mirror of
https://github.com/privatevoid-net/nix-super.git
synced 2024-11-10 08:16:15 +02:00
Fix using restricted mode with chroots
This commit is contained in:
parent
1e4a4a2e9f
commit
035aeb9547
4 changed files with 9 additions and 0 deletions
|
@ -292,6 +292,11 @@ Path EvalState::checkSourcePath(const Path & path_)
|
|||
if (path == i.second || isInDir(path, i.second))
|
||||
return path;
|
||||
|
||||
/* Hack to support the chroot dependencies of corepkgs (see
|
||||
corepkgs/config.nix.in). */
|
||||
if (path == settings.nixPrefix && isStorePath(settings.nixPrefix))
|
||||
return path;
|
||||
|
||||
throw RestrictedPathError(format("access to path ‘%1%’ is forbidden in restricted mode") % path_);
|
||||
}
|
||||
|
||||
|
|
|
@ -67,6 +67,7 @@ Settings::Settings()
|
|||
|
||||
void Settings::processEnvironment()
|
||||
{
|
||||
nixPrefix = NIX_PREFIX;
|
||||
nixStore = canonPath(getEnv("NIX_STORE_DIR", getEnv("NIX_STORE", NIX_STORE_DIR)));
|
||||
nixDataDir = canonPath(getEnv("NIX_DATA_DIR", NIX_DATA_DIR));
|
||||
nixLogDir = canonPath(getEnv("NIX_LOG_DIR", NIX_LOG_DIR));
|
||||
|
|
|
@ -42,6 +42,8 @@ struct Settings {
|
|||
|
||||
Path nixDataDir; /* !!! fix */
|
||||
|
||||
Path nixPrefix;
|
||||
|
||||
/* The directory where we log various operations. */
|
||||
Path nixLogDir;
|
||||
|
||||
|
|
|
@ -15,6 +15,7 @@ ifeq ($(OS), SunOS)
|
|||
endif
|
||||
|
||||
libstore_CXXFLAGS = \
|
||||
-DNIX_PREFIX=\"$(prefix)\" \
|
||||
-DNIX_STORE_DIR=\"$(storedir)\" \
|
||||
-DNIX_DATA_DIR=\"$(datadir)\" \
|
||||
-DNIX_STATE_DIR=\"$(localstatedir)/nix\" \
|
||||
|
|
Loading…
Reference in a new issue