bug#42173: [PATCH 2/2] services: nix: Fix sandbox.

unofficial mirror of bug-guix@gnu.org 
 help / color / mirror / code / Atom feed

From: "Ludovic Courtès" <ludo@gnu.org>
To: Oleg Pykhalov <go.wigust@gmail.com>
Cc: 42173@debbugs.gnu.org
Subject: bug#42173: [PATCH 2/2] services: nix: Fix sandbox.
Date: Wed, 22 Jul 2020 12:34:45 +0200	[thread overview]
Message-ID: <87zh7rj0sa.fsf@gnu.org> (raw)
In-Reply-To: <20200722065939.18138-2-go.wigust@gmail.com> (Oleg Pykhalov's message of "Wed, 22 Jul 2020 09:59:39 +0300")

Hi!

Oleg Pykhalov <go.wigust@gmail.com> skribis:

> * gnu/tests/package-management.scm: New file.
> * gnu/local.mk: Add this.
> * gnu/services/nix.scm (<nix-configuration>): New record.
> (nix-activation): Generate Nix config file.
> (nix-service-type): Add default value.
> (nix-shepherd-service): Allow provide Nix package.
> * doc/guix.texi (Miscellaneous Services)[Nix service]<nix-configuration>:
> Document record.

Nice!  You can add a “Fixes” line too.

> +@item @code{build-sandbox-paths} (default: @code{'()})
> +This is a list of strings or objects appended to the
> +@code{build-sandbox-paths} field of the configuration file.

I’d use “files” or “items” instead of “paths”, for consistency.

> +           (mkdir-p "/etc/nix")
> +           (with-output-to-file "/etc/nix/nix.conf"
> +             (lambda _
> +               (format #t "sandbox = ~a~%" (if #$sandbox "true" "false"))
> +               (format #t "build-sandbox-paths = ~{~a ~}~%"
> +                       (append (append-map (cut call-with-input-file <> read)
> +                                           '#$(map references-file
> +                                                   (list package)))
> +                               '#$build-sandbox-paths))
> +               (for-each (cut display <>) '#$extra-config))))))))

Here you’re adding the closure of Nix itself, which is a bit more than
needed I guess, but maybe it’s OK (perhaps with a comment explaining
that ‘config.nix’ captures store file names.)

Actually I thought this would have to be addressed in the ‘nix’ package
itself because this is where those store file names are captured.  But
maybe it’s OK to do it in the service.  WDYT?

> +(define* (run-nix-test name test-os)
> +  "Run tests in %NIX-OS Guix operating system, which has nix-daemon running."
                   ^
TEST-OS

> +(define %nix-os

Pretty fun.  :-)

> +(define %test-nix
> +  (system-test
> +   (name "nix")
> +   (description "Connect to a running nix-daemon")
> +   (value (run-nix-test name %nix-os))))

Great that you were able to write a test for that!

Thanks,
Ludo’.

next prev parent reply	other threads:[~2020-07-22 10:35 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-07-03  9:56 bug#42173: Nix on Guix System: can't update channels Alexandru-Sergiu Marton
2020-07-13 13:35 ` Ludovic Courtès
2020-07-19  8:14   ` Alexandru-Sergiu Marton
2020-07-15  5:28 ` Zhu Zihao via web
2020-07-16 10:12   ` Ludovic Courtès
2020-07-21  7:39     ` Oleg Pykhalov
2020-07-21 17:27       ` Oleg Pykhalov
2020-07-22 10:09         ` Ludovic Courtès
2020-07-21 21:28       ` Ludovic Courtès
2020-07-22  6:59         ` bug#42173: [PATCH 1/2] services: base: Export references-file Oleg Pykhalov
2020-07-22  6:59           ` bug#42173: [PATCH 2/2] services: nix: Fix sandbox Oleg Pykhalov
2020-07-22 10:34             ` Ludovic Courtès [this message]
2020-07-22 19:38               ` Oleg Pykhalov
2020-07-21  4:05 ` bug#42173: Nix on Guix System: can't update channels Zhu Zihao via web

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://guix.gnu.org/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87zh7rj0sa.fsf@gnu.org \
    --to=ludo@gnu.org \
    --cc=42173@debbugs.gnu.org \
    --cc=go.wigust@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).