Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Nix package manager #59

Open
fornwall opened this issue Nov 19, 2015 · 37 comments

Comments

Projects
None yet
@fornwall
Copy link
Member

commented Nov 19, 2015

From @nico202 on November 19, 2015 15:58

Hi, has someone tried getting nix to work inside termux? This would mean to have lot of packages available.
Here's a guide to get it on various distro.
Thanks, Nicolò

Copied from original issue: termux/termux-app#18

@fornwall

This comment has been minimized.

Copy link
Member Author

commented Nov 19, 2015

Thanks for the suggestion @nico202! Will probably require PRoot, which is not available yet.

Leaving this open as a reminder (will probably go through all issues that are package suggestions and collect them in a wiki soon)!

@fornwall

This comment has been minimized.

Copy link
Member Author

commented Dec 6, 2015

Closing this now that https://github.com/termux/termux-packages/wiki/Package-suggestions contains package suggestions.

@fornwall fornwall closed this Dec 6, 2015

@Neo-Oli

This comment has been minimized.

Copy link
Member

commented Apr 23, 2016

Hi, I am reopening this issue. Package requests will now be labeled and tracked as an issue.

@Neo-Oli Neo-Oli reopened this Apr 23, 2016

@puffnfresh

This comment has been minimized.

Copy link

commented Apr 23, 2016

Looks like proot exists now so might be able to make this work, even including caching.

@edanaher

This comment has been minimized.

Copy link
Contributor

commented Jun 9, 2016

I'm not sure why proot would be necessary; AFAIK, nix just puts a bunch of stuff in /nix (or wherever you tell it to at build time) and does some symlink/path hackery to make the system look normal.

In any case, I've been working for a few days on getting nix on termux (if it works as well as I hope, it'll be far more elegant than re-packaging the entire world in termux-land, IMO). I got it to build, though Perl caused a bunch of issues that seem broken to me, but I just followed the path of least resistance and fixed it in place. (That describes my general approach; I do post-configure patching of Makefile.config because it's easier than trying to find the right flags to pass to configure to do the right thing ;) )

I've added a new package in my tree below, which (if I haven't forgotten anything) should build a nice nix-env binary (along with the others). Unfortunately, running them (on a Nexus 5 or sdk emulator) fails with a mysterious Invalid address 0xb6c9f66c passed to free: value not allocated. Occasionally they make it farther, but usually they fail combining strings deep in Boost/stl land.

I'd love a hand from more experienced C++ and/or android developers on how to troubleshoot this; none of the android glibc memory debugging seems to help, and staring at the code isn't getting me anywhere.

If anyone wants to take a look:

https://github.com/edanaher/termux-packages/tree/nix-wip

@edanaher

This comment has been minimized.

Copy link
Contributor

commented Jun 10, 2016

Well, after building and installing valgrind (PR in #310), it clearly showed an attempt to free _ZNSs4_Rep20_S_empty_rep_storageE; Googling this turned up a similar issue in MySQL from a few years back; in short, it looks like stl uses a global empty string for all fresh allocations, and then the destructor makes sure not to free this when it goes out of scope. Unfortunately, despite the code in the android sdk appearing to do the right thing, this isn't working for nix binaries.

AFAICT, the MySQL issue was due to it creating a second copy of this magic empty string, so one of them didn't pass the check to avoid being freed. Time to keep digging...

@edanaher

This comment has been minimized.

Copy link
Contributor

commented Jun 10, 2016

Finally! As is so often the case, a tangentially related stackoverflow post had the key:

By default NDK tool-chain will link your C++ shared lib's against a static version of GNU STL lib. However if you are using several shared lib's it is not acceptable to link against the static version of STL as each of your shared lib will have its own copy of STL. This will result in several copies of global vars defined in STL and may lead to memory leak or corruption

That fits in nicely with the duplicated symbol in MySQL. (And I'll probably add a note in the "Common porting problems" on this, to help future packagers.)

With this, nix builds, but for some reason not all the Perl modules are being installed, so it's not there yet. But this looks back to more straightforward "find the issue and fix it", rather than digging around deep in C++/linker land.

@edanaher

This comment has been minimized.

Copy link
Contributor

commented Jun 10, 2016

... and things now come close to working. With lots more hacking (including building Perl modules on the device... ew...), things are now failing because the script for unpacking channels (which appears to come from the channel itself) has a bunch of hardcoded /bin and /usr/bin paths for bash, tar, etc.

