I’m very new to the Nix ecosystem, and so I’m struggling to figure out how to create a derivation that packages a prebuilt binary from anacierdem/libdragon-docker’s GitHub releases using fetchzip for personal use. Whenever I try to run the binary produced by nix-build it fails, complaining about Segmentation fault (core dumped). The following is the expression in question:
The expected result is an error produced by the binary itself: No action provided. This result can be achieved by running the binary manually after downloading it from the releases page. I’ve also noticed that the produced binary is a few MBs smaller than if I were to manually download the binary.
On an unrelated note, I’m only packaging the binary because I couldn’t figure out how to build it from source. The following fails to package during a call to the pack npm script, which is supposed to produce a binary for the build platform:
NixOS cannot execute binaries built for fhs distros, since its linker is not in the standard path - deliberately so, because linkers can be incompatible, and this can cause binaries to fail in deployment; nix kind of exists because this way of publishing software is inherently flawed.
That, or you package the package from source properly. Hard to say without digging into your build, but it’s most likely just not a trivial package. If you don’t share the exact errors I can’t help much
Riiight, this explains other errors I’ve encountered. It’s just taking some time for me to wrap my head around NixOS works. I guess I have some more reading to do
So I’ve run the following sequence of commands on a live boot of the NixOS Minimal ISO image in an attempt to rule out my install configuration as a cause:
git clone https://github.com/anacierdem/libdragon-docker
cd libdragon-docker
nix-shell -p nodejs_23
npm install
npm run pack
The output of this is the same as the error I was getting on my own system:
$ npm run pack
> libdragon@12.0.4 pack
> node pack.mjs
No version is provided, building cli with the existing version.
Wrote single executable preparation blob to build/sea-prep.blob
/home/nixos/libdragon-docker/node_modules/zx/build/core.cjs:256
const output = new ProcessOutput({
^
ProcessOutput [Error]:
at file:///home/nixos/libdragon-docker/pack.mjs:66:7
exit code: 1
at EventEmitter.end (/home/nixos/libdragon-docker/node_modules/zx/build/core.cjs:256:26)
at EventEmitter.emit (node:events:507:28)
at ChildProcess.<anonymous> (/home/nixos/libdragon-docker/node_modules/zx/build/vendor-core.cjs:453:16)
at ChildProcess.emit (node:events:507:28)
at maybeClose (node:internal/child_process:1101:16)
at ChildProcess._handle.onexit (node:internal/child_process:305:5) {
_code: [Getter],
_signal: [Getter],
_stdout: [Getter],
_stderr: [Getter],
_combined: [Getter],
_duration: [Getter]
}
As a control, I also did the equivalent on a fresh install of Debian via WSL, and this successfully produced the binary. Could it be that the methods used by this package to produce a build just aren’t compatible with NixOS?
When run like this, absolutely. npm is fond of downloading random binaries from the internet and attempting to run them. This will not work on NixOS. Given it’s calling a third process that’s quite likely here.
During the package build nix prevents downloads, though, and to an extent patches stuff like this. What happens if you use buildNpmPackage instead of your shell?
Building the expression from my first post with nix-build -E 'with import <nixpkgs> {}; callPackage ./package.nix {}' results in the same error. For reference, the expression:
I used this interactive script, Nix-build-phases: run nix build phases interactively and ran the steps manually one by one, commented out that last part in pack.mjs and ran it from the cli npx postject .. command which gave the error, can’t write to executable, so I added the chmod +w patch.
Then I found the final binary doesn’t need node_modules, nor is it a nodejs package so I moved to stdenv.mkDerivation instead of buildNpmPackage, and followed the nixpkgs unstable manual nodejs npm section.
Encountered one more seg fault with final binary, but it was working in the interactive build steps after buildPhase (script I linked above) and thus I assumed one of the later phases mainly fixupPhase was the culprit, so disabled it.
other minor things
using nodejs_22 because the upstream github actions workflows have node version 22
tag instead of rev in src fetchFromGithub (optional)
hash instead of sha256 (optional)
using finalAttrs pattern instead of rec (optional)
Wow, this solution works flawlessly. Thanks for taking the time to test and explain this all, I’ve learnt a lot from this. Marking this as the solution.
