In Nix chroots, provide plain bash, not bash-interactive

This way we don't get ncurses in the chroot. Also, use a bind-mount of
/bin/sh to bash, rather than the entire /bin from the host filesystem.
This commit is contained in:
Eelco Dolstra 2014-08-04 16:45:05 +02:00
parent 166fbcaf28
commit b35770818d

View File

@ -22,14 +22,11 @@ let
nixConf =
let
# Tricky: if we're using a chroot for builds, then we need
# /bin/sh in the chroot (our own compromise to purity).
# However, since /bin/sh is a symlink to some path in the
# Nix store, which furthermore has runtime dependencies on
# other paths in the store, we need the closure of /bin/sh
# in `build-chroot-dirs' - otherwise any builder that uses
# /bin/sh won't work.
binshDeps = pkgs.writeReferencesToFile config.system.build.binsh;
# If we're using a chroot for builds, then provide /bin/sh in
# the chroot as a bind-mount to bash. This means we also need to
# include the entire closure of bash.
sh = pkgs.stdenv.shell;
binshDeps = pkgs.writeReferencesToFile sh;
in
pkgs.runCommand "nix.conf" {extraOptions = cfg.extraOptions; } ''
extraPaths=$(for i in $(cat ${binshDeps}); do if test -d $i; then echo $i; fi; done)
@ -40,7 +37,7 @@ let
build-users-group = nixbld
build-max-jobs = ${toString (cfg.maxJobs)}
build-use-chroot = ${if cfg.useChroot then "true" else "false"}
build-chroot-dirs = ${toString cfg.chrootDirs} $(echo $extraPaths)
build-chroot-dirs = ${toString cfg.chrootDirs} /bin/sh=${sh} $(echo $extraPaths)
binary-caches = ${toString cfg.binaryCaches}
trusted-binary-caches = ${toString cfg.trustedBinaryCaches}
$extraOptions
@ -253,8 +250,6 @@ in
config = {
nix.chrootDirs = [ "/bin" ];
environment.etc."nix/nix.conf".source = nixConf;
# List of machines for distributed Nix builds in the format