7 files changed, 55 insertions, 2 deletions

diff --git a/src/libstore/build/child.cc b/src/libstore/build/child.cc
new file mode 100644
index 000000000..a82a5eec9
--- /dev/null
+++ b/src/libstore/build/child.cc
@@ -0,0 +1,33 @@
+#include "current-process.hh"
+#include "logging.hh"
+
+namespace nix {
+
+void commonChildInit()
+{
+    logger = makeSimpleLogger();
+
+    const static std::string pathNullDevice = "/dev/null";
+    restoreProcessContext(false);
+
+    /* Put the child in a separate session (and thus a separate
+       process group) so that it has no controlling terminal (meaning
+       that e.g. ssh cannot open /dev/tty) and it doesn't receive
+       terminal signals. */
+    if (setsid() == -1)
+        throw SysError("creating a new session");
+
+    /* Dup stderr to stdout. */
+    if (dup2(STDERR_FILENO, STDOUT_FILENO) == -1)
+        throw SysError("cannot dup stderr into stdout");
+
+    /* Reroute stdin to /dev/null. */
+    int fdDevNull = open(pathNullDevice.c_str(), O_RDWR);
+    if (fdDevNull == -1)
+        throw SysError("cannot open '%1%'", pathNullDevice);
+    if (dup2(fdDevNull, STDIN_FILENO) == -1)
+        throw SysError("cannot dup null device into stdin");
+    close(fdDevNull);
+}
+
+}
diff --git a/src/libstore/build/child.hh b/src/libstore/build/child.hh
new file mode 100644
index 000000000..3dfc552b9
--- /dev/null
+++ b/src/libstore/build/child.hh
@@ -0,0 +1,11 @@
+#pragma once
+///@file
+
+namespace nix {
+
+/**
+ * Common initialisation performed in child processes.
+ */
+void commonChildInit();
+
+}
diff --git a/src/libstore/build/derivation-goal.cc b/src/libstore/build/derivation-goal.cc
index 5fa5deb7c..97ba994ad 100644
--- a/src/libstore/build/derivation-goal.cc
+++ b/src/libstore/build/derivation-goal.cc
@@ -5,7 +5,6 @@
 #include "builtins/buildenv.hh"
 #include "references.hh"
 #include "finally.hh"
-#include "util.hh"
 #include "archive.hh"
 #include "compression.hh"
 #include "common-protocol.hh"
diff --git a/src/libstore/build/hook-instance.cc b/src/libstore/build/hook-instance.cc
index ea4c2e508..86f72486e 100644
--- a/src/libstore/build/hook-instance.cc
+++ b/src/libstore/build/hook-instance.cc
@@ -1,3 +1,5 @@
+#include "child.hh"
+#include "file-system.hh"
 #include "globals.hh"
 #include "hook-instance.hh"
 
diff --git a/src/libstore/build/hook-instance.hh b/src/libstore/build/hook-instance.hh
index d84f62877..481158296 100644
--- a/src/libstore/build/hook-instance.hh
+++ b/src/libstore/build/hook-instance.hh
@@ -2,6 +2,7 @@
 ///@file
 
 #include "logging.hh"
+#include "processes.hh"
 #include "serialise.hh"
 
 namespace nix {
diff --git a/src/libstore/build/local-derivation-goal.cc b/src/libstore/build/local-derivation-goal.cc
index 9be780212..479b4ffeb 100644
--- a/src/libstore/build/local-derivation-goal.cc
+++ b/src/libstore/build/local-derivation-goal.cc
@@ -6,7 +6,6 @@
 #include "builtins/buildenv.hh"
 #include "path-references.hh"
 #include "finally.hh"
-#include "util.hh"
 #include "archive.hh"
 #include "compression.hh"
 #include "daemon.hh"
@@ -15,6 +14,8 @@
 #include "cgroup.hh"
 #include "personality.hh"
 #include "namespaces.hh"
+#include "child.hh"
+#include "unix-domain-socket.hh"
 
 #include <regex>
 #include <queue>
@@ -63,6 +64,11 @@ extern "C" int sandbox_init_with_parameters(const char *profile, uint64_t flags,
 
 namespace nix {
 
+/**
+ * The system for which Nix is compiled.
+ */
+constexpr std::string_view nativeSystem = SYSTEM;
+
 void handleDiffHook(
     uid_t uid, uid_t gid,
     const Path & tryA, const Path & tryB,
diff --git a/src/libstore/build/local-derivation-goal.hh b/src/libstore/build/local-derivation-goal.hh
index b7f317fb6..f3a83d42f 100644
--- a/src/libstore/build/local-derivation-goal.hh
+++ b/src/libstore/build/local-derivation-goal.hh
@@ -3,6 +3,7 @@
 
 #include "derivation-goal.hh"
 #include "local-store.hh"
+#include "processes.hh"
 
 namespace nix {