lix-project/lix
20
57
Fork 31
Code Issues 342 Code Review (Gerrit) Projects 3 Releases Wiki Activity

meson: correctly embed sandbox shell when asked

Browse source 
Change-Id: I2f6c0d42245204a516d2e424eea26a6391e975ad
This commit is contained in:
Qyriad 2024-04-18 16:15:24 -06:00
parent a326344253
commit 111db8b38f
4 changed files with 31 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
meson.build
View file

@ -284,6 +284,16 @@ endif
# Used to workaround https://github.com/mesonbuild/meson/issues/2320 in src/nix/meson.build. # Used to workaround https://github.com/mesonbuild/meson/issues/2320 in src/nix/meson.build.
installcmd = find_program('install') installcmd = find_program('install')
enable_embedded_sandbox_shell = get_option('enable-embedded-sandbox-shell')
if enable_embedded_sandbox_shell
# This one goes in config.h
# The path to busybox is passed as a -D flag when compiling libstore.
# Idk why, ask the old buildsystem.
configdata += {
'HAVE_EMBEDDED_SANDBOX_SHELL': 1,
}
endif
sandbox_shell = get_option('sandbox-shell') sandbox_shell = get_option('sandbox-shell')
# Consider it required if we're on Linux and the user explicitly specified a non-default value. # Consider it required if we're on Linux and the user explicitly specified a non-default value.
sandbox_shell_required = sandbox_shell != 'busybox' and host_machine.system() == 'linux' sandbox_shell_required = sandbox_shell != 'busybox' and host_machine.system() == 'linux'

4
meson.options
View file

@ -7,8 +7,8 @@ option('enable-build', type : 'boolean', value : true,
option('gc', type : 'feature', option('gc', type : 'feature',
description : 'enable garbage collection in the Nix expression evaluator (requires Boehm GC)', description : 'enable garbage collection in the Nix expression evaluator (requires Boehm GC)',
) )
# TODO(Qyriad): is this feature maintained?
option('embedded-sandbox-shell', type : 'feature', option('enable-embedded-sandbox-shell', type : 'boolean', value : false,
description : 'include the sandbox shell in the Nix binary', description : 'include the sandbox shell in the Nix binary',
) )

1
package.nix
View file

@ -182,6 +182,7 @@ stdenv.mkDerivation (finalAttrs: {
lib.optionals (buildWithMeson && stdenv.hostPlatform.isLinux) [ lib.optionals (buildWithMeson && stdenv.hostPlatform.isLinux) [
"-Dsandbox-shell=${lib.getBin busybox-sandbox-shell}/bin/busybox" "-Dsandbox-shell=${lib.getBin busybox-sandbox-shell}/bin/busybox"
] ]
++ lib.optional stdenv.hostPlatform.isStatic "-Denable-embedded-sandbox-shell=true"
++ lib.optional (finalAttrs.dontBuild) "-Denable-build=false" ++ lib.optional (finalAttrs.dontBuild) "-Denable-build=false"
# mesonConfigurePhase automatically passes -Dauto_features=enabled, # mesonConfigurePhase automatically passes -Dauto_features=enabled,
# so we must explicitly enable or disable features that we are not passing # so we must explicitly enable or disable features that we are not passing

18
src/libstore/meson.build
View file

@ -10,6 +10,24 @@ foreach header : [ 'schema.sql', 'ca-specific-schema.sql' ]
) )
endforeach endforeach
if enable_embedded_sandbox_shell
hexdump = find_program('hexdump', required : true)
embedded_sandbox_shell_gen = custom_target(
'embedded-sandbox-shell.gen.hh',
command : [
hexdump,
'-v',
'-e',
'1/1 "0x%x," "\n"'
],
input : busybox.full_path(),
output : 'embedded-sandbox-shell.gen.hh',
capture : true,
feed : true,
)
libstore_generated_headers += embedded_sandbox_shell_gen
endif
libstore_sources = files( libstore_sources = files(
'binary-cache-store.cc', 'binary-cache-store.cc',
'build-result.cc', 'build-result.cc',