016-02-17 00:35:30 +01:00
fetchmtn
fetchnuget fetchnuget: run fixupPhase to honor propagatedBuildInputs 2015-06-12 17:13:21 +02:00
fetchpatch fetchpatch: Allow to pass a postFetch attribute. 2015-06-23 03:35:30 +02:00
fetchsvn fetchsvn: correctly handle trailing slashes 2015-12-06 11:49:51 -06:00
fetchsvnrevision
fetchsvnssh
fetchurl fetchurl mirrors: fix gnupg URLs 2016-05-17 11:35:49 +02:00
fetchzip fetchzip: improve error message 2016-05-17 17:32:53 +01:00
gcc-cross-wrapper orig-gcc -> orig-cc 2015-03-04 22:15:46 +01:00
gcc-wrapper-old gcc-wrapper-old: fix binutils and coreutils' paths 2016-04-25 14:27:51 +03:00
grsecurity grsecurity: add option to disable chroot caps restriction 2016-05-10 16:17:08 +02:00
icon-conv-tools icon-conv-tools: init at 0.0.0 (#13905) 2016-04-25 13:16:47 +02:00
kdewrapper
kernel makeModulesClosure: Small cleanup 2016-02-01 18:19:23 +01:00
libredirect citrix-receiver: init at 13.2.1, fixes #8458 2015-11-11 22:27:15 +01:00
make-desktopitem chromium: add StartupWMClass to desktop file. Fixes #12433 2016-02-29 20:42:58 +01:00
make-startupitem
make-symlinks
mono-dll-fixer
nuke-references nuke-references: support -e option 2015-10-18 18:41:11 +03:00
ocaml Ensure that we can evaluate the platform attribute of ocaml packages. 2016-03-13 19:08:26 +00:00
release debian-build: fix checkinstall invocation (#15538) 2016-05-19 09:41:10 +01:00
rust Fix buildRustPackage edge cases 2016-06-02 17:15:52 +02:00
setup-hooks setup-hooks: do not pass missing dirs to find (close #15405) 2016-05-22 12:08:01 +02:00
src-only
substitute doc/stdenv.xml document substitution env variables 2016-04-23 21:41:35 +02:00
substitute-files substituteAllFiles: support postInstall 2016-01-10 06:03:26 +03:00
templaterpm Update: new features for nix-template-rpm 2015-02-06 20:12:57 +01:00
upstream-updater update-walker: add a minimal description 2016-01-01 19:07:38 +01:00
vm add CentOS 7.1 2016-05-24 11:35:39 +01:00
vsenv
build-maven.nix build-maven: use lib.importJSON 2016-02-29 13:49:29 +00:00
build-pecl.nix fix phpPackages memcache,memcached,xdebug 2015-02-05 20:28:16 +01:00
replace-dependency.nix nix: Add a "dev" output 2016-04-18 21:13:18 +02:00
source-from-head-fun.nix
trivial-builders.nix symlinkJoin: allow arbitrary additional attributes 2016-05-27 13:42:22 +03:00