From 7924b37d1b67b854eb69f7b840bb3ba98dbd6ba0 Mon Sep 17 00:00:00 2001 From: Dusk Banks Date: Thu, 17 Oct 2024 23:15:47 -0700 Subject: [PATCH 1/3] tests/libstore-support: avoid host configuration setting a global like this is a hacky solution, but it works for now. without this, unit tests try to use configuration under `/etc/nix/`. Signed-off-by: Dusk Banks Change-Id: Ic7966a67d52646818991646439225a7af20f011c --- tests/unit/libstore-support/tests/libstore.hh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/unit/libstore-support/tests/libstore.hh b/tests/unit/libstore-support/tests/libstore.hh index ef93457b5..75093d3cd 100644 --- a/tests/unit/libstore-support/tests/libstore.hh +++ b/tests/unit/libstore-support/tests/libstore.hh @@ -4,6 +4,7 @@ #include #include +#include "globals.hh" #include "store-api.hh" namespace nix { @@ -11,6 +12,7 @@ namespace nix { class LibStoreTest : public ::testing::Test { public: static void SetUpTestSuite() { + settings.nixConfDir = "/dev/null"; // intentionally invalid path initLibStore(); } From 729b8c65c60d79f64237793707db04af5018a54c Mon Sep 17 00:00:00 2001 From: Dusk Banks Date: Fri, 18 Oct 2024 13:44:49 -0700 Subject: [PATCH 2/3] tests/functional/flakes: test with UTF-8 bullets MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit using UTF-8 bullets in the sample avoids locale confusion where Bash doesn't know to treat `•` as a single character. Signed-off-by: Dusk Banks Change-Id: I829019b66e93e6d33ac3a6641df07d0dd2332a5a --- tests/functional/flakes/flakes.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index 75cc329e5..85ffacf70 100644 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -285,11 +285,11 @@ nix build -o $TEST_ROOT/result $flake3Dir#sth --commit-lock-file Flake lock file updates: -"?" Added input 'nonFlake': +• Added input 'nonFlake': 'git+file://"*"/flakes/flakes/nonFlake?ref=refs/heads/master&rev="*"' "*" -"?" Added input 'nonFlakeFile': +• Added input 'nonFlakeFile': 'path:"*"/flakes/flakes/nonFlake/README.md?lastModified="*"&narHash=sha256-cPh6hp48IOdRxVV3xGd0PDgSxgzj5N/2cK0rMPNaR4o%3D' "*" -"?" Added input 'nonFlakeFile2': +• Added input 'nonFlakeFile2': 'path:"*"/flakes/flakes/nonFlake/README.md?lastModified="*"&narHash=sha256-cPh6hp48IOdRxVV3xGd0PDgSxgzj5N/2cK0rMPNaR4o%3D' "* ]] nix build -o $TEST_ROOT/result flake3#fnord From 40e1a34cb7fb2059569850d015e7a66fd463e454 Mon Sep 17 00:00:00 2001 From: Dusk Banks Date: Thu, 17 Oct 2024 23:12:52 -0700 Subject: [PATCH 3/3] libstore: restore mode after changing xattrs this was missed in 3f07c65510d5f907c75803e7d58884bdafb78132. if mode is not restored, the tree will have mutability where it shouldn't. fixes test `functional-repair`, which fails from the output path directory being unnecessarily writable: ``` ++(repair.sh:12) nix-hash /tmp/nix-shell.IIUJAq/nix-test/repair/store/j3kmp9zhc5y7gqs591l0nrscm5hw4145-dependencies-input-2 +(repair.sh:12) hash=d790f49fc89cb6f384b6dbe450790d07 +(repair.sh:15) chmod u+w /tmp/nix-shell.IIUJAq/nix-test/repair/store/j3kmp9zhc5y7gqs591l0nrscm5hw4145-dependencies-input-2 +(repair.sh:16) touch /tmp/nix-shell.IIUJAq/nix-test/repair/store/j3kmp9zhc5y7gqs591l0nrscm5hw4145-dependencies-input-2/bad +(repair.sh:18) nix-store --verify --check-contents -v reading the Nix store... checking path existence... checking link hashes... checking store hashes... checking contents of '/tmp/nix-shell.IIUJAq/nix-test/repair/store/20z19rjkwmwpb2ba4x29kac6xnslai38-dependencies-top.drv' checking