mdebray/tvl-depot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore(3p/nix): Remove some OS X specific defines

Browse source 
This project will be dropping OS X support until the core is simplified.
This commit is contained in:
Vincent Ambo 2020-05-24 00:48:30 +01:00
parent bac38f3c49
commit 10481d2586
9 changed files with 3 additions and 281 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
third_party/nix/src/build-remote/build-remote.cc vendored
View file

@ -7,9 +7,6 @@
#include <tuple>
#include <glog/logging.h>
#if __APPLE__
#include <sys/time.h>
#endif
#include "derivations.hh"
#include "globals.hh"
@ -181,11 +178,7 @@ static int _main(int argc, char* argv[]) {
break;
}
#if __APPLE__
futimes(bestSlotLock.get(), NULL);
#else
futimens(bestSlotLock.get(), nullptr);
#endif
lock = -1;

19
third_party/nix/src/libmain/shared.cc vendored
View file

@ -142,17 +142,6 @@ void initNix() {
throw SysError("handling SIGUSR1");
}
#if __APPLE__
/* HACK: on darwin, we need cant use sigprocmask with SIGWINCH.
* Instead, add a dummy sigaction handler, and signalHandlerThread
* can handle the rest. */
struct sigaction sa;
sa.sa_handler = sigHandler;
if (sigaction(SIGWINCH, &sa, 0)) {
throw SysError("handling SIGWINCH");
}
#endif
/* Register a SIGSEGV handler to detect stack overflows. */
detectStackOverflow();
@ -165,14 +154,6 @@ void initNix() {
struct timeval tv;
gettimeofday(&tv, nullptr);
srandom(tv.tv_usec);
/* On macOS, don't use the per-session TMPDIR (as set e.g. by
sshd). This breaks build users because they don't have access
to the TMPDIR, in particular in nix-store --serve. */
#if __APPLE__
if (getuid() == 0 && hasPrefix(getEnv("TMPDIR"), "/var/folders/"))
unsetenv("TMPDIR");
#endif
}
LegacyArgs::LegacyArgs(

