8a45d4525b
GitOrigin-RevId: 710fed5a2483f945b14f4a58af2cd3676b42d8c8
49 lines
2.6 KiB
Markdown
49 lines
2.6 KiB
Markdown
# buildFHSUserEnv {#sec-fhs-environments}
|
|
|
|
`buildFHSUserEnv` provides a way to build and run FHS-compatible lightweight sandboxes. It creates an isolated root with bound `/nix/store`, so its footprint in terms of disk space needed is quite small. This allows one to run software which is hard or unfeasible to patch for NixOS -- 3rd-party source trees with FHS assumptions, games distributed as tarballs, software with integrity checking and/or external self-updated binaries. It uses Linux namespaces feature to create temporary lightweight environments which are destroyed after all child processes exit, without root user rights requirement. Accepted arguments are:
|
|
|
|
- `name`
|
|
Environment name.
|
|
- `targetPkgs`
|
|
Packages to be installed for the main host's architecture (i.e. x86_64 on x86_64 installations). Along with libraries binaries are also installed.
|
|
- `multiPkgs`
|
|
Packages to be installed for all architectures supported by a host (i.e. i686 and x86_64 on x86_64 installations). Only libraries are installed by default.
|
|
- `extraBuildCommands`
|
|
Additional commands to be executed for finalizing the directory structure.
|
|
- `extraBuildCommandsMulti`
|
|
Like `extraBuildCommands`, but executed only on multilib architectures.
|
|
- `extraOutputsToInstall`
|
|
Additional derivation outputs to be linked for both target and multi-architecture packages.
|
|
- `extraInstallCommands`
|
|
Additional commands to be executed for finalizing the derivation with runner script.
|
|
- `runScript`
|
|
A command that would be executed inside the sandbox and passed all the command line arguments. It defaults to `bash`.
|
|
- `profile`
|
|
Optional script for `/etc/profile` within the sandbox.
|
|
|
|
One can create a simple environment using a `shell.nix` like that:
|
|
|
|
```nix
|
|
{ pkgs ? import <nixpkgs> {} }:
|
|
|
|
(pkgs.buildFHSUserEnv {
|
|
name = "simple-x11-env";
|
|
targetPkgs = pkgs: (with pkgs;
|
|
[ udev
|
|
alsa-lib
|
|
]) ++ (with pkgs.xorg;
|
|
[ libX11
|
|
libXcursor
|
|
libXrandr
|
|
]);
|
|
multiPkgs = pkgs: (with pkgs;
|
|
[ udev
|
|
alsa-lib
|
|
]);
|
|
runScript = "bash";
|
|
}).env
|
|
```
|
|
|
|
Running `nix-shell` would then drop you into a shell with these libraries and binaries available. You can use this to run closed-source applications which expect FHS structure without hassles: simply change `runScript` to the application path, e.g. `./bin/start.sh` -- relative paths are supported.
|
|
|
|
Additionally, the FHS builder links all relocated gsettings-schemas (the glib setup-hook moves them to `share/gsettings-schemas/${name}/glib-2.0/schemas`) to their standard FHS location. This means you don't need to wrap binaries with `wrapGAppsHook`.
|