about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--doc/manual/installation.xml15
-rw-r--r--src/libexpr/parser.y9
-rw-r--r--src/nix-env/nix-env.cc5
3 files changed, 22 insertions, 7 deletions
diff --git a/doc/manual/installation.xml b/doc/manual/installation.xml
index 9d80351298b1..b6cc6e7f9bbd 100644
--- a/doc/manual/installation.xml
+++ b/doc/manual/installation.xml
@@ -205,6 +205,21 @@ on systems that have the <function>setresuid()</function> system call
 (such as Linux and FreeBSD), so on those systems the binaries are
 simply owned by the Nix user.</para></warning>
 
+
+
+<!--
+
+warning: the nix-builders group should contain *only* the Nix
+builders, and nothing else.  If the Nix account is compromised, you
+can execute programs under the accounts in the nix-builders group, so
+it obviously shouldn’t contain any “real” user accounts.  So don’t use
+an existing group like <literal>users</literal> — just create a new
+one.
+
+-->
+
+
+
 </section>
 
 </section>
diff --git a/src/libexpr/parser.y b/src/libexpr/parser.y
index 8ac3345c1f2e..3540058bc1e0 100644
--- a/src/libexpr/parser.y
+++ b/src/libexpr/parser.y
@@ -369,9 +369,12 @@ Expr parseExprFromFile(EvalState & state, Path path)
     /* If `path' is a symlink, follow it.  This is so that relative
        path references work. */
     struct stat st;
-    if (lstat(path.c_str(), &st))
-        throw SysError(format("getting status of `%1%'") % path);
-    if (S_ISLNK(st.st_mode)) path = absPath(readLink(path), dirOf(path));
+    while (true) {
+        if (lstat(path.c_str(), &st))
+            throw SysError(format("getting status of `%1%'") % path);
+        if (!S_ISLNK(st.st_mode)) break;
+        path = absPath(readLink(path), dirOf(path));
+    }
 
     /* If `path' refers to a directory, append `/default.nix'. */
     if (stat(path.c_str(), &st))
diff --git a/src/nix-env/nix-env.cc b/src/nix-env/nix-env.cc
index 04641697f1bd..113f49ccb3e4 100644
--- a/src/nix-env/nix-env.cc
+++ b/src/nix-env/nix-env.cc
@@ -1113,10 +1113,7 @@ static void opDefaultExpr(Globals & globals,
     if (opArgs.size() != 1)
         throw UsageError(format("exactly one argument expected"));
 
-    Path defNixExpr = absPath(opArgs.front());
-    Path defNixExprLink = getDefNixExprPath();
-    
-    switchLink(defNixExprLink, defNixExpr);
+    switchLink(getDefNixExprPath(), absPath(opArgs.front()));
 }
generated by cgit-pink 1.4.1 (git 2.44.2) at 2024-07-24T08·34+0000