From 279fa8f618ff22cc71bf902a65cc29c04af6e01f Mon Sep 17 00:00:00 2001 From: Jude Taylor Date: Sat, 21 Nov 2015 15:57:06 -0800 Subject: [PATCH] reintroduce host deps in tandem with sandbox profiles --- release.nix | 2 +- scripts/resolve-system-dependencies.pl.in | 2 +- src/libstore/build.cc | 3 +-- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/release.nix b/release.nix index 8935cfa19..0ee75e9a8 100644 --- a/release.nix +++ b/release.nix @@ -97,7 +97,7 @@ let enableParallelBuilding = true; - __sandboxProfile = lib.sandbox.allowFileRead [ + sandboxProfile = lib.sandbox.allowFileRead [ "/etc" "/etc/nix/nix.conf" "/private/etc/nix/nix.conf" ]; diff --git a/scripts/resolve-system-dependencies.pl.in b/scripts/resolve-system-dependencies.pl.in index 23416b75c..a20f0dc02 100755 --- a/scripts/resolve-system-dependencies.pl.in +++ b/scripts/resolve-system-dependencies.pl.in @@ -113,7 +113,7 @@ if (defined $ARGV[0]) { my $depset = reduce { union($a, $b) } (map { resolve_tree($_, $depcache) } @files); print "extra-chroot-dirs\n"; print join("\n", keys %$depset); - print "\n\n"; + print "\n"; } lock_store($DEPS, $cache); } else { diff --git a/src/libstore/build.cc b/src/libstore/build.cc index 9614bb1c3..81ef701b0 100644 --- a/src/libstore/build.cc +++ b/src/libstore/build.cc @@ -1927,7 +1927,7 @@ void DerivationGoal::startBuilder() #if SANDBOX_ENABLED additionalSandboxProfile = get(drv->env, "__sandboxProfile"); -#else +#endif string allowed = settings.get("allowed-impure-host-deps", string(DEFAULT_ALLOWED_IMPURE_PREFIXES)); PathSet allowedPaths = tokenizeString(allowed); @@ -1953,7 +1953,6 @@ void DerivationGoal::startBuilder() dirsInChroot[i] = i; } -#endif #if CHROOT_ENABLED /* Create a temporary directory in which we set up the chroot