C: Difference between revisions
imported>Mic92 NIX_DEBUG=1 and hardening flags |
imported>Tfc mNo edit summary |
||
Line 6: | Line 6: | ||
Usually header files are put into well known paths i.e. <code>/usr/include</code>, where the compiler will | Usually header files are put into well known paths i.e. <code>/usr/include</code>, where the compiler will | ||
look for them. Same is true when linking against libraries, which are put in a few places, where the build-time | look for them. Same is true when linking against libraries, which are put in a few places, where the build-time | ||
linker. Dynamically linked libraries will have a run-time linker (also known as <code>ld.so</code>) set as an interpreter. | linker will find them. Dynamically linked libraries will have a run-time linker (also known as <code>ld.so</code>) set as an interpreter. | ||
This linker reads <code>/etc/ld.so.conf</code> to figure out where to find libraries. | This linker reads <code>/etc/ld.so.conf</code> to figure out where to find libraries. | ||
In nixpkgs in contrast this information is provided by environment variables that will | In nixpkgs in contrast this information is provided by environment variables that will | ||
Line 69: | Line 69: | ||
== Debugging the compiler wrapper == | == Debugging the compiler wrapper == | ||
To inspect | To inspect how the shell wrapper processes the variables one can set the <code>NIX_DEBUG</code> environment variable: | ||
<syntaxHighlight lang=console> | <syntaxHighlight lang=console> | ||
Line 96: | Line 96: | ||
== Hardening flags == | == Hardening flags == | ||
To improve the security of | To improve the security of applications the wrapper also injects additional hardening compile flags into the application. | ||
Under some circumstances this can make programs | Under some circumstances this can make programs fail to build or function. | ||
To disable all hardening options one can export the environment variable <code>hardeningDisable="all"</code>. | To disable all hardening options one can export the environment variable <code>hardeningDisable="all"</code>. | ||
This also works for derivations like that: | This also works for derivations like that: |