Git Product home page Git Product logo

nix-appimage's People

Contributors

danobi avatar ralismark avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar

Forkers

573 vivlim kiruyamomochi glitzflitz danobi silky rucadi shen390s cloudef tek endered

nix-appimage's Issues

Fails for applications that use user namespaces

My native unshare works:

$ unshare -U echo hi
hi
$ echo $?
0

But the AppImage doesn't:

$ ./bundle util-linux /bin/unshare
$ ./unshare-x86_64.AppImage -U echo hi
unshare-x86_64.AppImage: unshare failed: Operation not permitted
$ echo $?
1

I believe this is the reason Steam, Chromium, and Electron apps don't work:

$ ./steam-x86_64.AppImage
bwrap: No permissions to creating new namespace, likely because the kernel does not allow non-privileged user namespaces. On e.g. debian this can be enabled with 'sysctl kernel.unprivileged_userns_clone=1'.

$ ./ungoogled-chromium-122.0.6261.69-x86_64.AppImage
[52161:52161:0226/172919.336302:FATAL:setuid_sandbox_host.cc(158)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /nix/store/zamhhinmqjvvxj1ipfijvrpqs85q3rc0-ungoogled-chromium-122.0.6261.69-sandbox/bin/__chromium-suid-sandbox is owned by root and has mode 4755.
Trace/breakpoint trap (core dumped)

$ ./bitwarden-2024.2.0-x86_64.AppImage
[60941:0226/173049.236563:FATAL:setuid_sandbox_host.cc(158)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /nix/store/9zw7gk36f07lnn6y60ksd2s063q46ri1-electron-28.2.2/libexec/electron/chrome-sandbox is owned by root and has mode 4755.
Trace/breakpoint trap (core dumped)

This article suggests that this is not a fundamental limitation of the AppImage format; assuming unprivileged user namespaces are enabled in the kernel, Electron AppImages can be run without disabling their sandbox.

Does this solve the issues with OpenGL?

This looks very promising. Have been looking for ages for a solution to generate working for generating appimage applications for OpenGL applications. nix-bundle has issues with it all attempts to find a workaround (documented in that thread and related PRs) have failed for me.

This project, due to it's ability to not bring glibc, looks promising. However since it doesn't include a desktop file, maybe it is not intended to fix the OpenGL issue? Is this supported or part of the road-map?

Not an issues

This is not a problem but I wanted to say that you had a great idea.
Right now I have some time and connection restrictions but if I can I would like to be able to try your script.
I am a fan of live minimal distros with portable packages (like alpine or tinycore) however it would be great to be able to build the distro packages from the nix repository.

Bundling local derivations

How would I go about bundling a derivation that I've written? I've tried the obvious nix bundle --bundler github:ralismark/nix-appimage -f default.nix, but that doesn't seem to work.

Fail to build python script from nixpkgs as appimage

Hello, i used nix-appimage in the past and it was a joy! However i'm now failing when trying to build a weasyprint appimage. Here's the output:

$ nix bundle --bundler github:ralismark/nix-appimage nixpkgs#python311Packages.weasyprint
error:
       … while calling the 'derivationStrict' builtin

         at //builtin/derivation.nix:9:12: (source not available)

       … while evaluating derivation 'python3.11-weasyprint-59.0-x86_64.AppImage'
         whose name attribute is located at /nix/store/d5c6h5p16jg2rna7db5y4s3y19dmwvx6-source/pkgs/stdenv/generic/make-derivation.nix:278:7

       … while evaluating attribute 'buildCommand' of derivation 'python3.11-weasyprint-59.0-x86_64.AppImage'

         at /nix/store/d5c6h5p16jg2rna7db5y4s3y19dmwvx6-source/pkgs/build-support/trivial-builders.nix:73:14:

           72|     stdenv.mkDerivation ({
           73|       inherit buildCommand name;
             |              ^
           74|       passAsFile = [ "buildCommand" ]

       error: main program /nix/store/1z9djg8r09lfpri1mlzf2cbqi8hsmr19-python3.11-weasyprint-59.0/bin/python3.11-weasyprint does not exist

I guess it's because the executable is called weasyprint and not python3.11-weasyprint. I think it's related to #3. Alternatively, is there something to fix on the package itself to make that possible?

EDIT: Manually creating a symlink in the nix store (yes that's evil!) made it work. I'll use that workaround for the moment but it's not elegant ;)

nix bundle only works when run with --impure

If running normally, it isn't able to check reliably if the binary entry point from meta.mainProgram exists because of sandbox I guess.

How to reproduce:

nix bundle --bundler github:ralismark/nix-appimage github:lucasew/nixcfg#pkgs.wineApps.wine7zip # error: main program /nix/store/rdqaabzrxja4ib8nimxrwjn7zx65aj5d-7zip/bin/7zip does not exist
nix bundle --bundler github:ralismark/nix-appimage github:lucasew/nixcfg#pkgs.wineApps.wine7zip --impure # * works *

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.