Skip to content

fix(modules.symlinkScript): substitute replace-literal with sd #525

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Elias-Graf wants to merge 1 commit into
base: main
Choose a base branch
from
+55 −27
Open

fix(modules.symlinkScript): substitute replace-literal with sd #525

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
78 changes: 53 additions & 25 deletions modules/symlinkScript/checks/filesToPatch.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,36 +7,47 @@
let
# Create a dummy package with a desktop file that references itself
dummyPackage =
(pkgs.runCommand "dummy-app" { } ''
mkdir -p $out/bin
mkdir -p $out/share/applications
(pkgs.runCommand "dummy-app"
{
nativeBuildInputs = [ pkgs.makeBinaryWrapper ];
}
''
mkdir -p $out/bin
mkdir -p $out/share/applications

# Create a simple executable
cat > $out/bin/dummy-app <<'EOF'
#!/bin/sh
echo "Hello from dummy app"
EOF
chmod +x $out/bin/dummy-app
# Make a dummy program to have a valid package
makeWrapper ${pkgs.hello}/bin/hello $out/bin/dummy-app

# Create a desktop file that references the package path
cat > $out/share/applications/dummy-app.desktop <<EOF
[Desktop Entry]
Name=Dummy App
Exec=$out/bin/dummy-app
Icon=$out/share/icons/dummy-app.png
Type=Application
EOF
'')
# Add a secondary binary file that references the package path
makeWrapper ${pkgs.hello}/bin/hello $out/bin/other-bin \
--add-flag "--greeting" \
--add-flag "Hello, $out"

# Create a desktop file that references the package path
cat > $out/share/applications/dummy-app.desktop <<EOF
[Desktop Entry]
Name=Dummy App
Exec=$out/bin/dummy-app
Icon=$out/share/icons/dummy-app.png
Type=Application
EOF
''
)
// {
meta.mainProgram = "dummy-app";
};

# Wrap the package
wrappedPackage = self.lib.wrapPackage {
inherit pkgs;
package = dummyPackage;
};
wrappedPackage = self.lib.wrapPackage (
{ options, ... }:
{
inherit pkgs;

filesToPatch = options.filesToPatch.default ++ [ "bin/other-bin" ];

package = dummyPackage;
}
);
in
pkgs.runCommand "filesToPatch-test"
{
Expand All @@ -48,8 +59,8 @@ pkgs.runCommand "filesToPatch-test"
echo "Original package path: $originalPath"
echo "Wrapped package path: $wrappedPath"

# Read the desktop file
desktopFile="${wrappedPackage}/share/applications/dummy-app.desktop"
# Test 1: Check replace in text file (.desktop)
desktopFile="$wrappedPath/share/applications/dummy-app.desktop"

if [ ! -f "$desktopFile" ]; then
echo "FAIL: Desktop file not found at $desktopFile"
Expand All @@ -70,6 +81,23 @@ pkgs.runCommand "filesToPatch-test"
exit 1
fi

echo "SUCCESS: Desktop file was properly patched"
# Test 2: Check replace in binary file
binaryFile="$wrappedPath/bin/other-bin"

# The binary file should NOT contain references to the original package
if grep -qF "$originalPath" "$binaryFile"; then
echo "FAIL: Binary file still contains reference to original package"
echo "Original path: $originalPath"
exit 1
fi

# The binary file SHOULD contain references to the original package
if ! grep -qF "$wrappedPath" "$binaryFile"; then
echo "FAIL: Binary file does not contain reference to wrapped package"
echo "Original path: $originalPath"
exit 1
fi

echo "SUCCESS: files properly patched"
touch $out
''
4 changes: 2 additions & 2 deletions modules/symlinkScript/module.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,8 +92,8 @@
echo "Patching $file"
# Remove symlink and create a real file with patched content
rm "$file"
# Use replace-literal which works for both text and binary files
${pkgs.replace}/bin/replace-literal "$oldPath" "$newPath" < "$target" > "$file"
# Use `sd` which works for both text and binary files
Copy link
Copy Markdown
Author

@Elias-Graf Elias-Graf May 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@BirdeeHub I'm fairly sure that this also works for binaries, although I would like to test it. Do we have any?
If not, we should probably use something like substituteInPlace instead.
If yes, we should probably add a check for binaries in checks/filesToPatch.nix.

Copy link
Copy Markdown
Owner

@BirdeeHub BirdeeHub May 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we do not have any that we are patching in this repo, but a derivation could have a binary in it, they often do, and filesToPatch should be able to replace strings in it.

We should add a test yes. Maybe add a test where you replace something in the main binary of some program? Like, compile a binary with a drv path from its own drv, and then try to search and replace that drv path with one in the final derivation?

