diff options
| author | K900 <me@0upti.me> | 2024-04-14 16:41:06 +0300 |
|---|---|---|
| committer | K900 <me@0upti.me> | 2024-04-15 10:25:29 +0300 |
| commit | effc28f6f5621cf0c32716f2137f9aee7567aa48 (patch) | |
| tree | fe889bc617882fe55bfcb159c5241cbada149e80 /tests/nixos/util.nix | |
| parent | 8d15e6af4b7446b8f542edfee8da035c97bdbbca (diff) | |
libstore/build: set NO_NEW_PRIVS for the sandbox
Change-Id: I711f64e2b68495ed9c85c1a4bd5025405805e43a
Diffstat (limited to 'tests/nixos/util.nix')
| -rw-r--r-- | tests/nixos/util.nix | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/tests/nixos/util.nix b/tests/nixos/util.nix new file mode 100644 index 000000000..0c51cc075 --- /dev/null +++ b/tests/nixos/util.nix @@ -0,0 +1,23 @@ +{ + mkNixBuildTest = { name, expressionFile, extraMachineConfig ? {} }: + { lib, pkgs, ... }: + { + inherit name; + + nodes.machine = { + imports = [extraMachineConfig]; + nix.nixPath = ["nixpkgs=${pkgs.path}"]; + nix.settings.substituters = lib.mkForce []; + virtualisation.additionalPaths = [ + expressionFile + (pkgs.callPackage expressionFile {}).inputDerivation + ]; + }; + + testScript = { nodes }: '' + start_all() + + machine.succeed('nix-build --expr "let pkgs = import <nixpkgs> {}; in pkgs.callPackage ${expressionFile} {}"') + ''; + }; +} |