chore: refactor systemd sysext packages

This commit is contained in:
Lars Sjöström 2025-06-17 22:07:47 +02:00
commit dff614f46d
No known key found for this signature in database
4 changed files with 65 additions and 55 deletions

View file

@ -40,59 +40,12 @@
qemu-uefi-tpm = pkgs.callPackage ./utils/qemu-uefi-tpm.nix { };
qemu-aarch64-uefi-tpm = pkgs.callPackage ./utils/qemu-aarch64-uefi-tpm.nix { };
firewall-sysext = pkgs.callPackage ./lib/make-sysext.nix {
name = "firewall-tools";
version = "0.0.1";
packages = [
# network/firewalling
{ drv = pkgs.iproute2; path = "bin/"; }
{ drv = pkgs.nftables; path = "bin/"; }
{ drv = pkgs.wireguard-tools; path = "bin/.wg-wrapped"; destpath = "bin/wg"; }
# deps
{ drv = pkgs.nftables; path = "lib/"; }
{ drv = pkgs.libnftnl; path = "lib/"; }
{ drv = pkgs.iptables; path = "lib/"; }
{ drv = pkgs.libgcc.lib; path = "lib/"; }
{ drv = pkgs.libgcc; path = "lib/"; }
{ drv = pkgs.libmnl; path = "lib/"; }
{ drv = pkgs.gmp; path = "lib/"; }
{ drv = pkgs.jansson.out; path = "lib/"; }
{ drv = pkgs.ncurses.out; path = "lib/"; }
{ drv = pkgs.libedit; path = "lib/"; }
];
};
# systemd sysext packages
debug-tools = pkgs.callPackage ./pkgs/sysext/debug-tools.nix { };
debug-tools-aarch64 = pkgsCross.callPackage ./pkgs/sysext/debug-tools.nix { };
debug-tools-sysext = pkgs.callPackage ./lib/make-sysext.nix {
name = "debug-tools";
version = "0.0.1";
packages = [
{ drv = pkgs.curl; path = "bin/"; }
{ drv = pkgs.bash; path = "bin/"; }
{ drv = pkgs.keyutils; path = "bin/"; }
{ drv = pkgs.gnutar; path = "bin/"; }
{ drv = pkgs.strace; path = "bin/"; }
{ drv = pkgs.cryptsetup; path = "bin/"; }
{ drv = pkgs.erofs-utils; path = "bin/"; }
{ drv = pkgs.binutils-unwrapped; path = "bin/"; }
{ drv = pkgs.binutils-unwrapped.lib; path = "lib/"; }
{ drv = pkgs.util-linuxMinimal; path = "bin/"; }
{ drv = pkgs.util-linuxMinimal.mount; path = "bin/"; }
{ drv = pkgs.util-linuxMinimal.login; path = "bin/"; }
{ drv = pkgs.util-linuxMinimal.swap; path = "bin/"; }
{ drv = pkgs.patos.glibc; path = "bin/ldd"; }
{ drv = pkgs.patos.tpm2-tools; path = "bin/tpm2"; }
{ drv = pkgs.patos.openssl; path = "bin/openssl"; }
# shared lib required for mkfs.erofs
{ drv = pkgs.lz4.lib; path = "lib/"; }
# shared lib required for cryptsetup
{ drv = pkgs.popt; path = "lib/"; }
# shared lib required for strace
{ drv = pkgs.elfutils.out; path = "lib/"; }
# shared lib required for bash
{ drv = pkgs.readline.out; path = "lib/"; }
{ drv = pkgs.ncurses.out; path = "lib/"; }
];
};
firewall-tools = pkgs.callPackage ./pkgs/sysext/firewall-tools.nix { };
firewall-tools-aarch64 = pkgsCross.callPackage ./pkgs/sysext/firewall-tools.nix { };
};
checks = {