185
third_party/nix/src/libstore/build.cc vendored
View file

@ -837,11 +837,6 @@ class DerivationGoal : public Goal {
typedef map<string, string> Environment;
Environment env;
#if __APPLE__
typedef string SandboxProfile;
SandboxProfile additionalSandboxProfile;
#endif
/* Hash rewriting. */
StringRewrites inputRewrites, outputRewrites;
typedef map<Path, Path> RedirectedOutputs;
@ -1041,12 +1036,7 @@ DerivationGoal::~DerivationGoal() {
}
inline bool DerivationGoal::needsHashRewrite() {
#if __linux__
return !useChroot;
#else
/* Darwin requires hash rewriting even when sandboxing is enabled. */
return true;
#endif
}
void DerivationGoal::killChild() {
@ -1920,11 +1910,6 @@ void DerivationGoal::startBuilder() {
preloadNSS();
}
#if __APPLE__
additionalSandboxProfile =
parsedDrv->getStringAttr("__sandboxProfile").value_or("");
#endif
/* Are we doing a chroot build? */
{
auto noChroot = parsedDrv->getBoolAttr("__noChroot");
@ -1934,13 +1919,6 @@ void DerivationGoal::startBuilder() {
"but that's not allowed when 'sandbox' is 'true'") %
drvPath);
}
#if __APPLE__
if (additionalSandboxProfile != "")
throw Error(
format("derivation '%1%' specifies a sandbox profile, "
"but this is only allowed when 'sandbox' is 'relaxed'") %
drvPath);
#endif
useChroot = true;
} else if (settings.sandboxMode == smDisabled) {
useChroot = false;
@ -1950,29 +1928,17 @@ void DerivationGoal::startBuilder() {
}
if (worker.store.storeDir != worker.store.realStoreDir) {
#if __linux__
useChroot = true;
#else
throw Error(
"building using a diverted store is not supported on this platform");
#endif
}
/* If `build-users-group' is not empty, then we have to build as
one of the members of that group. */
if (settings.buildUsersGroup != "" && getuid() == 0) {
#if defined(__linux__) || defined(__APPLE__)
buildUser = std::make_unique<UserLock>();
/* Make sure that no other processes are executing under this
uid. */
buildUser->kill();
#else
/* Don't know how to block the creation of setuid/setgid
binaries on this platform. */
throw Error(
"build users are not supported on this platform for security reasons");
#endif
}
/* Create a temporary directory where the build will take
@ -2093,7 +2059,6 @@ void DerivationGoal::startBuilder() {
dirsInChroot[i] = ChrootPath(i);
}
#if __linux__
/* Create a temporary directory in which we set up the chroot
environment using bind-mounts. We put it in the Nix store
to ensure that we can create hard-links to non-directory
@ -2200,13 +2165,6 @@ void DerivationGoal::startBuilder() {
for (auto& i : drv->outputs) {
dirsInChroot.erase(i.second.path);
}
#elif __APPLE__
/* We don't really have any parent prep work to do (yet?)
All work happens in the child, instead. */
#else
throw Error("sandboxing builds is not supported on this platform");
#endif
}
if (needsHashRewrite()) {
@ -3147,148 +3105,7 @@ void DerivationGoal::runChild() {
const char* builder = "invalid";
if (drv->isBuiltin()) {
;
}
#if __APPLE__
else if (getEnv("_NIX_TEST_NO_SANDBOX") == "") {
/* This has to appear before import statements. */
std::string sandboxProfile = "(version 1)\n";
if (useChroot) {
/* Lots and lots and lots of file functions freak out if they can't stat
* their full ancestry */
PathSet ancestry;
/* We build the ancestry before adding all inputPaths to the store
because we know they'll all have the same parents (the store), and
there might be lots of inputs. This isn't
particularly efficient... I doubt it'll be a bottleneck in practice
*/
for (auto& i : dirsInChroot) {
Path cur = i.first;
while (cur.compare("/") != 0) {
cur = dirOf(cur);