contents of '/tmp/nix-shell.IIUJAq/nix-test/repair/store/3mmawi9lj33xz96cf6kw9989xc8v5i96-fod-input' checking contents of '/tmp/nix-shell.IIUJAq/nix-test/repair/store/5fp4r2kh1fcv6mv9dv6rywhhr1am9hhm-builder-dependencies-input-0.sh' checking contents of '/tmp/nix-shell.IIUJAq/nix-test/repair/store/9kryn4ihv6b7bjswv2rsjq4533n2w5zk-fod-input.drv' checking contents of '/tmp/nix-shell.IIUJAq/nix-test/repair/store/ap8s0fim8s3ilzj8aqwlwk7gv1crjp4j-dependencies-top' checking contents of '/tmp/nix-shell.IIUJAq/nix-test/repair/store/i2ipd9p282zkqr1zb4glqiqigv8ybsyk-dependencies.builder0.sh' checking contents of '/tmp/nix-shell.IIUJAq/nix-test/repair/store/i3xyw46h0lsx7ad6bczwi9sqjjx5f0j0-dependencies-input-0' checking contents of '/tmp/nix-shell.IIUJAq/nix-test/repair/store/j3kmp9zhc5y7gqs591l0nrscm5hw4145-dependencies-input-2' path '/tmp/nix-shell.IIUJAq/nix-test/repair/store/j3kmp9zhc5y7gqs591l0nrscm5hw4145-dependencies-input-2' was modified! expected hash 'sha256:1rhaylnjs5lbp089lnk7qvsypqmbm5vvyvxvv7i68b4x33pncqgs', got 'sha256:0nkjrmdc6ixf935chj3zhpqph5i15p306ffdsa850qh8mncpnsmc' checking contents of '/tmp/nix-shell.IIUJAq/nix-test/repair/store/pfaxqiw8zf3bw0w8w8gazswh76d729yy-builder-dependencies-input-2.sh' checking contents of '/tmp/nix-shell.IIUJAq/nix-test/repair/store/pzzms3k5wl8d3wszv3maw29zylfkiiw0-dependencies-input-1' checking contents of '/tmp/nix-shell.IIUJAq/nix-test/repair/store/riwx84p57ckfvgli9nwhx88z6zh1c8ss-builder-fod-input.sh' checking contents of '/tmp/nix-shell.IIUJAq/nix-test/repair/store/rjsphx7xvnqh2qafdrr7fiyxqc1rljhw-dependencies-input-2.drv' checking contents of '/tmp/nix-shell.IIUJAq/nix-test/repair/store/scywzq87dvm0c5f1h16hww6mvzhcsx3f-builder-dependencies-input-1.sh' checking contents of '/tmp/nix-shell.IIUJAq/nix-test/repair/store/v65j4w033i05nyfd2h0g8h41ijmfglp7-dependencies-input-0.drv' checking contents of '/tmp/nix-shell.IIUJAq/nix-test/repair/store/ykwibh62xyp81k75vdw9c7y21kg4ibzf-dependencies-input-1.drv' warning: not all store errors were fixed +(repair.sh:21) nix-store --verify --check-contents --repair reading the Nix store... checking path existence... checking link hashes... checking store hashes... path '/tmp/nix-shell.IIUJAq/nix-test/repair/store/j3kmp9zhc5y7gqs591l0nrscm5hw4145-dependencies-input-2' was modified! expected hash 'sha256:1rhaylnjs5lbp089lnk7qvsypqmbm5vvyvxvv7i68b4x33pncqgs', got 'sha256:0nkjrmdc6ixf935chj3zhpqph5i15p306ffdsa850qh8mncpnsmc' checking path '/tmp/nix-shell.IIUJAq/nix-test/repair/store/j3kmp9zhc5y7gqs591l0nrscm5hw4145-dependencies-input-2'... path '/tmp/nix-shell.IIUJAq/nix-test/repair/store/j3kmp9zhc5y7gqs591l0nrscm5hw4145-dependencies-input-2' is corrupted or missing! checking path '/tmp/nix-shell.IIUJAq/nix-test/repair/store/i3xyw46h0lsx7ad6bczwi9sqjjx5f0j0-dependencies-input-0'... repairing outputs of '/tmp/nix-shell.IIUJAq/nix-test/repair/store/rjsphx7xvnqh2qafdrr7fiyxqc1rljhw-dependencies-input-2.drv'... +(repair.sh:23) '[' -e /tmp/nix-shell.IIUJAq/nix-test/repair/store/j3kmp9zhc5y7gqs591l0nrscm5hw4145-dependencies-input-2/bad ']' +(repair.sh:24) '[' -w /tmp/nix-shell.IIUJAq/nix-test/repair/store/j3kmp9zhc5y7gqs591l0nrscm5hw4145-dependencies-input-2 ']' ++(repair.sh:24) onError ++(/var/home/bb010g/Sources/Nix/lix/build/tests/functional/common/vars-and-functions.sh:244) set +x repair.sh: test failed at: main in repair.sh:24 ``` fixes test `functional-simple`, which fails from the output path