aboutsummaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorEelco Dolstra <edolstra@gmail.com>2019-10-09 18:01:21 +0200
committerEelco Dolstra <edolstra@gmail.com>2019-10-09 23:34:48 +0200
commit5a303093dcae1e5ce9212616ef18f2ca51020b0d (patch)
tree091df92662ac2fdfe8c5ce4b9eb1f75bc81b5675 /tests
parent4331eeb13d241dfe2d2e6a01c53915c556cac94f (diff)
Remove world-writability from per-user directories
'nix-daemon' now creates subdirectories for users when they first connect. Fixes #509 (CVE-2019-17365). Should also fix #3127.
Diffstat (limited to 'tests')
-rw-r--r--tests/nix-profile.sh2
-rw-r--r--tests/remote-store.sh4
-rw-r--r--tests/user-envs.sh2
3 files changed, 5 insertions, 3 deletions
diff --git a/tests/nix-profile.sh b/tests/nix-profile.sh
index b244815e2..5b17fe3fa 100644
--- a/tests/nix-profile.sh
+++ b/tests/nix-profile.sh
@@ -10,5 +10,3 @@ USER=$user $SHELL -e -c ". $TEST_ROOT/nix-profile.sh" # test idempotency
[ -L $TEST_HOME/.nix-profile ]
[ -e $TEST_HOME/.nix-channels ]
-[ -e $TEST_ROOT/profile-var/nix/gcroots/per-user/$user ]
-[ -e $TEST_ROOT/profile-var/nix/profiles/per-user/$user ]
diff --git a/tests/remote-store.sh b/tests/remote-store.sh
index f2f2806d0..77437658e 100644
--- a/tests/remote-store.sh
+++ b/tests/remote-store.sh
@@ -13,3 +13,7 @@ cmp $TEST_ROOT/d1 $TEST_ROOT/d2
nix-store --gc --max-freed 1K
killDaemon
+
+user=$(whoami)
+[ -e $NIX_STATE_DIR/gcroots/per-user/$user ]
+[ -e $NIX_STATE_DIR/profiles/per-user/$user ]
diff --git a/tests/user-envs.sh b/tests/user-envs.sh
index ba6392311..aebf6a2a2 100644
--- a/tests/user-envs.sh
+++ b/tests/user-envs.sh
@@ -20,7 +20,7 @@ drvPath10=$(nix-env -f ./user-envs.nix -qa --drv-path --no-name '*' | grep foo-1
# Query descriptions.
nix-env -f ./user-envs.nix -qa '*' --description | grep -q silly
-rm -f $HOME/.nix-defexpr
+rm -rf $HOME/.nix-defexpr
ln -s $(pwd)/user-envs.nix $HOME/.nix-defexpr
nix-env -qa '*' --description | grep -q silly