puck/lix
0
0
Fork 0
forked from lix-project/lix
Code Pull requests Activity

document all special system features and their behavior

Browse source
This commit is contained in:
Valentin Gagarin 2023-07-19 11:57:20 +02:00
parent 493ddf617f
commit 5f37ebcf83
3 changed files with 41 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
doc/manual/src/language/advanced-attributes.md
View file

@ -345,3 +345,15 @@ Derivations can declare some infrequently used optional attributes.
This is useful, for example, when generating self-contained filesystem images with This is useful, for example, when generating self-contained filesystem images with
their own embedded Nix store: hashes found inside such an image refer their own embedded Nix store: hashes found inside such an image refer
to the embedded store and not to the host's Nix store. to the embedded store and not to the host's Nix store.
- [`requiredSystemFeatures`]{#adv-attr-requiredSystemFeatures}\
If a derivation has the `requiredSystemFeatures` attribute, then Nix will only build it on a machine that has the corresponding features set in its [`system-features` configuration](@docroot@/command-ref/conf-file.md#conf-system-features).
For example, setting
```nix
requiredSystemFeatures = [ "kvm" ];
```
ensures that the derivation can only be built on a machine with the `kvm` feature.

14
doc/manual/src/release-notes/rl-2.12.md
View file

@ -2,20 +2,8 @@
* On Linux, Nix can now run builds in a user namespace where they run * On Linux, Nix can now run builds in a user namespace where they run
as root (UID 0) and have 65,536 UIDs available. as root (UID 0) and have 65,536 UIDs available.
<!-- FIXME: move this to its own section about system features -->
This is primarily useful for running containers such as `systemd-nspawn`
inside a Nix build. For an example, see [`tests/systemd-nspawn/nix`][nspawn].
[nspawn]: https://github.com/NixOS/nix/blob/67bcb99700a0da1395fa063d7c6586740b304598/tests/systemd-nspawn.nix. This can be used by requiring `uid-range` [system feature] in derivations.
A build can enable this by setting the derivation attribute:
```
requiredSystemFeatures = [ "uid-range" ];
```
The `uid-range` [system feature] requires the [`auto-allocate-uids`]
setting to be enabled.
[system feature]: ../command-ref/conf-file.md#conf-system-features [system feature]: ../command-ref/conf-file.md#conf-system-features

39
src/libstore/globals.hh
View file

@ -337,7 +337,7 @@ public:
users in `build-users-group`. users in `build-users-group`.
UIDs are allocated starting at 872415232 (0x34000000) on Linux and 56930 on macOS. UIDs are allocated starting at 872415232 (0x34000000) on Linux and 56930 on macOS.
)"}; )", {}, true, Xp::AutoAllocateUids};
Setting<uint32_t> startId{this, Setting<uint32_t> startId{this,
#if __linux__ #if __linux__
@ -690,20 +690,37 @@ public:
"system-features", "system-features",
R"( R"(
A set of system features supported by this machine. A set of system features supported by this machine.
Derivations can express a dependency on such features through the derivation attribute `requiredSystemFeatures`.
For example, the attribute This complements the [`system`](#conf-system) and [`extra-platforms`](#conf-extra-platforms) configuration options and the corresponding [`system`](@docroot@/language/derivations.md#attr-system) attribute on derivations.
requiredSystemFeatures = [ "kvm" ]; Derivations can require system features in the derivation attribute [`requiredSystemFeatures`](@docroot@/language/advanced-attributes.md#adv-attr-requiredSystemFeatures).
ensures that the derivation can only be built on a machine with the `kvm` feature. System features are generally user-defined, but the following have special treatment:
This setting by default includes - `kvm`
- `kvm` if `/dev/kvm` is accessible
- historical pseudo-features for backwards compatibility, used in Nixpkgs to route Hydra builds to specific machines Set by default if `/dev/kvm` is accessible.
- `nixos-test`
- `benchmark` - `nixos-test`, `benchmark`, `big-parallel`
- `big-parallel`
These historical pseudo-features are always enabled for backwards compatibility, used in Nixpkgs to route Hydra builds to specific machines.
- `ca-derivations`
Set by default if the [`ca-derivations` experimental feature](@docroot@/contributing/experimental-features.md#xp-feature-ca-derivations) is enabled.
- `recursive-nix`
Set by default if the [`recursive-nix` experimental feature](@docroot@/contributing/experimental-features.md#xp-feature-recursive-nix) is enabled.
- `uid-range`
On Linux, Nix can run builds in a user namespace where they run as root (UID 0) and have 65,536 UIDs available.
This is primarily useful for running containers such as `systemd-nspawn` inside a Nix build. For an example, see [`tests/systemd-nspawn/nix`][nspawn].
[nspawn]: https://github.com/NixOS/nix/blob/67bcb99700a0da1395fa063d7c6586740b304598/tests/systemd-nspawn.nix.
Set by default on Linux if the [`auto-allocate-uids`](#conf-auto-allocate-uids) setting is enabled.
)", {}, false}; )", {}, false};
Setting<Strings> substituters{ Setting<Strings> substituters{