Skip to content

fakeroot: add patch to fix crashing on darwin#427036

Merged
wegank merged 1 commit intoNixOS:masterfrom
dibenzepin:push-zwxyxtwoxktl
Jul 21, 2025
Merged

fakeroot: add patch to fix crashing on darwin#427036
wegank merged 1 commit intoNixOS:masterfrom
dibenzepin:push-zwxyxtwoxktl

Conversation

@dibenzepin
Copy link
Contributor

@dibenzepin dibenzepin commented Jul 21, 2025

Things done

This adds a patch that fixes crashing on macOS.

Essentially Homebrew/homebrew-core#230109 but Nix. Fixes #327311.

$ nix-shell -p

[nix-shell:~]$ nix run nixpkgs#fakeroot id
dyld[7364]: symbol not found in flat namespace '_fstat$INODE64'
/nix/store/ffk3dds0mjxqj1zb3j7jqmfdh269v8sq-fakeroot-1.37.1.2/bin/fakeroot: line 178:  7364 Abort trap: 6           FAKEROOTKEY=$FAKEROOTKEY DYLD_INSERT_LIBRARIES="$FAKEROOT_LIB" "$@"

[nix-shell:~]$ nix run github:poopsicles/nixpkgs/push-zwxyxtwoxktl#fakeroot id
uid=0(root) gid=0(wheel) groups=0(wheel)
  • Built on platform:
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • Tested, as applicable:
  • Ran nixpkgs-review on this PR. See nixpkgs-review usage.
  • Tested basic functionality of all binary files, usually in ./result/bin/.
  • Nixpkgs Release Notes
    • Package update: when the change is major or breaking.
  • NixOS Release Notes
    • Module addition: when adding a new NixOS module.
    • Module update: when the change is significant.
  • Fits CONTRIBUTING.md, pkgs/README.md, maintainers/README.md and other READMEs.

Add a 👍 reaction to pull requests you find important.

@nixpkgs-ci nixpkgs-ci bot added 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. labels Jul 21, 2025
@dibenzepin dibenzepin changed the base branch from master to staging July 21, 2025 00:22
@nixpkgs-ci nixpkgs-ci bot closed this Jul 21, 2025
@nixpkgs-ci nixpkgs-ci bot reopened this Jul 21, 2025
@dibenzepin dibenzepin marked this pull request as ready for review July 21, 2025 00:37
@nixpkgs-ci nixpkgs-ci bot added the 9.needs: reviewer This PR currently has no reviewers requested and needs attention. label Jul 21, 2025
@nixpkgs-ci nixpkgs-ci bot added 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux. 10.rebuild-darwin: 1 This PR causes 1 package to rebuild on Darwin. and removed 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. labels Jul 21, 2025
@dibenzepin dibenzepin changed the base branch from staging to master July 21, 2025 01:09
@nixpkgs-ci nixpkgs-ci bot closed this Jul 21, 2025
@nixpkgs-ci nixpkgs-ci bot reopened this Jul 21, 2025
@wegank
Copy link
Member

wegank commented Jul 21, 2025

nixpkgs-review result

Generated using nixpkgs-review.

Command: nixpkgs-review pr 427036
Commit: 0228250f6facd75b7281790c60be49e81153307a


x86_64-darwin

✅ 1 package built:
  • fakeroot

aarch64-darwin

✅ 1 package built:
  • fakeroot

@wegank wegank merged commit 637d977 into NixOS:master Jul 21, 2025
47 checks passed
@dibenzepin dibenzepin deleted the push-zwxyxtwoxktl branch July 21, 2025 01:40
@al3xtjames
Copy link
Contributor

Thanks! I was planning on submitting this at some point, but it's good that it's already taken care of :)

BTW, I also set propagatedSandboxProfile as fakeroot uses System V IPC to communicate with the daemon (faked):

  propagatedSandboxProfile = ''
    ; Allow SYSV semaphores and shared memory.
    (allow ipc-sysv*)
  '';

Recent releases of Nix already allow this in the default sandbox profile but some implementations, including Lix, do not. Sandboxed builds which depend on fakeroot will otherwise fail due to permission errors.

@dibenzepin
Copy link
Contributor Author

dibenzepin commented Jul 23, 2025

@al3xtjames that's interesting...aren't the (regular) linux fakeroot builds sandboxed...shouldn't they fail when being used then?
i'm not running linux right now so i can't test it :(

EDIT: oh wait never mind, i had a look at your link, it's darwin-specific...hm, well maybe we can add tests?
so that they get executed both in and out of the sandbox and would catch things like this

@al3xtjames
Copy link
Contributor

IIRC Hydra builds with the sandbox disabled on Darwin as a lot of derivations will fail to build with the sandbox enabled. Nix/Lix also default to disabling it on Darwin.

@nixos-discourse
Copy link

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/dockertools-buildlayeredimage-fails-where-buildimage-succeeds/66438/4

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

9.needs: reviewer This PR currently has no reviewers requested and needs attention. 10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 10.rebuild-darwin: 1 This PR causes 1 package to rebuild on Darwin. 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

enableFakechroot doesn't work on darwin

4 participants