I’m interested in this as well. My method was different in that I didn’t try to build it directly, but use a FHS in conjunction with nix-shell and then build it inside the shell (which allows network access). So far, I got to this:
{ pkgs ? import <nixpkgs> {} }:
with pkgs;
let
fhsEnv = buildFHSUserEnv {
name = "yocto-env";
# Packages Yocto is expecting on the host system by default
targetPkgs = pkgs: (with pkgs; [
gcc_multi
which gnumake (python3.withPackages (p: [ p.pip p.pexpect ])) python2
gawk wget gitFull diffstat diffutils unzip texinfo bzip2 gzip perl patch
chrpath file bash cpio utillinux nettools iproute procps openssh socat xz
debianutils iputils SDL.dev xterm binutils
]);
# Headers are required to build
extraOutputsToInstall = [ "dev" ];
# Force install locale from "glibcLocales" since there are collisions
extraBuildCommands = ''
ln -sf ${glibcLocales}/lib/locale/locale-archive $out/usr/lib/locale
'';
# For some reason, nix-shell stalls when adding things to profile
#profile = ''
# export LANG="en_US.UTF-8"
# export LC_ALL="en_US.UTF-8"
# # Yocto is using the $LOCALEARCHIVE variable
# # instead of NixOS's $LOCALE_ARCHIVE
# export LOCALEARCHIVE=/usr/lib/locale/locale-archive
#'';
multiPkgs = pkgs: (with pkgs; []);
};
in
(fhsEnv.overrideAttrs (oldAttrs: { hardeningDisable = [ "all" ]; })).env
Unfortunately, there are still some problems with this:
- A lot of warnings says that “can’t set locale” despite the fact that the locale can be set in the FHS
- Some programs don’t compile (maybe because of said warnings), in my case it was
m4 - I’m not sure my method of disabling hardening is the right one :-/
For now, I’m using Yocto inside a Debian LXC container, which feels quite sad
I’m sorry I can’t help with the networking issue within the sandbox, but you might run into these issues as well, so I thought it was worth mentioning. I also would be very interested in your current config!