I think I need to take a break from this, but if anyone wants to pick it up, my work is at https://github.com/edanaher/termux-packages/tree/nix-wip . (with the additional bit that to get the Perl modules to build,

$ export LDLOADLIBS=/data/data/com.termux/files/usr/lib/libperl.so:/data/data/com.termux/files/usr/lib/libcurl.so
$ export LD_PRELOAD=/data/data/com.termux/files/usr/lib/libperl.so:/data/data/com.termux/files/usr/lib/libcurl.so
@iclanzan

This comment has been minimized.

Copy link

commented Apr 24, 2017

Has anyone managed to make more progress on this? Would love to be able to share nix configuration files between my laptop and phone.

@edanaher

This comment has been minimized.

Copy link
Contributor

commented Apr 25, 2017

I haven't, though I've been thinking about making another go at it in the near future; your comment might push me to do it.

@nico202

This comment has been minimized.

Copy link

commented Apr 25, 2017

I'd donate 5€ to get it in the near future if this can help XD
edit: increase the offer to 10€

@ghost

This comment has been minimized.

Copy link

commented May 13, 2017

This would turn toys into semi-computers. Should just entirely replace apt with nix.

@nico202

This comment has been minimized.

Copy link

commented Jun 14, 2017

@edanaher Still interested in it?

@edanaher

This comment has been minimized.

Copy link
Contributor

commented Jun 14, 2017

I did take another swing, but unfortunately had issues with changes to the system in the past year, and ended up spending the time (mostly successfully) trying to get termux to build via nix, rather than building nix via termux ;)

I'm still interested; it's just fairly low priority and other things keep coming up. Maybe these comments will help motivate me. (And while I'm not going to take the donation if I do end up doing it, the fact that someone is willing to pay is actually surprisingly meaningful to me.)

@edanaher

This comment has been minimized.

Copy link
Contributor

commented Jun 15, 2017

Alright; some free time tonight got me to realize that my build issues were due to my "cleanups" of the year-old termux build system interacting poorly with the newer (and rather nice) build. I got roughly back to where I was before, but with non-trivial issues due to changes in libcurl breaking WWW::Curl. AFAICT, there's a patch for the issue, but I don't see how to apply it as part of the build, because cpan is black magic to me.

I re-examined another path from a while back; ignoring termux and just using Nix to cross-compile itself for ARM, and then dumping the closure for nix-env into termux. (This should work without any of the android hackery termux uses, since it's self-contained, with it's own glibc and everything.) I got bash to cross-compile beautifully, running on my phone (Pixel) with minimal work (and termux-chroot to put the store in /nix), but sadly, cross-compiling nix itself was failing due to, shockingly enough, issues with the perl modules.

However, it turns out that Nix no longer depends on Perl: NixOS/nix@915f62f! It just requires using a prerelease Nix 1.12, which I'm currently building as a cross-compile, though I would expect it to also be plausible to build it via termux as well.

So with the long-awaited rewrite of the Perl code into C++, I suspect Nix-on-termux is imminent.

@puffnfresh

This comment has been minimized.

Copy link

commented Jun 15, 2017

Thanks @edanaher, I got Nix 1.12 building in Termux:

https://github.com/puffnfresh/termux-packages/tree/package/nix/packages/nix

There were a few workarounds needed because of the NDK.

Of course, running Nix isn't working for me because my root is read-only and so it can't create /nix - running it in proot gets me a bit further. I'll see if I can build a simple derivation.

@edanaher

This comment has been minimized.

Copy link
Contributor

commented Jun 15, 2017

@puffnfresh - Awesome! I wasn't looking forward to plowing through the various android ndk shortcomings (to be fixed in "the next version" every version since r9...), but looks like you got it done.

