diff --git a/default.nix b/default.nix index b8f4def..2633a0f 100644 --- a/default.nix +++ b/default.nix @@ -113,7 +113,8 @@ let # user specified location for program files and nix store [ -z "\$NP_LOCATION" ] && NP_LOCATION="\$HOME" dir="\$NP_LOCATION/.nix-portable" - mkdir -p \$dir/bin + # create /nix/var/nix to prevent nix from falling back to chroot store. + mkdir -p \$dir/{bin,var/nix/var} # santize the tmpbin directory rm -rf "\$dir/tmpbin" # create a directory to hold executable symlinks for overriding @@ -321,7 +322,7 @@ let NP_RUNTIME=proot fi else - debug "runtime selected via NP_RUNTIME : \$NP_RUNTIME" + debug "runtime selected via NP_RUNTIME: \$NP_RUNTIME" fi if [ "\$NP_RUNTIME" == "bwrap" ]; then collectBinds @@ -339,7 +340,7 @@ let run="\$NP_PROOT \$PROOT_ARGS\\ -r \$dir/emptyroot\\ -b /dev:/dev\\ - -b \$dir/store:/nix/store\\ + -b \$dir:/nix\\ \$binds" # -b \$dir/busybox/bin/busybox:/bin/sh\\ fi diff --git a/flake.lock b/flake.lock index 511f8bb..2fecab0 100644 --- a/flake.lock +++ b/flake.lock @@ -2,16 +2,16 @@ "nodes": { "defaultChannel": { "locked": { - "lastModified": 1635350005, - "narHash": "sha256-tAMJnUwfaDEB2aa31jGcu7R7bzGELM9noc91L2PbVjg=", + "lastModified": 1677179781, + "narHash": "sha256-+peLp16ruWLuTFHo0ZUbLlS1/meS/+RsWQQ9bUAzOh8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1c1f5649bb9c1b0d98637c8c365228f57126f361", + "rev": "50c23cd4ff6c8344e0b4d438b027b3afabfe58dd", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "nixos-20.09", + "ref": "nixos-22.11", "type": "indirect" } }, @@ -34,44 +34,62 @@ "nix": { "inputs": { "lowdown-src": "lowdown-src", - "nixpkgs": [ - "nixpkgs" - ] + "nixpkgs": "nixpkgs", + "nixpkgs-regression": "nixpkgs-regression" }, "locked": { - "lastModified": 1639739069, - "narHash": "sha256-GOsiqy9EaTwDn2PLZ4eFj1VkXcBUbqrqHehRE9GuGdU=", + "lastModified": 1674678482, + "narHash": "sha256-MtVatZVsV+dtjdD4AC4bztrnDFas+WZYHzQMt41FwzU=", "owner": "NixOS", "repo": "nix", - "rev": "b4f250417ab64f237c8b51439fe1f427193ab23b", + "rev": "435a16b5556f4171b4204a3f65c9dedf215f168c", "type": "github" }, "original": { "id": "nix", - "ref": "2.5.1", + "ref": "2.13.2", "type": "indirect" } }, "nixpkgs": { "locked": { - "lastModified": 1642798845, - "narHash": "sha256-1g1X3wKmroGix68OXwb4gR1yXKPQ36apI1dssd/YbuM=", + "lastModified": 1677203921, + "narHash": "sha256-T6Oy48mBDhKKXn7nrt/Frtg4mDvjjg81A4jFr4GJTvs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e84444b14cc75a4be17b58fd2c344f47dddf084e", + "rev": "6a54ea90f1e0a3422fb0ba49694d977c9b430af3", "type": "github" }, "original": { - "id": "nixpkgs", - "ref": "nixos-21.11", - "type": "indirect" + "owner": "NixOS", + "ref": "nixos-22.11-small", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-regression": { + "locked": { + "lastModified": 1643052045, + "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" } }, "root": { "inputs": { "defaultChannel": "defaultChannel", "nix": "nix", - "nixpkgs": "nixpkgs" + "nixpkgs": [ + "defaultChannel" + ] } } }, diff --git a/flake.nix b/flake.nix index 3de884a..ec8da0f 100644 --- a/flake.nix +++ b/flake.nix @@ -1,15 +1,14 @@ { inputs = { - nixpkgs.url = "nixpkgs/nixos-21.11"; + nixpkgs.follows = "defaultChannel"; # the nixpkgs version shipped with the nix-portable executable # TODO: find out why updating this leads to error when building pkgs.hello: # Error: checking whether build environment is sane... ls: cannot access './configure': No such file or directory - defaultChannel.url = "nixpkgs/nixos-20.09"; + defaultChannel.url = "nixpkgs/nixos-22.11"; - nix.url = "nix/2.5.1"; - nix.inputs.nixpkgs.follows = "nixpkgs"; + nix.url = "nix/2.13.2"; }; outputs = { self, ... }@inp: @@ -29,12 +28,26 @@ testImages = { arch = { system = "x86_64-linux"; - url = "https://mirror.pkgbuild.com/images/v20211201.40458/Arch-Linux-x86_64-basic-20211201.40458.qcow2"; - sha256 = "0xxhb92rn2kskq9pvfmbf9h6fy75x4czl58rfq5969kbbb49yn19"; + url = "https://mirror.pkgbuild.com/images/v20230215.126932/Arch-Linux-x86_64-basic.qcow2"; + sha256 = "1967805y11fi8bcaxanxj2ih0qyzfrkarmbid7w0nl99qyqp07ml"; extraVirtCustomizeCommands = [ "--run-command 'systemctl disable pacman-init'" - "--run-command 'systemctl disable reflector-init'" ]; + # TODO: fix issue with proot + # hello> unpacking sources + # hello> unpacking source archive /nix/store/pa10z4ngm0g83kx9mssrqzz30s84vq7k-hello-2.12.1.tar.gz + # hello> source root is hello-2.12.1 + # hello> setting SOURCE_DATE_EPOCH to timestamp 1653865426 of file hello-2.12.1/ChangeLog + # hello> patching sources + # hello> configuring + # hello> no configure script, doing nothing + # hello> building + # hello> build flags: SHELL=/nix/store/zcla0ljiwpg5w8pvfagfjq1y2vasfix5-bash-5.1-p16/bin/bash + # hello> There seems to be no Makefile in this directory. + # hello> You must run ./configure before running 'make'. + # hello> make: *** [GNUmakefile:108: abort-due-to-no-makefile] Error 1 + # error: builder for '/nix/store/2rymqf3xf6qknxvpbc46jssnli8xsskg-hello-2.12.1.drv' failed with exit code 2 + excludeRuntimes = [ "proot" ]; }; centos7 = { system = "x86_64-linux"; @@ -62,6 +75,8 @@ system = "x86_64-linux"; modules = [(import ./testing/nixos-iso.nix)]; }).config.system.build.isoImage) + "/iso/nixos.iso"; + # TODO: fix issue with proot. Same as described above under `arch`. + excludeRuntimes = [ "proot" ]; }; ubuntu = { system = "x86_64-linux"; @@ -99,7 +114,7 @@ "nix-shell -p hello --run hello" ]; - varyCommands = anyStr: forEach commandsToTest (cmd: replaceStrings [ "_var_" ] [ anyStr ] cmd); + modCommand = anyStr: forEach commandsToTest (cmd: replaceStrings [ "_var_" ] [ anyStr ] cmd); nixPortableForSystem = { system, crossSystem ? null, }: let @@ -142,7 +157,7 @@ pkgs.mkShell { buildInputs = with pkgs; [ bashInteractive - libguestfs-with-appliance + guestfs-tools parallel proot qemu @@ -171,6 +186,15 @@ "qemu-kvm" else "qemu-system-${lib.head (lib.splitString "-" system)}"; + mkCmd = runtime: cmd': let + cmd = replaceStrings [''"''] [''\"''] cmd'; + vars = "NP_RUNTIME=${runtime} NP_DEBUG=$NP_DEBUG NP_MINIMAL=$NP_MINIMAL NP_LOCATION=/np_tmp"; + in '' + echo -e "\ntesting cmd: ${cmd}" + $ssh "${vars} /home/test/nix-portable ${cmd}" + ''; + testCommands = runtime: + concatStringsSep "\n" (map (mkCmd runtime) (modCommand runtime)); in nameValuePair "job-qemu-${os}${optionalString debug "-debug"}" @@ -200,7 +224,7 @@ cat $img > /tmp/${os}-img if [[ "${os}" != nixos* ]]; then - ${pkgs.libguestfs-with-appliance}/bin/virt-customize -a /tmp/${os}-img \ + ${pkgs.guestfs-tools}/bin/virt-customize -a /tmp/${os}-img \ --firstboot ${pkgs.writeScript "firstboot" "#!/usr/bin/env bash \nuseradd test && mkdir -p /home/test && chown test.test /home/test; ssh-keygen -A"} \ --ssh-inject root:file:$pubKey \ ${concatStringsSep " " (testImages."${os}".extraVirtCustomizeCommands or [])} \ @@ -254,13 +278,13 @@ # test some nix commands NP_DEBUG=''${NP_DEBUG:-1} - ${concatStringsSep "\n\n" (forEach runtimes (runtime: - concatStringsSep "\n" (map (cmd: - ''$ssh "NP_RUNTIME=${runtime} NP_DEBUG=$NP_DEBUG NP_MINIMAL=$NP_MINIMAL NP_LOCATION=/np_tmp /home/test/nix-portable ${replaceStrings [''"''] [''\"''] cmd} " '' - ) (varyCommands runtime)) - ))} + ${concatStringsSep "\n\n" (forEach runtimes testCommands)} echo "all tests succeeded" + + ${optionalString (! debug) '' + timeout 3 $sshRoot "echo o > /proc/sysrq-trigger" || : + ''} ''); } ) testImages; diff --git a/testing/qemu-efi.nix b/testing/qemu-efi.nix index a8ece87..ed8cbca 100644 --- a/testing/qemu-efi.nix +++ b/testing/qemu-efi.nix @@ -8,8 +8,8 @@ let qemu-efi-gz = fetchurl { - url = "http://snapshots.linaro.org/components/kernel/leg-virt-tianocore-edk2-upstream/4443/QEMU-AARCH64/RELEASE_GCC5/QEMU_EFI.img.gz"; - sha256 = "sha256-bOO6bsiwHaf39TWdkxOYWOw9p+/EzCkZLzi5YQPZTLY="; + url = "http://snapshots.linaro.org/components/kernel/leg-virt-tianocore-edk2-upstream/4801/QEMU-AARCH64/RELEASE_GCC5/QEMU_EFI.img.gz"; + sha256 = "sha256-Rfio8FtcXrVslz+W6BsSV0xHvxwHLfqGhJMs2Kc3B30="; }; in