diff options
| author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2015-04-16T16·46+0200 |
|---|---|---|
| committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2015-04-16T16·46+0200 |
| commit | 035aeb9547d4a33fe9037bc86f2ceeb9cbcf847b (patch) | |
| tree | 73504e4ccbae4cc115c0148a25d7c7adaf774499 /src/libexpr/eval.cc | |
| parent | 1e4a4a2e9fc382f47f58b448f3ee034cdd28218a (diff) | |
Fix using restricted mode with chroots
Diffstat (limited to 'src/libexpr/eval.cc')
| -rw-r--r-- | src/libexpr/eval.cc | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index d8a4193a8e64..301f991b7ab9 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -292,6 +292,11 @@ Path EvalState::checkSourcePath(const Path & path_) if (path == i.second || isInDir(path, i.second)) return path; + /* Hack to support the chroot dependencies of corepkgs (see + corepkgs/config.nix.in). */ + if (path == settings.nixPrefix && isStorePath(settings.nixPrefix)) + return path; + throw RestrictedPathError(format("access to path ‘%1%’ is forbidden in restricted mode") % path_); } |