home: Add buildEnvWithNoChroot to help avoid darwin sandbox failures
Allows setting `__noChroot = true` on select derivations that assemble large numbers of paths. This may be used to avoid sandbox failures on darwin, see https://github.com/NixOS/nix/issues/4119 and the `sandbox` option in `man nix.conf`. I wish there was a way to do something akin to overlays for config, alas there is not afaik, so the only way is to add an option. Since this is opt-in, anyone enabling it thus understands the “risks” of disabling the sandbox, however the risk for these derivations should be fairly low, and this allows enabling the sandbox more generally on Darwin, which is beneficial. I have only added to the derivations that started giving me problems, others may suffer from others but these are definitely likely to have huge dependency lists therefore exposing the problem. Despite this being intended only for use on Darwin, it is left somewhat generic and thus up to the user to do set it to e.g. `stdenv.hostPlatform.isDarwin`.
This commit is contained in:
parent
b787726a84
commit
8b196b54cb
|
@ -474,6 +474,14 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
home.buildEnvWithNoChroot = mkEnableOption ''
|
||||
Sets <code>__noChroot = true</code> on select <code>buildEnv</code>
|
||||
derivations that assemble large numbers of paths, as well the activation
|
||||
script derivations. This may be used to avoid sandbox failures on Darwin,
|
||||
see https://github.com/NixOS/nix/issues/4119 and the <code>sandbox</code>
|
||||
option in <command>man nix.conf</command>.
|
||||
'';
|
||||
|
||||
home.preferXdgDirectories = mkEnableOption "" // {
|
||||
description = ''
|
||||
Whether to make programs use XDG directories whenever supported.
|
||||
|
@ -701,7 +709,7 @@ in
|
|||
)
|
||||
+ optionalString (!cfg.emptyActivationPath) "\${PATH:+:}$PATH";
|
||||
|
||||
activationScript = pkgs.writeShellScript "activation-script" ''
|
||||
activationScript = (pkgs.writeShellScript "activation-script" ''
|
||||
set -eu
|
||||
set -o pipefail
|
||||
|
||||
|
@ -718,9 +726,11 @@ in
|
|||
fi
|
||||
|
||||
${activationCmds}
|
||||
'';
|
||||
'').overrideAttrs (old: {
|
||||
__noChroot = cfg.buildEnvWithNoChroot;
|
||||
});
|
||||
in
|
||||
pkgs.runCommand
|
||||
(pkgs.runCommand
|
||||
"home-manager-generation"
|
||||
{
|
||||
preferLocalBuild = true;
|
||||
|
@ -742,9 +752,11 @@ in
|
|||
ln -s ${cfg.path} $out/home-path
|
||||
|
||||
${cfg.extraBuilderCommands}
|
||||
'';
|
||||
'').overrideAttrs (old: {
|
||||
__noChroot = cfg.buildEnvWithNoChroot;
|
||||
});
|
||||
|
||||
home.path = pkgs.buildEnv {
|
||||
home.path = (pkgs.buildEnv {
|
||||
name = "home-manager-path";
|
||||
|
||||
paths = cfg.packages;
|
||||
|
@ -755,6 +767,8 @@ in
|
|||
meta = {
|
||||
description = "Environment of packages installed through home-manager";
|
||||
};
|
||||
};
|
||||
}).overrideAttrs (old: {
|
||||
__noChroot = cfg.buildEnvWithNoChroot;
|
||||
});
|
||||
};
|
||||
}
|
||||
|
|
|
@ -4,11 +4,11 @@ with lib;
|
|||
|
||||
let
|
||||
homeDir = config.home.homeDirectory;
|
||||
fontsEnv = pkgs.buildEnv {
|
||||
fontsEnv = (pkgs.buildEnv {
|
||||
name = "home-manager-fonts";
|
||||
paths = config.home.packages;
|
||||
pathsToLink = "/share/fonts";
|
||||
};
|
||||
}).overrideAttrs (old: { __noChroot = config.home.buildEnvWithNoChroot; });
|
||||
fonts = "${fontsEnv}/share/fonts";
|
||||
installDir = "${homeDir}/Library/Fonts/HomeManager";
|
||||
in {
|
||||
|
|
|
@ -4,11 +4,12 @@
|
|||
config = lib.mkIf pkgs.stdenv.hostPlatform.isDarwin {
|
||||
# Install MacOS applications to the user environment.
|
||||
home.file."Applications/Home Manager Apps".source = let
|
||||
apps = pkgs.buildEnv {
|
||||
apps = (pkgs.buildEnv {
|
||||
name = "home-manager-applications";
|
||||
paths = config.home.packages;
|
||||
pathsToLink = "/Applications";
|
||||
};
|
||||
}).overrideAttrs
|
||||
(old: { __noChroot = config.home.buildEnvWithNoChroot; });
|
||||
in "${apps}/Applications";
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue