diff options
| author | Bruce Toll <4109762+tollb@users.noreply.github.com> | 2019-02-17 14:34:31 -0500 |
|---|---|---|
| committer | Bruce Toll <4109762+tollb@users.noreply.github.com> | 2020-04-10 16:23:10 -0400 |
| commit | 8132d0a12e1b1d30973ae2c543622a46c24ec075 (patch) | |
| tree | 820a7a4d334f53251f944eae05a6996ec05ac7f3 /tests | |
| parent | 3abf6d03c611417b309fdedf4323c08e6afbcd9c (diff) | |
Fix nix-build --check -K in sandbox w/o root
Temporarily add user-write permission to build directory so that it
can be moved out of the sandbox to the store with a .check suffix.
This is necessary because the build directory has already had its
permissions set read-only, but write permission is required
to update the directory's parent link to move it out of the sandbox.
Updated the related --check "derivation may not be deterministic"
messages to consistently use the real store paths.
Added test for non-root sandbox nix-build --check -K to demonstrate
issue and help prevent regressions.
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/linux-sandbox.sh | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/tests/linux-sandbox.sh b/tests/linux-sandbox.sh index 52967d07d..16abd974c 100644 --- a/tests/linux-sandbox.sh +++ b/tests/linux-sandbox.sh @@ -28,3 +28,10 @@ nix cat-store $outPath/foobar | grep FOOBAR # Test --check without hash rewriting. nix-build dependencies.nix --no-out-link --check --sandbox-paths /nix/store + +# Test that sandboxed builds with --check and -K can move .check directory to store +nix-build check.nix -A nondeterministic --sandbox-paths /nix/store --no-out-link + +(! nix-build check.nix -A nondeterministic --sandbox-paths /nix/store --no-out-link --check -K 2> $TEST_ROOT/log) +if grep -q 'error: renaming' $TEST_ROOT/log; then false; fi +grep -q 'may not be deterministic' $TEST_ROOT/log |