I've been testing by simply using "termux-chroot", which nicely wraps proot to do what you want. Sadly, on my (aarch64) Pixel, I'm getting nasty errors even before it gets to looking for /nix; even just --help fails:

-bash-4.4$ nix-env --help
Invalid address 0x7370473d10 passed to free: value not allocated
Aborted
-bash-4.4$ nix-env --help
Segmentation fault
-bash-4.4$ nix-store --help
Segmentation fault
-bash-4.4$ nix-store --help
Invalid address 0x7f83960d10 passed to free: value not allocated
Aborted

On the segfaults, I've gotten two different stack traces:

Program received signal SIGSEGV, Segmentation fault.
0x0000007fb7cc28e8 in pthread_mutex_lock () from /system/lib64/libc.so
(gdb) bt
#0  0x0000007fb7cc28e8 in pthread_mutex_lock () from /system/lib64/libc.so
#1  0x0000007fb7cd46ec in je_arena_dalloc_large () from /system/lib64/libc.so
#2  0x0000007fb7ce9c04 in je_free () from /system/lib64/libc.so
#3  0x0000003000019920 in void boost::io::detail::distribute<std::string&>(boost::basic_format&, std::string&) ()
#4  0x0000003000018ff8 in boost::basic_format& boost::io::detail::feed<std::string&>(boost::basic_format&, std::string&) ()
#5  0x0000007fb7a9ed14 in std::string nix::fmt<std::string, char const*>(std::string const&, std::string, char const*) () from /usr/lib/libnixstore.so
#6  0x0000007fb7a98a18 in nix::Settings::Settings() () from /usr/lib/libnixstore.so
#7  0x0000007fb79f1938 in ?? () from /usr/lib/libnixstore.so
#8  0x0000003f0000c9a8 in __dl__ZN6soinfo10call_arrayEPKcPPFvvEmb () from /system/bin/linker64
#9  0x0000003f0000ab64 in __dl__ZN6soinfo17call_constructorsEv () from /system/bin/linker64
#10 0x0000003f0000ab64 in __dl__ZN6soinfo17call_constructorsEv () from /system/bin/linker64
#11 0x0000003f00010224 in __dl__ZL29__linker_init_post_relocationR19KernelArgumentBlocky () from /system/bin/linker64
#12 0x0000003f0000f398 in __dl___linker_init () from /system/bin/linker64
#13 0x0000003f00006c58 in __dl__start () from /system/bin/linker64
Program received signal SIGSEGV, Segmentation fault.
0x0000007fb766f6bc in ifree () from /system/lib64/libc.so
(gdb) bt
#0  0x0000007fb766f6bc in ifree () from /system/lib64/libc.so
#1  0x0000007fb766fc04 in je_free () from /system/lib64/libc.so
#2  0x0000005555573fe8 in void boost::io::detail::distribute<std::string&>(boost::basic_format&, std::string&) ()
#3  0x00000055555736c0 in boost::basic_format& boost::io::detail::feed<std::string&>(boost::basic_format&, std::string&) ()
#4  0x0000007fb7bd7d14 in std::string nix::fmt<std::string, char const*>(std::string const&, std::string, char const*) ()
   from /data/data/com.termux/files/usr/lib/libnixstore.so
#5  0x0000007fb7bd1a18 in nix::Settings::Settings() () from /data/data/com.termux/files/usr/lib/libnixstore.so
#6  0x0000007fb7b2a938 in ?? () from /data/data/com.termux/files/usr/lib/libnixstore.so
#7  0x0000007fb7f589a8 in __dl__ZN6soinfo10call_arrayEPKcPPFvvEmb () from /system/bin/linker64
#8  0x0000007fb7f56b64 in __dl__ZN6soinfo17call_constructorsEv () from /system/bin/linker64
#9  0x0000007fb7f56b64 in __dl__ZN6soinfo17call_constructorsEv () from /system/bin/linker64
#10 0x0000007fb7f5c224 in __dl__ZL29__linker_init_post_relocationR19KernelArgumentBlocky () from /system/bin/linker64
#11 0x0000007fb7f5b398 in __dl___linker_init () from /system/bin/linker64
#12 0x0000007fb7f52c58 in __dl__start () from /system/bin/linker64

Maybe one time in twenty I'll get an error that there's no man page for it, suggesting that it worked. So there's something nasty and nondeterministic going on.

@puffnfresh

This comment has been minimized.

Copy link

commented Jun 15, 2017

@edanaher urgh, I don't have that problem. I think we'll have to use gdb on that 😿

Using termux-chroot I have a working /nix, but I can't realise "nix-channels" because the builder is /bin/bash, which needs LD_LIBRARY_PATH to be set so it can find libandroid-support.so - of course Nix doesn't want to run a builder with that in the environment.

