diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 13703968167..8c41837d3a9 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -181,6 +181,7 @@ ./programs/mtr.nix ./programs/nano.nix ./programs/nbd.nix + ./programs/nix-ld.nix ./programs/neovim.nix ./programs/nm-applet.nix ./programs/npm.nix diff --git a/nixos/modules/programs/nix-ld.nix b/nixos/modules/programs/nix-ld.nix new file mode 100644 index 00000000000..810a74ab50b --- /dev/null +++ b/nixos/modules/programs/nix-ld.nix @@ -0,0 +1,12 @@ +{ pkgs, lib, config, ... }: +{ + meta.maintainers = [ lib.maintainers.mic92 ]; + options = { + programs.nix-ld.enable = lib.mkEnableOption ''nix-ld, Documentation: ''; + }; + config = lib.mkIf config.programs.nix-ld.enable { + systemd.tmpfiles.rules = [ + "L+ ${pkgs.nix-ld.ldPath} - - - - ${pkgs.nix-ld}/libexec/nix-ld" + ]; + }; +} diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 001518d02cb..432a640d57d 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -355,6 +355,7 @@ in nginx-sso = handleTest ./nginx-sso.nix {}; nginx-variants = handleTest ./nginx-variants.nix {}; nitter = handleTest ./nitter.nix {}; + nix-ld = handleTest ./nix-ld {}; nix-serve = handleTest ./nix-serve.nix {}; nix-serve-ssh = handleTest ./nix-serve-ssh.nix {}; nixops = handleTest ./nixops/default.nix {}; diff --git a/nixos/tests/nix-ld.nix b/nixos/tests/nix-ld.nix new file mode 100644 index 00000000000..5c886182d96 --- /dev/null +++ b/nixos/tests/nix-ld.nix @@ -0,0 +1,20 @@ +import ./make-test-python.nix ({ lib, pkgs, ...} : +{ + name = "nix-ld"; + nodes.machine = { pkgs, ... }: { + programs.nix-ld.enable = true; + environment.systemPackages = [ + (pkgs.runCommand "patched-hello" {} '' + install -D -m755 ${pkgs.hello}/bin/hello $out/bin/hello + patchelf $out/bin/hello --set-interpreter ${pkgs.nix-ld.ldPath} + '') + ]; + }; + testScript = '' + start_all() + path = "${pkgs.stdenv.cc}/nix-support/dynamic-linker" + with open(path) as f: + real_ld = f.read().strip() + machine.succeed(f"NIX_LD={real_ld} hello") + ''; +}) diff --git a/pkgs/os-specific/linux/nix-ld/default.nix b/pkgs/os-specific/linux/nix-ld/default.nix new file mode 100644 index 00000000000..dcab99cabfe --- /dev/null +++ b/pkgs/os-specific/linux/nix-ld/default.nix @@ -0,0 +1,49 @@ +{ stdenv, meson, ninja, lib, nixosTests, fetchFromGitHub }: +let + self = stdenv.mkDerivation { + name = "nix-ld"; + src = fetchFromGitHub { + owner = "Mic92"; + repo = "nix-ld"; + rev = "1.0.0"; + sha256 = "sha256-QYPg8wPpq7q5Xd1jW17Lh36iKFSsVkN/gWYoQRv2XoU="; + }; + + doCheck = true; + + nativeBuildInputs = [ meson ninja ]; + + mesonFlags = [ + "-Dnix-system=${stdenv.system}" + ]; + + hardeningDisable = [ + "stackprotector" + ]; + + postInstall = '' + mkdir -p $out/nix-support + basename $(< ${stdenv.cc}/nix-support/dynamic-linker) > $out/nix-support/ld-name + ''; + + passthru.tests.nix-ld = nixosTests.nix-ld; + passthru.ldPath = let + libDir = if stdenv.system == "x86_64-linux" || + stdenv.system == "mips64-linux" || + stdenv.system == "powerpc64le-linux" + then + "/lib64" + else + "/lib"; + ldName = lib.fileContents "${self}/nix-support/ld-name"; + in "${libDir}/${ldName}"; + + meta = with lib; { + description = "Run unpatched dynamic binaries on NixOS"; + homepage = "https://github.com/Mic92/nix-ld"; + license = licenses.mit; + maintainers = with maintainers; [ mic92 ]; + platforms = platforms.linux; + }; + }; +in self diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 38fa936a3b1..a7ddd65019d 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -27767,6 +27767,8 @@ with pkgs; nixos-shell = callPackage ../tools/virtualization/nixos-shell {}; + nix-ld = callPackage ../os-specific/linux/nix-ld {}; + noaa-apt = callPackage ../applications/radio/noaa-apt { }; node-problem-detector = callPackage ../applications/networking/cluster/node-problem-detector { };