Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

meson: fix rpath fixup #35513

Merged
merged 5 commits into from Mar 22, 2018
Merged

meson: fix rpath fixup #35513

merged 5 commits into from Mar 22, 2018

Conversation

jtojnar
Copy link
Contributor

@jtojnar jtojnar commented Feb 25, 2018
edited

Motivation for this change

In common distributions, RPATH is only needed for internal libraries so meson removes everything else. With Nix, the locations of libraries are not as predictable, therefore we need to keep them in the RPATH. See #31222 (comment) for more details.

Previously we have just kept the RPATH produced by the linker, patching meson not to remove it. This deprived us of potentially replacing it with install_rpath provided by project so we had to re-add it manually, and also introduced a vulnerability of keeping build paths in RPATH.

This patch restores the clean-up but modifies it so the items starting with /nix/store are retained.

This should be relatively safe since the store is immutable, however, there might be some unwanted retainment of build_rpath if it contains paths from Nix store.

Closes: #31222

Things done
  • Checked that built ELFs do not contain not found DT_NEEDED items.
    • deja-dup (there are some but they were there before and they do not seem to affect function)
    • epiphany (there is one but it does not seem to affect function)
    • gnome3.gnome_shell
    • systemd
    • wlroots they use a different fixup, let them (@primeos) clean it up themselves
  • Tested using sandboxing (nix.useSandbox on NixOS, or option build-use-sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Fits CONTRIBUTING.md.

cc @brandonedens @rasendubi @yegortimoshenko

@GrahamcOfBorg GrahamcOfBorg added 6.topic: GNOME GNOME desktop environment and its underlying platform 10.rebuild-darwin: 101-500 10.rebuild-linux: 501+ labels Feb 25, 2018
@GrahamcOfBorg
Copy link

Failure on x86_64-darwin (full log)

Partial log (click to expand)

Package ‘deja-dup-36.3’ in /Users/graham/nix-borg/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/grahamc-ndnd/pkgs/applications/backup/deja-dup/default.nix:53 is not supported on ‘x86_64-darwin’, refusing to evaluate.

a) For `nixos-rebuild` you can set
  { nixpkgs.config.allowBroken = true; }
in configuration.nix to override this.

b) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
  { allowBroken = true; }
to ~/.config/nixpkgs/config.nix.

@jtojnar jtojnar added this to the 18.03 milestone Feb 25, 2018
@GrahamcOfBorg
Copy link

Failure on x86_64-linux (full log)

Partial log (click to expand)

[ 18%] Building CXX object Source/JavaScriptCore/CMakeFiles/JavaScriptCore.dir/runtime/StringPrototype.cpp.o
building of ‘/nix/store/ym22g7jqip8lnbp8zgp06b086x4ch69s-webkitgtk-2.18.6.drv’ timed out after 3600 seconds
cannot build derivation ‘/nix/store/qyy9yxb58n9vyzkh14lqvmhdp9pzc52b-epiphany-3.26.4.drv’: 1 dependencies couldn't be built
cannot build derivation ‘/nix/store/zsn36q98kdg63bg3ykmfaf0kzg6l69as-gnome-online-accounts-3.26.2.drv’: 1 dependencies couldn't be built
cannot build derivation ‘/nix/store/nr0s8l0kqb18vqq0idkpvaf8wvj22s75-libgdata-0.17.9.drv’: 1 dependencies couldn't be built
cannot build derivation ‘/nix/store/28q8b78nyxg1nr8pmd3f54ar7hzaza89-evolution-data-server-3.26.3.drv’: 3 dependencies couldn't be built
cannot build derivation ‘/nix/store/pard7damsqw9zjdbq51q2ginrlihb0ds-tracker-miners-2.0.3.drv’: 1 dependencies couldn't be built
cannot build derivation ‘/nix/store/d54c11s8addygjwwc3v92abb2pzlbiim-nautilus-3.26.2.drv’: 1 dependencies couldn't be built
cannot build derivation ‘/nix/store/pv8yc8gd1k1zz7yzyhkkzb5h50ckadcx-deja-dup-36.3.drv’: 2 dependencies couldn't be built
error: build of ‘/nix/store/pv8yc8gd1k1zz7yzyhkkzb5h50ckadcx-deja-dup-36.3.drv’, ‘/nix/store/qyy9yxb58n9vyzkh14lqvmhdp9pzc52b-epiphany-3.26.4.drv’ failed