ancestry.insert(cur);
}
}
/* And we want the store in there regardless of how empty dirsInChroot.
We include the innermost path component this time, since it's
typically /nix/store and we care about that. */
Path cur = worker.store.storeDir;
while (cur.compare("/") != 0) {
ancestry.insert(cur);
cur = dirOf(cur);
}
/* Add all our input paths to the chroot */
for (auto& i : inputPaths) {
dirsInChroot[i] = i;
}
/* Violations will go to the syslog if you set this. Unfortunately the
* destination does not appear to be configurable */
if (settings.darwinLogSandboxViolations) {
sandboxProfile += "(deny default)\n";
} else {
sandboxProfile += "(deny default (with no-log))\n";
}
sandboxProfile += "(import \"sandbox-defaults.sb\")\n";
if (fixedOutput) {
sandboxProfile += "(import \"sandbox-network.sb\")\n";
}
/* Our rwx outputs */
sandboxProfile += "(allow file-read* file-write* process-exec\n";
for (auto& i : missingPaths) {
sandboxProfile += (format("\t(subpath \"%1%\")\n") % i.c_str()).str();
}
/* Also add redirected outputs to the chroot */
for (auto& i : redirectedOutputs) {
sandboxProfile +=
(format("\t(subpath \"%1%\")\n") % i.second.c_str()).str();
}
sandboxProfile += ")\n";
/* Our inputs (transitive dependencies and any impurities computed
above)
without file-write* allowed, access() incorrectly returns EPERM
*/
sandboxProfile += "(allow file-read* file-write* process-exec\n";
for (auto& i : dirsInChroot) {
if (i.first != i.second.source)
throw Error(format("can't map '%1%' to '%2%': mismatched impure "
"paths not supported on Darwin") %
i.first % i.second.source);
string path = i.first;
struct stat st;
if (lstat(path.c_str(), &st)) {
if (i.second.optional && errno == ENOENT) {
continue;
}
throw SysError(format("getting attributes of path '%1%'") % path);
}
if (S_ISDIR(st.st_mode))
sandboxProfile += (format("\t(subpath \"%1%\")\n") % path).str();
else
sandboxProfile += (format("\t(literal \"%1%\")\n") % path).str();
}
sandboxProfile += ")\n";
/* Allow file-read* on full directory hierarchy to self. Allows
* realpath() */
sandboxProfile += "(allow file-read*\n";
for (auto& i : ancestry) {
sandboxProfile += (format("\t(literal \"%1%\")\n") % i.c_str()).str();
}
sandboxProfile += ")\n";
sandboxProfile += additionalSandboxProfile;
} else
sandboxProfile += "(import \"sandbox-minimal.sb\")\n";
debug("Generated sandbox profile:");
debug(sandboxProfile);
Path sandboxFile = tmpDir + "/.sandbox.sb";
writeFile(sandboxFile, sandboxProfile);
bool allowLocalNetworking =
parsedDrv->getBoolAttr("__darwinAllowLocalNetworking");
/* The tmpDir in scope points at the temporary build directory for our
derivation. Some packages try different mechanisms to find temporary
directories, so we want to open up a broader place for them to dump
their files, if needed. */
Path globalTmpDir = canonPath(getEnv("TMPDIR", "/tmp"), true);
/* They don't like trailing slashes on subpath directives */
if (globalTmpDir.back() == '/') {
globalTmpDir.pop_back();
}
builder = "/usr/bin/sandbox-exec";
args.push_back("sandbox-exec");
args.push_back("-f");
args.push_back(sandboxFile);
args.push_back("-D");
args.push_back("_GLOBAL_TMP_DIR=" + globalTmpDir);
args.push_back("-D");
args.push_back("IMPORT_DIR=" + settings.nixDataDir + "/nix/sandbox/");
if (allowLocalNetworking) {
args.push_back("-D");
args.push_back(string("_ALLOW_LOCAL_NETWORKING=1"));
}
args.push_back(drv->builder);
}
#endif
else {
if (!drv->isBuiltin()) {
builder = drv->builder.c_str();
string builderBasename = baseNameOf(drv->builder);
args.push_back(builderBasename);

