From cef677ddbcad420220474935b660c147718a3a7c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Th=C3=A9ophane=20Hufschmitt?= Date: Fri, 12 Apr 2024 16:10:22 +0200 Subject: [PATCH] Test the inclusion of transitive symlinks in the sandbox --- tests/functional/linux-sandbox.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tests/functional/linux-sandbox.sh b/tests/functional/linux-sandbox.sh index 880d56fca..e553791d9 100644 --- a/tests/functional/linux-sandbox.sh +++ b/tests/functional/linux-sandbox.sh @@ -61,9 +61,11 @@ testCert () { nocert=$TEST_ROOT/no-cert-file.pem cert=$TEST_ROOT/some-cert-file.pem symlinkcert=$TEST_ROOT/symlink-cert-file.pem +transitivesymlinkcert=$TEST_ROOT/transitive-symlink-cert-file.pem symlinkDir=$TEST_ROOT/symlink-dir echo -n "CERT_CONTENT" > $cert ln -s $cert $symlinkcert +ln -s $symlinkcert $transitivesymlinkcert ln -s $TEST_ROOT $symlinkDir # No cert in sandbox when not a fixed-output derivation @@ -78,8 +80,9 @@ testCert missing fixed-output "$nocert" # Cert in sandbox when ssl-cert-file is set to an existing file testCert present fixed-output "$cert" -# Cert in sandbox when ssl-cert-file is set to a symlink to an existing file +# Cert in sandbox when ssl-cert-file is set to a (potentially transitive) symlink to an existing file testCert present fixed-output "$symlinkcert" +testCert present fixed-output "$transitivesymlinkcert" # Symlinks should be added in the sandbox directly and not followed nix-sandbox-build symlink-derivation.nix -A depends_on_symlink