I tried to use patchelf to set the rpath but that doesn't seem to have done anything.

@puffnfresh

This comment has been minimized.

Copy link

commented Jun 15, 2017

Judging from #498 (comment), it looks like the Android linker doesn't use rpath. I might have to write a dodgy wrapper around /bin/bash

@puffnfresh

This comment has been minimized.

Copy link

commented Jul 28, 2017

An update, I had to do some massive hacks but I am able to get Nix to give me binaries.

For example, nix-repl:

2017-07-28-104726_275x114_scrot

And Emacs:

2017-07-28-110142_652x82_scrot

There's a few problems:

  1. I have to download nixpkgs (git clone --depth 1) myself because nix-channel runs out of the 2GB memory on my device
  2. I have to export SSL_CERT_FILE=/data/data/com.termux/files/usr/etc/tls/cert.pem
  3. When executing a binary from Nix, you probably have to unset LD_LIBRARY_PATH otherwise you'll be mixing with Termux's binaries, which don't work together

I'll try to package my dodgy scripts and put them in a fork.

@iclanzan

This comment has been minimized.

Copy link

commented Jul 28, 2017

Terrific news! Thank you for the update and for your hard work!

@puffnfresh

This comment has been minimized.

Copy link

commented Aug 2, 2017

I have something for you to try out over here:

#1194

@arkanoid87

This comment has been minimized.

Copy link

commented May 10, 2018

I've successfully installed nix under proot

#1194 (comment)

@arkanoid87

This comment has been minimized.

Copy link

commented May 11, 2018

I've successfully compiled nix 2.0.2 in termux with just configure, make and a couple of minor changes in config.h and source code, but it is failing at the linking phase because libboost_context is missing in termux boost package.

#974

@arkanoid87

This comment has been minimized.

Copy link

commented May 13, 2018

after fixing libboost_context missing asm functions #2384 I have completed the linking phase and have the Nix executables installed in a local prefix.

Here's my current configure

./configure --prefix=/data/data/com.termux/files/nix/local --exec-prefix=/data/data/com.termux/files/nix/local --with-store-dir=/data/data/com.termux/files/nix/store --localstatedir=/data/data/com.termux/files/nix/var --disable-doc-gen

Problem. Each execution complains about missing exec_prefix variable

-bash-4.4$ ./nix-channel --update
unpacking channels...
error: undefined variable 'exec_prefix' at /data/data/com.termux/files/nix/local/share/nix/corepkgs/config.nix:14:40
(use '--show-trace' to show detailed location information)
error: program '/data/data/com.termux/files/nix/local/bin/nix-env' failed with exit code 1

I've also tried installing it with
make install exec_prefix=/data/data/com.termux/files/nix/local
but no success

Any idea?

@arkanoid87

This comment has been minimized.

Copy link

commented May 13, 2018

By fixing manually /data/data/com.termux/files/nix/local/share/nix/corepkgs/config.nix and setting manually the environment variable TMPDIR I have some working binaries, but internally they are not reading LD_LIBRARY_PATH