@GrahamcOfBorg
Copy link

Failure on aarch64-linux (full log)

Partial log (click to expand)

[ 34%] Building CXX object Source/WebCore/CMakeFiles/WebCoreDerivedSources.dir/__/__/DerivedSources/WebCore/JSDOMWindow.cpp.o
building of '/nix/store/qx995j564zgh9zxwrcdkxf1xphhcagn0-webkitgtk-2.18.6.drv' timed out after 3200 seconds
cannot build derivation '/nix/store/m8llyhcp9lmfd8nhhna0dz6k7bww1ik6-epiphany-3.26.4.drv': 1 dependencies couldn't be built
cannot build derivation '/nix/store/iqh4y59nlzj8m9w2faa101k7xkgz3vib-gnome-online-accounts-3.26.2.drv': 1 dependencies couldn't be built
cannot build derivation '/nix/store/axzj4942k9pj21acysib684mygg51pgq-libgdata-0.17.9.drv': 1 dependencies couldn't be built
cannot build derivation '/nix/store/nr5bpk8ykxc10h773cy2692mcvdi8ppj-evolution-data-server-3.26.3.drv': 3 dependencies couldn't be built
cannot build derivation '/nix/store/yidvah15b2z8p8y0ss9zwx7ryjn0fak1-tracker-miners-2.0.3.drv': 1 dependencies couldn't be built
cannot build derivation '/nix/store/2akn5zkh9p4a37cmlc3pyfn6cq5mcz37-nautilus-3.26.2.drv': 1 dependencies couldn't be built
cannot build derivation '/nix/store/qazq1j4h4v2jy3fqvnirsb6vr3yvw7pz-deja-dup-36.3.drv': 2 dependencies couldn't be built
�[31;1merror:�[0m build of '/nix/store/m8llyhcp9lmfd8nhhna0dz6k7bww1ik6-epiphany-3.26.4.drv', '/nix/store/qazq1j4h4v2jy3fqvnirsb6vr3yvw7pz-deja-dup-36.3.drv' failed

@jtojnar jtojnar changed the base branch from master to staging March 3, 2018 01:57
@GrahamcOfBorg
Copy link

Failure on x86_64-darwin (full log)

Partial log (click to expand)

Package ‘deja-dup-36.3’ in /Users/graham/nix-borg/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/grahamc-ndnd/pkgs/applications/backup/deja-dup/default.nix:53 is not supported on ‘x86_64-darwin’, refusing to evaluate.

a) For `nixos-rebuild` you can set
  { nixpkgs.config.allowBroken = true; }
in configuration.nix to override this.

b) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
  { allowBroken = true; }
to ~/.config/nixpkgs/config.nix.

@GrahamcOfBorg
Copy link

Failure on x86_64-darwin (full log)

Partial log (click to expand)

Package ‘deja-dup-36.3’ in /private/var/lib/ofborg/checkout/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/lnl7-mac/pkgs/applications/backup/deja-dup/default.nix:53 is not supported on ‘x86_64-darwin’, refusing to evaluate.

a) For `nixos-rebuild` you can set
  { nixpkgs.config.allowBroken = true; }
in configuration.nix to override this.

b) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
  { allowBroken = true; }
to ~/.config/nixpkgs/config.nix.

