Unverified Commit 445ef285 authored by Atemu's avatar Atemu Committed by GitHub
Browse files

Merge pull request #225748 from Atemu/buildFHSEnvBubblewrap-by-default 

buildFHSEnv: use bubblewrap by default
parents 327a9c55 d978b588

doc/builders/special/fhs-environments.section.md

+3 −3
Original line number Diff line number Diff line 
# buildFHSUserEnv {#sec-fhs-environments}

# buildFHSEnv {#sec-fhs-environments}



`buildFHSUserEnv` provides a way to build and run FHS-compatible lightweight sandboxes. It creates an isolated root with bound `/nix/store`, so its footprint in terms of disk space needed is quite small. This allows one to run software which is hard or unfeasible to patch for NixOS -- 3rd-party source trees with FHS assumptions, games distributed as tarballs, software with integrity checking and/or external self-updated binaries. It uses Linux namespaces feature to create temporary lightweight environments which are destroyed after all child processes exit, without root user rights requirement. Accepted arguments are:

`buildFHSEnv` provides a way to build and run FHS-compatible lightweight sandboxes. It creates an isolated root with bound `/nix/store`, so its footprint in terms of disk space needed is quite small. This allows one to run software which is hard or unfeasible to patch for NixOS -- 3rd-party source trees with FHS assumptions, games distributed as tarballs, software with integrity checking and/or external self-updated binaries. It uses Linux namespaces feature to create temporary lightweight environments which are destroyed after all child processes exit, without root user rights requirement. Accepted arguments are:



- `name`

        Environment name.
@@ -26,7 +26,7 @@ One can create a simple environment using a `shell.nix` like that: 
```nix

{ pkgs ? import <nixpkgs> {} }:



(pkgs.buildFHSUserEnv {

(pkgs.buildFHSEnv {

  name = "simple-x11-env";

  targetPkgs = pkgs: (with pkgs;

    [ udev

nixos/doc/manual/configuration/adding-custom-packages.section.md

+1 −1
Original line number Diff line number Diff line
@@ -94,6 +94,6 @@ environment.systemPackages = [ pkgs.appimage-run ]; 
Then instead of running the AppImage "as-is", run `appimage-run foo.appimage`.



To make other pre-built executables work on NixOS, you need to package them

with Nix and special helpers like `autoPatchelfHook` or `buildFHSUserEnv`. See

with Nix and special helpers like `autoPatchelfHook` or `buildFHSEnv`. See

the [Nixpkgs manual](https://nixos.org/nixpkgs/manual) for details. This

is complex and often doing a source build is easier.

nixos/modules/services/computing/boinc/client.nix

+1 −1
Original line number Diff line number Diff line
@@ -6,7 +6,7 @@ let 
  cfg = config.services.boinc;

  allowRemoteGuiRpcFlag = optionalString cfg.allowRemoteGuiRpc "--allow_remote_gui_rpc";



  fhsEnv = pkgs.buildFHSUserEnv {

  fhsEnv = pkgs.buildFHSEnv {

    name = "boinc-fhs-env";

    targetPkgs = pkgs': [ cfg.package ] ++ cfg.extraEnvPackages;

    runScript = "/bin/boinc_client";

pkgs/applications/blockchains/sparrow/fhsenv.nix

+2 −2
Original line number Diff line number Diff line 
{ lib

, buildFHSUserEnv

, buildFHSEnv

, sparrow-unwrapped

}:



buildFHSUserEnv {

buildFHSEnv {

  name = "sparrow";



  runScript = "${sparrow-unwrapped}/bin/sparrow";

pkgs/applications/editors/android-studio/common.nix

+2 −2
Original line number Diff line number Diff line
@@ -2,7 +2,7 @@ 


{ alsa-lib

, bash

, buildFHSUserEnv

, buildFHSEnv

, cacert

, coreutils

, dbus
@@ -178,7 +178,7 @@ let 
  # Android Studio downloads prebuilt binaries as part of the SDK. These tools

  # (e.g. `mksdcard`) have `/lib/ld-linux.so.2` set as the interpreter. An FHS

  # environment is used as a work around for that.

  fhsEnv = buildFHSUserEnv {

  fhsEnv = buildFHSEnv {

    name = "${drvName}-fhs-env";

    multiPkgs = pkgs: [

      ncurses5