-bash-4.4$ ./nix-channel -vvvvv --update
locking path '/data/data/com.termux/files/home/.cache/nix/tarballs/071qfgdy82dkn58wqsv1ri3zlch4amvvfgn5vmwh9fvb4spcv18y-file'
lock acquired on '/data/data/com.termux/files/home/.cache/nix/tarballs/071qfgdy82dkn58wqsv1ri3zlch4amvvfgn5vmwh9fvb4spcv18y-file.lock'
download thread waiting for 10000 ms
acquiring global GC lock '/data/data/com.termux/files/nix/var/nix/gc.lock'
acquiring read lock on '/data/data/com.termux/files/nix/var/nix/temproots/16316'
acquiring write lock on '/data/data/com.termux/files/nix/var/nix/temproots/16316'
downgrading to read lock on '/data/data/com.termux/files/nix/var/nix/temproots/16316'
lock released on '/data/data/com.termux/files/home/.cache/nix/tarballs/071qfgdy82dkn58wqsv1ri3zlch4amvvfgn5vmwh9fvb4spcv18y-file.lock'
downloading 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url'...
starting download of https://nixos.org/channels/nixpkgs-unstable/binary-cache-url
curl: Couldn't find host nixos.org in the .netrc file; using defaults
download thread waiting for 10000 ms
download thread waiting for 10000 ms
download thread waiting for 10000 ms
curl:   Trying 54.217.220.47...
curl: TCP_NODELAY set
download thread waiting for 10000 ms
download thread waiting for 10000 ms
curl: Connected to nixos.org (54.217.220.47) port 443 (#0)
curl: ALPN, offering h2
curl: ALPN, offering http/1.1
curl: Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
curl: successfully set certificate verify locations:
  CAfile: /data/data/com.termux/files/usr/etc/tls/cert.pem
  CApath: none
curl: TLSv1.2 (OUT), TLS header, Certificate Status (22):
curl: TLSv1.2 (OUT), TLS handshake, Client hello (1):
download thread waiting for 10000 ms
curl: TLSv1.2 (IN), TLS handshake, Server hello (2):
curl: TLSv1.2 (IN), TLS handshake, Certificate (11):
curl: TLSv1.2 (IN), TLS handshake, Server key exchange (12):
curl: TLSv1.2 (IN), TLS handshake, Server finished (14):
curl: TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
curl: TLSv1.2 (OUT), TLS change cipher, Client hello (1):
curl: TLSv1.2 (OUT), TLS handshake, Finished (20):
download thread waiting for 10000 ms
curl: TLSv1.2 (IN), TLS change cipher, Client hello (1):
curl: TLSv1.2 (IN), TLS handshake, Finished (20):
curl: SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
curl: ALPN, server accepted to use http/1.1
curl: Server certificate:
curl:  subject: CN=nixos.org
curl:  start date: Mar 11 23:23:24 2018 GMT
curl:  expire date: Jun  9 23:23:24 2018 GMT
curl:  subjectAltName: host "nixos.org" matched cert's "nixos.org"
curl:  issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
curl:  SSL certificate verify ok.
download thread waiting for 10000 ms
download thread waiting for 10000 ms
got header for 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url': HTTP/1.1 302 Found
got header for 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url': Date: Sun, 13 May 2018 14:22:57 GMT
got header for 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url': Server: Apache/2.4.33 (Unix) OpenSSL/1.0.2n
got header for 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url': Strict-Transport-Security: max-age=15552000
got header for 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url': Location: https://d3g5gsiof5omrk.cloudfront.net/nixpkgs/nixpkgs-18.09pre139929.c839771129f/binary-cache-url
got header for 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url': Content-Length: 281
got header for 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url': Content-Type: text/html; charset=iso-8859-1
got header for 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url':
curl: Ignoring the response-body
curl: Connection #0 to host nixos.org left intact
curl: Issue another request to this URL: 'https://d3g5gsiof5omrk.cloudfront.net/nixpkgs/nixpkgs-18.09pre139929.c839771129f/binary-cache-url'
curl: Couldn't find host d3g5gsiof5omrk.cloudfront.net in the .netrc file; using defaults
download thread waiting for 10000 ms
download thread waiting for 10000 ms
download thread waiting for 10000 ms
download thread waiting for 10000 ms
curl:   Trying 13.32.176.46...
curl: TCP_NODELAY set
download thread waiting for 10000 ms
download thread waiting for 10000 ms
curl: Connected to d3g5gsiof5omrk.cloudfront.net (13.32.176.46) port 443 (#1)
curl: ALPN, offering h2
curl: ALPN, offering http/1.1