@GrahamcOfBorg
Copy link

Failure on x86_64-linux (full log)

Partial log (click to expand)

cannot build derivation ‘/nix/store/vpkf75gq641aq72rin4v9ks1z05grdh0-epiphany-3.26.4.drv’: 19 dependencies couldn't be built
cannot build derivation ‘/nix/store/cvsfqa65n9wb6n8rs8r1zbcblpgnxh1s-gnome-online-accounts-3.26.2.drv’: 12 dependencies couldn't be built
cannot build derivation ‘/nix/store/6fxmvizi177vwsywl0d1jdxsiqbibjh3-gnome-control-center-3.26.2.drv’: 31 dependencies couldn't be built
cannot build derivation ‘/nix/store/d0adaqkc1ib66zhwlq3jixd4fa550qj3-libgdata-0.17.9.drv’: 6 dependencies couldn't be built
cannot build derivation ‘/nix/store/4h6pbhl9rlgp7p4vpsiljjwj7dnxxnjz-evolution-data-server-3.26.3.drv’: 12 dependencies couldn't be built
cannot build derivation ‘/nix/store/i6zrychprmh08a0rrdjifispqdv57mgq-gnome-shell-3.26.2.drv’: 39 dependencies couldn't be built
cannot build derivation ‘/nix/store/hs158vaf0gzaaz1s5aza89j6dkw7mlni-tracker-miners-2.0.3.drv’: 13 dependencies couldn't be built
cannot build derivation ‘/nix/store/6ilimgz78b1bm3rdqx249s8g5psab8sl-nautilus-3.26.2.drv’: 12 dependencies couldn't be built
cannot build derivation ‘/nix/store/7dm1aazbppsphv6qnb11bdxp8b3gk576-deja-dup-36.3.drv’: 12 dependencies couldn't be built
error: build of ‘/nix/store/7dm1aazbppsphv6qnb11bdxp8b3gk576-deja-dup-36.3.drv’, ‘/nix/store/i6zrychprmh08a0rrdjifispqdv57mgq-gnome-shell-3.26.2.drv’, ‘/nix/store/vpkf75gq641aq72rin4v9ks1z05grdh0-epiphany-3.26.4.drv’ failed

@GrahamcOfBorg
Copy link

Failure on x86_64-linux (full log)

Partial log (click to expand)

cannot build derivation ‘/nix/store/vpkf75gq641aq72rin4v9ks1z05grdh0-epiphany-3.26.4.drv’: 19 dependencies couldn't be built
cannot build derivation ‘/nix/store/cvsfqa65n9wb6n8rs8r1zbcblpgnxh1s-gnome-online-accounts-3.26.2.drv’: 12 dependencies couldn't be built
cannot build derivation ‘/nix/store/6fxmvizi177vwsywl0d1jdxsiqbibjh3-gnome-control-center-3.26.2.drv’: 31 dependencies couldn't be built
cannot build derivation ‘/nix/store/d0adaqkc1ib66zhwlq3jixd4fa550qj3-libgdata-0.17.9.drv’: 6 dependencies couldn't be built
cannot build derivation ‘/nix/store/4h6pbhl9rlgp7p4vpsiljjwj7dnxxnjz-evolution-data-server-3.26.3.drv’: 12 dependencies couldn't be built
cannot build derivation ‘/nix/store/i6zrychprmh08a0rrdjifispqdv57mgq-gnome-shell-3.26.2.drv’: 39 dependencies couldn't be built
cannot build derivation ‘/nix/store/hs158vaf0gzaaz1s5aza89j6dkw7mlni-tracker-miners-2.0.3.drv’: 13 dependencies couldn't be built
cannot build derivation ‘/nix/store/6ilimgz78b1bm3rdqx249s8g5psab8sl-nautilus-3.26.2.drv’: 12 dependencies couldn't be built
cannot build derivation ‘/nix/store/7dm1aazbppsphv6qnb11bdxp8b3gk576-deja-dup-36.3.drv’: 12 dependencies couldn't be built
error: build of ‘/nix/store/7dm1aazbppsphv6qnb11bdxp8b3gk576-deja-dup-36.3.drv’, ‘/nix/store/i6zrychprmh08a0rrdjifispqdv57mgq-gnome-shell-3.26.2.drv’, ‘/nix/store/vpkf75gq641aq72rin4v9ks1z05grdh0-epiphany-3.26.4.drv’ failed

