mkosi: make mkosi-sandbox work with tools trees (#497144) (01fcaaa0) · Commits · nix / nixpkgs

pkgs/by-name/mk/mkosi/0001-Use-wrapped-binaries-instead-of-Python-interpreter.patch

+26 −18

Original line number	Diff line number	Diff line
		@@ -7,13 +7,13 @@ Rather than calling ukify and mkosi with sys.executable, which doesn't use the P

		Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
		---
		mkosi/__init__.py \| 17 +++++++----------
		mkosi/__init__.py \| 21 +++++++++++----------
		mkosi/bootloader.py \| 3 +--
		mkosi/run.py \| 6 +++---
		3 files changed, 11 insertions(+), 15 deletions(-)
		mkosi/run.py \| 10 +++++++---
		3 files changed, 19 insertions(+), 15 deletions(-)

		diff --git a/mkosi/__init__.py b/mkosi/__init__.py
		index f4766ae71244a21caa5bcbf5b5376f617c706b33..8f85f923b41feaa7716ae409cc2e983a73579ea8 100644
		index f4766ae71244a21caa5bcbf5b5376f617c706b33..e022c2e2e3ea267a78c69c219890572652e3f350 100644
		--- a/mkosi/__init__.py
		+++ b/mkosi/__init__.py
		@@ -613,7 +613,7 @@ def finalize_host_scripts(
		@@ -25,16 +25,20 @@ index f4766ae71244a21caa5bcbf5b5376f617c706b33..8f85f923b41feaa7716ae409cc2e983a
		return finalize_scripts(context.config, scripts \| dict(helpers))


		@@ -755,7 +755,7 @@ def script_maybe_chroot_sandbox(
		@@ -755,7 +755,11 @@ def script_maybe_chroot_sandbox(

		helpers = {
		"mkosi-chroot": [
		- finalize_interpreter(bool(context.config.tools_tree)), "-SI", "/sandbox.py",
		+ @MKOSI_SANDBOX@,
		+ *(
		+ ["@MKOSI_SANDBOX@"]
		+ if not bool(context.config.tools_tree)
		+ else [finalize_interpreter(bool(context.config.tools_tree)), "-SI", "/sandbox.py"]
		+ ),
		"--bind", "/buildroot", "/",
		"--bind", "/var/tmp", "/var/tmp",
		*apivfs_options(root=Path("/")),
		@@ -1587,7 +1587,7 @@ def run_ukify(
		@@ -1587,7 +1591,7 @@ def run_ukify(
		sign: bool = True,
		json_out: bool = False,
		) -> dict[str, Any]:
		@@ -43,7 +47,7 @@ index f4766ae71244a21caa5bcbf5b5376f617c706b33..8f85f923b41feaa7716ae409cc2e983a
		if not ukify:
		die("Could not find ukify")

		@@ -1599,7 +1599,6 @@ def run_ukify(
		@@ -1599,7 +1603,6 @@ def run_ukify(
		(context.workspace / "cmdline").write_text(f"{' '.join(cmdline)}\x00")

		cmd = [
		@@ -51,7 +55,7 @@ index f4766ae71244a21caa5bcbf5b5376f617c706b33..8f85f923b41feaa7716ae409cc2e983a
		ukify,
		"build",
		*arguments,
		@@ -1694,7 +1693,7 @@ def build_uki(
		@@ -1694,7 +1697,7 @@ def build_uki(
		profiles: Sequence[Path],
		output: Path,
		) -> dict[str, Any]:
		@@ -60,7 +64,7 @@ index f4766ae71244a21caa5bcbf5b5376f617c706b33..8f85f923b41feaa7716ae409cc2e983a
		die("Could not find ukify")

		json_out = False
		@@ -1755,7 +1754,6 @@ def build_uki(
		@@ -1755,7 +1758,6 @@ def build_uki(

