[Nix-dev] Using nix to produce distributable binaries?

Tom Ridge tom.j.ridge at googlemail.com
Thu Aug 20 18:13:20 CEST 2015 

Thank you. These replies have been very useful. I have used patchelf
--set-rpath "" and patchelf --set-interpreter "/lib64/ld-linux-x86-64.so.2"
which seems to work (in the few situations I tested).

Tom

On 20 August 2015 at 16:57, Rob Vermaas <rob.vermaas at gmail.com> wrote:

> Distributable binaries have many issues, but it is possible. E.g. here
> is a piece of code I once wrote:
>
>   unnixify = input: pkgs.runCommand "${input.name}-unnixified"
>     {
>       dontPatchELF = true;
>       dontPatchShebangs = true;
>     }
>     ''
>
>     mkdir $out $out/.libs
>     cp -R ${input}/* $out
>
>     function copylibs()
>     {
>       for l in $(ldd $1 2> /dev/null | grep '=>' | cut -d' ' -f3); do
>         if [[ $l =~ glibc ]]; then continue; fi
>         cp -f $l $out/.libs
>       done
>     }
>
>     count=0
>     while true; do
>       echo Number of libraries until now: $count
>       for f in $(find $out -executable); do
>         copylibs $f
>       done
>       newcount=$(ls $out/.libs | wc -l)
>       if [ $newcount -eq $count ]; then
>         break
>       else
>         count=$newcount
>       fi
>     done
>
>     chmod u+w -R $out
>     find $out \( \
>          \( -type f -a -name "*.so*" \) -o \
>          \( -type f -a -perm +0100 \) \
>          \) | while read f; do
>       echo Patching $f
>       echo $f | sed "s|$out/||"
>       rel=$(dirname $(echo $f | sed "s|$out/||"))
>       rel=$(echo $rel | sed "s|[a-zA-Z0-9\._-]*|..|")
>       ${pkgs.patchelf}/bin/patchelf --set-rpath "\$ORIGIN/$rel/.libs" $f
> || true
>       ${pkgs.patchelf}/bin/patchelf --set-interpreter
> "/lib64/ld-linux-x86-64.so.2" $f || true
>     done
>   '';
>
> This copies every library the input depends on into the result, except
> for glibc, and sets the interpreter of binaries to
> /lib64/ld-linux-x86-64.so.2.
>
> Cheers,
> Rob
>
> On Thu, Aug 20, 2015 at 2:44 PM, Vladimír Čunát <vcunat at gmail.com> wrote:
> > Hello.
> >
> > On 08/20/2015 04:18 PM, Tom Ridge wrote:
> >> What is the recommended best practice for releasing binaries using nix?
> >> How can I remove the dependencies on the nix store?
> >
> > I'd patch the shebangs just by a sed command or something similar.
> > Binaries can be handled by patchelf.
> >
> > Anyway, for start I'd try to set dontPatchELF = true; and
> > dontPatchShebangs = true; in the nix expression. That might kill both
> > cases by itself.
> >
> >
> > Vladimir
> >
> >
> >
> > _______________________________________________
> > nix-dev mailing list
> > nix-dev at lists.science.uu.nl
> > http://lists.science.uu.nl/mailman/listinfo/nix-dev
> >
>
>
>
> --
> Rob Vermaas
>
> [email] rob.vermaas at gmail.com
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.science.uu.nl/pipermail/nix-dev/attachments/20150820/91631422/attachment-0001.html

More information about the nix-dev mailing list