[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#42173: [PATCH 2/2] services: nix: Fix sandbox.
From: |
Ludovic Courtès |
Subject: |
bug#42173: [PATCH 2/2] services: nix: Fix sandbox. |
Date: |
Wed, 22 Jul 2020 12:34:45 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) |
Hi!
Oleg Pykhalov <go.wigust@gmail.com> skribis:
> * gnu/tests/package-management.scm: New file.
> * gnu/local.mk: Add this.
> * gnu/services/nix.scm (<nix-configuration>): New record.
> (nix-activation): Generate Nix config file.
> (nix-service-type): Add default value.
> (nix-shepherd-service): Allow provide Nix package.
> * doc/guix.texi (Miscellaneous Services)[Nix service]<nix-configuration>:
> Document record.
Nice! You can add a “Fixes” line too.
> +@item @code{build-sandbox-paths} (default: @code{'()})
> +This is a list of strings or objects appended to the
> +@code{build-sandbox-paths} field of the configuration file.
I’d use “files” or “items” instead of “paths”, for consistency.
> + (mkdir-p "/etc/nix")
> + (with-output-to-file "/etc/nix/nix.conf"
> + (lambda _
> + (format #t "sandbox = ~a~%" (if #$sandbox "true" "false"))
> + (format #t "build-sandbox-paths = ~{~a ~}~%"
> + (append (append-map (cut call-with-input-file <> read)
> + '#$(map references-file
> + (list package)))
> + '#$build-sandbox-paths))
> + (for-each (cut display <>) '#$extra-config))))))))
Here you’re adding the closure of Nix itself, which is a bit more than
needed I guess, but maybe it’s OK (perhaps with a comment explaining
that ‘config.nix’ captures store file names.)
Actually I thought this would have to be addressed in the ‘nix’ package
itself because this is where those store file names are captured. But
maybe it’s OK to do it in the service. WDYT?
> +(define* (run-nix-test name test-os)
> + "Run tests in %NIX-OS Guix operating system, which has nix-daemon running."
^
TEST-OS
> +(define %nix-os
Pretty fun. :-)
> +(define %test-nix
> + (system-test
> + (name "nix")
> + (description "Connect to a running nix-daemon")
> + (value (run-nix-test name %nix-os))))
Great that you were able to write a test for that!
Thanks,
Ludo’.
- bug#42173: Nix on Guix System: can't update channels, (continued)
- bug#42173: Nix on Guix System: can't update channels, Ludovic Courtès, 2020/07/13
- bug#42173: Nix on Guix System: can't update channels, Zhu Zihao via web, 2020/07/15
- bug#42173: Nix on Guix System: can't update channels, Ludovic Courtès, 2020/07/16
- bug#42173: Nix on Guix System: can't update channels, Ludovic Courtès, 2020/07/21
- bug#42173: [PATCH 1/2] services: base: Export references-file., Oleg Pykhalov, 2020/07/22
- bug#42173: [PATCH 2/2] services: nix: Fix sandbox., Oleg Pykhalov, 2020/07/22
- bug#42173: [PATCH 2/2] services: nix: Fix sandbox.,
Ludovic Courtès <=
- bug#42173: [PATCH 2/2] services: nix: Fix sandbox., Oleg Pykhalov, 2020/07/22
bug#42173: Nix on Guix System: can't update channels, Zhu Zihao via web, 2020/07/21