How to use python environment in a systemd service

Help
1

Hi!
So I’m making a nixOS module to run a systemd service that runs a python script, but python needs to have the package frida installed so it can import frida.
I’m getting the package frida from this flake: frida = (builtins.getFlake "github:itstarsun/frida-nix").packages.x86_64-linux.frida-tools;

and it works well in building this repo:

  frida = (builtins.getFlake "github:itstarsun/frida-nix").packages.x86_64-linux.frida-tools;

  vgpu_unlock = pkgs.stdenv.mkDerivation {
    name = "nvidia-vgpu-unlock";
    version = "unstable-2021-04-22";

    src = pkgs.fetchFromGitHub {
      owner = "DualCoder";
      repo = "vgpu_unlock";
      rev = "1888236c75d8eac673695be8b000f0b065111c51";
      sha256 = "0s8bmscb8irj1sggfg1fhacqd1lh59l326bnrk4a2g4qngsbkix3";
    };

    buildInputs = [ frida /*pkgs.python2 my-python*/ ];

    shellHook = ''
      echo ${frida}
    '';

    postPatch = ''
      echo ${frida}
      ${pkgs.python3}/bin/python --version
      ${pkgs.unixtools.util-linux}/bin/whereis python

      env | grep PYTHON
      ${pkgs.python3}/bin/python --version
      ${pkgs.python3}/bin/python -c "import frida" && echo "frida is installed" || echo "frida is not installed"
            
      substituteInPlace vgpu_unlock \
        --replace /bin/bash ${pkgs.bash}/bin/bash
    '';

    installPhase = "install -Dm755 vgpu_unlock $out/bin/vgpu_unlock";
  };

inside postPatch it has a lot of environment variables that make it point to the right python packages:

_PYTHON_HOST_PLATFORM=linux-x86_64
PYTHONNOUSERSITE=1
PYTHONHASHSEED=0
_PYTHON_SYSCONFIGDATA_NAME=_sysconfigdata__linux_x86_64-linux-gnu
PYTHONPATH=/nix/store/sb4a338qh7wld75zbcgrylrpqmjnfh27-python3.10-frida-tools-12.1.1/lib/python3.10/site-packages:/nix/store/ndr7x7qhkssarrgjpqqnv8i9py4vyc9c-python3.10-colorama-0.4.6/lib/python3.10/site-packages:/nix/store/fdqpyj613dr0v1l1lrzqhzay7sk4xg87-python3-3.10.10/lib/python3.10/site-packages:/nix/store/lz6vq2kp7rww3jj6f7zgf4n50c3qvc83-python3.10-frida-16.0.18/lib/python3.10/site-packages:/nix/store/k7xyj5b5dw0cna25b91ygqskkwv8na4s-python3.10-typing-extensions-4.5.0/lib/python3.10/site-packages:/nix/store/pf9j3spzhbz7gvmbyk6a5kwcmi7zvpmy-python3.10-prompt-toolkit-3.0.38/lib/python3.10/site-packages:/nix/store/hix271phwzb157a2sj9fn5zfmkpz8zpd-python3.10-six-1.16.0/lib/python3.10/site-packages:/nix/store/khqw9ph04dvjy86rlzxzhyk21c2binhi-python3.10-wcwidth-0.2.6/lib/python3.10/site-packages:/nix/store/fpcah4a88pjj7jmwhrcvfb9kg6qj58vc-python3.10-setuptools-67.4.0/lib/python3.10/site-packages:/nix/store/asf94iynbzxraqzmbi2w69vj3khaphan-python3.10-pygments-2.14.0/lib/python3.10/site-packages:/nix/store/d8ghysrcn5nsyh9w3gvwg5kk1iyy510r-python3.10-docutils-0.19/lib/python3.10/site-packages
      env | grep PYTHON
Python 3.10.11
frida is installed