curl: Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
curl: successfully set certificate verify locations:
  CAfile: /data/data/com.termux/files/usr/etc/tls/cert.pem
  CApath: none
curl: TLSv1.2 (OUT), TLS header, Certificate Status (22):
curl: TLSv1.2 (OUT), TLS handshake, Client hello (1):
download thread waiting for 10000 ms
curl: TLSv1.2 (IN), TLS handshake, Server hello (2):
download thread waiting for 10000 ms
curl: TLSv1.2 (IN), TLS handshake, Certificate (11):
curl: TLSv1.2 (IN), TLS handshake, Server key exchange (12):
curl: TLSv1.2 (IN), TLS handshake, Server finished (14):
curl: TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
curl: TLSv1.2 (OUT), TLS change cipher, Client hello (1):
curl: TLSv1.2 (OUT), TLS handshake, Finished (20):
download thread waiting for 10000 ms
curl: TLSv1.2 (IN), TLS change cipher, Client hello (1):
curl: TLSv1.2 (IN), TLS handshake, Finished (20):
curl: SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
curl: ALPN, server accepted to use h2
curl: Server certificate:
curl:  subject: C=US; ST=Washington; L=Seattle; O=Amazon.com Inc.; CN=*.cloudfront.net
curl:  start date: Nov 22 00:00:00 2017 GMT
curl:  expire date: Nov 21 12:00:00 2018 GMT
curl:  subjectAltName: host "d3g5gsiof5omrk.cloudfront.net" matched cert's "*.cloudfront.net"
curl:  issuer: C=US; O=DigiCert Inc; CN=DigiCert Global CA G2
curl:  SSL certificate verify ok.
curl: Using HTTP2, server supports multi-use
curl: Connection state changed (HTTP/2 confirmed)
curl: Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
curl: Using Stream ID: 1 (easy handle 0x7d634226c0)
curl: Connection state changed (MAX_CONCURRENT_STREAMS == 128)!
download thread waiting for 10000 ms
download thread waiting for 10000 ms
got header for 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url': HTTP/2 200
got header for 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url': content-type: text/plain
got header for 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url': content-length: 23
got header for 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url': date: Sat, 12 May 2018 21:00:15 GMT
got header for 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url': last-modified: Sat, 12 May 2018 20:44:02 GMT
got header for 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url': etag: "188948fb275a6140d3de8190809b3d12"
got header for 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url': accept-ranges: bytes
got header for 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url': server: AmazonS3
got header for 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url': age: 62563
got header for 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url': x-cache: Hit from cloudfront
got header for 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url': via: 1.1 01bc7d0a3c0d74129161b322a39456ea.cloudfront.net (CloudFront)
got header for 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url': x-amz-cf-id: EGRu_AjlRURAUU82yOngV0fLtAsJZpgCyI8ruiNilFW6Bh3IZJefEg==
got header for 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url':
curl: Connection #1 to host d3g5gsiof5omrk.cloudfront.net left intact
finished download of 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url'; curl status = 0, HTTP status = 200, body = 23 bytes
download thread waiting for 10000 ms
locking path '/data/data/com.termux/files/home/.cache/nix/tarballs/12zgms82w6c4ykwa6bfji5ykg68c5z306lim2qa6ch71zd04p10m-file'
lock acquired on '/data/data/com.termux/files/home/.cache/nix/tarballs/12zgms82w6c4ykwa6bfji5ykg68c5z306lim2qa6ch71zd04p10m-file.lock'
acquiring write lock on '/data/data/com.termux/files/nix/var/nix/temproots/16316'
downgrading to read lock on '/data/data/com.termux/files/nix/var/nix/temproots/16316'
lock released on '/data/data/com.termux/files/home/.cache/nix/tarballs/12zgms82w6c4ykwa6bfji5ykg68c5z306lim2qa6ch71zd04p10m-file.lock'
unpacking channels...
CANNOT LINK EXECUTABLE "bash": library "libandroid-support.so" not found
builder for '/data/data/com.termux/files/nix/store/cn8dgx7hqx4g7gbfnxzc8w6ig7df9n2n-nixpkgs.drv' failed due to signal 6 (Aborted)
error: build of '/data/data/com.termux/files/nix/store/cn8dgx7hqx4g7gbfnxzc8w6ig7df9n2n-nixpkgs.drv' failed
error: program '/data/data/com.termux/files/nix/local/bin/nix-env' failed with exit code 100
download thread shutting down
-bash-4.4$
@arkanoid87

