Loading nixos/modules/system/boot/binfmt.nix +8 −3 Original line number Diff line number Diff line Loading @@ -262,7 +262,9 @@ in interpreter = mkDefault interpreterReg; fixBinary = mkDefault useStaticEmulator; wrapInterpreterInShell = mkDefault (!config.preserveArgvZero && !config.fixBinary); interpreterSandboxPath = mkDefault (dirOf (dirOf config.interpreter)); interpreterSandboxPath = mkDefault ( if config.fixBinary then null else dirOf (dirOf config.interpreter) ); } // (magics.${system} or (throw "Cannot create binfmt registration for system ${system}")) ); Loading @@ -276,10 +278,13 @@ in let ruleFor = system: cfg.registrations.${system}; hasWrappedRule = lib.any (system: (ruleFor system).wrapInterpreterInShell) cfg.emulatedSystems; allFixBinary = lib.all (system: (ruleFor system).fixBinary) cfg.emulatedSystems; in [ "/run/binfmt" ] lib.optional (!allFixBinary) "/run/binfmt" ++ lib.optional hasWrappedRule "${pkgs.bash}" ++ (map (system: (ruleFor system).interpreterSandboxPath) cfg.emulatedSystems); ++ lib.filter (x: x != null) ( map (system: (ruleFor system).interpreterSandboxPath) cfg.emulatedSystems ); }; environment.etc."binfmt.d/nixos.conf".source = builtins.toFile "binfmt_nixos.conf" ( Loading nixos/tests/systemd-binfmt.nix +13 −1 Original line number Diff line number Diff line Loading @@ -103,7 +103,12 @@ in chroot = makeTest { name = "systemd-binfmt-chroot"; nodes.machine = { pkgs, lib, ... }: { pkgs, lib, config, ... }: { boot.binfmt.emulatedSystems = [ "aarch64-linux" Loading @@ -121,6 +126,13 @@ in echo 42 | chroot /tmp/chroot /yaml2json | grep 42 '') ]; assertions = [ { assertion = config.nix.settings.extra-sandbox-paths == [ ]; message = "Using binfmt_misc with static emulators, nix.settings.extra-sandbox-paths should be empty"; } ]; }; testScript = '' machine.start() Loading Loading
nixos/modules/system/boot/binfmt.nix +8 −3 Original line number Diff line number Diff line Loading @@ -262,7 +262,9 @@ in interpreter = mkDefault interpreterReg; fixBinary = mkDefault useStaticEmulator; wrapInterpreterInShell = mkDefault (!config.preserveArgvZero && !config.fixBinary); interpreterSandboxPath = mkDefault (dirOf (dirOf config.interpreter)); interpreterSandboxPath = mkDefault ( if config.fixBinary then null else dirOf (dirOf config.interpreter) ); } // (magics.${system} or (throw "Cannot create binfmt registration for system ${system}")) ); Loading @@ -276,10 +278,13 @@ in let ruleFor = system: cfg.registrations.${system}; hasWrappedRule = lib.any (system: (ruleFor system).wrapInterpreterInShell) cfg.emulatedSystems; allFixBinary = lib.all (system: (ruleFor system).fixBinary) cfg.emulatedSystems; in [ "/run/binfmt" ] lib.optional (!allFixBinary) "/run/binfmt" ++ lib.optional hasWrappedRule "${pkgs.bash}" ++ (map (system: (ruleFor system).interpreterSandboxPath) cfg.emulatedSystems); ++ lib.filter (x: x != null) ( map (system: (ruleFor system).interpreterSandboxPath) cfg.emulatedSystems ); }; environment.etc."binfmt.d/nixos.conf".source = builtins.toFile "binfmt_nixos.conf" ( Loading
nixos/tests/systemd-binfmt.nix +13 −1 Original line number Diff line number Diff line Loading @@ -103,7 +103,12 @@ in chroot = makeTest { name = "systemd-binfmt-chroot"; nodes.machine = { pkgs, lib, ... }: { pkgs, lib, config, ... }: { boot.binfmt.emulatedSystems = [ "aarch64-linux" Loading @@ -121,6 +126,13 @@ in echo 42 | chroot /tmp/chroot /yaml2json | grep 42 '') ]; assertions = [ { assertion = config.nix.settings.extra-sandbox-paths == [ ]; message = "Using binfmt_misc with static emulators, nix.settings.extra-sandbox-paths should be empty"; } ]; }; testScript = '' machine.start() Loading