I’m assuming that’s something buildInputs does behind the scenes.
Now, how do I do that behind the scenes thing in my systemd service:

    systemd.services.nvidia-vgpud = {
      description = "NVIDIA vGPU Daemon";
      wants = [ "syslog.target" ];
      wantedBy = [ "multi-user.target" ];

      serviceConfig = {
        Type = "forking";
        ExecStart = "${pkgs.python3}/bin/python ${lib.optionalString cfg.unlock.enable "${vgpu_unlock}/bin/vgpu_unlock "}${lib.getBin config.hardware.nvidia.package}/bin/nvidia-vgpud";
        ExecStopPost = "${pkgs.coreutils}/bin/rm -rf /var/run/nvidia-vgpud";
        Environment = [ "__RM_NO_VERSION_CHECK=1" "PYTHONPATH=/nix/store/sb4a338qh7wld75zbcgrylrpqmjnfh27-python3.10-frida-tools-12.1.1/lib/python3.10/site-packages:/nix/store/ndr7x7qhkssarrgjpqqnv8i9py4vyc9c-python3.10-colorama-0.4.6/lib/python3.10/site-packages:/nix/store/fdqpyj613dr0v1l1lrzqhzay7sk4xg87-python3-3.10.10/lib/python3.10/site-packages:/nix/store/lz6vq2kp7rww3jj6f7zgf4n50c3qvc83-python3.10-frida-16.0.18/lib/python3.10/site-packages:/nix/store/k7xyj5b5dw0cna25b91ygqskkwv8na4s-python3.10-typing-extensions-4.5.0/lib/python3.10/site-packages:/nix/store/pf9j3spzhbz7gvmbyk6a5kwcmi7zvpmy-python3.10-prompt-toolkit-3.0.38/lib/python3.10/site-packages:/nix/store/hix271phwzb157a2sj9fn5zfmkpz8zpd-python3.10-six-1.16.0/lib/python3.10/site-packages:/nix/store/khqw9ph04dvjy86rlzxzhyk21c2binhi-python3.10-wcwidth-0.2.6/lib/python3.10/site-packages:/nix/store/fpcah4a88pjj7jmwhrcvfb9kg6qj58vc-python3.10-setuptools-67.4.0/lib/python3.10/site-packages:/nix/store/asf94iynbzxraqzmbi2w69vj3khaphan-python3.10-pygments-2.14.0/lib/python3.10/site-packages:/nix/store/d8ghysrcn5nsyh9w3gvwg5kk1iyy510r-python3.10-docutils-0.19/lib/python3.10/site-packages" ]; # Avoids issue with API version incompatibility when merging host/client drivers
      };
    };

(the ${lib.optionalString cfg.unlock.enable "${vgpu_unlock}/bin/vgpu_unlock "} is a python script)
right now I’m hard coding the PYTHONPATH in the Environment variables of the service and it’s working, but as soon as the paths change that won’t work anymore.
Thanks in advance :slight_smile:

The whole code can be found in this repo: GitHub - Yeshey/nixos-nvidia-vgpu_nixOS: NixOS NVIDIA vGPU Module

2

If you make your derivation a python derivation, nixpkgs functions will propogate the PYTHONPATH for you, and then in your serviceConfig you write ExecStart=${mypkg}/bin/<binname> and Nix will manage the paths.

1 Like
3

That frida package will only be available at build time, see: Python | nixpkgs

As for your systemd unit, you need to create a python environment with the packages defined:

systemd.services.nvidia-vgpud = let
    python = pkgs.python3.withPackages (ppkgs: with ppkgs; [
      colorama
      frida  # This obviously isn't in ppkgs, your package must be in scope
      typing-extensions
      prompt-toolkit
      six
      wcwidth
      setuptools
      pygments
      docutils
      # A lot of these are probably redundant, transitive dependencies
      # will work, but I don't know the tree based on your variable
    ]);
  in {
      description = "NVIDIA vGPU Daemon";
      wants = [ "syslog.target" ];
      wantedBy = [ "multi-user.target" ];

