[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
16/19: build-derivations: Leaked environment variables more robust.
From: |
guix-commits |
Subject: |
16/19: build-derivations: Leaked environment variables more robust. |
Date: |
Tue, 29 Jan 2019 14:19:51 -0500 (EST) |
reepca pushed a commit to branch guile-daemon
in repository guix.
commit 9fa70add848b8554e0b835d78ec3d16b4d946d7c
Author: Caleb Ristvedt <address@hidden>
Date: Wed Aug 16 10:42:29 2017 -0500
build-derivations: Leaked environment variables more robust.
* guix/store/build-derivations.scm:
(build-environment-vars): don't include unset leaked environment variables
in the return value.
(maybe-use-builtin): set builder environment variables here too.
---
guix/store/build-derivations.scm | 22 ++++++++++++++++------
1 file changed, 16 insertions(+), 6 deletions(-)
diff --git a/guix/store/build-derivations.scm b/guix/store/build-derivations.scm
index 4d7f9d0..264e028 100644
--- a/guix/store/build-derivations.scm
+++ b/guix/store/build-derivations.scm
@@ -177,9 +177,11 @@ environment variable that should be set during the build
execution."
'(("NIX_OUTPUT_CHECKED" . "1"))
'())
(if leaked-vars
- (map (lambda (leaked-var)
- (cons leaked-var (getenv leaked-var)))
- leaked-vars)
+ ;; leaked vars might not be defined.
+ (filter cdr
+ (map (lambda (leaked-var)
+ (cons leaked-var (getenv leaked-var)))
+ leaked-vars))
'())
(derivation-builder-environment-vars drv))))
@@ -382,7 +384,7 @@ environment variables and bind-mounting the listed files.
Importantly, this
assumes that it is in a separate namespace at this point."
;; warning: the order in which a lot of this happens is significant and
;; partially based on guesswork / copying what the c++ does.
- ;(setsid)
+ (setsid)
(add-core-files build-environment)
;; local communication within the build environment should still be
;; possible.
@@ -524,7 +526,15 @@ builtin builder for DRV or it failed."
(let ((builder (hash-ref builtins
(derivation-builder drv))))
(if builder
- (builder drv)
+ (begin
+ ;; strip-store-file-name from (guix build utils), used by
+ ;; perform-download indirectly, doesn't honor %store-directory. So
+ ;; we have to set it here. ¯\_(ツ)_/¯
+ (environ (map (match-lambda
+ ((key . val)
+ (string-append key "=" val)))
+ (build-environment-vars drv "/tmp")))
+ (builder drv))
#f)))
@@ -748,7 +758,6 @@ nar, and the length of the nar."
;; of those as long as we know which references to be looking for.
;;~/Programming/guix/test-tmp/store/3zazs4zzhv0iw4xw0bi0im0wi55cl4gv-hello-2.10.drv
(define (do-derivation-build drv)
- (format #t "Starting build of derivation ~a~%~%" drv)
;; inputs should all exist as of now
(let-values (((build-env store-inputs)
(prepare-build-environment drv
@@ -776,6 +785,7 @@ even if its outputs already exist."
;; Inputs need to exist regardless of how we're getting the outputs of this
;; derivation.
(ensure-input-outputs-exist (derivation-inputs drv))
+ (format #t "Starting build of derivation ~a~%~%" drv)
(let ((output-specs
(or (attempt-substitute drv)
(maybe-use-builtin drv)
- 01/19: patches: honor NIX_STORE in site.py., (continued)
- 01/19: patches: honor NIX_STORE in site.py., guix-commits, 2019/01/29
- 04/19: .dir-locals.el: properly indent sql macros., guix-commits, 2019/01/29
- 08/19: guix: register-path: do deduplication., guix-commits, 2019/01/29
- 12/19: linux-container: new use-output argument., guix-commits, 2019/01/29
- 02/19: guix: register-path: Implement prototype in scheme., guix-commits, 2019/01/29
- 05/19: guix: sql.scm: split into generic and store-specific parts., guix-commits, 2019/01/29
- 09/19: guix: register-path: return #t on success., guix-commits, 2019/01/29
- 03/19: guix: register-path: Honor environment variables., guix-commits, 2019/01/29
- 06/19: guix: register-path: use new %store-database-directory, guix-commits, 2019/01/29
- 10/19: guix: register-path: use new %store-database-directory, guix-commits, 2019/01/29
- 16/19: build-derivations: Leaked environment variables more robust.,
guix-commits <=
- 19/19: gnu: linux-container: Make it more suitable for derivation-building., guix-commits, 2019/01/29
- 17/19: guix: store: Make register-items transactional, register drv outputs, guix-commits, 2019/01/29
- 14/19: build-derivations: initial build-group support, guix-commits, 2019/01/29
- 15/19: linux-container: don't include /dev/ptmx or /dev/pts from host., guix-commits, 2019/01/29
- 13/19: build-derivations: use call-with-container, guix-commits, 2019/01/29
- 18/19: guix: store: Adapt to using register-items instead of register-path., guix-commits, 2019/01/29
- 11/19: guix/store/build-derivations.scm: new module., guix-commits, 2019/01/29