Description:
nix build from the flake fails at the openssl-sys crate with Command 'perl' not found when building openfang-cli from source in a sandboxed Nix environment. The build succeeds on v0.5.3 and
fails on v0.5.4+.
Root cause
v0.5.4 changed native-tls from a plain dependency to vendored:
v0.5.3 -- builds
native-tls = "0.2"
v0.5.4 -- fails
native-tls = { version = "0.2", features = ["vendored"] }
On Linux, native-tls depends on openssl-sys. The vendored feature activates openssl-sys/vendored, which compiles OpenSSL from source using perl's ./Configure script. The flake provides
openssl and pkg-config in buildInputs but not perl:
flake.nix (current)
rust-project.defaults.perCrate.crane.args.buildInputs = with pkgs; [
clang
openssl
pkg-config
];
The system openssl and pkg-config are sufficient for non-vendored builds. With vendored, they are ignored -- openssl-sys bypasses pkg-config and compiles its own copy, requiring perl which is
absent from the Nix sandbox.
Proposed Fix
Either:
- Add perl to build inputs (minimal, keeps vendored):
rust-project.defaults.perCrate.crane.args.buildInputs = with pkgs; [
clang
openssl
perl
pkg-config
];
- Set OPENSSL_NO_VENDOR = "1" in crane args (uses the system openssl already provided via pkg-config, removes the perl requirement entirely):
rust-project.defaults.perCrate.crane.args = {
buildInputs = with pkgs; [ clang openssl pkg-config ];
OPENSSL_NO_VENDOR = "1";
};
Option 2 is arguably cleaner: it uses the system openssl that buildInputs already provides rather than compiling a second copy from source.
Expected Behavior:
nix build github:RightNow-AI/openfang/v0.5.5 succeeds without a binary cache.
Steps to Reproduce:
nix build github:RightNow-AI/openfang/v0.5.5
No binary cache hit required to trigger -- any clean Nix store reproduces it.
OpenFang Version: v0.5.4 and v0.5.5. v0.5.3 is not affected.
Operating System: Linux (x86_64)
Logs:
running cd "/build/source/target/release/build/openssl-sys-92717d0421ec2d04/out/openssl-build/build/src"
&& env -u CROSS_COMPILE AR="ar" CC="gcc" RANLIB="ranlib" "perl" "./Configure"
"--prefix=.../openssl-build/install" "--openssldir=/usr/local/ssl"
"no-shared" "no-module" "no-tests" ... "linux-x86_64" "-O2" ...
cargo:warning=configuring OpenSSL build: Command 'perl' not found. Is perl installed?
cargo:warning=openssl-src: failed to build OpenSSL from source
Error configuring OpenSSL build:
Command 'perl' not found. Is perl installed?
Description:
nix build from the flake fails at the openssl-sys crate with Command 'perl' not found when building openfang-cli from source in a sandboxed Nix environment. The build succeeds on v0.5.3 and
fails on v0.5.4+.
Root cause
v0.5.4 changed native-tls from a plain dependency to vendored:
v0.5.3 -- builds
native-tls = "0.2"
v0.5.4 -- fails
native-tls = { version = "0.2", features = ["vendored"] }
On Linux, native-tls depends on openssl-sys. The vendored feature activates openssl-sys/vendored, which compiles OpenSSL from source using perl's ./Configure script. The flake provides
openssl and pkg-config in buildInputs but not perl:
flake.nix (current)
rust-project.defaults.perCrate.crane.args.buildInputs = with pkgs; [
clang
openssl
pkg-config
];
The system openssl and pkg-config are sufficient for non-vendored builds. With vendored, they are ignored -- openssl-sys bypasses pkg-config and compiles its own copy, requiring perl which is
absent from the Nix sandbox.
Proposed Fix
Either:
rust-project.defaults.perCrate.crane.args.buildInputs = with pkgs; [
clang
openssl
perl
pkg-config
];
rust-project.defaults.perCrate.crane.args = {
buildInputs = with pkgs; [ clang openssl pkg-config ];
OPENSSL_NO_VENDOR = "1";
};
Option 2 is arguably cleaner: it uses the system openssl that buildInputs already provides rather than compiling a second copy from source.
Expected Behavior:
nix build github:RightNow-AI/openfang/v0.5.5 succeeds without a binary cache.
Steps to Reproduce:
nix build github:RightNow-AI/openfang/v0.5.5
No binary cache hit required to trigger -- any clean Nix store reproduces it.
OpenFang Version: v0.5.4 and v0.5.5. v0.5.3 is not affected.
Operating System: Linux (x86_64)
Logs:
running cd "/build/source/target/release/build/openssl-sys-92717d0421ec2d04/out/openssl-build/build/src"
&& env -u CROSS_COMPILE AR="ar" CC="gcc" RANLIB="ranlib" "perl" "./Configure"
"--prefix=.../openssl-build/install" "--openssldir=/usr/local/ssl"
"no-shared" "no-module" "no-tests" ... "linux-x86_64" "-O2" ...
cargo:warning=configuring OpenSSL build: Command 'perl' not found. Is perl installed?
cargo:warning=openssl-src: failed to build OpenSSL from source
Error configuring OpenSSL build:
Command 'perl' not found. Is perl installed?