From 67eb28466d25f08ccb8bbdcc5e95e4d88de065ba Mon Sep 17 00:00:00 2001
From: Ophestra <cat@gensokyo.uk>
Date: Tue, 25 Mar 2025 20:52:20 +0900
Subject: [PATCH] nix: create opengl-driver symlink
Signed-off-by: Ophestra <cat@gensokyo.uk>
---
nixos.nix | 23 +++++++++++++++++++++--
test/sandbox/case/mapuid.nix | 3 +--
test/sandbox/case/preset.nix | 3 +--
test/sandbox/case/tty.nix | 3 +--
4 files changed, 24 insertions(+), 8 deletions(-)
diff --git a/nixos.nix b/nixos.nix
index 2c5b5db..7186cd7 100644
--- a/nixos.nix
+++ b/nixos.nix
@@ -84,6 +84,8 @@ in
command = if app.command == null then app.name else app.command;
script = if app.script == null then ("exec " + command + " $@") else app.script;
enablements = with app.capability; (if wayland then 1 else 0) + (if x11 then 2 else 0) + (if dbus then 4 else 0) + (if pulse then 8 else 0);
+ isGraphical = if app.gpu != null then app.gpu else app.capability.wayland || app.capability.x11;
+
conf = {
inherit (app) id;
path = pkgs.writeScript "${app.name}-start" ''
@@ -91,6 +93,7 @@ in
${script}
'';
args = [ "${app.name}-start" ];
+
confinement = {
app_id = aid;
inherit (app) groups;
@@ -108,6 +111,7 @@ in
;
map_real_uid = app.mapRealUid;
direct_wayland = app.insecureWayland;
+
filesystem =
let
bind = src: { inherit src; };
@@ -135,8 +139,7 @@ in
(mustBind "/nix/var")
(bind "/var/db/nix-channels")
]
- ++ optionals (if app.gpu != null then app.gpu else app.capability.wayland || app.capability.x11) [
- (bind "/run/opengl-driver")
+ ++ optionals isGraphical [
(devBind "/dev/dri")
(devBind "/dev/nvidiactl")
(devBind "/dev/nvidia-modeset")
@@ -147,7 +150,23 @@ in
++ app.extraPaths;
auto_etc = true;
cover = [ "/var/run/nscd" ];
+
+ symlink = optionals (isGraphical && config.hardware.graphics.enable) (
+ [
+ [
+ config.systemd.tmpfiles.settings.graphics-driver."/run/opengl-driver"."L+".argument
+ "/run/opengl-driver"
+ ]
+ ]
+ ++ optionals (app.multiarch && config.hardware.graphics.enable32Bit) [
+ [
+ config.systemd.tmpfiles.settings.graphics-driver."/run/opengl-driver-32"."L+".argument
+ /run/opengl-driver-32
+ ]
+ ]
+ );
};
+
inherit enablements;
inherit (dbusConfig) session_bus system_bus;
};
diff --git a/test/sandbox/case/mapuid.nix b/test/sandbox/case/mapuid.nix
index c44a2ae..30969a4 100644
--- a/test/sandbox/case/mapuid.nix
+++ b/test/sandbox/case/mapuid.nix
@@ -113,7 +113,7 @@
proc = fs "8000016d" null null;
run = fs "800001c0" {
current-system = fs "8000016d" null null;
- opengl-driver = fs "8000016d" null null;
+ opengl-driver = fs "80001ff" null null;
user = fs "800001ed" {
"1000" = fs "800001ed" {
bus = fs "10001fd" null null;
@@ -201,7 +201,6 @@
(ent "/class" "/sys/class" "ro,nosuid,nodev,noexec,relatime" "sysfs" "sysfs" "rw")
(ent "/dev" "/sys/dev" "ro,nosuid,nodev,noexec,relatime" "sysfs" "sysfs" "rw")
(ent "/devices" "/sys/devices" "ro,nosuid,nodev,noexec,relatime" "sysfs" "sysfs" "rw")