file being unnecessarily writable: ``` +(simple.sh:11) echo 'output path is /tmp/nix-shell.IIUJAq/nix-test/simple/store/9fqn0rs99ymn1r09yip7bsifcdh3ra0y-simple' +(simple.sh:13) '[' -w /tmp/nix-shell.IIUJAq/nix-test/simple/store/9fqn0rs99ymn1r09yip7bsifcdh3ra0y-simple ']' ++(simple.sh:13) onError ++(/var/home/bb010g/Sources/Nix/lix/build/tests/functional/common/vars-and-functions.sh:244) set +x simple.sh: test failed at: main in simple.sh:13 ``` fixes test `functional-optimise-store`, which fails from the unnecessary mutability making Lix avoid hard linking: ``` ++(optimise-store.sh:5) nix-build - --no-out-link --auto-optimise-store this derivation will be built: /tmp/nix-shell.IIUJAq/nix-test/optimise-store/store/2ql4kjxhnzdard8d6n3h9hc1m3lawr2b-foo1.drv building '/tmp/nix-shell.IIUJAq/nix-test/optimise-store/store/2ql4kjxhnzdard8d6n3h9hc1m3lawr2b-foo1.drv'... warning: skipping suspicious writable file '/tmp/nix-shell.IIUJAq/nix-test/optimise-store/store/h7i1pp848f9a8452y0s18kgsnis77vjn-foo1/foo' +(optimise-store.sh:5) outPath1=/tmp/nix-shell.IIUJAq/nix-test/optimise-store/store/h7i1pp848f9a8452y0s18kgsnis77vjn-foo1 ++(optimise-store.sh:6) echo 'with import ./config.nix; mkDerivation { name = "foo2"; builder = builtins.toFile "builder" "mkdir $out; echo hello > $out/foo"; }' ++(optimise-store.sh:6) nix-build - --no-out-link --auto-optimise-store this derivation will be built: /tmp/nix-shell.IIUJAq/nix-test/optimise-store/store/wjgvfhfsp14w06im8bbp1kqzz7smdkcy-foo2.drv building '/tmp/nix-shell.IIUJAq/nix-test/optimise-store/store/wjgvfhfsp14w06im8bbp1kqzz7smdkcy-foo2.drv'... warning: skipping suspicious writable file '/tmp/nix-shell.IIUJAq/nix-test/optimise-store/store/gjg6gayj2f6x3h53sp5i21nbnsd7b4i3-foo2/foo' +(optimise-store.sh:6) outPath2=/tmp/nix-shell.IIUJAq/nix-test/optimise-store/store/gjg6gayj2f6x3h53sp5i21nbnsd7b4i3-foo2 ++(optimise-store.sh:8) stat --format=%i /tmp/nix-shell.IIUJAq/nix-test/optimise-store/store/h7i1pp848f9a8452y0s18kgsnis77vjn-foo1/foo +(optimise-store.sh:8) inode1=328316 ++(optimise-store.sh:9) stat --format=%i /tmp/nix-shell.IIUJAq/nix-test/optimise-store/store/gjg6gayj2f6x3h53sp5i21nbnsd7b4i3-foo2/foo +(optimise-store.sh:9) inode2=328404 +(optimise-store.sh:10) '[' 328316 '!=' 328404 ']' +(optimise-store.sh:11) echo 'inodes do not match' +(optimise-store.sh:12) exit 1 ``` Signed-off-by: Dusk Banks Change-Id: I87eeb74e718746a587be2ac52bcc9b5b1e5529db --- src/libstore/local-store.cc | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/libstore/local-store.cc b/src/libstore/local-store.cc index 2da8dd2a6..6337fde6a 100644 --- a/src/libstore/local-store.cc +++ b/src/libstore/local-store.cc @@ -691,13 +691,20 @@ static void canonicalisePathMetaData_( if ((eaSize = llistxattr(path.c_str(), eaBuf.data(), eaBuf.size())) < 0) throw SysError("querying extended attributes of '%s'", path); - if (S_ISREG(st.st_mode) || S_ISDIR(st.st_mode)) + bool resetMode = false; + if ((S_ISREG(st.st_mode) || S_ISDIR(st.st_mode)) && !(st.st_mode & S_IWUSR)) { + resetMode = true; chmod(path.c_str(), st.st_mode | S_IWUSR); + } for (auto & eaName: tokenizeString(std::string(eaBuf.data(), eaSize), std::string("\000", 1))) { if (settings.ignoredAcls.get().count(eaName)) continue; if (lremovexattr(path.c_str(), eaName.c_str()) == -1) throw SysError("removing extended attribute '%s' from '%s'", eaName, path); } + if (resetMode) { + chmod(path.c_str(), st.st_mode); + resetMode = false; + } } #endif