From 2f4420d079bfbce843c5264a0818b5f03ff44ea3 Mon Sep 17 00:00:00 2001
From: tdro <tdro@users.noreply.github.com>
Date: Fri, 4 Mar 2022 04:23:33 -0500
Subject: .config/nixpkgs/shells/cake: Parameterize final proot

Use PROOT_NO_SECCOMP=1
---
 .config/nixpkgs/shells/cake.nix | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

(limited to '.config/nixpkgs/shells')

diff --git a/.config/nixpkgs/shells/cake.nix b/.config/nixpkgs/shells/cake.nix
index 906fbf7..401a967 100644
--- a/.config/nixpkgs/shells/cake.nix
+++ b/.config/nixpkgs/shells/cake.nix
@@ -24,6 +24,7 @@ let
       ${script}
       rm "$0"
     '';
+    PROOT_NO_SECCOMP = "1";
     installPhase = ''
       set -euo pipefail
       mkdir --parents rootfs $out/rootfs
@@ -165,7 +166,18 @@ let
     ];
   };
 
-  # proot --cwd=/ --rootfs=${alpine}/rootfs --bind=/proc --bind=/dev /usr/bin/env - /bin/sh -c '. /etc/profile && sh'
+  container = { rootfs, binds ? [ ], options ? [] }:
+    pkgs.writeScript name ''
+    set -euxo pipefail
+    PATH=${pkgs.lib.strings.makeBinPath [ pkgs.proot ]}
+    proot \
+      --cwd=/ \
+      --rootfs='${rootfs}' \
+      ${pkgs.lib.strings.concatMapStringsSep " " (option: "--bind=${option}") binds} \
+      ${pkgs.lib.strings.concatMapStringsSep " " (value: value) options} \
+      /usr/bin/env - /bin/sh -c '. /etc/profile && sh'
+  '';
+
   # doas ${alpine-machine}
   # sudo ${alpine-machine}
   # qemu-system-x86_64 -nographic -drive if=virtio,file=./${alpine-machine.name}.img,format=raw
@@ -179,7 +191,11 @@ in pkgs.mkShell {
 
   shellHook = ''
     export PS1='\h (${name}) \W \$ '
-    proot --cwd=/ --rootfs=${alpine}/rootfs --bind=/proc --bind=/dev /usr/bin/env - /bin/sh -c '. /etc/profile && sh'
+    ${container {
+      rootfs = "${alpine}/rootfs";
+      binds = [ "/proc" "/dev" ];
+      options = [ "--verbose=0" ];
+    }}
     exit
   '';
 }
-- 
cgit v1.2.3