Copy link
Copy Markdown
Author

@Elias-Graf Elias-Graf May 14, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@BirdeeHub Sorry! I'm afraid I need a little pointer here. Let's say I have the following dummy package:

  dummyPackage =
    (pkgs.runCommand "dummy-app"
      {
        nativeBuildInputs = [ pkgs.makeBinaryWrapper ];
      }
      ''
        mkdir -p $out/bin
        mkdir -p $out/share/applications

        # Wrap hello inside a binary wrapper
        makeWrapper ${pkgs.hello}/bin/hello $out/bin/dummy-app \
          --add-flag "--greeting" \
          --add-flag "Hello, $out"

        # Create a desktop file that references the package path
        cat > $out/share/applications/dummy-app.desktop <<EOF
        [Desktop Entry]
        Name=Dummy App
        Exec=$out/bin/dummy-app
        Icon=$out/share/icons/dummy-app.png
        Type=Application
        EOF
      ''
    )
    // {
      meta.mainProgram = "dummy-app";
    };

This "package" references itself to "print its path".

Now making a wrapper with:

  wrappedPackage = self.lib.evalModule (
    { options, wlib, ... }:
    {
      inherit pkgs;

      imports = [ wlib.modules.default ];

      # filesToPatch = options.filesToPatch.default ++ [ "bin/dummy-app" ];
      filesToPatch = [ "bin/dummy-app" ];

      package = dummyPackage;
    }
  );

Given:

    echo "wrapper: ${wrappedPackage.config.wrapper}";
    echo "wrapper package: ${wrappedPackage.config.package}";
    echo "dummy package: ${dummyPackage}";

I get:

filesToPatch-test> wrapper: /nix/store/3q3vca9q05pqyqnw7dwrp74hj9xabrbw-dummy-app
filesToPatch-test> wrapper package: /nix/store/29mi3q15kbwqcd5n42n7h1f9h6rf6i1m-dummy-app
filesToPatch-test> dummy package: /nix/store/29mi3q15kbwqcd5n42n7h1f9h6rf6i1m-dummy-app

The file that gets patched by saying: filesToPatch = [ "bin/dummy-app" ]; is:

/nix/store/3q3vca9q05pqyqnw7dwrp74hj9xabrbw-dummy-app/bin/dummy-app

Which is just the wrapper generated by this library:

cat /nix/store/3q3vca9q05pqyqnw7dwrp74hj9xabrbw-dummy-app/bin/dummy-app
#!/nix/store/4bwbk4an4bx7cb8xwffghvjjyfyl7m2i-bash-interactive-5.3p9/bin/bash

exec -a "$0" /nix/store/29mi3q15kbwqcd5n42n7h1f9h6rf6i1m-dummy-app/bin/dummy-app  "$@"

What I actually would want to patch is the derivation referenced inside this wrapper:

cat /nix/store/29mi3q15kbwqcd5n42n7h1f9h6rf6i1m-dummy-app/bin/dummy-app
...
# ------------------------------------------------------------------------------------
# The C-code for this binary wrapper has been generated using the following command:


makeCWrapper '/nix/store/a58bx0sw2r7fhk4qyg7wvjdd81zw561h-hello-2.12.3/bin/hello' \
    --add-flag '--greeting' \
    --add-flag 'Hello, /nix/store/29mi3q15kbwqcd5n42n7h1f9h6rf6i1m-dummy-app'


# (Use `nix-shell -p makeBinaryWrapper` to get access to makeCWrapper in your shell)
# ------------------------------------------------------------------------------------

Am I doing/understanding something incorrectly? Is the binary we're calling ever inside "our" derivation? Can we even patch that?

Copy link
Copy Markdown
Owner

@BirdeeHub BirdeeHub May 15, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah

So, if the binary you want to patch is in a place we already overwrite, then yeah thats not gonna work...

You would want to wrap pkgs.hello the old fashioned way with pkgs.makeBinaryWrapper, and put into --greeting ${placeholder "out"}, which will refer to THAT derivation. And tell it to create that binary somewhere in the drv that isnt going to be overwritten.

Then you would pass that to config.package, and you should be able to use filesToPatch to patch the placeholder out path in the binary you created to point to the new wrapper derivation instead of the location inside the config.package drv

Copy link
Copy Markdown
Author

@Elias-Graf Elias-Graf May 16, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure if I totally understood everything. Given that we're always replacing the main binary, there would not be any simple way to patch that, no?

If the idea was to "move" the main binary to a different place, have our package be in the original place, and call the moved one, I would have to further look into how to do that.

But simply creating a second binary will solve the issue about it getting overwritten if we only care about that.

I've validated that the tests pass with replace-literal, with sd, and I've validated that the tests fail when using substitute because the binary file contains null bytes.

${pkgs.sd}/bin/sd --fixed-strings "$oldPath" "$newPath" < "$target" > "$file"
# Preserve permissions
chmod --reference="$target" "$file"
fi
Expand Down