@GrahamcOfBorg
Copy link

Failure on aarch64-linux (full log)

Partial log (click to expand)

cannot build derivation '/nix/store/9lr40sr5ly7xlccshsy9nmrbfxc66d01-epiphany-3.26.4.drv': 5 dependencies couldn't be built
cannot build derivation '/nix/store/ik2kfifcvb8g51djmvk9in6r4xcc3r59-gnome-online-accounts-3.26.2.drv': 2 dependencies couldn't be built
cannot build derivation '/nix/store/dvybrkxvad9ppjbjximfl6s6lqg7xh3x-gnome-control-center-3.26.2.drv': 11 dependencies couldn't be built
cannot build derivation '/nix/store/lwh9snm742qqbrph17b8wazmhw9hk61g-libgdata-0.17.9.drv': 1 dependencies couldn't be built
cannot build derivation '/nix/store/1ihwy028cscyqvllc57c3xqbvzznz42q-evolution-data-server-3.26.3.drv': 3 dependencies couldn't be built
cannot build derivation '/nix/store/l29iq725pr32m8sn4pjsin7yxa0gdfrb-gnome-shell-3.26.2.drv': 15 dependencies couldn't be built
cannot build derivation '/nix/store/y95cgjilj9wnhfkabry9plai6gh3c297-tracker-miners-2.0.3.drv': 4 dependencies couldn't be built
cannot build derivation '/nix/store/rja0c8mvgi2s8vdid1iaryy2d2sza433-nautilus-3.26.2.drv': 6 dependencies couldn't be built
cannot build derivation '/nix/store/rp0lq62qf57xqgv0qhk0zzsigxajg8n3-deja-dup-36.3.drv': 6 dependencies couldn't be built
�[31;1merror:�[0m build of '/nix/store/9lr40sr5ly7xlccshsy9nmrbfxc66d01-epiphany-3.26.4.drv', '/nix/store/l29iq725pr32m8sn4pjsin7yxa0gdfrb-gnome-shell-3.26.2.drv', '/nix/store/rp0lq62qf57xqgv0qhk0zzsigxajg8n3-deja-dup-36.3.drv' failed

dezgeg
dezgeg reviewed Mar 4, 2018
View reviewed changes
pkgs/development/tools/build-managers/meson/fix-rpath.patch
paths += ':'
paths += build_rpath
- if len(paths) < len(install_rpath):
- padding = 'X' * (len(install_rpath) - len(paths))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't hardcode /nix/store here, rather substituteAll the $NIX_STORE shell variable here.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you mean substituteAlling builtins.storePath, or reading NIX_STORE environment variable at runtime?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I meant the value of $NIX_STORE during build-time, but the builtins.storeDir Nix variable seems to work as well.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done.

@GrahamcOfBorg
Copy link

Failure on x86_64-darwin (full log)

Partial log (click to expand)

Package ‘deja-dup-36.3’ in /Users/graham/nix-borg/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/grahamc-ndnd/pkgs/applications/backup/deja-dup/default.nix:53 is not supported on ‘x86_64-darwin’, refusing to evaluate.

a) For `nixos-rebuild` you can set
  { nixpkgs.config.allowBroken = true; }
in configuration.nix to override this.

b) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
  { allowBroken = true; }
to ~/.config/nixpkgs/config.nix.