      serviceConfig = {
        Type = "forking";
        # Took the liberty of making this a bit cleaner
        ExecStart = lib.strings.concatStringsSep " " [
          "${python}/bin/python"
          # Won't this just break if cfg.unlock.enable = false?
          (lib.optionalString cfg.unlock.enable "${vgpu_unlock}/bin/vgpu_unlock")
          "${lib.getBin config.hardware.nvidia.package}/bin/nvidia-vgpud"
        ];
        ExecStopPost = "${pkgs.coreutils}/bin/rm -rf /var/run/nvidia-vgpud";
        # Avoids issue with API version incompatibility when merging host/client drivers
        Environment = [ "__RM_NO_VERSION_CHECK=1" ];
      };
    };

You should never manually refer to nix store paths. They will change underneath your feet after an update, and nix-collect-garbage will delete paths nix doesn’t see any references to anymore - manually adding absolute paths to the nix store will make it so nix can’t see those paths.

If you must, something like ${pkgs.python3.packages.six}/lib/python/site-packages is ok, but unless you know exactly how the python environment is built just use withPackages.

Alternatively, as @MC-Escherichia mentions, you can use buildPythonApplication, and call the package as they suggest. I’m not entirely sure what’s going on with your current ExecStart, though, so I don’t know if that’s equivalent. Certainly better if you can make it work that way.

4

Sorry for the late reply and thanks for the time! :slight_smile:

I tried your code, and oddly its still complaining that the module frida doesn’t exist, I actually tried a version of that but it still didn’t work.
In the building of the vgpu repo, I changed the code to:

  frida = (builtins.getFlake "github:itstarsun/frida-nix").packages.x86_64-linux.frida-tools;

  python-with-my-packages = pkgs.python3.withPackages (p: with p; [
    frida
  ]);

  vgpu_unlock = pkgs.stdenv.mkDerivation {
    name = "nvidia-vgpu-unlock";
    version = "unstable-2021-04-22";

    src = pkgs.fetchFromGitHub {
      owner = "DualCoder";
      repo = "vgpu_unlock";
      rev = "1888236c75d8eac673695be8b000f0b065111c51";
      sha256 = "0s8bmscb8irj1sggfg1fhacqd1lh59l326bnrk4a2g4qngsbkix3";
    };

    buildInputs = [ python-with-my-packages /*pkgs.python2 my-python*/ ];

    shellHook = ''
      echo ${frida}
    '';

    postPatch = ''
      echo ${frida}
      ${python-with-my-packages}/bin/python --version
      ${pkgs.unixtools.util-linux}/bin/whereis python

      env | grep PYTHON
      ${python-with-my-packages}/bin/python --version
      ${python-with-my-packages}/bin/python -c "import frida" && echo "frida is installed" || echo "frida is not installed"
            
      kasljasdklsj # IT FAILS HERE FOR ME TO SEE THE LOGS

      substituteInPlace vgpu_unlock \
        --replace /bin/bash ${pkgs.bash}/bin/bash
    '';

    installPhase = "install -Dm755 vgpu_unlock $out/bin/vgpu_unlock";
  };

and it looks like it doesn’t have frida either because when I check the logs:

@nix { "action": "setPhase", "phase": "unpackPhase" }
unpacking sources
unpacking source archive /nix/store/6yympqwak57swy2fray20vvf3dm29l1y-source
source root is source
@nix { "action": "setPhase", "phase": "patchPhase" }
patching sources
/nix/store/lz6vq2kp7rww3jj6f7zgf4n50c3qvc83-python3.10-frida-16.0.18
Python 3.10.11
python: /nix/store/js6v9pzinwqr7h1fpzb2vn3h4jp0dahg-python3-3.10.11-env/bin/python
env | grep PYTHON
Python 3.10.11
Traceback (most recent call last):
  File "<string>", line 1, in <module>
ModuleNotFoundError: No module named 'frida'
frida is not installed
/nix/store/0jmdsgfnd6aakxdr0sl5l7zzfs59hdrw-stdenv-linux/setup: line 95: kasljasdklsj: command not found

so, somehow, having buildInputs = [ frida ]; works, but buildInputs = [ python-with-my-packages ]; doesn’t.

