aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorEelco Dolstra <eelco.dolstra@logicblox.com>2017-07-07 11:05:21 +0200
committerGitHub <noreply@github.com>2017-07-07 11:05:21 +0200
commitd3713716b6b057852bca4fe6bcba21c946228a42 (patch)
treeb5d8eae847221d4452ae99200824d17f333dd80f /src
parenteef09c220db6a80a2e069c7b8aecb5977015e226 (diff)
parent72e80c59b5176eb08986247ec0f1978d32993364 (diff)
Merge pull request #1445 from matthewbauer/macos-skip-hardlink
Don’t hardlink disallowed paths in OS X.
Diffstat (limited to 'src')
-rw-r--r--src/libstore/optimise-store.cc14
1 files changed, 14 insertions, 0 deletions
diff --git a/src/libstore/optimise-store.cc b/src/libstore/optimise-store.cc
index adaf31313..8e8002a30 100644
--- a/src/libstore/optimise-store.cc
+++ b/src/libstore/optimise-store.cc
@@ -9,6 +9,7 @@
#include <unistd.h>
#include <errno.h>
#include <stdio.h>
+#include <regex>
namespace nix {
@@ -96,6 +97,19 @@ void LocalStore::optimisePath_(OptimiseStats & stats, const Path & path, InodeHa
if (lstat(path.c_str(), &st))
throw SysError(format("getting attributes of path ‘%1%’") % path);
+#if __APPLE__
+ /* HFS/OS X has some undocumented security feature disabling hardlinking for
+ special files within .app dirs. *.app/Contents/PkgInfo and
+ *.app/Contents/Resources/\*.lproj seem to be the only paths affected. See
+ https://github.com/NixOS/nix/issues/1443 for more discussion. */
+
+ if (std::regex_search(path, std::regex("\\.app/Contents/PkgInfo$")) ||
+ std::regex_search(path, std::regex("\\.app/Contents/Resources/.+\\.lproj$"))) {
+ debug(format("‘%1%’ is not allowed to be linked in OS X") % path);
+ return;
+ }
+#endif
+
if (S_ISDIR(st.st_mode)) {
Strings names = readDirectoryIgnoringInodes(path, inodeHash);
for (auto & i : names)