diff options
| -rw-r--r-- | doc/manual/advanced-topics/post-build-hook.xml | 7 | ||||
| -rw-r--r-- | doc/manual/command-ref/conf-file.xml | 3 |
2 files changed, 7 insertions, 3 deletions
diff --git a/doc/manual/advanced-topics/post-build-hook.xml b/doc/manual/advanced-topics/post-build-hook.xml index 4335b308b..3dc43ee79 100644 --- a/doc/manual/advanced-topics/post-build-hook.xml +++ b/doc/manual/advanced-topics/post-build-hook.xml @@ -74,6 +74,8 @@ trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDS #!/bin/sh set -eu +set -f # disable globbing +export IFS=' ' echo "Signing paths" $OUT_PATHS nix sign-paths --key-file /etc/nix/key.private $OUT_PATHS @@ -88,8 +90,9 @@ exec nix copy --to 's3://example-nix-cache' $OUT_PATHS list of Nix store paths. In this case, we expect and want the shell to perform word splitting to make each output path its own argument to <command>nix sign-paths</command>. Nix guarantees - the paths will only contain characters which are safe for word - splitting, and free of any globs. + the paths will not contain any spaces, however a store path + might contain glob characters. The <command>set -f</command> + disables globbing in the shell. </para> </note> <para> diff --git a/doc/manual/command-ref/conf-file.xml b/doc/manual/command-ref/conf-file.xml index d2c9c7502..e818a74cd 100644 --- a/doc/manual/command-ref/conf-file.xml +++ b/doc/manual/command-ref/conf-file.xml @@ -674,6 +674,7 @@ password <replaceable>my-password</replaceable> <listitem><para>The hook does not execute on substituted paths.</para></listitem> <listitem><para>The hook's output always goes to the user's terminal.</para></listitem> <listitem><para>If the hook fails, the build succeeds but no further builds execute.</para></listitem> + <listitem><para>The hook executes synchronously, and blocks other builds from progressing while it runs.</para> </itemizedlist> <para>The program executes with no arguments. The program's environment @@ -693,7 +694,7 @@ password <replaceable>my-password</replaceable> <varlistentry> <term><envar>OUT_PATHS</envar></term> <listitem> - <para>Output paths of the built derivation, separated by a space (<literal> </literal>) character.</para> + <para>Output paths of the built derivation, separated by a space character.</para> <para>Example: <literal>/nix/store/zf5lbh336mnzf1nlswdn11g4n2m8zh3g-bash-4.4-p23-dev /nix/store/rjxwxwv1fpn9wa2x5ssk5phzwlcv4mna-bash-4.4-p23-doc |