Maybe it also has something to do with the repo I’m getting frida from: GitHub - itstarsun/frida-nix: A simple flake that provides Frida devkits for Nix.
nix flake show on it gives me:

> nix flake show github:itstarsun/frida-nix                                 
github:itstarsun/frida-nix/fb2a3ae3b36437fcb639ab2ee7ced73e047e5899
├───apps
│   ├───aarch64-darwin
│   │   ├───default: app
│   │   ├───frida: app
│   │   ├───frida-apk: app
│   │   ├───frida-compile: app
│   │   ├───frida-create: app
│   │   ├───frida-discover: app
│   │   ├───frida-join: app
│   │   ├───frida-kill: app
│   │   ├───frida-ls: app
│   │   ├───frida-ls-devices: app
│   │   ├───frida-ps: app
│   │   ├───frida-pull: app
│   │   ├───frida-push: app
│   │   ├───frida-rm: app
│   │   └───frida-trace: app
│   ├───aarch64-linux
│   │   ├───default: app
│   │   ├───frida: app
│   │   ├───frida-apk: app
│   │   ├───frida-compile: app
│   │   ├───frida-create: app
│   │   ├───frida-discover: app
│   │   ├───frida-join: app
│   │   ├───frida-kill: app
│   │   ├───frida-ls: app
│   │   ├───frida-ls-devices: app
│   │   ├───frida-ps: app
│   │   ├───frida-pull: app
│   │   ├───frida-push: app
│   │   ├───frida-rm: app
│   │   └───frida-trace: app
│   ├───x86_64-darwin
│   │   ├───default: app
│   │   ├───frida: app
│   │   ├───frida-apk: app
│   │   ├───frida-compile: app
│   │   ├───frida-create: app
│   │   ├───frida-discover: app
│   │   ├───frida-join: app
│   │   ├───frida-kill: app
│   │   ├───frida-ls: app
│   │   ├───frida-ls-devices: app
│   │   ├───frida-ps: app
│   │   ├───frida-pull: app
│   │   ├───frida-push: app
│   │   ├───frida-rm: app
│   │   └───frida-trace: app
│   └───x86_64-linux
│       ├───default: app
│       ├───frida: app
│       ├───frida-apk: app
│       ├───frida-compile: app
│       ├───frida-create: app
│       ├───frida-discover: app
│       ├───frida-join: app
│       ├───frida-kill: app
│       ├───frida-ls: app
│       ├───frida-ls-devices: app
│       ├───frida-ps: app
│       ├───frida-pull: app
│       ├───frida-push: app
│       ├───frida-rm: app
│       └───frida-trace: app
├───devShells
│   ├───aarch64-darwin
│   │   └───default: development environment 'nix-shell'
│   ├───aarch64-linux
│   │   └───default: development environment 'nix-shell'
│   ├───x86_64-darwin
│   │   └───default: development environment 'nix-shell'
│   └───x86_64-linux
│       └───default: development environment 'nix-shell'
├───flakeModule: unknown
├───lib: unknown
├───overlays
│   └───default: Nixpkgs overlay
├───packages
│   ├───aarch64-darwin
│   │   ├───frida-core: package 'frida-core-16.0.18'
│   │   ├───frida-gum: package 'frida-gum-16.0.18'
│   │   ├───frida-gumjs: package 'frida-gumjs-16.0.18'
│   │   ├───frida-python: package 'python3.10-frida-16.0.18'
│   │   └───frida-tools: package 'python3.10-frida-tools-12.1.1'
│   ├───aarch64-linux
│   │   ├───frida-core: package 'frida-core-16.0.18'
│   │   ├───frida-gum: package 'frida-gum-16.0.18'
│   │   ├───frida-gumjs: package 'frida-gumjs-16.0.18'
│   │   ├───frida-python: package 'python3.10-frida-16.0.18'
│   │   └───frida-tools: package 'python3.10-frida-tools-12.1.1'
│   ├───x86_64-darwin
│   │   ├───frida-core: package 'frida-core-16.0.18'
│   │   ├───frida-gum: package 'frida-gum-16.0.18'
│   │   ├───frida-gumjs: package 'frida-gumjs-16.0.18'
│   │   ├───frida-python: package 'python3.10-frida-16.0.18'
│   │   └───frida-tools: package 'python3.10-frida-tools-12.1.1'
│   └───x86_64-linux
│       ├───frida-core: package 'frida-core-16.0.18'
│       ├───frida-gum: package 'frida-gum-16.0.18'
│       ├───frida-gumjs: package 'frida-gumjs-16.0.18'
│       ├───frida-python: package 'python3.10-frida-16.0.18'
│       └───frida-tools: package 'python3.10-frida-tools-12.1.1'
└───templates
    └───default: template: A template with flake-parts and frida-nix.