This comment has been minimized.

Copy link

commented May 14, 2018

I've managed how to initiate nix bootstrap, but it is failing in glob expansion.

More details here
NixOS/nix#2160

@ineff

This comment has been minimized.

Copy link

commented Nov 13, 2018

Hi everyone, I have new updates.
The install script for nix 2.1.3 seems to work...almost meaning that I have problems with nix-channel hostname resolution.

Here is what I have done so far:

  • download the installation script
  • use proot --bind=nix:/nix bash to make avaible /nix where install the store
  • unset LD_PRELOAD not to trouble the nix binaries
  • start the install script

So far the script

  • copies correctly the store in /nix/store
  • initialize the store with nix-store --init
    then it stops when it tries to get the new nixpkg-unstable with nix-channel --update

here the error message

warning: unable to download 'https://nixos.org/channels/nixpkgs-unstable': Couldn't resolve host name (6); retrying in 267 ms
warning: unable to download 'https://nixos.org/channels/nixpkgs-unstable': Couldn't resolve host name (6); retrying in 509 ms
warning: unable to download 'https://nixos.org/channels/nixpkgs-unstable': Couldn't resolve host name (6); retrying in 1044 ms
warning: unable to download 'https://nixos.org/channels/nixpkgs-unstable': Couldn't resolve host name (6); retrying in 2075 ms
error: unable to download 'https://nixos.org/channels/nixpkgs-unstable': Couldn't resolve host name (6)

Using the nix-provided busybox wget downloads correctly web pages, hence I do not understand what could be causing the error.

Any idea on how to trobleshoot the error?

@xeffyr

This comment has been minimized.

Copy link
Member

commented Nov 13, 2018

Couldn't resolve host name (6); retrying in 267 ms

@ineff Verify that file /etc/resolv.conf has nameserver entries.

@ineff

This comment has been minimized.

Copy link

commented Nov 13, 2018

@xeffyr there is no /etc/resolv.conf in termux, what is more is that standard commands as curl and wget work fine.

@t184256

This comment has been minimized.

Copy link

commented Feb 28, 2019

I think I figured it out. aarch64-only for now, but it's a start!

https://github.com/t184256/nix-in-termux

Quickstart:

Reddit post: https://www.reddit.com/r/NixOS/comments/avv87s/i_succeeded_in_running_nix_on_android_for_now/

@Gerschtli

This comment has been minimized.

Copy link

commented Mar 5, 2019

How about adding https://github.com/nix-community/nix-user-chroot as a package?

@xeffyr

This comment has been minimized.

Copy link
Member

commented Mar 6, 2019

How about adding https://github.com/nix-community/nix-user-chroot as a package?

So readme of https://github.com/nix-community/nix-user-chroot says:

Nix-user-chroot requires user namespaces to perform its task

Check if your kernel supports user namespaces for unprivileged users

Android kernels don't support user namespaces at all. So nix-user-chroot will not be added.

@benley

This comment has been minimized.

Copy link

commented Mar 6, 2019

Android kernels don't support user namespaces at all. So nix-user-chroot will not be added.

Is this true for Chromium OS as well? It looks like the kernel may have it enabled, but I don't know if the feature is usable in the Android runtime: https://chromium.googlesource.com/chromium/src/+/lkgr/docs/linux_sandboxing.md#user-namespaces-sandbox

@xeffyr

This comment has been minimized.

Copy link
Member

commented Mar 6, 2019

Kernel may have it enabled. But are they allowed for unprivileged users ?

Answer to questions you can find with simple command (package coreutils needed):

unshare --user --pid echo "userns allowed"

If they allowed, you will see

userns allowed

If not:

unshare: unshare failed: Operation not permitted

If they are not supported:

unshare: unshare failed: Invalid argument
@benley

This comment has been minimized.

Copy link

commented Mar 6, 2019

Aha, thank you. Just checked on a Samus (pixel 2015) running ChromeOS 72.0.3626.122:

$ uname -a
Linux localhost 3.14.0 #1 SMP PREEMPT Sun Mar 3 23:00:05 PST 2019 i686 Android
$ unshare --user --pid echo "userns allowed"
unshare: unshare failed: Operation not permitted

(the unshare command appears to come from util-linux and not coreutils, btw)

It may be worth having someone check this on a more recent chromebook that has Crostini support, because they have a bunch of new kernel features not enabled in the chromium 3.14 kernel. But then again, on a chromebook that can run crostini containers/VMs, users are less likely to need termux in the first place.

@t184256

This comment has been minimized.

Copy link

commented Mar 6, 2019

Could somebody explaint what's the problem with that? I can use Nix just fine if I disable sandboxing. Do you value that feature so much that it's a showstopper for you?

In addition to the script I've posted above, I have also packaged Nix as a separate app. You can try it for yourself by installing https://transfer.sh/46PBk/nix-on-droid.apk or looking how I made it work at https://github.com/t184256/nix-on-droid-app and https://github.com/t184256/nix-on-droid-bootstrap.

If there's a particular use case that neither of my creations can cover, I'm all ears. I really want to bring Nix to Android, what can I do for you?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.