@GrahamcOfBorg
Copy link

Failure on x86_64-linux (full log)

Partial log (click to expand)

cannot build derivation ‘/nix/store/4h31lwyfzzjf713z932bbn4w48yifgq1-epiphany-3.26.4.drv’: 19 dependencies couldn't be built
cannot build derivation ‘/nix/store/n93pdyiqb4kgcqr5c36v5vnwjbgfrylx-gnome-online-accounts-3.26.2.drv’: 12 dependencies couldn't be built
cannot build derivation ‘/nix/store/qv6y6mw41vw8j3szs0kg3mmd98k1c47q-gnome-control-center-3.26.2.drv’: 31 dependencies couldn't be built
cannot build derivation ‘/nix/store/00v6g7shi1n7i3mnyn6m8mz9gqmkyr6m-libgdata-0.17.9.drv’: 6 dependencies couldn't be built
cannot build derivation ‘/nix/store/xny8pnm7kcafnm10r5jg5xaqv78xbgri-evolution-data-server-3.26.3.drv’: 12 dependencies couldn't be built
cannot build derivation ‘/nix/store/nh32x4a1z43hjwxf0sgcwfg9dwv0qv3y-gnome-shell-3.26.2.drv’: 39 dependencies couldn't be built
cannot build derivation ‘/nix/store/cxvnj50jqjf02zcdvkbzrjaklh94zchg-tracker-miners-2.0.3.drv’: 13 dependencies couldn't be built
cannot build derivation ‘/nix/store/6xrr2pkfqcbbpysl1225zq5h1fgibc2r-nautilus-3.26.2.drv’: 12 dependencies couldn't be built
cannot build derivation ‘/nix/store/z6jz0ds0as41znvp5z1748fw5mxa0xpc-deja-dup-36.3.drv’: 12 dependencies couldn't be built
error: build of ‘/nix/store/4h31lwyfzzjf713z932bbn4w48yifgq1-epiphany-3.26.4.drv’, ‘/nix/store/nh32x4a1z43hjwxf0sgcwfg9dwv0qv3y-gnome-shell-3.26.2.drv’, ‘/nix/store/z6jz0ds0as41znvp5z1748fw5mxa0xpc-deja-dup-36.3.drv’ failed

@GrahamcOfBorg
Copy link

Failure on aarch64-linux (full log)

Partial log (click to expand)

cannot build derivation '/nix/store/gm7cclmjrziflapvyvhgjdi7vx1afjzy-epiphany-3.26.4.drv': 5 dependencies couldn't be built
cannot build derivation '/nix/store/8ms125v0aaf1b2n94c9vavi8azpb9gjv-gnome-online-accounts-3.26.2.drv': 2 dependencies couldn't be built
cannot build derivation '/nix/store/z2ql2bdfj1zfcj44cxfwrk7yndw35fp6-gnome-control-center-3.26.2.drv': 11 dependencies couldn't be built
cannot build derivation '/nix/store/bw3ylj5z4yin2z1f0ghwq68jidpqvvf2-libgdata-0.17.9.drv': 1 dependencies couldn't be built
cannot build derivation '/nix/store/4inqnp9ghxmb125m26ixhhk2wcv6jyz4-evolution-data-server-3.26.3.drv': 3 dependencies couldn't be built
cannot build derivation '/nix/store/hvignjhwbklwkg5hy1k2fmg319h7zflr-gnome-shell-3.26.2.drv': 15 dependencies couldn't be built
cannot build derivation '/nix/store/bp10wfdipxyrlkcw5k4sd1rmllqxfgxj-tracker-miners-2.0.3.drv': 4 dependencies couldn't be built
cannot build derivation '/nix/store/igsqhkkw62xdzwby5sird52bdcfyj4iw-nautilus-3.26.2.drv': 6 dependencies couldn't be built
cannot build derivation '/nix/store/jhrb3i14il0d7m595jh8widcmvazw4m9-deja-dup-36.3.drv': 6 dependencies couldn't be built
�[31;1merror:�[0m build of '/nix/store/gm7cclmjrziflapvyvhgjdi7vx1afjzy-epiphany-3.26.4.drv', '/nix/store/hvignjhwbklwkg5hy1k2fmg319h7zflr-gnome-shell-3.26.2.drv', '/nix/store/jhrb3i14il0d7m595jh8widcmvazw4m9-deja-dup-36.3.drv' failed

@jtojnar jtojnar mentioned this pull request Mar 13, 2018
Merged
@jtojnar jtojnar changed the base branch from staging to master March 20, 2018 19:58
@jtojnar
Copy link
Contributor Author

jtojnar commented Mar 20, 2018

Rebasing onto master as it will be merged with GNOME 3.28.

