Skip to content

Commit

Permalink
create pathAccessible, use it to infer default dirs
Browse files Browse the repository at this point in the history
  • Loading branch information
yorickvP committed May 26, 2023
1 parent a6c78ba commit 2c46248
Show file tree
Hide file tree
Showing 5 changed files with 26 additions and 14 deletions.
15 changes: 5 additions & 10 deletions src/libexpr/eval.cc
Original file line number Diff line number Diff line change
Expand Up @@ -2620,17 +2620,12 @@ Strings EvalSettings::getDefaultNixPath()
{
Strings res;
auto add = [&](const Path & p, const std::string & s = std::string()) {
try {
if (pathExists(p)) {
if (s.empty()) {
res.push_back(p);
} else {
res.push_back(s + "=" + p);
}
if (pathAccessible(p)) {
if (s.empty()) {
res.push_back(p);
} else {
res.push_back(s + "=" + p);
}
} catch (SysError & e) {
// swallow EPERM
if (e.errNo != EPERM) throw;
}
};

Expand Down
4 changes: 1 addition & 3 deletions src/libstore/globals.cc
Original file line number Diff line number Diff line change
Expand Up @@ -57,8 +57,6 @@ Settings::Settings()
auto sslOverride = getEnv("NIX_SSL_CERT_FILE").value_or(getEnv("SSL_CERT_FILE").value_or(""));
if (sslOverride != "")
caFile = sslOverride;
else if (caFile == "")
caFile = getDefaultSSLCertFile();

/* Backwards compatibility. */
auto s = getEnv("NIX_REMOTE_SYSTEMS");
Expand Down Expand Up @@ -185,7 +183,7 @@ bool Settings::isWSL1()
Path Settings::getDefaultSSLCertFile()
{
for (auto & fn : {"/etc/ssl/certs/ca-certificates.crt", "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"})
if (pathExists(fn)) return fn;
if (pathAccessible(fn)) return fn;
return "";
}

Expand Down
2 changes: 1 addition & 1 deletion src/libstore/globals.hh
Original file line number Diff line number Diff line change
Expand Up @@ -842,7 +842,7 @@ public:
)"};

Setting<Path> caFile{
this, "", "ssl-cert-file",
this, getDefaultSSLCertFile(), "ssl-cert-file",
R"(
The path of a file containing CA certificates used to
authenticate `https://` downloads. Nix by default will use
Expand Down
11 changes: 11 additions & 0 deletions src/libutil/util.cc
Original file line number Diff line number Diff line change
Expand Up @@ -266,6 +266,17 @@ bool pathExists(const Path & path)
return false;
}

bool pathAccessible(const Path & path)
{
try {
return pathExists(path);
} catch (SysError & e) {
// swallow EPERM
if (e.errNo == EPERM) return false;
throw;
}
}


Path readLink(const Path & path)
{
Expand Down
8 changes: 8 additions & 0 deletions src/libutil/util.hh
Original file line number Diff line number Diff line change
Expand Up @@ -120,6 +120,14 @@ struct stat lstat(const Path & path);
*/
bool pathExists(const Path & path);

/**
* A version of pathExists that returns false on a permission error.
* Useful for inferring default paths across directories that might not
* be readable.
* @return true iff the given path can be accessed and exists
*/
bool pathAccessible(const Path & path);

/**
* Read the contents (target) of a symbolic link. The result is not
* in any way canonicalised.
Expand Down

0 comments on commit 2c46248

Please sign in to comment.