From 689eb45630a183f0fbbd8864cb7a3c7cb1704451 Mon Sep 17 00:00:00 2001 From: Alois Wohlschlager Date: Tue, 20 Aug 2024 19:18:53 +0200 Subject: [PATCH] treewide: make more settings conditionally available Some settings only make sense on particular platforms, or only when a certain experimental feature is enabled. Several of those were already conditionally available. Do the same for a bunch more instead of silently ignoring them. Exceptionally, the use-case-hack setting is not made conditional because it is included in the test suite. Change-Id: I29e66ad8ee6178a7c0eff9efb55c3410fae32514 --- src/libstore/globals.hh | 20 ++++++++++++++------ src/nix/develop.cc | 9 ++++++--- 2 files changed, 20 insertions(+), 9 deletions(-) diff --git a/src/libstore/globals.hh b/src/libstore/globals.hh index bfba6ab01..dfb90cbe6 100644 --- a/src/libstore/globals.hh +++ b/src/libstore/globals.hh @@ -380,7 +380,8 @@ public: users in `build-users-group`. UIDs are allocated starting at 872415232 (0x34000000) on Linux and 56930 on macOS. - )"}; + )", + {}, true, Xp::AutoAllocateUids}; Setting startId{this, #if __linux__ @@ -389,7 +390,10 @@ public: 56930, #endif "start-id", - "The first UID and GID to use for dynamic ID allocation."}; + "The first UID and GID to use for dynamic ID allocation.", + {}, + true, + Xp::AutoAllocateUids}; Setting uidCount{this, #if __linux__ @@ -398,7 +402,10 @@ public: 128, #endif "id-count", - "The number of UIDs/GIDs to use for dynamic ID allocation."}; + "The number of UIDs/GIDs to use for dynamic ID allocation.", + {}, + true, + Xp::AutoAllocateUids}; #if __linux__ Setting useCgroups{ @@ -409,12 +416,13 @@ public: Cgroups are required and enabled automatically for derivations that require the `uid-range` system feature. - )"}; - #endif + )", + {}, true, Xp::Cgroups}; Setting impersonateLinux26{this, false, "impersonate-linux-26", "Whether to impersonate a Linux 2.6 machine on newer kernels.", {"build-impersonate-linux-26"}}; + #endif Setting keepLog{ this, true, "keep-build-log", @@ -567,6 +575,7 @@ public: Setting sandboxFallback{this, true, "sandbox-fallback", "Whether to disable sandboxing when the kernel doesn't allow it."}; +#if __linux__ Setting requireDropSupplementaryGroups{this, getuid() == 0, "require-drop-supplementary-groups", R"( Following the principle of least privilege, @@ -585,7 +594,6 @@ public: and `false` otherwise. )"}; -#if __linux__ Setting sandboxShmSize{ this, "50%", "sandbox-dev-shm-size", R"( diff --git a/src/nix/develop.cc b/src/nix/develop.cc index d1615ecdc..81bc73e12 100644 --- a/src/nix/develop.cc +++ b/src/nix/develop.cc @@ -19,13 +19,16 @@ using namespace nix; struct DevelopSettings : Config { Setting bashPrompt{this, "", "bash-prompt", - "The bash prompt (`PS1`) in `nix develop` shells."}; + "The bash prompt (`PS1`) in `nix develop` shells.", + {}, true, Xp::NixCommand}; Setting bashPromptPrefix{this, "", "bash-prompt-prefix", - "Prefix prepended to the `PS1` environment variable in `nix develop` shells."}; + "Prefix prepended to the `PS1` environment variable in `nix develop` shells.", + {}, true, Xp::NixCommand}; Setting bashPromptSuffix{this, "", "bash-prompt-suffix", - "Suffix appended to the `PS1` environment variable in `nix develop` shells."}; + "Suffix appended to the `PS1` environment variable in `nix develop` shells.", + {}, true, Xp::NixCommand}; }; static DevelopSettings developSettings;