pkgsUbuntu.bionic: cross-compile variant targeting Ubuntu Bionic glibc 2.27#2
Open
PhilipTaronQ wants to merge 10 commits intoqumulo-masterfrom
Open
pkgsUbuntu.bionic: cross-compile variant targeting Ubuntu Bionic glibc 2.27#2PhilipTaronQ wants to merge 10 commits intoqumulo-masterfrom
PhilipTaronQ wants to merge 10 commits intoqumulo-masterfrom
Conversation
libtar/Makefile.in hardcodes `INSTALL_PROGRAM = @INSTALL_PROGRAM@ -s`, which runs bare `strip` during `make install`. This fails in cross builds where only the target-prefixed strip is available in PATH. Nix's fixup phase already handles stripping with the correct tool, so the flag is redundant even for native builds. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Since 7459fe9 (nodejs: make nodejs_* depend on nodejs-slim_*), npm was split into a separate output on nodejs-slim. The passthru.pkgs in nodejs.nix passes nodejs = self (slim) to node-env.nix, so npm was absent from buildInputs, causing "npm: command not found" during builds. Fix by adding nodejs.npm to buildInputs when the attribute exists.
…c 2.27 Uses nixpkgs cross-compilation with LLVM 21 and a crossOverlay that replaces glibc with Ubuntu Bionic's libc6/libc6-dev/linux-libc-dev extracted from .deb packages. Produces binaries linked against glibc 2.27. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Move the variant logic into pkgs/top-level/ubuntu-bionic.nix to avoid upstream merge conflicts in variants.nix and make per-package adjustments easy via let bindings. Disable wolfssl tests (NSS hostname resolution fails with vanilla glibc 2.27 inside the Nix sandbox). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Keep self.callPackage in variants.nix so ubuntu-bionic.nix never receives the outer package set. Merge the two crossOverlays into one. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Fix common build failures when cross-compiling against the Ubuntu Bionic (glibc 2.27, kernel 4.15) sysroot with LLVM 21: - Disable tests for 10 packages whose test suites try to execute cross-compiled binaries (gdbm, libarchive, libffi, libgcrypt, libgpg-error, libpsl, openssl, p11-kit, sqlite, unbound). - bash/bashNonInteractive: disable fortify hardening — Bionic's fortify headers redefine asprintf as a macro that conflicts with bash's own extern declaration in braces.c. - elfutils: suppress -Wunused-but-set-variable (promoted to error by -Werror; caught by clang but not gcc). - gnutls: disable kTLS (Bionic's 4.15 headers lack TLS_RX, AES-CCM structs) and C++ bindings (gnulib string.h conflicts with libc++). - python313: clear RUNSHARED in the generated Makefile — it sets LD_LIBRARY_PATH to the build dir, causing the native Python to load the cross-compiled libpython, which pulls in the sysroot's libpthread with GLIBC_PRIVATE symbols the build host lacks. - glib: disable GObject introspection — g-ir-scanner links a temporary binary against native libs that need GLIBC_2.29+. - gettext: force am_cv_func_iconv_works=yes (configure test tries to run a cross binary) and suppress -Wincompatible-function-pointer-types (clang 21 error in libtextstyle's iconv-ostream.c). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Build graphviz to produce libcgraph, libgvc, libgvpr, libpathplan, and libxdot for the Bionic sysroot. Drop gts, pango, and gd from buildInputs — these pull in glib variants with GObject introspection enabled through nixpkgs' cross-compilation splicing. The spliced glib variants bypass the crossOverlay's withIntrospection=false override, and g-ir-scanner fails because it links a temporary binary against both native libraries (needing GLIBC_2.29+) and the Bionic sysroot (glibc 2.27). The dropped deps are only needed for text rendering (pango), image output (gd), and 3D surface meshes (gts) — none of which are required by the core graph libraries. Also disable X11 support (withXorg=false) since the target environment doesn't have X libraries. