Standalone Solaris build wrapper for Codex and its native dependencies.
This repo fetches and builds pinned versions of:
gnv8-solaris(librusty_v8.a+src_binding.rs)codex
Current support status:
- Solaris/x86 only for now
uname -pmust reporti386- SPARC is not supported in this wrapper
The wrapper keeps its own build state under:
build/downloadsbuild/toolchainsbuild/srcbuild/installsupport/src_binding_prebuilt.rs
cd solaris-codex
bash build-codex.shbuild-codex.sh is the main entry point. It:
- checks that the host is Solaris/x86
- downloads the pinned Rust toolchain into
build/toolchains - fetches the pinned GN, V8, and Codex sources into
build/src - vendors the Rust crate dependencies needed for V8 and Codex
- installs the pinned
bindgen-clihelper needed by the V8 GN build - builds and installs
gn - builds and installs
v8-solaris - builds and installs
codex
Installed artifacts end up in:
build/install/gn/bin/gnbuild/install/v8/lib/librusty_v8.abuild/install/v8/share/src_binding.rsbuild/install/codex/bin/codex
Quick verification:
build/install/gn/bin/gn --version
ls -l build/install/v8/lib/librusty_v8.a
build/install/codex/bin/codex --version- Rust is downloaded only once into
build/toolchains. - The wrapper uses the official Solaris Rust standalone installer target
x86_64-pc-solaris. - The pinned Codex source is the upstream
openai/codexrelease tagrust-v0.141.0, built from itscodex-rs/workspace. - Set
SOLARIS_CODEX_PROXY_SETUP=/path/to/proxy.shif your host needs an environment hook before downloads. - The codex build clears inherited Solaris
LD_*hardening variables because they broke the final Rust link with Solarisld.
The wrapper builds upstream Codex mostly as-is, but Solaris still needs a small
patch series under patches/codex/ before vendoring:
0001-process-hardening-enable-solaris-runtime-hardening.patchadds Solaris to the existing Unix runtime hardening path so Codex clearsLD_*at startup and disables core dumps the same way it already does on the BSD targets.0002-tui-disable-unsupported-clipboard-backends-on-solaris.patchdisables native clipboard image and text paths that have no maintained Solaris backend and leaves the SSH and OSC 52 text-copy path available.0004-config-host-name-use-solaris-ai-canonname-fallback.patchsupplies the SolarisAI_CANONNAMEvalue that the Rustlibccrate does not expose.0005-state-use-rollback-journal-on-solaris.patchkeeps Codex state databases off SQLite WAL mode on Solaris, avoiding-shmmmap failures on NFS-backed homes.0006-arg0-tolerate-solaris-stale-temp-cleanup.patchkeeps stale arg0 temp cleanup best-effort when Solaris/NFS reports non-empty directory races during startup.0007-app-server-daemon-use-fcntl-locks-on-solaris.patchreplaces unsupportedflock(2)daemon lifecycle locks with Solarisfcntl(2)locks.0008-http-client-honor-no-proxy-before-system-proxy.patchmakes exec-server HTTP requests honorNO_PROXY/no_proxyhosts before reqwest's system proxy lookup.0010-exec-server-drain-fs-helper-output-concurrently.patchkeeps large filesystem-helper responses from blocking on a full stdout pipe.
Before vendoring, patch_tui_solaris_terminal_input() keeps the TUI off
terminal capability probes that stalled some Solaris PTYs, replaces the
unreliable default crossterm::event::EventStream path with a Solaris input
reader, prefers an ASCII-safe presentation on older terminals, and redraws the
onboarding flow so the actionable step stays visible on smaller PTYs.
After cargo vendor, build-codex.sh still applies the remaining Solaris
vendored-crate rewrites in place:
patch_vendored_nix_termios()patch_vendored_tree_sitter_endian()patch_vendored_fslock()patch_vendored_onig_sys_alloca()patch_vendored_mio_event_ports()
Those helpers remain scripted because they also update vendored crate
.cargo-checksum.json, which makes static patch files awkward to maintain.
The mio event-ports rewrite applies the upstream proposal from
https://github.com/tokio-rs/mio/pull/1962, refreshed against the mio 1.2.0
crate version locked by Codex.
Pinned upstream refs live in versions.sh:
GN_GIT_URLGN_GIT_REFV8_GIT_URLV8_GIT_REFCODEX_GIT_URLCODEX_GIT_REF
You can override any of these temporarily with environment variables, but the normal published workflow is still just:
bash build-codex.shThe wrapper intentionally does not hardcode host-local absolute paths so the repository can be published on GitHub and reused on another Solaris system.
If you are refreshing this wrapper for a newer Codex pin, review the
patches/codex/*.patch series first. Those are the versioned upstream-source
Solaris workarounds and are the most likely places to need source-shape
updates. After that, check the remaining patch_vendored_* helpers in
build-codex.sh, because those still patch vendored crates and refresh
.cargo-checksum.json.
If you want to warm all fetches and vendored crates ahead of time, you can use:
bash prepare-sources.sh- The wrapper keeps patch files in
patches/. - The V8 patch set still applies against the fetched
rusty_v8source tree and its vendored dependencies.