Build a yocto rootfs inside nix

**marler8997** · April 10, 2019, 8:06pm

I’m trying to see if I can build images with yocto inside of the nix build environment.

For those not familair, yocto is a “rootfs build system”. It’s similair to nixpkgs in that it’s a meta-build system that contains the necessary information about packages in order to build them and put them together into a rootfs.

The problem I just ran into was with networking inside the nix build sandbox. For obvious reasons, networking is disabled. However, the way yocto works is that it each package contains the remote URL to download it’s source from, thus it needs network access.

I’d still like to use the sandbox build but would like to enable networking for the time being, is that possible?

As an analogy for nix users, imagine you are trying to run nix-build inside a nix container…you would run into the same issue since most derivations need network access to download their sources.

**minijackson** · April 10, 2019, 8:34pm

I’m interested in this as well. My method was different in that I didn’t try to build it directly, but use a FHS in conjunction with nix-shell and then build it inside the shell (which allows network access). So far, I got to this:

{ pkgs ? import <nixpkgs> {} }:

with pkgs;
let
  fhsEnv = buildFHSUserEnv {
    name = "yocto-env";

    # Packages Yocto is expecting on the host system by default
    targetPkgs = pkgs: (with pkgs; [
      gcc_multi
      which gnumake (python3.withPackages (p: [ p.pip p.pexpect ])) python2
      gawk wget gitFull diffstat diffutils unzip texinfo bzip2 gzip perl patch
      chrpath file bash cpio utillinux nettools iproute procps openssh socat xz
      debianutils iputils SDL.dev xterm binutils
    ]);

    # Headers are required to build
    extraOutputsToInstall = [ "dev" ];

    # Force install locale from "glibcLocales" since there are collisions
    extraBuildCommands = ''
      ln -sf ${glibcLocales}/lib/locale/locale-archive $out/usr/lib/locale
    '';

    # For some reason, nix-shell stalls when adding things to profile
    #profile = ''
    #  export LANG="en_US.UTF-8"
    #  export LC_ALL="en_US.UTF-8"
    #  # Yocto is using the $LOCALEARCHIVE variable
    #  # instead of NixOS's $LOCALE_ARCHIVE
    #  export LOCALEARCHIVE=/usr/lib/locale/locale-archive
    #'';

    multiPkgs = pkgs: (with pkgs; []);
  };

in

(fhsEnv.overrideAttrs (oldAttrs: { hardeningDisable = [ "all" ]; })).env

Unfortunately, there are still some problems with this:

A lot of warnings says that “can’t set locale” despite the fact that the locale can be set in the FHS
Some programs don’t compile (maybe because of said warnings), in my case it was m4
I’m not sure my method of disabling hardening is the right one :-/

For now, I’m using Yocto inside a Debian LXC container, which feels quite sad

I’m sorry I can’t help with the networking issue within the sandbox, but you might run into these issues as well, so I thought it was worth mentioning. I also would be very interested in your current config!

**marler8997** · April 10, 2019, 9:46pm

Just building a vanilla image, here’s what I put together so far:

{ stdenv,
  fetchGit ? builtins.fetchGit,
  coreutils,
  gnumake,
  bash,
  bashInteractive,
  which,
  utillinux,
  strace,
  gnugrep,
  gnused,
  gnutar,
  xz,
  patch,
  diffstat,
  bzip2,
  gzip,
  gawk,
  chrpath,
  cpio,
  texinfo,
  file,
  wget,
  hostname,
  perl,
  python,
  python3,
  git,
  gitRepo,
  glibc,
  glibcLocales,
  gcc,
  # yocto, at least on morty branch seems to be using the host useradd/groupadd tools
  shadow,
  # yocto, at least on morty branch seems to require diff even though it doesn't provide
  # an error when it is missing (I added binutils for the 'ar' program)
  diffutils,
  findutils,
  binutils,
}:

stdenv.mkDerivation rec {
  pname = "myrootfs";
  version = "1.0.0";
  srcs = [
    (fetchGit {
      url = git://git.yoctoproject.org/poky;
      ref = "thud";
      rev = "50f33d3bfebcbfb1538d932fb487cfd789872026";
      name = "oe-poky";
    })
    (fetchGit {
      url = git://git.openembedded.org/meta-openembedded;
      ref = "thud";
      rev = "4cd3a39f22a2712bfa8fc657d09fe2c7765a4005";
      name = "oe-embedded";
    })
  ];
  sourceRoot = ".";

  buildInputs = [
    coreutils
    gnumake
    bash
    bashInteractive
    which
    utillinux
    strace
    gnugrep
    gnused
    gnutar
    xz
    patch
    diffstat
    bzip2
    gzip
    gawk
    chrpath
    cpio
    texinfo
    file
    wget
    hostname
    perl
    python
    python3
    git
    gitRepo
    glibc
    glibcLocales
    gcc
    # yocto, at least on morty branch seems to be using the host useradd/groupadd tools
    shadow
    # yocto, at least on morty branch seems to require diff even though it doesn't provide
    # an error when it is missing (I added binutils for the 'ar' program)
    diffutils
    findutils
    binutils
  ];

  buildPhase = ''
    patchShebangs .
    source oe-poky/oe-init-build-env
    echo '# CUSTOM YOCTO SETTINGS'
    echo 'SANITY_TESTED_DISTROS = ""' >> conf/local.conf
    cat conf/local.conf
    echo running bitbake...
    bitbake core-image-sato
  '';
}

**makefu** · April 11, 2019, 7:06am

@marler8997 Thanks for sharing the snippet! It would be fantastic if we could have this in the wiki similar to the OpenWRT wiki entry.
Cheers!

**Mic92** · April 12, 2019, 2:52pm

Could be also added to https://github.com/nix-community/nix-environments/