aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEelco Dolstra <edolstra@gmail.com>2022-11-10 17:24:12 +0100
committerEelco Dolstra <edolstra@gmail.com>2022-11-10 17:24:12 +0100
commit6c6eff8ac40e2f5d7b6ff8e772feebb1aa484039 (patch)
tree9d23d9f926d64f4a1e6c6e43be9577efc6f293f3
parent05d258667d12b2decda87024a59250c43343b509 (diff)
Remove the SystemdCgroup feature
-rw-r--r--src/libstore/build/local-derivation-goal.cc23
-rw-r--r--src/libstore/build/local-derivation-goal.hh4
-rw-r--r--src/libutil/experimental-features.cc1
-rw-r--r--src/libutil/experimental-features.hh1
4 files changed, 8 insertions, 21 deletions
diff --git a/src/libstore/build/local-derivation-goal.cc b/src/libstore/build/local-derivation-goal.cc
index 45ea9968f..e652c425c 100644
--- a/src/libstore/build/local-derivation-goal.cc
+++ b/src/libstore/build/local-derivation-goal.cc
@@ -495,9 +495,6 @@ void LocalDerivationGoal::startBuilder()
}
}
- useSystemdCgroup = parsedDrv->getRequiredSystemFeatures().count("Systemd-cgroup");
- assert(!useSystemdCgroup);
-
if (useChroot) {
/* Allow a user-configurable set of directories from the
@@ -649,20 +646,18 @@ void LocalDerivationGoal::startBuilder()
dirsInChroot.erase(worker.store.printStorePath(*i.second.second));
}
- if (useSystemdCgroup) {
- settings.requireExperimentalFeature(Xp::SystemdCgroup);
- std::optional<Path> cgroup;
- if (!buildUser || !(cgroup = buildUser->getCgroup()))
- throw Error("feature 'systemd-cgroup' requires 'auto-allocate-uids = true' in nix.conf");
- chownToBuilder(*cgroup);
- chownToBuilder(*cgroup + "/cgroup.procs");
+ if (buildUser) {
+ if (auto cgroup = buildUser->getCgroup()) {
+ chownToBuilder(*cgroup);
+ chownToBuilder(*cgroup + "/cgroup.procs");
+ chownToBuilder(*cgroup + "/cgroup.threads");
+ //chownToBuilder(*cgroup + "/cgroup.subtree_control");
+ }
}
#else
if (parsedDrv->useUidRange())
throw Error("feature 'uid-range' is not supported on this platform");
- if (useSystemdCgroup)
- throw Error("feature 'systemd-cgroup' is not supported on this platform");
#if __APPLE__
/* We don't really have any parent prep work to do (yet?)
All work happens in the child, instead. */
@@ -673,8 +668,6 @@ void LocalDerivationGoal::startBuilder()
} else {
if (parsedDrv->useUidRange())
throw Error("feature 'uid-range' is only supported in sandboxed builds");
- if (useSystemdCgroup)
- throw Error("feature 'systemd-cgroup' is only supported in sandboxed builds");
}
if (needsHashRewrite() && pathExists(homeDir))
@@ -1845,7 +1838,7 @@ void LocalDerivationGoal::runChild()
/* Unshare the cgroup namespace. This means
/proc/self/cgroup will show the child's cgroup as '/'
rather than whatever it is in the parent. */
- if (useSystemdCgroup && unshare(CLONE_NEWCGROUP) == -1)
+ if (buildUser && buildUser->getUIDCount() != 1 && unshare(CLONE_NEWCGROUP) == -1)
throw SysError("unsharing cgroup namespace");
/* Do the chroot(). */
diff --git a/src/libstore/build/local-derivation-goal.hh b/src/libstore/build/local-derivation-goal.hh
index 61b0f9145..070ae53f3 100644
--- a/src/libstore/build/local-derivation-goal.hh
+++ b/src/libstore/build/local-derivation-goal.hh
@@ -41,10 +41,6 @@ struct LocalDerivationGoal : public DerivationGoal
Path chrootRootDir;
- /* Whether to make the 'systemd' cgroup controller available to
- the build. */
- bool useSystemdCgroup = false;
-
/* RAII object to delete the chroot directory. */
std::shared_ptr<AutoDelete> autoDelChroot;
diff --git a/src/libutil/experimental-features.cc b/src/libutil/experimental-features.cc
index 670079019..0f05f3752 100644
--- a/src/libutil/experimental-features.cc
+++ b/src/libutil/experimental-features.cc
@@ -15,7 +15,6 @@ std::map<ExperimentalFeature, std::string> stringifiedXpFeatures = {
{ Xp::FetchClosure, "fetch-closure" },
{ Xp::ReplFlake, "repl-flake" },
{ Xp::AutoAllocateUids, "auto-allocate-uids" },
- { Xp::SystemdCgroup, "systemd-cgroup" },
};
const std::optional<ExperimentalFeature> parseExperimentalFeature(const std::string_view & name)
diff --git a/src/libutil/experimental-features.hh b/src/libutil/experimental-features.hh
index c749d4767..cf0c06eac 100644
--- a/src/libutil/experimental-features.hh
+++ b/src/libutil/experimental-features.hh
@@ -24,7 +24,6 @@ enum struct ExperimentalFeature
FetchClosure,
ReplFlake,
AutoAllocateUids,
- SystemdCgroup,
};
/**