NixOS 23.11 packages

A little more about overriding a Python package

No good findings.

And overriding python3 instead of python311 is not satisfactory, because it would only work for python3 and not python311. Overriding python311 works on both.

openssh

They added a bunch more references to /bin/sh in their tests. To recap, we can’t let it run /bin/sh in its tests, because the nixpkgs maintainers are running the openssh regress tests with libredirect, and libredirect is incompatible with the Glitch container’s old native libc.

I’ve rewritten the overlay to replace /bin/sh with a Nix-provided shell more widely. Previously, it had only done shebangs.

openexr

OpenEXR has a thread pool implementation. It has tests for that thread pool implementation. We run those tests when we build OpenEXR. That thread pool test tests resizing the thread pool. Resizing the thread pool starts new threads to make the thread pool bigger. To make the thread pool smaller, it joins all threads and starts new ones. The test randomly resizes the thread pool ten thousand times in a tight loop.

And that’s the backdrop for why last week I complained about that not working on Glitch Joining threads leaves something behind?.

Couldn’t figure out why. We’re joining the threads, right? We wouldn’t ever have more than 33 at a time. So why would we ever run out of cgroup tasks? Please post if you can figure this out :pray:

So I worked around it by reducing the number of iterations in the test to a much smaller number.

PEAR installer for PHP

There’s a part of the normal PHP distribution called PEAR. I have not looked into what it is, but someone on the internet said php: add optional `phpSrc` attribute by drupol · Pull Request #254556 · NixOS/nixpkgs · GitHub that the normal way to build PHP from source is to obtain PEAR by downloading this “install-pear-nozlib.phar” file from a website.

By some luck, that website published a new version of the file for the first time in two years on the same week I was trying to build PHP. Of course Nix does the right thing of making sure the file you get is the one the package definition expects, so it failed the build when it got this new unexpected version.

As usual, the workaround for this was to find a copy of the old version and download it with nix-prefetch-url.

I helped submit a change to use that URL to the old copy in the package definition php: use a versioned url for install-pear-nozlib.phar by wh0 · Pull Request #271972 · NixOS/nixpkgs · GitHub

new Nix test needing sandboxing

There was a new test that involved, and let me look this up nix help-stores - Nix Reference Manual —a “chroot” store, which requires the same features that Nix’s sandboxing uses (not just chroot actually, unshare as well).

The developers are merciful though. These tests that need sandboxing are skipped when you run tests on a system that doesn’t support it, as is the case on Glitch (no permission to use user namespaces).

A bug cause this new test not to be skipped completely on a system without sandbox support. I was able to patch this and submit the fix upstream tests: avoid a chroot store without sandbox support by wh0 · Pull Request #9529 · NixOS/nix · GitHub

how to specify derivation outputs

The version of Nix newly distributed in NixOS has changed how part of the command line interface works. Telling Nix to copy around a derivation’s outputs now requires a ^* after the derivation path. Otherwise, you’re now talking about the derivation file itself.

I rewrote my automatically-upload-what-I-build script to work with this :person_shrugging:


I could try

update: this thing wants me to build nodejs again, but “slim.” aaaaaaaaaaaaaaaaaaaaaaaaaaaa