treewide: make more settings conditionally available

Some settings only make sense on particular platforms, or only when a certain
experimental feature is enabled. Several of those were already conditionally
available. Do the same for a bunch more instead of silently ignoring them.
Exceptionally, the use-case-hack setting is not made conditional because it is
included in the test suite.

Change-Id: I29e66ad8ee6178a7c0eff9efb55c3410fae32514
This commit is contained in:
alois31 2024-08-20 19:18:53 +02:00
parent ece99fee23
commit 689eb45630
Signed by untrusted user: alois31
GPG key ID: E0F59EA5E5216914
2 changed files with 20 additions and 9 deletions

View file

@ -380,7 +380,8 @@ public:
users in `build-users-group`. users in `build-users-group`.
UIDs are allocated starting at 872415232 (0x34000000) on Linux and 56930 on macOS. UIDs are allocated starting at 872415232 (0x34000000) on Linux and 56930 on macOS.
)"}; )",
{}, true, Xp::AutoAllocateUids};
Setting<uint32_t> startId{this, Setting<uint32_t> startId{this,
#if __linux__ #if __linux__
@ -389,7 +390,10 @@ public:
56930, 56930,
#endif #endif
"start-id", "start-id",
"The first UID and GID to use for dynamic ID allocation."}; "The first UID and GID to use for dynamic ID allocation.",
{},
true,
Xp::AutoAllocateUids};
Setting<uint32_t> uidCount{this, Setting<uint32_t> uidCount{this,
#if __linux__ #if __linux__
@ -398,7 +402,10 @@ public:
128, 128,
#endif #endif
"id-count", "id-count",
"The number of UIDs/GIDs to use for dynamic ID allocation."}; "The number of UIDs/GIDs to use for dynamic ID allocation.",
{},
true,
Xp::AutoAllocateUids};
#if __linux__ #if __linux__
Setting<bool> useCgroups{ Setting<bool> useCgroups{
@ -409,12 +416,13 @@ public:
Cgroups are required and enabled automatically for derivations Cgroups are required and enabled automatically for derivations
that require the `uid-range` system feature. that require the `uid-range` system feature.
)"}; )",
#endif {}, true, Xp::Cgroups};
Setting<bool> impersonateLinux26{this, false, "impersonate-linux-26", Setting<bool> impersonateLinux26{this, false, "impersonate-linux-26",
"Whether to impersonate a Linux 2.6 machine on newer kernels.", "Whether to impersonate a Linux 2.6 machine on newer kernels.",
{"build-impersonate-linux-26"}}; {"build-impersonate-linux-26"}};
#endif
Setting<bool> keepLog{ Setting<bool> keepLog{
this, true, "keep-build-log", this, true, "keep-build-log",
@ -567,6 +575,7 @@ public:
Setting<bool> sandboxFallback{this, true, "sandbox-fallback", Setting<bool> sandboxFallback{this, true, "sandbox-fallback",
"Whether to disable sandboxing when the kernel doesn't allow it."}; "Whether to disable sandboxing when the kernel doesn't allow it."};
#if __linux__
Setting<bool> requireDropSupplementaryGroups{this, getuid() == 0, "require-drop-supplementary-groups", Setting<bool> requireDropSupplementaryGroups{this, getuid() == 0, "require-drop-supplementary-groups",
R"( R"(
Following the principle of least privilege, Following the principle of least privilege,
@ -585,7 +594,6 @@ public:
and `false` otherwise. and `false` otherwise.
)"}; )"};
#if __linux__
Setting<std::string> sandboxShmSize{ Setting<std::string> sandboxShmSize{
this, "50%", "sandbox-dev-shm-size", this, "50%", "sandbox-dev-shm-size",
R"( R"(

View file

@ -19,13 +19,16 @@ using namespace nix;
struct DevelopSettings : Config struct DevelopSettings : Config
{ {
Setting<std::string> bashPrompt{this, "", "bash-prompt", Setting<std::string> bashPrompt{this, "", "bash-prompt",
"The bash prompt (`PS1`) in `nix develop` shells."}; "The bash prompt (`PS1`) in `nix develop` shells.",
{}, true, Xp::NixCommand};
Setting<std::string> bashPromptPrefix{this, "", "bash-prompt-prefix", Setting<std::string> bashPromptPrefix{this, "", "bash-prompt-prefix",
"Prefix prepended to the `PS1` environment variable in `nix develop` shells."}; "Prefix prepended to the `PS1` environment variable in `nix develop` shells.",
{}, true, Xp::NixCommand};
Setting<std::string> bashPromptSuffix{this, "", "bash-prompt-suffix", Setting<std::string> bashPromptSuffix{this, "", "bash-prompt-suffix",
"Suffix appended to the `PS1` environment variable in `nix develop` shells."}; "Suffix appended to the `PS1` environment variable in `nix develop` shells.",
{}, true, Xp::NixCommand};
}; };
static DevelopSettings developSettings; static DevelopSettings developSettings;