nixos/lib/make-disk-image.nix: fix systemd-boot-builder clobbering /homeless-shelter

systemd-boot-builder.py calls nix-env --list-generations which creates
$HOME/.nix-defexpr/channels/nixos if it doesn't exist. This would cause a folder
/homeless-shelter to show up in the final image which in turn breaks nix builds
in the target image if sandboxing is turned off (as /homeless-shelter is never
allowed to exist).
This commit is contained in:
Arian van Putten 2024-03-01 12:52:48 +01:00
parent 5304897c5e
commit b75a29cb6c
2 changed files with 10 additions and 0 deletions

View file

@ -609,6 +609,13 @@ let format' = format; in let
''} ''}
# Set up core system link, bootloader (sd-boot, GRUB, uboot, etc.), etc. # Set up core system link, bootloader (sd-boot, GRUB, uboot, etc.), etc.
# NOTE: systemd-boot-builder.py calls nix-env --list-generations which
# clobbers $HOME/.nix-defexpr/channels/nixos This would cause a folder
# /homeless-shelter to show up in the final image which in turn breaks
# nix builds in the target image if sandboxing is turned off (through
# __noChroot for example).
export HOME=$TMPDIR
NIXOS_INSTALL_BOOTLOADER=1 nixos-enter --root $mountPoint -- /nix/var/nix/profiles/system/bin/switch-to-configuration boot NIXOS_INSTALL_BOOTLOADER=1 nixos-enter --root $mountPoint -- /nix/var/nix/profiles/system/bin/switch-to-configuration boot
# The above scripts will generate a random machine-id and we don't want to bake a single ID into all our images # The above scripts will generate a random machine-id and we don't want to bake a single ID into all our images

View file

@ -69,5 +69,8 @@ in
os.environ['NIX_DISK_IMAGE'] = tmp_disk_image.name os.environ['NIX_DISK_IMAGE'] = tmp_disk_image.name
machine.succeed("findmnt --kernel --source ${rootFsDevice} --target /") machine.succeed("findmnt --kernel --source ${rootFsDevice} --target /")
# Make sure systemd boot didn't clobber this
machine.succeed("[ ! -e /homeless-shelter ]")
''; '';
} }