From 252eba0c8cee24f596b6a62e5bf14103281c7547 Mon Sep 17 00:00:00 2001 From: tdro Date: Wed, 9 Aug 2023 17:45:13 -0400 Subject: .config/nixpkgs/jails: Add proot --- .config/nixpkgs/jails/proot/jail.nix | 52 ++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 .config/nixpkgs/jails/proot/jail.nix diff --git a/.config/nixpkgs/jails/proot/jail.nix b/.config/nixpkgs/jails/proot/jail.nix new file mode 100644 index 0000000..46ed76f --- /dev/null +++ b/.config/nixpkgs/jails/proot/jail.nix @@ -0,0 +1,52 @@ +let + + # nix-shell -E 'import (builtins.fetchurl "$url")' + # https://manpages.ubuntu.com/manpages/trusty/man1/proot.1.html + + name = "nix-shell.proot"; + + pkgs = import (builtins.fetchTarball { + url = "https://releases.nixos.org/nixos/22.11/nixos-22.11.466.596a8e828c5/nixexprs.tar.xz"; + sha256 = "1367bad5zz0mfm4czb6p0s0ni38f0x1ffh02z76rx4nranipqbgg"; + }) { }; + + proot = { + rootfs ? "rootfs", + binds ? [ ], + options ? [ ], + path ? [ pkgs.busybox ], + entrypoint ? "/bin/sh" + }: + pkgs.writeShellApplication { + inherit name; + text = '' + set -euxo pipefail + PATH=${pkgs.lib.strings.makeBinPath [ pkgs.proot pkgs.coreutils ]} + mkdir --parents '${rootfs}' + proot \ + --rootfs='${rootfs}' \ + ${pkgs.lib.strings.concatMapStringsSep " " (option: "--bind=${option}") binds} \ + ${pkgs.lib.strings.concatMapStringsSep " " (value: value) options} \ + /usr/bin/env --ignore-environment ${ + pkgs.writeScript "entrypoint-${name}" '' + set -eu + export HISTFILE=/dev/null + export PATH=${pkgs.lib.strings.makeBinPath path} + ${entrypoint} + '' + }; + ''; + }; + + jail = proot { + binds = [ "/nix" "/usr" "/bin" ]; + options = [ "--cwd=/" "--verbose=0" ]; + }; + +in pkgs.mkShell { + inherit name; + shellHook = '' + printf '%s\n' "${jail}/bin/${jail.name}" + exec "${jail}/bin/${jail.name}" + ''; +} -- cgit v1.2.3