[Nix-dev] Feature request: replace the Darwin stdenv with the pure Darwin stdenv

Daniel Peebles pumpkingod at gmail.com
Thu Oct 1 18:41:27 CEST 2015 

Probably obvious, but I'm in favor of switching/merging :)

Given how badly this 10.11 change affected Homebrew too, this might be
enough of a kick to get a bigger and more active Darwin constituency in Nix.

On Wed, Sep 30, 2015 at 3:48 PM, Jude <me at jude.bio> wrote:

> Hi all, pikajude here, maintainer of the pure-darwin stdenv in nixpkgs.
>
> Over the past few days in ##nix-darwin, I've discovered that the impure
> Darwin stdenv on master is broken for nearly everyone due to Xcode 7's
> introduction of `.tbd` files for library stubs; see
> https://forums.developer.apple.com/thread/4572.
>
> As far as I have been able to investigate, .tbd compatibility is an Xcode
> 7-exclusive feature, and I'm not sure whether the changes required to use
> them are open-source yet. There is a temporary fix to downgrade to Xcode
> 6.4, but that will obviously only work for a limited time. For people who
> do use Xcode, I don’t want to restrict them to an older version because our
> nixpkgs stdenv completely fails at what it is intended to do.
>
> This continues the precedent of OSX updates breaking parts of nixpkgs
> without warning.
>
> pure-darwin mitigates this problem because the entire compiler toolchain
> and environment (save a symlink to libSystem, which won't be changing
> anytime soon) is in the Nix store. If I can get approval, I would love to
> replace the current Darwin stdenv with the pure one, because it would allow
> us to upgrade our toolchain on our own terms, as well as work nicely
> alongside any Xcode version a user would care to install.
>
> I would also like to merge the pure stdenv because it will result in us
> getting Hydra builds for it, which is the main roadblock that turns people
> off of using pure-darwin. Having Hydra build the pure stdenv also gives us
> an easy way to see which packages are broken on pure-darwin.
>
> Answers to some common questions:
>
> Q: Does pure-darwin fix the missing -lgcc_s.10.5 problem?
> A: Yes. In the Xcode update, libgcc_s.10.5.dylib was changed from a
> symlink to /usr/lib/libSystem.dylib to a text-based library stub that
> (AFAIK) only Xcode 7 can currently use. In pure-darwin, libgcc_s is still a
> symlink, so ld will understand it just fine.
>
> Q: Will pure-darwin break anything for me?
> A: Right now, probably. I’ve been largely the only pure-darwin maintainer
> for a few months, and my time and ability to fix packages are limited. I
> welcome you to try the pure-darwin stdenv to see if there are any broken
> packages. Over the next few days I will be working on building every
> package that claims to be Darwin-compatible, in order to weed out the
> remaining errors. Most fixes are trivial. About half of the broken packages
> I encounter just need to have libiconv added as a build input.
>
> If breakages concern you, you can use the “replaceStdenv” feature of your
> nixpkgs config to revert to the old stdenv for as long as necessary.
> Packages built with either stdenv will coexist peacefully.
>
> Q: Do I have to turn on the build sandbox to use pure-darwin?
> A: Not if you don’t want to. The sandbox is just an extra layer of
> security to make sure that the outside world isn’t polluting our builds,
> but it certainly isn’t mandatory. Even without the sandbox, your compiler
> will still be using its own toolchain, which means that Xcode updates will
> not break it.
>
> Q: How do I turn on the build sandbox?
> A: Add "build-use-chroot = true” to your /etc/nix/nix.conf. The sandbox is
> not enabled by default.
>
> Q: Anything else I need to know?
> A: In nix-1.10, the sandbox is very imperfect and will cause a lot of
> false negatives. This causes building polyml and Haskell packages to fail,
> among a few other things.
>
> Nix pull request #562 (https://github.com/NixOS/nix/pull/562) addresses
> these problems. If you intend to make heavy usage of the sandbox feature,
> you should definitely use the checkout of nix in that pull request until it
> gets merged into master.
>
> Again, if you’re worried about the sandbox breaking builds, feel free to
> disable it.
>
> Please let me know if you have other questions.
>
> Jude
>
> PS: Sorry for double-post! I sent an email from my old address, which is
> now stuck in the moderation queue.
>
> _______________________________________________
> nix-dev mailing list
> nix-dev at lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.science.uu.nl/pipermail/nix-dev/attachments/20151001/a16b4593/attachment-0001.html

More information about the nix-dev mailing list