- (ent ignore "/run/opengl-driver" "ro,nosuid,nodev,relatime" "overlay" "overlay" "rw,lowerdir=/mnt-root/nix/.ro-store,upperdir=/mnt-root/nix/.rw-store/upper,workdir=/mnt-root/nix/.rw-store/work,uuid=on")
(ent "/dri" "/dev/dri" "rw,nosuid" "devtmpfs" "devtmpfs" ignore)
(ent "/etc" "/.fortify/etc" "ro,nosuid,nodev,relatime" "ext4" "/dev/disk/by-label/nixos" "rw")
(ent "/" "/run/user" "rw,nosuid,nodev,relatime" "tmpfs" "tmpfs" "rw,size=4k,mode=755,uid=1000003,gid=1000003")
diff --git a/test/sandbox/case/preset.nix b/test/sandbox/case/preset.nix
index 57ac821..5366fd4 100644
--- a/test/sandbox/case/preset.nix
+++ b/test/sandbox/case/preset.nix
@@ -113,7 +113,7 @@
proc = fs "8000016d" null null;
run = fs "800001c0" {
current-system = fs "8000016d" null null;
- opengl-driver = fs "8000016d" null null;
+ opengl-driver = fs "80001ff" null null;
user = fs "800001ed" {
"65534" = fs "800001ed" {
bus = fs "10001fd" null null;
@@ -201,7 +201,6 @@
(ent "/class" "/sys/class" "ro,nosuid,nodev,noexec,relatime" "sysfs" "sysfs" "rw")
(ent "/dev" "/sys/dev" "ro,nosuid,nodev,noexec,relatime" "sysfs" "sysfs" "rw")
(ent "/devices" "/sys/devices" "ro,nosuid,nodev,noexec,relatime" "sysfs" "sysfs" "rw")
- (ent ignore "/run/opengl-driver" "ro,nosuid,nodev,relatime" "overlay" "overlay" "rw,lowerdir=/mnt-root/nix/.ro-store,upperdir=/mnt-root/nix/.rw-store/upper,workdir=/mnt-root/nix/.rw-store/work,uuid=on")
(ent "/dri" "/dev/dri" "rw,nosuid" "devtmpfs" "devtmpfs" ignore)
(ent "/etc" "/.fortify/etc" "ro,nosuid,nodev,relatime" "ext4" "/dev/disk/by-label/nixos" "rw")
(ent "/" "/run/user" "rw,nosuid,nodev,relatime" "tmpfs" "tmpfs" "rw,size=4k,mode=755,uid=1000001,gid=1000001")
diff --git a/test/sandbox/case/tty.nix b/test/sandbox/case/tty.nix
index ef7e3e8..65bdc19 100644
--- a/test/sandbox/case/tty.nix
+++ b/test/sandbox/case/tty.nix
@@ -114,7 +114,7 @@
proc = fs "8000016d" null null;
run = fs "800001c0" {
current-system = fs "8000016d" null null;
- opengl-driver = fs "8000016d" null null;
+ opengl-driver = fs "80001ff" null null;
user = fs "800001ed" {
"65534" = fs "800001ed" {
bus = fs "10001fd" null null;
@@ -203,7 +203,6 @@
(ent "/class" "/sys/class" "ro,nosuid,nodev,noexec,relatime" "sysfs" "sysfs" "rw")
(ent "/dev" "/sys/dev" "ro,nosuid,nodev,noexec,relatime" "sysfs" "sysfs" "rw")
(ent "/devices" "/sys/devices" "ro,nosuid,nodev,noexec,relatime" "sysfs" "sysfs" "rw")
- (ent ignore "/run/opengl-driver" "ro,nosuid,nodev,relatime" "overlay" "overlay" "rw,lowerdir=/mnt-root/nix/.ro-store,upperdir=/mnt-root/nix/.rw-store/upper,workdir=/mnt-root/nix/.rw-store/work,uuid=on")
(ent "/dri" "/dev/dri" "rw,nosuid" "devtmpfs" "devtmpfs" ignore)
(ent "/etc" "/.fortify/etc" "ro,nosuid,nodev,relatime" "ext4" "/dev/disk/by-label/nixos" "rw")
(ent "/" "/run/user" "rw,nosuid,nodev,relatime" "tmpfs" "tmpfs" "rw,size=4k,mode=755,uid=1000002,gid=1000002")