about summary refs log tree commit diff
path: root/release-common.nix
diff options
context:
space:
mode:
authorEelco Dolstra <edolstra@gmail.com>2017-05-15T15·30+0200
committerEelco Dolstra <edolstra@gmail.com>2017-05-15T15·36+0200
commita2d92bb20e82a0957067ede60e91fab256948b41 (patch)
tree665a9274c830f73c05a282622d78f6cf8d7c9ec9 /release-common.nix
parentb30f5784d0184688de964f6239e373b62101ebc4 (diff)
Add --with-sandbox-shell configure flag
And add a 116 KiB ash shell from busybox to the release build. This
helps to make sandbox builds work out of the box on non-NixOS systems
and with diverted stores.
Diffstat (limited to 'release-common.nix')
-rw-r--r--release-common.nix21
1 files changed, 21 insertions, 0 deletions
diff --git a/release-common.nix b/release-common.nix
new file mode 100644
index 000000000000..8047c75bdb74
--- /dev/null
+++ b/release-common.nix
@@ -0,0 +1,21 @@
+{ pkgs }:
+
+rec {
+  sh = pkgs.busybox.override {
+    useMusl = true;
+    enableStatic = true;
+    enableMinimal = true;
+    extraConfig = ''
+      CONFIG_ASH y
+      CONFIG_ASH_BUILTIN_ECHO y
+      CONFIG_ASH_BUILTIN_TEST y
+      CONFIG_ASH_OPTIMIZE_FOR_SIZE y
+    '';
+  };
+
+  configureFlags =
+    [ "--disable-init-state"
+      "--enable-gc"
+      "--with-sandbox-shell=${sh}/bin/busybox"
+    ];
+}