6
third_party/nix/src/libstore/globals.cc vendored
View file

@ -19,12 +19,8 @@ namespace nix {
must be deleted and recreated on startup.) */
#define DEFAULT_SOCKET_PATH "/daemon-socket/socket"
/* chroot-like behavior from Apple's sandbox */
#if __APPLE__
#define DEFAULT_ALLOWED_IMPURE_PREFIXES "/System/Library /usr/lib /dev /bin/sh"
#else
// TODO(tazjin): this was __APPLE__ specific, still needed?
#define DEFAULT_ALLOWED_IMPURE_PREFIXES ""
#endif
Settings settings;

6
third_party/nix/src/libstore/globals.hh vendored
View file

@ -299,12 +299,6 @@ class Settings : public Config {
"Which prefixes to allow derivations to ask for access to (primarily for "
"Darwin)."};
#if __APPLE__
Setting<bool> darwinLogSandboxViolations{
this, false, "darwin-log-sandbox-violations",
"Whether to log Darwin sandbox access violations to the system log."};
#endif
Setting<bool> runDiffHook{
this, false, "run-diff-hook",
"Whether to run the program specified by the diff-hook setting "

19
third_party/nix/src/libstore/local-store.cc vendored
View file

@ -24,18 +24,11 @@
#include "pathlocks.hh"
#include "worker-protocol.hh"
#if __linux__
#include <sched.h>
#include <sys/ioctl.h>
#include <sys/mount.h>
#include <sys/statvfs.h>
#include <sys/xattr.h>
#endif
#ifdef __CYGWIN__
#include <windows.h>
#endif
#include <sqlite3.h>
namespace nix {
@ -460,16 +453,6 @@ static void canonicalisePathMetaData_(const Path& path, uid_t fromUid,
InodesSeen& inodesSeen) {
checkInterrupt();
#if __APPLE__
/* Remove flags, in particular UF_IMMUTABLE which would prevent
the file from being garbage-collected. FIXME: Use
setattrlist() to remove other attributes as well. */
if (lchflags(path.c_str(), 0)) {
if (errno != ENOTSUP)
throw SysError(format("clearing flags of path '%1%'") % path);
}
#endif
struct stat st;
if (lstat(path.c_str(), &st) != 0) {
throw SysError(format("getting attributes of path '%1%'") % path);
@ -480,7 +463,6 @@ static void canonicalisePathMetaData_(const Path& path, uid_t fromUid,
throw Error(format("file '%1%' has an unsupported type") % path);
}
#if __linux__
/* Remove extended attributes / ACLs. */
ssize_t eaSize = llistxattr(path.c_str(), nullptr, 0);
@ -508,7 +490,6 @@ static void canonicalisePathMetaData_(const Path& path, uid_t fromUid,
}
}
}
#endif
/* Fail if the file is not owned by the build user. This prevents
us from messing up the ownership/permissions of files

12
third_party/nix/src/libstore/optimise-store.cc vendored
View file

@ -105,18 +105,6 @@ void LocalStore::optimisePath_(OptimiseStats& stats, const Path& path,
throw SysError(format("getting attributes of path '%1%'") % path);
}
#if __APPLE__
/* HFS/macOS has some undocumented security feature disabling hardlinking for
special files within .app dirs. *.app/Contents/PkgInfo and
*.app/Contents/Resources/\*.lproj seem to be the only paths affected. See
https://github.com/NixOS/nix/issues/1443 for more discussion. */
if (std::regex_search(path, std::regex("\\.app/Contents/.+$"))) {
debug(format("'%1%' is not allowed to be linked in macOS") % path);
return;
}
#endif
if (S_ISDIR(st.st_mode)) {
Strings names = readDirectoryIgnoringInodes(path, inodeHash);
for (auto& i : names) {

26
third_party/nix/src/libutil/util.cc vendored
View file

@ -16,6 +16,7 @@
#include <grp.h>
#include <pwd.h>
#include <sys/ioctl.h>
#include <sys/prctl.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <unistd.h>
@ -27,14 +28,6 @@
#include "serialise.hh"
#include "sync.hh"
#ifdef __APPLE__
#include <sys/syscall.h>
#endif
#ifdef __linux__
#include <sys/prctl.h>
#endif
namespace nix {
const std::string nativeSystem = SYSTEM;
@ -819,12 +812,6 @@ int Pid::kill() {
process group, send the signal to every process in the child
process group (which hopefully includes *all* its children). */
if (::kill(separatePG ? -pid : pid, killSignal) != 0) {
/* On BSDs, killing a process group will return EPERM if all
processes in the group are zombies (or something like
that). So try to detect and ignore that situation. */
#if __FreeBSD__ || __APPLE__
if (errno != EPERM || ::kill(pid, 0) != 0)
#endif
LOG(ERROR) << SysError("killing process %d", pid).msg();
}
@ -876,20 +863,9 @@ void killUser(uid_t uid) {
}
while (true) {
#ifdef __APPLE__
/* OSX's kill syscall takes a third parameter that, among
other things, determines if kill(-1, signo) affects the
calling process. In the OSX libc, it's set to true,
which means "follow POSIX", which we don't want here
*/
if (syscall(SYS_kill, -1, SIGKILL, false) == 0) {
break;
}
#else
if (kill(-1, SIGKILL) == 0) {
break;
}
#endif
if (errno == ESRCH) {
break;
} /* no more processes */

4
third_party/nix/src/nix-daemon/nix-daemon.cc vendored
View file

@ -28,10 +28,6 @@
#include "util.hh"
#include "worker-protocol.hh"
#if __APPLE__ || __FreeBSD__
#include <sys/ucred.h>
#endif
using namespace nix;
#ifndef __linux__