diff options
author | sternenseemann <0rpkxez4ksa01gb3typccl0i@systemli.org> | 2021-03-23 15:11:33 +0100 |
---|---|---|
committer | sterni <sternenseemann@systemli.org> | 2022-03-24 11:13:38 +0100 |
commit | b5cad4d4a4055d9aa3c19660122ff5541de9706f (patch) | |
tree | b9983331d16bedc6682531b298e8e56b7c181d18 /pkgs/stdenv | |
parent | dcdad213dcde083fdb6df41accc36100aef7c21c (diff) | |
download | nixpkgs-b5cad4d4a4055d9aa3c19660122ff5541de9706f.tar nixpkgs-b5cad4d4a4055d9aa3c19660122ff5541de9706f.tar.gz nixpkgs-b5cad4d4a4055d9aa3c19660122ff5541de9706f.tar.bz2 nixpkgs-b5cad4d4a4055d9aa3c19660122ff5541de9706f.tar.lz nixpkgs-b5cad4d4a4055d9aa3c19660122ff5541de9706f.tar.xz nixpkgs-b5cad4d4a4055d9aa3c19660122ff5541de9706f.tar.zst nixpkgs-b5cad4d4a4055d9aa3c19660122ff5541de9706f.zip |
stdenv/setup.sh: make sure $sourceRoot has +x before cd-ing
This change is prompted by the following, admittedly cursed tarball: ``` > curl https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz 2>/dev/null \ | tar -ztv drw-rw-rw- 0/0 0 2020-02-18 10:50 package -rw-rw-rw- 0/0 297 2020-02-18 10:50 package/index.d.ts -rw-rw-rw- 0/0 1920 2020-02-18 10:50 package/index.js -rw-rw-rw- 0/0 1092 2020-01-31 11:31 package/LICENSE -rw-rw-rw- 0/0 937 2020-02-18 10:51 package/package.json -rw-rw-rw- 0/0 713 2020-02-18 10:50 package/README.md ``` The minimal reproducer for the issue is the following derivation trying to work around the uid 0 issue with `dontMakeSourcesWritable = true`: ```nix { stdenv, fetchurl }: stdenv.mkDerivation { name = "test"; src = fetchurl { sha1 = "d744358226217f981ed58f479b1d6bcc29545dcf"; url = "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz"; }; dontMakeSourcesWritable = true; installPhase = '' cp -R . $out ''; } ``` This currently fails in the following way: ``` these derivations will be built: /nix/store/pc3jbydl0xcc8nrndf5xkf7hdhpgpb41-test.drv building '/nix/store/pc3jbydl0xcc8nrndf5xkf7hdhpgpb41-test.drv'... unpacking sources unpacking source archive /nix/store/v9p98kqplf4kflmy91p0687xlvr6klb1-char-regex-1.0.2.tgz source root is package find: 'package/index.d.ts': Permission denied find: 'package/index.js': Permission denied find: 'package/LICENSE': Permission denied find: 'package/package.json': Permission denied find: 'package/README.md': Permission denied /nix/store/6c47azxacncswc1pllzj28zfzqw40d7c-stdenv-linux/setup: line 1311: cd: package: Permission denied builder for '/nix/store/pc3jbydl0xcc8nrndf5xkf7hdhpgpb41-test.drv' failed with exit code 1 error: build of '/nix/store/pc3jbydl0xcc8nrndf5xkf7hdhpgpb41-test.drv' failed ``` As you can see, the issue is that `$sourceRoot` isn't executable, prohibiting the call to `cd`. This can be fixed by running `chmod +x "${sourceRoot}"` before `cd` regardless of `dontMakeSourcesWritable` in `unpackPhase` since if `chmod` fails, `cd` would fail as well and we are out of options. Verified that the workaround works locally. Another thing to investigate is investigating if we should use `--no-same-owner` for `tar` and if it helps in this case as well. See also <https://github.com/Profpatsch/yarn2nix/issues/56>.
Diffstat (limited to 'pkgs/stdenv')
-rw-r--r-- | pkgs/stdenv/generic/setup.sh | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/pkgs/stdenv/generic/setup.sh b/pkgs/stdenv/generic/setup.sh index 350fff48252..620244d6e10 100644 --- a/pkgs/stdenv/generic/setup.sh +++ b/pkgs/stdenv/generic/setup.sh @@ -1345,6 +1345,9 @@ genericBuild() { eval "${!curPhase:-$curPhase}" if [ "$curPhase" = unpackPhase ]; then + # make sure we can cd into the directory + [ -z "${sourceRoot}" ] || chmod +x "${sourceRoot}" + cd "${sourceRoot:-.}" fi done |