MirrorHub/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-16 23:03:40 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
nixpkgs/pkgs/development/libraries/kerberos/krb5.nix
Graham Christensen c2b898da76 treewide: drop -l$NIX_BUILD_CORES 
Passing `-l$NIX_BUILD_CORES` improperly limits the overall system load.

For a build machine which is configured to run `$B` builds where each
build gets `total cores / B` cores (`$C`), passing `-l $C` to make will
improperly limit the load to `$C` instead of `$B * $C`.

This effect becomes quite pronounced on machines with 80 cores, with
40 simultaneous builds and a cores limit of 2. On a machine with this
configuration, Nix will run 40 builds and make will limit the overall
system load to approximately 2. A build machine with this many cores
can happily run with a load approaching 80.

A non-solution is to oversubscribe the machine, by picking a larger
`$C`. However, there is no way to divide the number of cores in a way
which fairly subdivides the available cores when `$B` is greater than
1.

There has been exploration of passing a jobserver in to the sandbox,
or sharing a jobserver between all the builds. This is one option, but
relatively complicated and only supports make. Lots of other software
uses its own implementation of `-j` and doesn't support either `-l` or
the Make jobserver.

For the case of an interactive user machine, the user should limit
overall system load using `$B`, `$C`, and optionally systemd's
cpu/network/io limiting features.

Making this change should significantly improve the utilization of our
build farm, and improve the throughput of Hydra.
2022-09-22 16:01:23 -04:00

97 lines
2.8 KiB
Nix
Raw Blame History

{ lib, stdenv, fetchurl, pkg-config, perl, bison, bootstrap_cmds
, openssl, openldap, libedit, keyutils
, nixosTests
# Extra Arguments
, type ? ""
# This is called "staticOnly" because krb5 does not support
# builting both static and shared, see below.
, staticOnly ? false
}:
# Note: this package is used for bootstrapping fetchurl, and thus
# cannot use fetchpatch! All mutable patches (generated by GitHub or
# cgit) that are needed here should be included directly in Nixpkgs as
# files.
let
libOnly = type == "lib";
in
stdenv.mkDerivation rec {
pname = "${type}krb5";
version = "1.20";
src = fetchurl {
url = "https://kerberos.org/dist/krb5/${lib.versions.majorMinor version}/krb5-${version}.tar.gz";
sha256 = "sha256-fgIr3TyFGDAXP5+qoAaiMKDg/a1MlT6Fv/S/DaA24S8";
};
outputs = [ "out" "dev" ];
configureFlags = [ "--localstatedir=/var/lib" ]
# krb5's ./configure does not allow passing --enable-shared and --enable-static at the same time.
# See https://bbs.archlinux.org/viewtopic.php?pid=1576737#p1576737
++ lib.optional staticOnly [ "--enable-static" "--disable-shared" ]
++ lib.optional stdenv.isFreeBSD ''WARN_CFLAGS=""''
++ lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform)
[ "krb5_cv_attr_constructor_destructor=yes,yes"
"ac_cv_func_regcomp=yes"
"ac_cv_printf_positional=yes"
];
nativeBuildInputs = [ pkg-config perl ]
++ lib.optional (!libOnly) bison
# Provides the mig command used by the build scripts
++ lib.optional stdenv.isDarwin bootstrap_cmds;
buildInputs = [ openssl ]
++ lib.optionals (stdenv.hostPlatform.isLinux && stdenv.hostPlatform.libc != "bionic" && !(stdenv.hostPlatform.useLLVM or false)) [ keyutils ]
++ lib.optionals (!libOnly) [ openldap libedit ];
sourceRoot = "krb5-${version}/src";
libFolders = [ "util" "include" "lib" "build-tools" ];
buildPhase = lib.optionalString libOnly ''
runHook preBuild
MAKE="make -j $NIX_BUILD_CORES"
for folder in $libFolders; do
$MAKE -C $folder
done
runHook postBuild
'';
installPhase = lib.optionalString libOnly ''
runHook preInstall
mkdir -p "$out"/{bin,sbin,lib/pkgconfig,share/{et,man/man1}} \
"$dev"/include/{gssapi,gssrpc,kadm5,krb5}
for folder in $libFolders; do
$MAKE -C $folder install
done
runHook postInstall
'';
# not via outputBin, due to reference from libkrb5.so
postInstall = ''
moveToOutput bin/krb5-config "$dev"
'';
enableParallelBuilding = true;
doCheck = false; # fails with "No suitable file for testing purposes"
meta = with lib; {
description = "MIT Kerberos 5";
homepage = "http://web.mit.edu/kerberos/";
license = licenses.mit;
platforms = platforms.unix ++ platforms.windows;
};
passthru = {
implementation = "krb5";
tests = { inherit (nixosTests) kerberos; };
};
}
Reference in a new issue View git blame Copy permalink