search

xzfc / cached-nix-shell

Instant startup time for nix-shell
https://xzfc.github.io/cached-nix-shell/cached-nix-shell.1
The Unlicense
203 stars 16 forks source link

trace-nix.so: undefined symbol: MD5_Final #5

Closed timbertson closed 4 years ago

timbertson commented 4 years ago

Built from git HEAD (ade493239d20458658db6b994a9bc40724e67ebb)

$ cached-nix-shell
cached-nix-shell: updating cache
/nix/store/b34zjdmq5l8k6rwdykjx55yl9r9isl8k-bash-4.4-p23/bin/bash: symbol lookup error: /nix/store/bydk5wbga5m5gk4sgpq9j7vww5g57v6s-cached-nix-shell-0.1.0/lib/trace-nix.so: undefined symbol: MD5_Final
cached-nix-shell: nix-shell: exit code: 127

I think this is supposed to come from openssl, but I don't see anything about that in the Makefile

xzfc commented 4 years ago

I think this is supposed to come from openssl, but I don't see anything about that in the Makefile

Yep, but it should be no problem since trace-nix.so should only be injected into nix-shell, which itself has a link to openssl.

It seems you have some bash wrapper over nix-shell binary?

timbertson commented 4 years ago

Oh yeah, I forgot I made that wrapper:

#! /nix/store/b34zjdmq5l8k6rwdykjx55yl9r9isl8k-bash-4.4-p23/bin/bash -e
export GIT_SSL_CAINFO='/nix/store/xicfas694anca5chp3hnk85bzrqyhb5b-nss-cacert-3.46.1/etc/ssl/certs/ca-bundle.crt'
export CURL_CA_BUNDLE='/nix/store/xicfas694anca5chp3hnk85bzrqyhb5b-nss-cacert-3.46.1/etc/ssl/certs/ca-bundle.crt'
export SSL_CERT_FILE='/nix/store/xicfas694anca5chp3hnk85bzrqyhb5b-nss-cacert-3.46.1/etc/ssl/certs/ca-bundle.crt'
exec "/nix/store/0hf13bhb67a64pyw4v2x8cv5vn1jgngd-nix-2.3.1/bin/nix-shell"  "$@"

I've since integrated those vars into my shell anyway, so I did away with this wrapper and it is running now for a simple shell. Thanks!

timbertson commented 4 years ago

Hmm, I spoke too soon. Without the bove wrapper nix-shell works fine, but cached-nix-shell doesn't seem to be set up right:

warning: unable to download 'https://cache.nixos.org/xfzgpa1shsa2hrqq8g9jw38p6w8f3n93.narinfo': SSL peer certificate or SSH remote key was not OK (60); retrying in 283 ms
warning: unable to download 'https://cache.nixos.org/pqlq1bncrnq74zn8df7f7n8wxw8cki59.narinfo': SSL peer certificate or SSH remote key was not OK (60); retrying in 327 ms
warning: unable to download 'https://cache.nixos.org/il0pf2xzf9x6b5ajpi4jjr51vjvlng5l.narinfo': SSL peer certificate or SSH remote key was not OK (60); retrying in 270 ms
warning: unable to download 'https://cache.nixos.org/4y801lcrypb58651bl7w8w102pbng0w3.narinfo': SSL peer certificate or SSH remote key was not OK (60); retrying in 272 ms
warning: unable to download 'https://cache.nixos.org/3pi55kmyaqi8mkzgv0fnqbqmxpmy5zgw.narinfo': SSL peer certificate or SSH remote key was not OK (60); retrying in 254 ms
warning: unable to download 'https://cache.nixos.org/xfzgpa1shsa2hrqq8g9jw38p6w8f3n93.narinfo': SSL peer certificate or SSH remote key was not OK (60); retrying in 569 ms
warning: unable to download 'https://cache.nixos.org/pqlq1bncrnq74zn8df7f7n8wxw8cki59.narinfo': SSL peer certificate or SSH remote key was not OK (60); retrying in 530 ms
warning: unable to download 'https://cache.nixos.org/il0pf2xzf9x6b5ajpi4jjr51vjvlng5l.narinfo': SSL peer certificate or SSH remote key was not OK (60); retrying in 593 ms
warning: unable to download 'https://cache.nixos.org/4y801lcrypb58651bl7w8w102pbng0w3.narinfo': SSL peer certificate or SSH remote key was not OK (60); retrying in 561 ms
warning: unable to download 'https://cache.nixos.org/3pi55kmyaqi8mkzgv0fnqbqmxpmy5zgw.narinfo': SSL peer certificate or SSH remote key was not OK (60); retrying in 526 ms

Does it clear the env before invoking nix shell? Can the above SSL-related vars be whitelisted?

xzfc commented 4 years ago

Does it clear the env before invoking nix shell?

Yes. The reason is to prevent the re-evaluation when env is changed (variables like PWD, STY, GNOME_TERMINAL_SCREEN may change often).

Can the above SSL-related vars be whitelisted?

Whitelisted in 5c2f40a3cffee9fa5e8e7236df32cfa4997cbcbf.

timbertson commented 4 years ago

Perfect, thanks!