[Nix-dev] Using nix to produce distributable binaries?
Tom Ridge
tom.j.ridge at googlemail.com
Thu Aug 20 18:13:20 CEST 2015
Thank you. These replies have been very useful. I have used patchelf
--set-rpath "" and patchelf --set-interpreter "/lib64/ld-linux-x86-64.so.2"
which seems to work (in the few situations I tested).
Tom
On 20 August 2015 at 16:57, Rob Vermaas <rob.vermaas at gmail.com> wrote:
> Distributable binaries have many issues, but it is possible. E.g. here
> is a piece of code I once wrote:
>
> unnixify = input: pkgs.runCommand "${input.name}-unnixified"
> {
> dontPatchELF = true;
> dontPatchShebangs = true;
> }
> ''
>
> mkdir $out $out/.libs
> cp -R ${input}/* $out
>
> function copylibs()
> {
> for l in $(ldd $1 2> /dev/null | grep '=>' | cut -d' ' -f3); do
> if [[ $l =~ glibc ]]; then continue; fi
> cp -f $l $out/.libs
> done
> }
>
> count=0
> while true; do
> echo Number of libraries until now: $count
> for f in $(find $out -executable); do
> copylibs $f
> done
> newcount=$(ls $out/.libs | wc -l)
> if [ $newcount -eq $count ]; then
> break
> else
> count=$newcount
> fi
> done
>
> chmod u+w -R $out
> find $out \( \
> \( -type f -a -name "*.so*" \) -o \
> \( -type f -a -perm +0100 \) \
> \) | while read f; do
> echo Patching $f
> echo $f | sed "s|$out/||"
> rel=$(dirname $(echo $f | sed "s|$out/||"))
> rel=$(echo $rel | sed "s|[a-zA-Z0-9\._-]*|..|")
> ${pkgs.patchelf}/bin/patchelf --set-rpath "\$ORIGIN/$rel/.libs" $f
> || true
> ${pkgs.patchelf}/bin/patchelf --set-interpreter
> "/lib64/ld-linux-x86-64.so.2" $f || true
> done
> '';
>
> This copies every library the input depends on into the result, except
> for glibc, and sets the interpreter of binaries to
> /lib64/ld-linux-x86-64.so.2.
>
> Cheers,
> Rob
>
> On Thu, Aug 20, 2015 at 2:44 PM, Vladimír Čunát <vcunat at gmail.com> wrote:
> > Hello.
> >
> > On 08/20/2015 04:18 PM, Tom Ridge wrote:
> >> What is the recommended best practice for releasing binaries using nix?
> >> How can I remove the dependencies on the nix store?
> >
> > I'd patch the shebangs just by a sed command or something similar.
> > Binaries can be handled by patchelf.
> >
> > Anyway, for start I'd try to set dontPatchELF = true; and
> > dontPatchShebangs = true; in the nix expression. That might kill both
> > cases by itself.
> >
> >
> > Vladimir
> >
> >
> >
> > _______________________________________________
> > nix-dev mailing list
> > nix-dev at lists.science.uu.nl
> > http://lists.science.uu.nl/mailman/listinfo/nix-dev
> >
>
>
>
> --
> Rob Vermaas
>
> [email] rob.vermaas at gmail.com
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.science.uu.nl/pipermail/nix-dev/attachments/20150820/91631422/attachment-0001.html
More information about the nix-dev
mailing list