>I'm using Nix on an "ordinary" Linux distro (not NixOS) and I want to use >chroot builds, to make package builds more pure. I've successfully performed a >multi-user installation and I've enabled chroot builds in nix.conf. However, >the default build-chroot-dirs option value does not include the /bin directory >(and therefore also /bin/sh is missing, causing a lot of packages to fail). > >I could (of course) add /bin to the build-chroot-dirs option, but this will >make the entire /bin folder of my host distro (including a large collection of >installed packages binaries) available in the chroot environment, which will >still make builds impure, because a lot of packages can be implicitly found. > >A possible solution is to bind mount a different directory from my host system >(only containing the shell) into the the chroot environment. > >I have a dived a bit into the documentation as well as in Nix's source code, >but apparently there seems to be no option to specify a source and destination >to bind mount an arbitrary directory in the chroot environment, e.g. > >mount --bind /my/bin/containing/only/sh/bin /chroot/env/bin > >Is there an option to achieve this, or must Nix be extended to do this?
Maybe it is better to bind-mount something as entire / for chroot, and then bind-mount Nix store paths? It does seem to work for me on Fedora, the chrooting script is included in my configuration helper scripts in SVN (I do some strange barely-FHS-compliant chroot, though, and chroot more from there; /bin/sh is the only thing in /bin and it is a link to store). _______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
