mirror of
https://github.com/privatevoid-net/nix-super.git
synced 2024-11-10 08:16:15 +02:00
nix-shell: clean up the tmpDir and escape variables
The problem fixed: each nix-shell invocation creates a new temporary directory (`/tmp/nix-shell-*`) and never cleans up. And while I'm here, shellescape all variables inlined into the rcfile. See what might happen without escaping: $ export TZ="';echo pwned'" $ nix-shell -p hello --run hello pwned Hello, world!
This commit is contained in:
parent
8b09105db3
commit
f2a03acf3f
1 changed files with 11 additions and 6 deletions
|
@ -423,13 +423,18 @@ static void _main(int argc, char * * argv)
|
|||
lose the current $PATH directories. */
|
||||
auto rcfile = (Path) tmpDir + "/rc";
|
||||
writeFile(rcfile, fmt(
|
||||
(keepTmp ? "" : "rm -rf '%1%'; "s) +
|
||||
R"(_nix_shell_clean_tmpdir() { rm -rf %1%; }; )"s +
|
||||
(keepTmp ?
|
||||
"trap _nix_shell_clean_tmpdir EXIT; "
|
||||
"exitHooks+=(_nix_shell_clean_tmpdir); "
|
||||
"failureHooks+=(_nix_shell_clean_tmpdir); ":
|
||||
"_nix_shell_clean_tmpdir; ") +
|
||||
(pure ? "" : "[ -n \"$PS1\" ] && [ -e ~/.bashrc ] && source ~/.bashrc;") +
|
||||
"%2%"
|
||||
"dontAddDisableDepTrack=1; "
|
||||
"[ -e $stdenv/setup ] && source $stdenv/setup; "
|
||||
"%3%"
|
||||
"PATH=\"%4%:$PATH\"; "
|
||||
"PATH=%4%:\"$PATH\"; "
|
||||
"SHELL=%5%; "
|
||||
"set +e; "
|
||||
R"s([ -n "$PS1" ] && PS1='\n\[\033[1;32m\][nix-shell:\w]\$\[\033[0m\] '; )s"
|
||||
|
@ -438,12 +443,12 @@ static void _main(int argc, char * * argv)
|
|||
"shopt -u nullglob; "
|
||||
"unset TZ; %6%"
|
||||
"%7%",
|
||||
(Path) tmpDir,
|
||||
shellEscape(tmpDir),
|
||||
(pure ? "" : "p=$PATH; "),
|
||||
(pure ? "" : "PATH=$PATH:$p; unset p; "),
|
||||
dirOf(*shell),
|
||||
*shell,
|
||||
(getenv("TZ") ? (string("export TZ='") + getenv("TZ") + "'; ") : ""),
|
||||
shellEscape(dirOf(*shell)),
|
||||
shellEscape(*shell),
|
||||
(getenv("TZ") ? (string("export TZ=") + shellEscape(getenv("TZ")) + "; ") : ""),
|
||||
envCommand));
|
||||
|
||||
Strings envStrs;
|
||||
|
|
Loading…
Reference in a new issue