Merge pull request #34677 from dtzWill/feature/busybox-sandbox-shell
busybox-sandbox-shell: extract basic shell to new attribute
This commit is contained in:
Jörg Thalheim
GitHub
commit
5b247f741d
26
pkgs/os-specific/linux/busybox/sandbox-shell.nix
Normal file
26
pkgs/os-specific/linux/busybox/sandbox-shell.nix
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
{ busybox }:
|
||||||
|
|
||||||
|
# Minimal shell for use as basic /bin/sh in sandbox builds
|
||||||
|
busybox.override {
|
||||||
|
useMusl = true;
|
||||||
|
enableStatic = true;
|
||||||
|
enableMinimal = true;
|
||||||
|
extraConfig = ''
|
||||||
|
CONFIG_FEATURE_FANCY_ECHO y
|
||||||
|
CONFIG_FEATURE_SH_MATH y
|
||||||
|
CONFIG_FEATURE_SH_MATH_64 y
|
||||||
|
|
||||||
|
CONFIG_ASH y
|
||||||
|
CONFIG_ASH_OPTIMIZE_FOR_SIZE y
|
||||||
|
|
||||||
|
CONFIG_ASH_ALIAS y
|
||||||
|
CONFIG_ASH_BASH_COMPAT y
|
||||||
|
CONFIG_ASH_CMDCMD y
|
||||||
|
CONFIG_ASH_ECHO y
|
||||||
|
CONFIG_ASH_GETOPTS y
|
||||||
|
CONFIG_ASH_INTERNAL_GLOB y
|
||||||
|
CONFIG_ASH_JOB_CONTROL y
|
||||||
|
CONFIG_ASH_PRINTF y
|
||||||
|
CONFIG_ASH_TEST y
|
||||||
|
'';
|
||||||
|
}
|
||||||
@ -1,7 +1,7 @@
|
|||||||
{ lib, stdenv, fetchurl, fetchFromGitHub, perl, curl, bzip2, sqlite, openssl ? null, xz
|
{ lib, stdenv, fetchurl, fetchFromGitHub, perl, curl, bzip2, sqlite, openssl ? null, xz
|
||||||
, pkgconfig, boehmgc, perlPackages, libsodium, aws-sdk-cpp, brotli
|
, pkgconfig, boehmgc, perlPackages, libsodium, aws-sdk-cpp, brotli
|
||||||
, autoreconfHook, autoconf-archive, bison, flex, libxml2, libxslt, docbook5, docbook5_xsl
|
, autoreconfHook, autoconf-archive, bison, flex, libxml2, libxslt, docbook5, docbook5_xsl
|
||||||
, libseccomp, busybox
|
, libseccomp, busybox-sandbox-shell
|
||||||
, hostPlatform
|
, hostPlatform
|
||||||
, storeDir ? "/nix/store"
|
, storeDir ? "/nix/store"
|
||||||
, stateDir ? "/nix/var"
|
, stateDir ? "/nix/var"
|
||||||
@ -10,29 +10,7 @@
|
|||||||
|
|
||||||
let
|
let
|
||||||
|
|
||||||
sh = busybox.override {
|
sh = busybox-sandbox-shell;
|
||||||
useMusl = true;
|
|
||||||
enableStatic = true;
|
|
||||||
enableMinimal = true;
|
|
||||||
extraConfig = ''
|
|
||||||
CONFIG_FEATURE_FANCY_ECHO y
|
|
||||||
CONFIG_FEATURE_SH_MATH y
|
|
||||||
CONFIG_FEATURE_SH_MATH_64 y
|
|
||||||
|
|
||||||
CONFIG_ASH y
|
|
||||||
CONFIG_ASH_OPTIMIZE_FOR_SIZE y
|
|
||||||
|
|
||||||
CONFIG_ASH_ALIAS y
|
|
||||||
CONFIG_ASH_BASH_COMPAT y
|
|
||||||
CONFIG_ASH_CMDCMD y
|
|
||||||
CONFIG_ASH_ECHO y
|
|
||||||
CONFIG_ASH_GETOPTS y
|
|
||||||
CONFIG_ASH_INTERNAL_GLOB y
|
|
||||||
CONFIG_ASH_JOB_CONTROL y
|
|
||||||
CONFIG_ASH_PRINTF y
|
|
||||||
CONFIG_ASH_TEST y
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
common = { name, suffix ? "", src, fromGit ? false }: stdenv.mkDerivation rec {
|
common = { name, suffix ? "", src, fromGit ? false }: stdenv.mkDerivation rec {
|
||||||
inherit name src;
|
inherit name src;
|
||||||
|
|||||||
@ -12610,6 +12610,7 @@ with pkgs;
|
|||||||
bridge-utils = callPackage ../os-specific/linux/bridge-utils { };
|
bridge-utils = callPackage ../os-specific/linux/bridge-utils { };
|
||||||
|
|
||||||
busybox = callPackage ../os-specific/linux/busybox { };
|
busybox = callPackage ../os-specific/linux/busybox { };
|
||||||
|
busybox-sandbox-shell = callPackage ../os-specific/linux/busybox/sandbox-shell.nix { };
|
||||||
|
|
||||||
cachefilesd = callPackage ../os-specific/linux/cachefilesd { };
|
cachefilesd = callPackage ../os-specific/linux/cachefilesd { };
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user