diff options
author | Nicolas Pierron <nicolas.b.pierron@gmail.com> | 2010-01-03 11:08:45 +0000 |
---|---|---|
committer | Nicolas Pierron <nicolas.b.pierron@gmail.com> | 2010-01-03 11:08:45 +0000 |
commit | 9d62d5a35c8c1c2178e8f7c64b7575cd177c447d (patch) | |
tree | 23675add46a0457c15af5e1f369a75f923c6b730 /pkgs/build-support | |
parent | 1e0b14522ac929abb3f7d51480f2357b7a61b1aa (diff) | |
download | nixlib-9d62d5a35c8c1c2178e8f7c64b7575cd177c447d.tar nixlib-9d62d5a35c8c1c2178e8f7c64b7575cd177c447d.tar.gz nixlib-9d62d5a35c8c1c2178e8f7c64b7575cd177c447d.tar.bz2 nixlib-9d62d5a35c8c1c2178e8f7c64b7575cd177c447d.tar.lz nixlib-9d62d5a35c8c1c2178e8f7c64b7575cd177c447d.tar.xz nixlib-9d62d5a35c8c1c2178e8f7c64b7575cd177c447d.tar.zst nixlib-9d62d5a35c8c1c2178e8f7c64b7575cd177c447d.zip |
* Add a wrapper to find any set-uid version of a program in the environment.
svn path=/nixpkgs/trunk/; revision=19181
Diffstat (limited to 'pkgs/build-support')
-rw-r--r-- | pkgs/build-support/trivial-builders.nix | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/pkgs/build-support/trivial-builders.nix b/pkgs/build-support/trivial-builders.nix index cbbc5ae0628d..25ae340629b1 100644 --- a/pkgs/build-support/trivial-builders.nix +++ b/pkgs/build-support/trivial-builders.nix @@ -73,4 +73,29 @@ rec { linkFarm = name: entries: runCommand name {} ("mkdir -p $out; cd $out; \n" + (stdenv.lib.concatMapStrings (x: "ln -s '${x.path}' '${x.name}';\n") entries)); + # Search in the environment if the same program exists with a set uid or + # set gid bit. If it exists, run the first program found, otherwise run + # the default binary. + useSetUID = drv: path: + let + name = stdenv.lib.basename path; + bin = "${drv}${path}"; + in assert name != ""; + writeScript "setUID-${name}" '' + #!${stdenv.shell} + inode=$(stat -Lc %i ${bin}) + for file in $(type -ap ${name}); do + case $(stat -Lc %a $file) in + ([2-7][0-7][0-7][0-7]) + if test -r "$file".real; then + orig=$(cat "$file".real) + if test $inode = $(stat -Lc %i "$orig"); then + exec "$file" "$@" + fi + fi;; + esac + done + exec ${bin} "$@" + ''; + } |