···
# Whether to compile with SUID support
73
-
# newuidmapPath and newgidmapPath are to support --fakeroot
74
-
# where those SUID-ed executables are unavailable from the FHS system PATH.
73
+
# Extra system-wide /**/bin paths to prefix,
74
+
# useful to specify directories containing binaries with SUID bit set.
75
+
# The paths take higher precedence over the FHS system PATH specified
76
+
# inside the upstream source code.
77
+
# Include "/run/wrappers/bin" by default for the convenience of NixOS users.
78
+
systemBinPaths ? [ "/run/wrappers/bin" ],
# Path to SUID-ed newuidmap executable
80
+
# Deprecated in favour of systemBinPaths
81
+
# TODO(@ShamrockLee): Remove after Nixpkgs 24.05 branch-off
# Path to SUID-ed newgidmap executable
84
+
# Deprecated in favour of systemBinPaths
85
+
# TODO(@ShamrockLee): Remove after Nixpkgs 24.05 branch-off
externalLocalStateDir ? null,
···
vendorHash ? _defaultGoVendorArgs.vendorHash,
deleteVendor ? _defaultGoVendorArgs.deleteVendor,
proxyVendor ? _defaultGoVendorArgs.proxyVendor,
113
+
# Backward compatibility for privileged-un-utils.
114
+
# TODO(@ShamrockLee): Remove after Nixpkgs 24.05 branch-off.
if ((newuidmapPath == null) && (newgidmapPath == null)) then
109
-
(runCommandLocal "privileged-un-utils" { } ''
119
+
runCommandLocal "privileged-un-utils" { } ''
ln -s ${lib.escapeShellArg newuidmapPath} "$out/bin/newuidmap"
ln -s ${lib.escapeShellArg newgidmapPath} "$out/bin/newgidmap"
125
+
# Backward compatibility for privileged-un-utils.
126
+
# TODO(@ShamrockLee): Remove after Nixpkgs 24.05 branch-off.
128
+
lib.optional (privileged-un-utils != null) (lib.makeBinPath [ privileged-un-utils ])
129
+
++ args.systemBinPaths or [ "/run/wrappers/bin" ];
concatMapStringAttrsSep =
···
fuse2fs # Mount ext3 filesystems
210
-
privileged-un-utils
squashfsTools # mksquashfs unsquashfs # Make / unpack squashfs image
squashfuse # squashfuse_ll squashfuse # Mount (without unpacking) a squashfs image without privileges
] ++ lib.optional enableNvidiaContainerCli nvidia-docker;
···
lib.concatStringsSep " " [
(addShellDoubleQuotes (lib.escapeShellArg originalDefaultPath))
232
-
(addShellDoubleQuotes ''${lib.escapeShellArg originalDefaultPath}''${inputsDefaultPath:+:}$inputsDefaultPath'')
247
+
(addShellDoubleQuotes ''$systemDefaultPath''${systemDefaultPath:+:}${lib.escapeShellArg originalDefaultPath}''${inputsDefaultPath:+:}$inputsDefaultPath'')
···
# Respect PATH from the environment/the user.
# Fallback to bin paths provided by Nixpkgs packages.
wrapProgram "$out/bin/${projectName}" \
289
+
--suffix PATH : "$systemDefaultPath" \
--suffix PATH : "$inputsDefaultPath"
# Make changes in the config file
${lib.optionalString forceNvcCli ''
···
348
+
systemDefaultPath = lib.concatStringsSep ":" systemBinPaths;
inputsDefaultPath = lib.makeBinPath finalAttrs.defaultPathInputs;
passthru = prevAttrs.passthru or { } // {
inherit sourceFilesWithDefaultPaths;
pyrox.dev