Slendi/proot-bundler
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

a

Browse Source 
Signed-off-by: Slendi <slendi@socopon.com>
This commit is contained in:
Slendi
2025-09-16 17:03:30 +03:00
parent 08a263882d
commit fd8c0454f7
1 changed files with 2 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
flake.nix
View File

@@ -62,7 +62,7 @@
PAY="$PWD/payload" PAY="$PWD/payload"
mkdir -p "$PAY/nix/store" mkdir -p "$PAY/nix/store"
# 1) copy closure (no nix calls; uses closureInfo) # 1) copy closure
while IFS= read -r p; do while IFS= read -r p; do
cp -a --no-preserve=ownership "$p" "$PAY/nix/store/" cp -a --no-preserve=ownership "$p" "$PAY/nix/store/"
done < ${ci}/store-paths done < ${ci}/store-paths
@@ -91,26 +91,17 @@
#!/bin/sh #!/bin/sh
set -euf set -euf
umask 077 umask 077
# harden env
unset LD_PRELOAD LD_LIBRARY_PATH LD_AUDIT LD_DEBUG LD_PROFILE LD_USE_LOAD_BIAS LD_ORIGIN_PATH LD_ASSUME_KERNEL unset LD_PRELOAD LD_LIBRARY_PATH LD_AUDIT LD_DEBUG LD_PROFILE LD_USE_LOAD_BIAS LD_ORIGIN_PATH LD_ASSUME_KERNEL
: "''${TMPDIR:=/tmp}" : "''${TMPDIR:=/tmp}"
EXTRACT_DIR="$(mktemp -d "''${TMPDIR%/}/nxbdl.XXXXXX")" EXTRACT_DIR="$(mktemp -d "''${TMPDIR%/}/nxbdl.XXXXXX")"
cleanup() { [ -n "''${KEEP_BUNDLE:-}" ] || rm -rf "$EXTRACT_DIR"; } cleanup() { [ -n "''${KEEP_BUNDLE:-}" ] || rm -rf "$EXTRACT_DIR"; }
trap cleanup EXIT INT TERM trap cleanup EXIT INT TERM
ARCHIVE_LINE=$(awk '/^__ARCHIVE_BELOW__/ {print NR+1; exit 0}' "$0") ARCHIVE_LINE=$(awk '/^__ARCHIVE_BELOW__/ {print NR+1; exit 0}' "$0")
# portable vs tail -n +N
sed -n "''${ARCHIVE_LINE},\$p" "$0" | tar -xzf - -C "$EXTRACT_DIR" sed -n "''${ARCHIVE_LINE},\$p" "$0" | tar -xzf - -C "$EXTRACT_DIR"
BUNDLE_PWD="''${BUNDLE_PWD:-$PWD}" BUNDLE_PWD="''${BUNDLE_PWD:-$PWD}"
cd "$EXTRACT_DIR" cd "$EXTRACT_DIR"
APP_REL='__APP_REL__' APP_REL='__APP_REL__'
PROOT_REL='__PROOT_REL__' PROOT_REL='__PROOT_REL__'
# choose proot: env -> host -> bundled
if [ -n "''${BUNDLE_PROOT:-}" ] && command -v "''${BUNDLE_PROOT}" >/dev/null 2>&1; then if [ -n "''${BUNDLE_PROOT:-}" ] && command -v "''${BUNDLE_PROOT}" >/dev/null 2>&1; then
PROOT_BIN="''${BUNDLE_PROOT}" PROOT_BIN="''${BUNDLE_PROOT}"
elif command -v proot >/dev/null 2>&1; then elif command -v proot >/dev/null 2>&1; then
@@ -119,11 +110,8 @@
PROOT_BIN="$EXTRACT_DIR${PROOT_REL}" PROOT_BIN="$EXTRACT_DIR${PROOT_REL}"
fi fi
[ "''${BUNDLE_FORCE_BUNDLED_PROOT:-0}" = 1 ] && PROOT_BIN="$EXTRACT_DIR${PROOT_REL}" [ "''${BUNDLE_FORCE_BUNDLED_PROOT:-0}" = 1 ] && PROOT_BIN="$EXTRACT_DIR${PROOT_REL}"
# sanity
[ -x "$PROOT_BIN" ] || { echo "proot not found/executable: $PROOT_BIN" >&2; exit 127; } [ -x "$PROOT_BIN" ] || { echo "proot not found/executable: $PROOT_BIN" >&2; exit 127; }
[ -x "$EXTRACT_DIR''${APP_REL}" ] || { echo "app not found/executable: $EXTRACT_DIR''${APP_REL}" >&2; exit 127; } [ -x "$EXTRACT_DIR''${APP_REL}" ] || { echo "app not found/executable: $EXTRACT_DIR''${APP_REL}" >&2; exit 127; }
mkdir -p "$EXTRACT_DIR/etc" mkdir -p "$EXTRACT_DIR/etc"
cat > "$EXTRACT_DIR/etc/resolv.conf" <<'EOF' cat > "$EXTRACT_DIR/etc/resolv.conf" <<'EOF'
nameserver 9.9.9.9 nameserver 9.9.9.9
@@ -131,7 +119,6 @@
nameserver 1.1.1.1 nameserver 1.1.1.1
nameserver 1.0.0.1 nameserver 1.0.0.1
EOF EOF
"''${PROOT_BIN}" \ "''${PROOT_BIN}" \
-R / \ -R / \
-b "$EXTRACT_DIR/nix:/nix" \ -b "$EXTRACT_DIR/nix:/nix" \
@@ -140,7 +127,6 @@
-w "$BUNDLE_PWD" \ -w "$BUNDLE_PWD" \
"$EXTRACT_DIR''${APP_REL}" "$@" "$EXTRACT_DIR''${APP_REL}" "$@"
exit $? exit $?
__ARCHIVE_BELOW__ __ARCHIVE_BELOW__
SH SH
@@ -149,8 +135,8 @@
-e "s|__APP_REL__|$APP_REL|g" \ -e "s|__APP_REL__|$APP_REL|g" \
-e "s|__PROOT_REL__|${PROOT_REL}|g" \ -e "s|__PROOT_REL__|${PROOT_REL}|g" \
"$out" "$out"
chmod +x "$out"
cat "$_TMP/payload.tar.gz" >> "$out" cat "$_TMP/payload.tar.gz" >> "$out"
chmod +x "$out"
''; '';
}; };