reintroduce host deps in tandem with sandbox profiles

This commit is contained in:
Jude Taylor 2015-11-21 15:57:06 -08:00
parent e0bd114e09
commit 279fa8f618
3 changed files with 3 additions and 4 deletions

View file

@ -97,7 +97,7 @@ let
enableParallelBuilding = true; enableParallelBuilding = true;
__sandboxProfile = lib.sandbox.allowFileRead [ sandboxProfile = lib.sandbox.allowFileRead [
"/etc" "/etc/nix/nix.conf" "/private/etc/nix/nix.conf" "/etc" "/etc/nix/nix.conf" "/private/etc/nix/nix.conf"
]; ];

View file

@ -113,7 +113,7 @@ if (defined $ARGV[0]) {
my $depset = reduce { union($a, $b) } (map { resolve_tree($_, $depcache) } @files); my $depset = reduce { union($a, $b) } (map { resolve_tree($_, $depcache) } @files);
print "extra-chroot-dirs\n"; print "extra-chroot-dirs\n";
print join("\n", keys %$depset); print join("\n", keys %$depset);
print "\n\n"; print "\n";
} }
lock_store($DEPS, $cache); lock_store($DEPS, $cache);
} else { } else {

View file

@ -1927,7 +1927,7 @@ void DerivationGoal::startBuilder()
#if SANDBOX_ENABLED #if SANDBOX_ENABLED
additionalSandboxProfile = get(drv->env, "__sandboxProfile"); additionalSandboxProfile = get(drv->env, "__sandboxProfile");
#else #endif
string allowed = settings.get("allowed-impure-host-deps", string(DEFAULT_ALLOWED_IMPURE_PREFIXES)); string allowed = settings.get("allowed-impure-host-deps", string(DEFAULT_ALLOWED_IMPURE_PREFIXES));
PathSet allowedPaths = tokenizeString<StringSet>(allowed); PathSet allowedPaths = tokenizeString<StringSet>(allowed);
@ -1953,7 +1953,6 @@ void DerivationGoal::startBuilder()
dirsInChroot[i] = i; dirsInChroot[i] = i;
} }
#endif
#if CHROOT_ENABLED #if CHROOT_ENABLED
/* Create a temporary directory in which we set up the chroot /* Create a temporary directory in which we set up the chroot