From 7fa922c21f75745872510bb535ca4870dd5d843e Mon Sep 17 00:00:00 2001 From: Janneke Nieuwenhuizen Date: Tue, 22 Aug 2023 21:51:19 +0200 Subject: Revert "DRAFT daemon: Support chroot builds on GNU/Hurd." This reverts commit d04d70f6eaedad0ea6cd3b5a48f30666e324fd23. --- config-daemon.ac | 13 ----- nix/libstore/build.cc | 43 ++++------------ nix/libutil/util.cc | 139 -------------------------------------------------- nix/libutil/util.hh | 3 -- nix/local.mk | 3 +- 5 files changed, 12 insertions(+), 189 deletions(-) diff --git a/config-daemon.ac b/config-daemon.ac index 315f4de28f..86306effe1 100644 --- a/config-daemon.ac +++ b/config-daemon.ac @@ -37,19 +37,6 @@ if test "x$guix_build_daemon" = "xyes"; then AC_DEFINE_UNQUOTED([SYSTEM], ["$guix_system"], [Guix host system type--i.e., platform and OS kernel tuple.]) - dnl On GNU/Hurd guix-daemon depends on libfshelp. - case "$guix_system" in - *-gnu) - AC_CHECK_LIB([fshelp], [fshelp_start_translator]) - if test "x$ac_cv_lib_fshelp_fshelp_start_translator" != "xyes"; then - AC_MSG_ERROR([libfshelp (GNU Hurd) could not be found]) - fi - HURD_LIBS="-lfshelp";; - *) - HURD_LIBS="";; - esac - AC_SUBST([HURD_LIBS]) - case "$LIBGCRYPT_PREFIX" in no) LIBGCRYPT_CFLAGS="" diff --git a/nix/libstore/build.cc b/nix/libstore/build.cc index e5aa623f1f..461fcbc584 100644 --- a/nix/libstore/build.cc +++ b/nix/libstore/build.cc @@ -52,13 +52,7 @@ #endif -/* Chroot builds are supported both on GNU/Linux and on GNU/Hurd. */ -#if defined __linux__ || defined __GNU__ -# define CHROOT_ENABLED 1 -#else -# error unsupported operating system -#endif - +#define CHROOT_ENABLED HAVE_CHROOT && HAVE_SYS_MOUNT_H && defined(MS_BIND) && defined(MS_PRIVATE) #define CLONE_ENABLED defined(CLONE_NEWNS) #if defined(SYS_pivot_root) @@ -2004,7 +1998,6 @@ void DerivationGoal::runChild() if (setdomainname(domainname, sizeof(domainname)) == -1) throw SysError("cannot set domain name"); -#ifdef __linux__ /* Make all filesystems private. This is necessary because subtrees may have been mounted as "shared" (MS_SHARED). (Systemd does this, for instance.) Even @@ -2021,30 +2014,27 @@ void DerivationGoal::runChild() different filesystem from /, as needed for pivot_root. */ if (mount(chrootRootDir.c_str(), chrootRootDir.c_str(), 0, MS_BIND, 0) == -1) throw SysError(format("unable to bind mount ‘%1%’") % chrootRootDir); -#endif /* Set up a nearly empty /dev, unless the user asked to bind-mount the host /dev. */ Strings ss; if (dirsInChroot.find("/dev") == dirsInChroot.end()) { -#ifdef __linux__ createDirs(chrootRootDir + "/dev/shm"); createDirs(chrootRootDir + "/dev/pts"); - createSymlink("/proc/self/fd", chrootRootDir + "/dev/fd"); - createSymlink("/proc/self/fd/0", chrootRootDir + "/dev/stdin"); - createSymlink("/proc/self/fd/1", chrootRootDir + "/dev/stdout"); - createSymlink("/proc/self/fd/2", chrootRootDir + "/dev/stderr"); - ss.push_back("/dev/tty"); + ss.push_back("/dev/full"); +#ifdef __linux__ if (pathExists("/dev/kvm")) ss.push_back("/dev/kvm"); -#elif __GNU__ - ss.push_back("/servers"); #endif - ss.push_back("/dev/full"); ss.push_back("/dev/null"); ss.push_back("/dev/random"); + ss.push_back("/dev/tty"); ss.push_back("/dev/urandom"); ss.push_back("/dev/zero"); + createSymlink("/proc/self/fd", chrootRootDir + "/dev/fd"); + createSymlink("/proc/self/fd/0", chrootRootDir + "/dev/stdin"); + createSymlink("/proc/self/fd/1", chrootRootDir + "/dev/stdout"); + createSymlink("/proc/self/fd/2", chrootRootDir + "/dev/stderr"); } /* Fixed-output derivations typically need to access the @@ -2066,7 +2056,7 @@ void DerivationGoal::runChild() struct stat st; Path source = i->second; Path target = chrootRootDir + i->first; - + if (source == "/proc") continue; // backwards compatibility if (stat(source.c_str(), &st) == -1) throw SysError(format("getting attributes of path `%1%'") % source); if (S_ISDIR(st.st_mode)) @@ -2075,11 +2065,10 @@ void DerivationGoal::runChild() createDirs(dirOf(target)); writeFile(target, ""); } - if (firmlink(source, target) == -1) + if (mount(source.c_str(), target.c_str(), "", MS_BIND, 0) == -1) throw SysError(format("bind mount from `%1%' to `%2%' failed") % source % target); } -#ifdef __linux__ /* Bind a new instance of procfs on /proc to reflect our private PID namespace. */ createDirs(chrootRootDir + "/proc"); @@ -2107,16 +2096,11 @@ void DerivationGoal::runChild() Linux versions, it is created with permissions 0. */ chmod_(chrootRootDir + "/dev/pts/ptmx", 0666); } -#elif __GNU__ - /* Do not mount things that are implemented in user land: /proc, - /dev/shm, /dev/pts, etc. */ -#endif /* Do the chroot(). */ if (chdir(chrootRootDir.c_str()) == -1) throw SysError(format("cannot change directory to '%1%'") % chrootRootDir); -#ifdef __linux__ if (mkdir("real-root", 0) == -1) throw SysError("cannot create real-root directory"); @@ -2131,13 +2115,8 @@ void DerivationGoal::runChild() if (rmdir("real-root") == -1) throw SysError("cannot remove real-root directory"); -#elif __GNU__ - if (chroot(".") == -1) - throw SysError(format("cannot change root directory to '%1%'") % chrootRootDir); - -#endif } -#endif // CHROOT_ENABLED +#endif if (chdir(tmpDirInSandbox.c_str()) == -1) throw SysError(format("changing into `%1%'") % tmpDir); diff --git a/nix/libutil/util.cc b/nix/libutil/util.cc index 62ddec8126..82eac72120 100644 --- a/nix/libutil/util.cc +++ b/nix/libutil/util.cc @@ -23,41 +23,6 @@ #include #endif -#if HAVE_SYS_MOUNT_H -#include -#endif - -#ifdef __GNU__ - -extern "C" { - -/* XXX: uses 'new' as a parameter name. Work around it. */ -# define new new_param - -# include -# include -# include -# include - -# undef new - -/* XXX: is not C++-compatible. Copy these declarations to work - around it. */ - -typedef error_t (*fshelp_open_fn_t) (int flags, - file_t *node, - mach_msg_type_name_t *node_type, - task_t, void *cookie); - -extern error_t -fshelp_start_translator (fshelp_open_fn_t underlying_open_fn, void *cookie, - char *name, char *argz, int argz_len, - int timeout, fsys_t *control); - -} - -# define _HURD_FIRMLINK _HURD "firmlink" -#endif extern char * * environ; @@ -249,89 +214,6 @@ bool isLink(const Path & path) return S_ISLNK(st.st_mode); } -#if __linux__ - -int firmlink(const Path &source, const Path &target) -{ - return mount(source.c_str(), target.c_str(), "", MS_BIND, 0); -} - -#elif __GNU__ - -static error_t return_node (int flags, - mach_port_t *underlying, - mach_msg_type_name_t *underlying_type, - task_t task, void *node) -{ - *underlying = * (mach_port_t *) node; - *underlying_type = MACH_MSG_TYPE_COPY_SEND; - - return ESUCCESS; -} - -int firmlink(const Path &source, const Path &target) -{ - static char firmlink[] = _HURD_FIRMLINK; - char *arg_vec[] = { firmlink, (char *) source.c_str (), NULL }; - char *args = NULL; - size_t args_len; - - error_t err; - file_t target_file = MACH_PORT_NULL; - - printMsg (lvlChatty, format("creating firmlink from '%1%' to '%2%'") - % source % target); - - target_file = file_name_lookup (target.c_str (), O_NOTRANS, 0); - if (! MACH_PORT_VALID (target_file)) { - printMsg (lvlChatty, format("firmlink target '%s' unavailable: %s") - % target % strerror (errno)); - goto fail; - } - - err = argz_create (arg_vec, &args, &args_len); - if (err != 0) goto fail; - - mach_port_t control; - err = fshelp_start_translator (return_node, &target_file, - firmlink, args, args_len, - 3000, &control); - if (err) { - printMsg (lvlChatty, format("failed to start '%s' translator: %s") % - firmlink % strerror(errno)); - goto fail; - } - - free ((void *) args); - args = NULL; - - err = (error_t) file_set_translator (target_file, 0, FS_TRANS_SET, 0, - NULL, 0, - control, MACH_MSG_TYPE_COPY_SEND); - mach_port_deallocate (mach_task_self (), control); - mach_port_deallocate (mach_task_self (), target_file); - - if (err) { - printMsg (lvlChatty, format("failed to set '%s' translator on node '%s': %s") % - firmlink % target % strerror(errno)); - goto fail; - } - - return err; - -fail: - int saved_errno = errno; - if (MACH_PORT_VALID (target_file)) - mach_port_deallocate (mach_task_self (), target_file); - if (args != NULL) - free ((void *) args); - errno = saved_errno; - return -1; -} - -#elif -# error unsupported operating system -#endif DirEntries readDirectory(const Path & path) { @@ -429,27 +311,6 @@ static void _deletePath(const Path & path, unsigned long long & bytesFreed, size printMsg(lvlVomit, format("%1%") % path); -#ifdef __GNU__ - /* Check whether there's an active translator on PATH--typically - /hurd/firmlink. If there is one, let it go away. */ - { - file_t file = file_name_lookup (path.c_str (), O_NOTRANS, 0); - if (MACH_PORT_VALID (file)) { - fsys_t fsys; - int err = file_get_translator_cntl (file, &fsys); - mach_port_deallocate (mach_task_self (), file); - if (err == 0) { - /* There's a translator, tell it to leave. */ - err = fsys_goaway (fsys, FSYS_GOAWAY_FORCE | FSYS_GOAWAY_RECURSE); - mach_port_deallocate (mach_task_self (), fsys); - if (err != 0) { - throw SysError(format("removing translator from '%1%'") % path); - } - } - } - } -#endif - #ifdef HAVE_STATX # define st_mode stx_mode # define st_size stx_size diff --git a/nix/libutil/util.hh b/nix/libutil/util.hh index 2f33735e12..880b0e93b2 100644 --- a/nix/libutil/util.hh +++ b/nix/libutil/util.hh @@ -63,9 +63,6 @@ Path readLink(const Path & path); bool isLink(const Path & path); -/* Make TARGET a firmlink (aka. "bind mount") to SOURCE. */ -int firmlink(const Path & source, const Path & target); - /* Read the contents of a directory. The entries `.' and `..' are removed. */ struct DirEntry diff --git a/nix/local.mk b/nix/local.mk index f1094e26fb..61d59937e8 100644 --- a/nix/local.mk +++ b/nix/local.mk @@ -124,8 +124,7 @@ guix_daemon_CPPFLAGS = \ guix_daemon_LDADD = \ libstore.a libutil.a libformat.a -lz \ - $(SQLITE3_LIBS) $(LIBGCRYPT_LIBS) \ - $(HURD_LIBS) + $(SQLITE3_LIBS) $(LIBGCRYPT_LIBS) guix_daemon_headers = \ %D%/nix-daemon/shared.hh -- cgit v1.2.3