I used the package frida-tools cuz, through a lot of trial and error it was the only one I got to work, but maybe I should be grabbing another package…?

I’ll be taking a look at @MC-Escherichia suggestion and buildPythonApplication

I’m also not entirely sure what are the repercussions of what you mentioned:

That frida package will only be available at build time, see: Python | nixpkgs

I’ll try to read through and understand that better too

5

this is the new code based on yours @TLATER that I tried btw:

    systemd.services.nvidia-vgpud = let
      python = pkgs.python3.withPackages (ppkgs: let 
        frida = (builtins.getFlake "github:itstarsun/frida-nix").packages.x86_64-linux.frida-tools; 
      in [
        ppkgs.colorama
        frida  # This obviously isn't in ppkgs, your package must be in scope
        ppkgs.typing-extensions
        ppkgs.prompt-toolkit
        ppkgs.six
        ppkgs.wcwidth
        ppkgs.setuptools
        ppkgs.pygments
        ppkgs.docutils
        # A lot of these are probably redundant, transitive dependencies
        # will work, but I don't know the tree based on your variable
      ]);
  in {
      description = "NVIDIA vGPU Daemon";
      wants = [ "syslog.target" ];
      wantedBy = [ "multi-user.target" ];

      serviceConfig = {
        Type = "forking";
        # Took the liberty of making this a bit cleaner
        ExecStart = lib.strings.concatStringsSep " " [
          "${python}/bin/python"
          # Won't this just break if cfg.unlock.enable = false?
          (lib.optionalString cfg.unlock.enable "${vgpu_unlock}/bin/vgpu_unlock")
          "${lib.getBin config.hardware.nvidia.package}/bin/nvidia-vgpud"
        ];
        ExecStopPost = "${pkgs.coreutils}/bin/rm -rf /var/run/nvidia-vgpud";
        # Avoids issue with API version incompatibility when merging host/client drivers
        Environment = [ "__RM_NO_VERSION_CHECK=1" ];
      };
    };

and in the service I got the error:

mai 10 15:26:15 nixOS-Laptop systemd[1]: Starting NVIDIA vGPU Daemon...
mai 10 15:26:15 nixOS-Laptop python[51177]: Traceback (most recent call last):
mai 10 15:26:15 nixOS-Laptop python[51177]:   File "/nix/store/nqffs0y9j9jlmqrf6j018j6nxj0sqj24-nvidia-vgpu-unlock/bin/vgpu_unlock", line 13, in <module>
mai 10 15:26:15 nixOS-Laptop python[51177]:     import frida
mai 10 15:26:15 nixOS-Laptop python[51177]: ModuleNotFoundError: No module named 'frida'
mai 10 15:26:15 nixOS-Laptop systemd[1]: nvidia-vgpud.service: Control process exited, code=exited, status=1/FAILURE
mai 10 15:26:15 nixOS-Laptop systemd[1]: nvidia-vgpud.service: Failed with result 'exit-code'.
mai 10 15:26:15 nixOS-Laptop systemd[1]: Failed to start NVIDIA vGPU Daemon.
warning: error(s) occurred while switching to the new configuration
6