View file

@ -39,7 +39,7 @@ runCommand name
inherit metadataFile;
passAsFile = [ "metadataFile" ];
buildInputs = [
nativeBuildInputs = [
pkgs.erofs-utils
pkgs.cryptsetup
];
@ -74,7 +74,9 @@ runCommand name
cp -rPv "$srcfile" "$basedir"
chmod -R 755 "$basedir"
for f in $destfile/*; do
patchelf --set-interpreter /lib/ld-linux-x86-64.so.2 $f || true
interpreter=$(patchelf --print-interpreter $f || echo "")
[ -n "$interpreter" ] && ldLinux=$(basename $interpreter)
patchelf --set-interpreter /lib/$ldLinux $f || true
patchelf --set-rpath /usr/lib $f || true
done
return
@ -83,8 +85,10 @@ runCommand name
cp -Pv "$srcfile" "$destfile"
chmod 755 "$destfile"
interpreter=$(patchelf --print-interpreter $destfile || echo "")
[ -n "$interpreter" ] && ldLinux=$(basename $interpreter)
patchelf --set-rpath /usr/lib $destfile || true
patchelf --set-interpreter /lib/ld-linux-x86-64.so.2 $destfile || true
patchelf --set-interpreter /lib/$ldLinux $destfile || true
}
mkdir -p $out/tree

View file

@ -0,0 +1,32 @@
{ pkgs }:
pkgs.callPackage ../../lib/make-sysext.nix {
name = "debug-tools";
version = "0.0.1";
packages = [
{ drv = pkgs.curl; path = "bin/"; }
{ drv = pkgs.bash; path = "bin/"; }
{ drv = pkgs.keyutils; path = "bin/"; }
{ drv = pkgs.gnutar; path = "bin/"; }
{ drv = pkgs.strace; path = "bin/"; }
{ drv = pkgs.cryptsetup; path = "bin/"; }
{ drv = pkgs.erofs-utils; path = "bin/"; }
{ drv = pkgs.binutils-unwrapped; path = "bin/"; }
{ drv = pkgs.binutils-unwrapped.lib; path = "lib/"; }
{ drv = pkgs.util-linuxMinimal; path = "bin/"; }
{ drv = pkgs.util-linuxMinimal.mount; path = "bin/"; }
{ drv = pkgs.util-linuxMinimal.login; path = "bin/"; }
{ drv = pkgs.util-linuxMinimal.swap; path = "bin/"; }
{ drv = pkgs.patos.glibc; path = "bin/ldd"; }
{ drv = pkgs.patos.tpm2-tools; path = "bin/tpm2"; }
{ drv = pkgs.patos.openssl; path = "bin/openssl"; }
# shared lib required for mkfs.erofs
{ drv = pkgs.lz4.lib; path = "lib/"; }
# shared lib required for cryptsetup
{ drv = pkgs.popt; path = "lib/"; }
# shared lib required for strace
{ drv = pkgs.elfutils.out; path = "lib/"; }
# shared lib required for bash
{ drv = pkgs.readline.out; path = "lib/"; }
{ drv = pkgs.ncurses.out; path = "lib/"; }
];
}

View file

@ -0,0 +1,21 @@
{ pkgs }:
pkgs.callPackage ../../lib/make-sysext.nix {
name = "firewall-tools";
version = "0.0.1";
packages = [
# network/firewalling
{ drv = pkgs.iproute2; path = "bin/"; }
{ drv = pkgs.nftables; path = "bin/"; }
{ drv = pkgs.wireguard-tools; path = "bin/.wg-wrapped"; destpath = "bin/wg"; }
# deps
{ drv = pkgs.nftables; path = "lib/"; }
{ drv = pkgs.libnftnl; path = "lib/"; }
{ drv = pkgs.iptables; path = "lib/"; }
{ drv = pkgs.libgcc; path = "lib/"; }
{ drv = pkgs.libmnl; path = "lib/"; }
{ drv = pkgs.gmp; path = "lib/"; }
{ drv = pkgs.jansson.out; path = "lib/"; }
{ drv = pkgs.ncurses.out; path = "lib/"; }
{ drv = pkgs.libedit; path = "lib/"; }
];
}