darwin.iproute2mac: init at 1.2.1 #41768

flokli · 2018-06-09T20:41:20Z

Motivation for this change

This adds iproute2mac, a CLI wrapper for basic network utilites on Mac OS X inspired with iproute2 on Linux.

Things done

Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
Built on platform(s)
- NixOS
- macOS
- other Linux distributions
Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
Tested execution of all binary files (usually in ./result/bin/)
Fits CONTRIBUTING.md.

matthewbauer · 2018-06-09T20:44:41Z

pkgs/os-specific/darwin/iproute2mac/default.nix

+
+  buildInputs = [ python ];
+
+  __impureHostDeps = [


This is only necessary if you're actually calling these in the builder. You should be able to leave this out.

ok, wasn't aware. will strip them out.

Yeah, and I'm not even sure if /usr/bin is allowed.

@LnL7 from the builder? Don't know too, I just thought I should probably document impure usages somewhere. PR updated with __impureHostDeps removed.

For reference, these are the only prefixes that this works for unless this is overridden in nix.conf with allowed-impure-host-deps.
https://github.com/NixOS/nix/blob/e7cb2847ab1cec48eac6a86c56885b3f0df76275/src/libstore/globals.cc#L22

This is used to open up the build sandbox when sandboxing is enabled, allowing builds to open up arbitrary paths would be a security concern.

thanks for the explanation!

matthewbauer · 2018-06-09T20:54:13Z

pkgs/os-specific/darwin/iproute2mac/default.nix

+  buildInputs = [ python ];
+
+  postPatch = ''
+    substituteInPlace src/ip.py --replace /usr/bin/python ${python}/bin/python


Can you also wrap the other commands here? darwin.network_cmds should have them all.

right. what about sudo?

It's probably okay to leave for now. I don't think it's packaged anywhere? /cc @LnL7

patched all network_cmds. I doubt pkgs/tools/security/sudo would easily be portable for darwin, so relying on /usr/bin/sudo being there might be ok

Sudo can't work, it needs a setuid bit.

GrahamcOfBorg · 2018-06-09T21:16:39Z

No attempt on aarch64-linux (full log)

The following builds were skipped because they don't evaluate on aarch64-linux: darwin.iproute2mac

Partial log (click to expand)


a) For `nixos-rebuild` you can set
  { nixpkgs.config.allowUnsupportedSystem = true; }
in configuration.nix to override this.

b) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
  { allowUnsupportedSystem = true; }
to ~/.config/nixpkgs/config.nix.

GrahamcOfBorg · 2018-06-09T21:16:49Z

No attempt on x86_64-linux (full log)

The following builds were skipped because they don't evaluate on x86_64-linux: darwin.iproute2mac

Partial log (click to expand)


a) For `nixos-rebuild` you can set
  { nixpkgs.config.allowUnsupportedSystem = true; }
in configuration.nix to override this.

b) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
  { allowUnsupportedSystem = true; }
to ~/.config/nixpkgs/config.nix.

GrahamcOfBorg · 2018-06-09T21:17:04Z

Success on x86_64-darwin (full log)

Attempted: darwin.iproute2mac

Partial log (click to expand)

configuring
no configure script, doing nothing
building
no Makefile, doing nothing
installing
post-installation fixup
strip is /nix/store/yyak5sjv68n9vdgnkd2cb5djk1l9sqj5-cctools-binutils-darwin/bin/strip
stripping (with command strip and flags -S) in /nix/store/60jvgba0j6x9hq2q3m8q30c407v87jzd-iproute2mac-1.2.1/bin
patching script interpreter paths in /nix/store/60jvgba0j6x9hq2q3m8q30c407v87jzd-iproute2mac-1.2.1
/nix/store/60jvgba0j6x9hq2q3m8q30c407v87jzd-iproute2mac-1.2.1

flokli · 2018-06-09T21:17:43Z

Thanks!

GrahamcOfBorg added the 6.topic: darwin Running or building packages on Darwin label Jun 9, 2018

matthewbauer reviewed Jun 9, 2018

View reviewed changes

darwin.iproute2mac: init at 1.2.1

857ab32

flokli force-pushed the iproute2mac branch from b522f1e to 857ab32 Compare June 9, 2018 20:47

matthewbauer requested changes Jun 9, 2018

View reviewed changes

darwin.iproute2mac: wrap network_cmds

dcdeaa1

matthewbauer approved these changes Jun 9, 2018

View reviewed changes

GrahamcOfBorg added 8.has: package (new) 10.rebuild-darwin: 1-10 10.rebuild-linux: 0 labels Jun 9, 2018

LnL7 approved these changes Jun 9, 2018

View reviewed changes

LnL7 merged commit 253d781 into NixOS:master Jun 9, 2018

flokli deleted the iproute2mac branch June 9, 2018 21:17

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

darwin.iproute2mac: init at 1.2.1 #41768

darwin.iproute2mac: init at 1.2.1 #41768

flokli commented Jun 9, 2018

matthewbauer Jun 9, 2018

flokli Jun 9, 2018

LnL7 Jun 9, 2018

flokli Jun 9, 2018

LnL7 Jun 9, 2018

flokli Jun 9, 2018

matthewbauer Jun 9, 2018

flokli Jun 9, 2018

matthewbauer Jun 9, 2018

flokli Jun 9, 2018

LnL7 Jun 9, 2018

GrahamcOfBorg commented Jun 9, 2018

GrahamcOfBorg commented Jun 9, 2018

GrahamcOfBorg commented Jun 9, 2018

flokli commented Jun 9, 2018

darwin.iproute2mac: init at 1.2.1 #41768

darwin.iproute2mac: init at 1.2.1 #41768

Conversation

flokli commented Jun 9, 2018

Motivation for this change

Things done

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

GrahamcOfBorg commented Jun 9, 2018

GrahamcOfBorg commented Jun 9, 2018

GrahamcOfBorg commented Jun 9, 2018

flokli commented Jun 9, 2018