		if (
		systemd_tool_version(
		@@ -68,7 +72,7 @@ index f4766ae71244a21caa5bcbf5b5376f617c706b33..8f85f923b41feaa7716ae409cc2e983a
		ukify,
		sandbox=context.sandbox,
		)
		@@ -1815,7 +1813,6 @@ def build_uki(
		@@ -1815,7 +1817,6 @@ def build_uki(
		# new .ucode section support?
		if (
		systemd_tool_version(
		@@ -76,7 +80,7 @@ index f4766ae71244a21caa5bcbf5b5376f617c706b33..8f85f923b41feaa7716ae409cc2e983a
		ukify,
		sandbox=context.sandbox,
		)
		@@ -1883,7 +1880,7 @@ def want_uki(context: Context) -> bool:
		@@ -1883,7 +1884,7 @@ def want_uki(context: Context) -> bool:
		or (
		context.config.unified_kernel_images == UnifiedKernelImage.auto
		and systemd_stub_binary(context).exists()
		@@ -85,7 +89,7 @@ index f4766ae71244a21caa5bcbf5b5376f617c706b33..8f85f923b41feaa7716ae409cc2e983a
		)
		)

		@@ -2799,9 +2796,9 @@ def check_ukify(
		@@ -2799,9 +2800,9 @@ def check_ukify(
		reason: str,
		hint: Optional[str] = None,
		) -> None:
		@@ -112,19 +116,23 @@ index 7d434bb4776980c6fa58ae8f7795f3ffc319baeb..8960a6d17d153b06b029f9072a464a12

		def extract_pe_section(context: Context, binary: Path, section: str, output: Path) -> Path:
		diff --git a/mkosi/run.py b/mkosi/run.py
		index 159b75c1af1b5d84e409426e566e098571086c8e..7ade34fc6a9d53e010f5f45cce53a9c92407f49d 100644
		index 159b75c1af1b5d84e409426e566e098571086c8e..68572039cbeddcb1c32ffc1e2ba34c91dede52b0 100644
		--- a/mkosi/run.py
		+++ b/mkosi/run.py
		@@ -238,7 +238,7 @@ def spawn(
		@@ -238,7 +238,11 @@ def spawn(
		module = stack.enter_context(resource_path(sys.modules[__package__ or __name__]))
		prefix = [
		*(["strace", "--detach-on=execve", "--string-limit=256"] if ARG_DEBUG_SANDBOX.get() else []),
		- sys.executable, "-SI", os.fspath(module / "sandbox.py"),
		+ @MKOSI_SANDBOX@,
		+ *(
		+ ["@MKOSI_SANDBOX@"]
		+ if os.path.exists("@MKOSI_SANDBOX@")
		+ else [sys.executable, "-SI", os.fspath(module / "sandbox.py")]
		+ ),
		*sbx,
		] # fmt: skip

		@@ -321,7 +321,7 @@ def finalize_path(
		@@ -321,7 +325,7 @@ def finalize_path(
		# Make sure that /usr/bin and /usr/sbin are always in $PATH.
		path += [s for s in ("/usr/bin", "/usr/sbin") if s not in path]
		else:
		@@ -133,7 +141,7 @@ index 159b75c1af1b5d84e409426e566e098571086c8e..7ade34fc6a9d53e010f5f45cce53a9c9

		if prefix_usr:
		path = [os.fspath(root / s.lstrip("/")) if s in ("/usr/bin", "/usr/sbin") else s for s in path]
		@@ -690,7 +690,7 @@ def chroot_options() -> list[PathString]:
		@@ -690,7 +694,7 @@ def chroot_options() -> list[PathString]:
		"--unshare-ipc",
		"--setenv", "container", "mkosi",
		"--setenv", "HOME", "/",

pkgs/by-name/mk/mkosi/package.nix

+1 −1

Original line number	Diff line number	Diff line
		@@ -94,7 +94,7 @@ python3Packages.buildPythonApplication (finalAttrs: {
		postPatch = ''
		# As we need the $out reference, we can't use `replaceVars` here.
		substituteInPlace mkosi/{run,__init__}.py \
		--replace-fail '@MKOSI_SANDBOX@' "\"$out/bin/mkosi-sandbox\""
		--replace-fail '@MKOSI_SANDBOX@' "$out/bin/mkosi-sandbox"
		'';

		nativeBuildInputs = [

Admin message