I just had a look at the flake output, looks like the module for github:itstarsun/frida-nix#frida-tools is called frida_tools:

tlater ~ $ ls /nix/store/sb4a338qh7wld75zbcgrylrpqmjnfh27-python3.10-frida-tools-12.1.1/lib/python3.10/site-packages
frida_tools  frida_tools-12.1.1.dist-info

i.e., try to import frida_tools instead (in python)?

So, the repercussions of that are that you will only be able to import frida (or frida_tools I guess?) during the build of your package, that is, in the various phases in your nix derivation.

The moment you try to import your dependency outside of the build process, it will no longer work. This is in fact consistent with the problems you’re seeing, frida is available just fine while building, but the moment you leave the build it is no longer part of the environment and you need to shim it in by manually linking to a nix store path that will be deleted the moment you run nix-collect-garbage.

Normally nix checks binary outputs for absolute paths that point into the nix store, and makes sure those dependencies stay available, but for python this doesn’t work because import frida does not contain a reference to the absolute path of any package. For similar reasons, shell scripts and other interpreted languages also need special handling.

That said, I’m unsure why you can import frida at build time at all. Maybe the frida module is a reverse dependency and also available for that reason, but no longer available at runtime because it’s not a runtime dependency?

1 Like
7

Thanks a lot for your time and explanations @TLATER! Doing gods work here :grinning_face_with_smiling_eyes:

The way I came up with to see if the module in python would be frida_tools instead of frida was like this:

  mydearpython = pkgs.python3.withPackages (ppkgs: let 
    frida = (builtins.getFlake "github:itstarsun/frida-nix").packages.x86_64-linux.frida-tools; 
  in [
    ppkgs.colorama
    frida  # This obviously isn't in ppkgs, your package must be in scope
    ppkgs.typing-extensions
    ppkgs.prompt-toolkit
    ppkgs.six
    ppkgs.wcwidth
    ppkgs.setuptools
    ppkgs.pygments
    ppkgs.docutils
    # A lot of these are probably redundant, transitive dependencies
    # will work, but I don't know the tree based on your variable
  ]);

  vgpu_unlock = pkgs.stdenv.mkDerivation {
    name = "nvidia-vgpu-unlock";
    version = "unstable-2021-04-22";

    src = /mnt/DataDisk/Downloads/vgpu_unlock;
    
    buildInputs = [ mydearpython /*frida pkgs.python2 my-python*/ ];

    shellHook = ''
      echo ${frida}
    '';

    postPatch = ''
      echo ${frida}
      ${mydearpython}/bin/python --version
      ${pkgs.unixtools.util-linux}/bin/whereis python

      env | grep PYTHON
      ${mydearpython}/bin/python --version
      ${mydearpython}/bin/python -c "import frida_tools" && echo "frida is installed" || echo "frida is not installed"
      ${mydearpython}/bin/python3 -c "import frida_tools" && echo "frida is installed" || echo "frida is not installed"
      ${mydearpython}/bin/python -c "import frida" && echo "frida is installed" || echo "frida is not installed"
      ${mydearpython}/bin/python3 -c "import frida" && echo "frida is installed" || echo "frida is not installed"
            
asdasdas

      substituteInPlace vgpu_unlock \
        --replace /bin/bash ${pkgs.bash}/bin/bash
    '';

    installPhase = "install -Dm755 vgpu_unlock $out/bin/vgpu_unlock";
  };

