diff options
author | Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi> | 2017-12-03 03:37:45 +0200 |
---|---|---|
committer | Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi> | 2017-12-03 03:37:45 +0200 |
commit | 574526d510bbfabd66fc251ef6054604c8221ca3 (patch) | |
tree | 58dc9d4b3feb11ee83477ce447035c7860b23111 /nixos/lib/make-squashfs.nix | |
parent | 58307d15a7e9ff88c21baca1b09bed07919babbd (diff) |
make-squashfs: Hack to avoid building images where nixos-install won't run
https://github.com/NixOS/nixpkgs/issues/32242
Diffstat (limited to 'nixos/lib/make-squashfs.nix')
-rw-r--r-- | nixos/lib/make-squashfs.nix | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/nixos/lib/make-squashfs.nix b/nixos/lib/make-squashfs.nix index 4100af27becb..c76c98737412 100644 --- a/nixos/lib/make-squashfs.nix +++ b/nixos/lib/make-squashfs.nix @@ -19,6 +19,33 @@ stdenv.mkDerivation { # Add the closures of the top-level store objects. storePaths=$(perl ${pathsFromGraph} closure-*) + # If a Hydra slave happens to have store paths with bad permissions/mtime, + # abort now so that they don't end up in ISO images in the channel. + # https://github.com/NixOS/nixpkgs/issues/32242 + hasBadPaths="" + for path in $storePaths; do + if [ -h "$path" ]; then + continue + fi + + mtime=$(stat -c %Y "$path") + mode=$(stat -c %a "$path") + + if [ "$mtime" != 1 ]; then + echo "Store path '$path' has an invalid mtime." + hasBadPaths=1 + fi + if [ "$mode" != 444 ] && [ "$mode" != 555 ]; then + echo "Store path '$path' has invalid permissions." + hasBadPaths=1 + fi + done + + if [ -n "$hasBadPaths" ]; then + echo "You have bad paths in your store, please fix them." + exit 1 + fi + # Also include a manifest of the closures in a format suitable # for nix-store --load-db. printRegistration=1 perl ${pathsFromGraph} closure-* > nix-path-registration |