From 72e80c59b5176eb08986247ec0f1978d32993364 Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Thu, 6 Jul 2017 13:42:12 -0700 Subject: =?UTF-8?q?Don=E2=80=99t=20hardlink=20disallowed=20paths=20in=20OS?= =?UTF-8?q?=20X.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes #1443 --- src/libstore/optimise-store.cc | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'src') diff --git a/src/libstore/optimise-store.cc b/src/libstore/optimise-store.cc index 56167c4df..9e651ebea 100644 --- a/src/libstore/optimise-store.cc +++ b/src/libstore/optimise-store.cc @@ -9,6 +9,7 @@ #include #include #include +#include namespace nix { @@ -96,6 +97,19 @@ void LocalStore::optimisePath_(OptimiseStats & stats, const Path & path, InodeHa if (lstat(path.c_str(), &st)) throw SysError(format("getting attributes of path ‘%1%’") % path); +#if __APPLE__ + /* HFS/OS X has some undocumented security feature disabling hardlinking for + special files within .app dirs. *.app/Contents/PkgInfo and + *.app/Contents/Resources/\*.lproj seem to be the only paths affected. See + https://github.com/NixOS/nix/issues/1443 for more discussion. */ + + if (std::regex_search(path, std::regex("\\.app/Contents/PkgInfo$")) || + std::regex_search(path, std::regex("\\.app/Contents/Resources/.+\\.lproj$"))) { + debug(format("‘%1%’ is not allowed to be linked in OS X") % path); + return; + } +#endif + if (S_ISDIR(st.st_mode)) { Strings names = readDirectoryIgnoringInodes(path, inodeHash); for (auto & i : names) -- cgit v1.2.3