However, frida doesn’t seem to be available either way

@nix { "action": "setPhase", "phase": "patchPhase" }
patching sources
/nix/store/sb4a338qh7wld75zbcgrylrpqmjnfh27-python3.10-frida-tools-12.1.1
Python 3.10.11
python: /nix/store/cd0vpfm4rizw9vmxjg8mvq718m90szbi-python3-3.10.11-env/bin/python
      env | grep PYTHON
Python 3.10.11
Traceback (most recent call last):
  File "<string>", line 1, in <module>
ModuleNotFoundError: No module named 'frida_tools'
frida is not installed
Traceback (most recent call last):
  File "<string>", line 1, in <module>
ModuleNotFoundError: No module named 'frida_tools'
frida is not installed
Traceback (most recent call last):
  File "<string>", line 1, in <module>
ModuleNotFoundError: No module named 'frida'
frida is not installed
Traceback (most recent call last):
  File "<string>", line 1, in <module>
ModuleNotFoundError: No module named 'frida'
frida is not installed

I was starting to try to look into building with buildPythonApplication or buildPythonPackage but I’m not that comfortable with nix, and will be busy over the course of the next few days.
(was getting this error now:

       > Executing setuptoolsBuildPhase
       > Traceback (most recent call last):
       >   File "/build/vgpu_unlock/nix_run_setup", line 8, in <module>
       >     exec(compile(getattr(tokenize, 'open', open)(__file__).read().replace('\\r\\n', '\\n'), __file__, 'exec'))
       >   File "/nix/store/rpri9nb8xpwwqakyrqbg8zdslkjs2hd3-python3-3.10.11/lib/python3.10/tokenize.py", line 394, in open
       >     buffer = _builtin_open(filename, 'rb')
       > FileNotFoundError: [Errno 2] No such file or directory: 'setup.py'

) So I should come back to this later. :slightly_smiling_face:

1 Like
8

Ah yes, I forgot buildPythonPackage assumes you have a particular python repo setup, i.e. a setup.py file. If that didn’t exist, my approach won’t work.

9

Finally made it work with the buildPythonPackage method.

Had to clone the repo and create a setup.py file as you said that file was required @MC-Escherichia.

in the end made it work with this:

  frida = (builtins.getFlake "github:itstarsun/frida-nix").packages.x86_64-linux.frida-tools;
  vgpu_unlock = pkgs.python3Packages.buildPythonPackage {
    pname = "nvidia-vgpu-unlock";
    version = "unstable-2021-04-22";

    src = pkgs.fetchFromGitHub {
      owner = "Yeshey";
      repo = "vgpu_unlock";
      rev = "7db331d4a2289ff6c1fb4da50cf445d9b4227421";
      sha256 = "sha256-K7e/9q7DmXrrIFu4gsTv667bEOxRn6nTJYozP1+RGHs=";
    };

    propagatedBuildInputs = [ frida ];
    
    doCheck = false; # Disable running checks during the build
    
    installPhase = ''
      mkdir -p $out/bin
      cp vgpu_unlock $out/bin/
      substituteInPlace $out/bin/vgpu_unlock \
              --replace /bin/bash ${pkgs.bash}/bin/bash
    '';
  };

and this:

    systemd.services.nvidia-vgpud = {
      description = "NVIDIA vGPU Daemon";
      wants = [ "syslog.target" ];
      wantedBy = [ "multi-user.target" ];

      serviceConfig = {
        Type = "forking";
        ExecStart = lib.strings.concatStringsSep " " [
          # Won't this just break if cfg.unlock.enable = false?
          (lib.optionalString cfg.unlock.enable "${vgpu_unlock}/bin/vgpu_unlock")
          "${lib.getBin config.hardware.nvidia.package}/bin/nvidia-vgpud"
        ];
        ExecStopPost = "${pkgs.coreutils}/bin/rm -rf /var/run/nvidia-vgpud";
        Environment = [ "__RM_NO_VERSION_CHECK=1" ]; # Avoids issue with API version incompatibility when merging host/client drivers
      };
    };

had to also remove the call to python in the service to make it work.

thanks a lot for both your inputs @TLATER and @MC-Escherichia! I’m marking this as solved :heart:

1 Like