@GrahamcOfBorg
Copy link

Success on x86_64-darwin (full log)

Attempted: meson

The following builds were skipped because they don't evaluate on x86_64-darwin: deja-dup, epiphany, gnome3.gnome-shell, systemd

Partial log (click to expand)

warning: no directories found matching 'syntax-highlighting'
warning: no files found matching 'authors.txt'
writing manifest file 'meson.egg-info/SOURCES.txt'
running build_ext

----------------------------------------------------------------------
Ran 0 tests in 0.000s

OK
/nix/store/1df2ccwnjkbilids29r8zc8gjn5raadi-meson-0.44.0

@GrahamcOfBorg
Copy link

Failure on aarch64-linux (full log)

Attempted: deja-dup, epiphany, gnome3.gnome-shell, meson, systemd

Partial log (click to expand)

Removing empty /nix/store/zpadba9awkmkiqfj59vkv3p2ka6aar3l-gst-libav-1.12.3/share/ and (possibly) its parents
shrinking RPATHs of ELF executables and libraries in /nix/store/zpadba9awkmkiqfj59vkv3p2ka6aar3l-gst-libav-1.12.3
shrinking /nix/store/zpadba9awkmkiqfj59vkv3p2ka6aar3l-gst-libav-1.12.3/lib/gstreamer-1.0/libgstlibav.so
strip is /nix/store/3zq400fri5dv7d30lpxlqm2v9y1iis6j-binutils-2.28.1/bin/strip
stripping (with command strip and flags -S) in /nix/store/zpadba9awkmkiqfj59vkv3p2ka6aar3l-gst-libav-1.12.3/lib
patching script interpreter paths in /nix/store/zpadba9awkmkiqfj59vkv3p2ka6aar3l-gst-libav-1.12.3
checking for references to /build in /nix/store/zpadba9awkmkiqfj59vkv3p2ka6aar3l-gst-libav-1.12.3...
strip is /nix/store/3zq400fri5dv7d30lpxlqm2v9y1iis6j-binutils-2.28.1/bin/strip
cannot build derivation '/nix/store/5xpq7lzns6rvy83a7xzpy1240r72716h-epiphany-3.26.6.drv': 10 dependencies couldn't be built
�[31;1merror:�[0m build of '/nix/store/5xpq7lzns6rvy83a7xzpy1240r72716h-epiphany-3.26.6.drv', '/nix/store/l1mq6v1ppqbn64784p2l8n2x12kap6gb-gnome-shell-3.26.2.drv', '/nix/store/yqbxs32hz27sl6myzdd88fpm7q2q9cqa-deja-dup-36.3.drv' failed

@GrahamcOfBorg
Copy link

Success on x86_64-linux (full log)

Attempted: deja-dup, epiphany, gnome3.gnome-shell, meson, systemd

Partial log (click to expand)

gzipping man pages under /nix/store/2i8mkgh2k7r9y6mmbmd627wzfiwf1a42-gnome-shell-3.26.2/share/man/
strip is /nix/store/fzcs0fn6bb04m82frhlb78nc03ny3w55-binutils-2.28.1/bin/strip
stripping (with command strip and flags -S) in /nix/store/2i8mkgh2k7r9y6mmbmd627wzfiwf1a42-gnome-shell-3.26.2/lib  /nix/store/2i8mkgh2k7r9y6mmbmd627wzfiwf1a42-gnome-shell-3.26.2/libexec  /nix/store/2i8mkgh2k7r9y6mmbmd627wzfiwf1a42-gnome-shell-3.26.2/bin
patching script interpreter paths in /nix/store/2i8mkgh2k7r9y6mmbmd627wzfiwf1a42-gnome-shell-3.26.2
checking for references to /tmp/nix-build-gnome-shell-3.26.2.drv-0 in /nix/store/2i8mkgh2k7r9y6mmbmd627wzfiwf1a42-gnome-shell-3.26.2...
/nix/store/a22i3zknpdfyqlsdxxp5b2xwwnlxlijc-deja-dup-36.3
/nix/store/1dyr8vwcj9i0pglkq676zjcw7x4idmdq-epiphany-3.26.6
/nix/store/2i8mkgh2k7r9y6mmbmd627wzfiwf1a42-gnome-shell-3.26.2
/nix/store/w8gg5d2z1hx33017mdg1b68x0fi6pym1-meson-0.44.0
/nix/store/ha5qbmlhqwaq17q7w8fsqnark09gjf14-systemd-237

