about summary refs log tree commit diff
path: root/third_party/nix/tests/linux-sandbox.sh
diff options
context:
space:
mode:
Diffstat (limited to 'third_party/nix/tests/linux-sandbox.sh')
-rw-r--r--third_party/nix/tests/linux-sandbox.sh30
1 files changed, 30 insertions, 0 deletions
diff --git a/third_party/nix/tests/linux-sandbox.sh b/third_party/nix/tests/linux-sandbox.sh
new file mode 100644
index 000000000000..52967d07dda2
--- /dev/null
+++ b/third_party/nix/tests/linux-sandbox.sh
@@ -0,0 +1,30 @@
+source common.sh
+
+clearStore
+
+if ! canUseSandbox; then exit; fi
+
+# Note: we need to bind-mount $SHELL into the chroot. Currently we
+# only support the case where $SHELL is in the Nix store, because
+# otherwise things get complicated (e.g. if it's in /bin, do we need
+# /lib as well?).
+if [[ ! $SHELL =~ /nix/store ]]; then exit; fi
+
+chmod -R u+w $TEST_ROOT/store0 || true
+rm -rf $TEST_ROOT/store0
+
+export NIX_STORE_DIR=/my/store
+export NIX_REMOTE=$TEST_ROOT/store0
+
+outPath=$(nix-build dependencies.nix --no-out-link --sandbox-paths /nix/store)
+
+[[ $outPath =~ /my/store/.*-dependencies ]]
+
+nix path-info -r $outPath | grep input-2
+
+nix ls-store -R -l $outPath | grep foobar
+
+nix cat-store $outPath/foobar | grep FOOBAR
+
+# Test --check without hash rewriting.
+nix-build dependencies.nix --no-out-link --check --sandbox-paths /nix/store
generated by cgit-pink 1.4.1 (git 2.44.2) at 2024-11-01T00ยท57+0000