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Build RPM to produce librpm, librpmbuild, librpmio, and librpmsign for the Bionic sysroot. Disable several RPM dependencies that can't cross-compile against the Bionic sysroot: - rpm-sequoia (Rust): build scripts are compiled and executed on the build host, but same-arch cross-compilation causes them to link against the sysroot's libpthread, which references GLIBC_PRIVATE symbols absent from the build host's glibc. Use RPM's internal OpenPGP implementation with libgcrypt instead. - audit: requires kernel headers newer than Bionic's 4.15 (linux/io_uring.h, AUDIT_ARCH_RISCV*). - systemd: requires glibc 2.28+ (threads.h, struct statx). - gnupg: stripped to minimal — disable pcsclite (needs dbus→audit), TPM2, OpenLDAP (needs systemd via cyrus-sasl), GUI, libusb (needs systemd-minimal-libs); force am_cv_func_iconv_works=yes for the same cross-compilation iconv detection issue as gettext. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Build wireshark-cli to produce libwireshark, libwiretap, and libwsutil for the Bionic sysroot. The Wireshark dependency chain hits several Bionic-incompatible packages. Fix them: - audit: requires kernel 4.18+ headers (io_uring.h, AUDIT_ARCH_RISCV*). Disable audit in linux-pam (withAudit=false) and dbus (audit=null). - systemd: requires glibc 2.28+ (threads.h, struct statx). Disable in dbus (enableSystemd=false). - libcap: disable Go (same-arch sysroot contamination makes build scripts load the cross libpthread) and PAM (needs audit). - libpcap: disable Bluetooth support — bluez depends on the dbus→audit chain. Override wireshark's libpcap' to use our bluez-free libpcap. - speexdsp/spandsp3: need Fortran (fftw) which can't cross-compile with our toolchain. Drop from buildInputs; disable sharkd and stratoshark (the only consumers of speexdsp). - lemon: CMake stores clang-specific flags (-Xclang -analyzer-disable-all-checks) then applies them when compiling lemon with the native gcc. Strip them from build.ninja. - NL80211_BAND_6GHZ: missing from Bionic's 4.15 kernel headers. Define it via NIX_CFLAGS_COMPILE. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
qcwallace
approved these changes
Mar 18, 2026
qcwallace
left a comment
qcwallace
left a comment
There was a problem hiding this comment.
the overall shape looks good. the bionic feedback is small enough that i'm fine however it gets ordered relative to merging. if you prefer to offload any of those items to me i'm happy to own them -- just comment as much.
- Use dpkg's unpack hook instead of manual dpkg-deb invocation - Combine two sed substitutions into one extended regex - Remove unnecessary conditional around arch-specific header copy (meta.platforms already constrains to x86_64-linux) - Remove unused bin output - Remove defensive || true on static lib copy Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
PhilipTaronQ
force-pushed
the
qumulo-master
branch
from
c0d0ed3 to
9781e1a
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds
pkgsUbuntu.bionic, a nixpkgs cross-compilation variant that produces binaries linked against Ubuntu Bionic's glibc 2.27. Instead of building glibc from source, it fetches Ubuntu's prebuilt libc6/libc6-dev/linux-libc-dev.debpackages and uses them as a sysroot.How it works
nixpkgsFun { crossSystem = { useLLVM = true; linker = "lld"; }; crossOverlays = [...]; }to set up cross-compilation with LLVM/clang/lldcrossOverlayreplaces the nixpkgsglibcwith the Ubuntu Bionic sysroot, which flows throughglibc → libc → wrapBintoolsWith → cc-wrapper → stdenv → all packagesCommits
.debpackagespkgsUbuntu.bionicentry pointstripin install)nodejs.npmtobuildInputswhen available (needed for cross builds)Verified
pkgsUbuntu.bionic.hellolinks only up to GLIBC_2.16pkgsUbuntu.bionic.libcxx(LLVM 21) links up to GLIBC_2.27, with separate libpthread/librt (pre-merge glibc)Test plan
nix-build -A pkgsUbuntu.bionic.hellobuilds and links only glibc ≤ 2.27 symbolsnix-build -A pkgsUbuntu.bionic.libcxxbuilds with correct glibc symbol versionsreadelf -Von built binaries shows no symbols beyond GLIBC_2.27🤖 Generated with Claude Code