mirror of
https://github.com/privatevoid-net/nix-super.git
synced 2024-11-27 00:06:16 +02:00
Use a private UTS namespace to provide a deterministic host/domain name to builders
In chroot builds, set the host name to "localhost" and the domain name to "(none)" (the latter being the kernel's default). This improves determinism a bit further. P.S. I have to idea what UTS stands for.
This commit is contained in:
parent
8da6772ed4
commit
5489086456
1 changed files with 7 additions and 1 deletions
|
@ -1793,7 +1793,7 @@ void DerivationGoal::startBuilder()
|
|||
IPC mechanisms (shared memory, message queues,
|
||||
semaphores). It also ensures that all IPC
|
||||
objects are destroyed when the builder exits. */
|
||||
if (unshare(CLONE_NEWNS | CLONE_NEWNET | CLONE_NEWIPC) == -1)
|
||||
if (unshare(CLONE_NEWNS | CLONE_NEWNET | CLONE_NEWIPC | CLONE_NEWUTS) == -1)
|
||||
throw SysError("cannot set up private namespaces");
|
||||
|
||||
/* Initialise the loopback interface. */
|
||||
|
@ -1808,6 +1808,12 @@ void DerivationGoal::startBuilder()
|
|||
|
||||
fd.close();
|
||||
|
||||
/* Set the hostname etc. to fixed values. */
|
||||
char hostname[] = "localhost";
|
||||
sethostname(hostname, sizeof(hostname));
|
||||
char domainname[] = "(none)"; // kernel default
|
||||
setdomainname(domainname, sizeof(domainname));
|
||||
|
||||
/* Bind-mount all the directories from the "host"
|
||||
filesystem that we want in the chroot
|
||||
environment. */
|
||||
|
|
Loading…
Reference in a new issue