@jtojnar
meson: fix rpath fixup
de910a0 
In common distributions, RPATH is only needed for internal libraries so
meson removes everything else. With Nix, the locations of libraries
are not as predictable, therefore we need to keep them in the RPATH. [1]

Previously we have just kept the RPATH produced by the linker, patching
meson not to remove it. This deprived us of potentially replacing it
with install_rpath provided by project so we had to re-add it manually,
and also introduced a vulnerability of keeping build paths in RPATH.

This commit restores the clean-up but modifies it so the items starting
with /nix/store are retained.

This should be relatively safe since the store is immutable, however,
there might be some unwanted retainment of build_rpath [2] if it contains
paths from Nix store.

[1]: NixOS#31222 (comment)
[2]: http://mesonbuild.com/Release-notes-for-0-42-0.html#added-build_rpath-keyword-argument
@jtojnar
deja-dup: remove unneeded rpath fixup
9e2639e
@jtojnar
epiphany: remove unneeded rpath fixup
45d0d90
@jtojnar
systemd: remove unneeded rpath fixup
1c6f150
@jtojnar
gnome3.gnome-shell: remove unneeded rpath fixup
de75940
@FRidh FRidh merged commit de75940 into NixOS:master Mar 22, 2018
@jtojnar jtojnar deleted the meson-rpath-fix branch March 22, 2018 07:08
@bachp
Copy link
Member

bachp commented Apr 6, 2018

This belive this broke the systemd-cryptsetup-generator

The binary is no longer able to find libsystemd-shared-237.so.

@jtojnar Any idea how to fix this?

@jtojnar
Copy link
Contributor Author

jtojnar commented Apr 7, 2018

Meson fixes the rpath during install target. Since we are installing the files manually, the fixup is skipped. Could we maybe add cryptsetup to regular systemd and move systemd-cryptsetup to a separate output?

@bachp
Copy link
Member

bachp commented Apr 7, 2018

The problem is the cyclic dependency this would introduce:
systemd -> cryptsetup -> devicemapper -> systemd. Not sure how to resolve it.

It comes from here.

@mbakke
Copy link
Contributor

mbakke commented Apr 7, 2018

Note that libsystemd-shared lives in a separate directory from the other libraries. Specifically it is in out/lib/systemd, while most libs are in out/lib. Making sure both are in RUNPATH will suffice, I think.

@jtojnar
Copy link
Contributor Author

jtojnar commented Apr 11, 2018

For now, you could re-add the removed postFixup phase to the systemd-cryptsetup-generator.

@bachp bachp mentioned this pull request Apr 15, 2018
Merged
8 tasks
@jtojnar jtojnar added this to Done in Meson breakages May 16, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dezgeg dezgeg dezgeg left review comments

@rasendubi rasendubi Awaiting requested review from rasendubi

@lukateras lukateras Awaiting requested review from lukateras

Assignees
No one assigned
Labels
1.severity: blocker 1.severity: mass-rebuild 10.rebuild-darwin: 0 10.rebuild-linux: 0
Projects
Meson breakages
  
Done
Milestone
18.03
Development

Successfully merging this pull request may close these issues.

Meson produces incorrect rpath for local libraries
6 participants
@jtojnar @GrahamcOfBorg @bachp @mbakke @dezgeg @FRidh