forked from lix-project/lix
create pathAccessible, use it to infer default dirs
This commit is contained in:
parent
a6c78ba367
commit
2c462486fe
5 changed files with 26 additions and 14 deletions
|
@ -2620,18 +2620,13 @@ Strings EvalSettings::getDefaultNixPath()
|
||||||
{
|
{
|
||||||
Strings res;
|
Strings res;
|
||||||
auto add = [&](const Path & p, const std::string & s = std::string()) {
|
auto add = [&](const Path & p, const std::string & s = std::string()) {
|
||||||
try {
|
if (pathAccessible(p)) {
|
||||||
if (pathExists(p)) {
|
|
||||||
if (s.empty()) {
|
if (s.empty()) {
|
||||||
res.push_back(p);
|
res.push_back(p);
|
||||||
} else {
|
} else {
|
||||||
res.push_back(s + "=" + p);
|
res.push_back(s + "=" + p);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} catch (SysError & e) {
|
|
||||||
// swallow EPERM
|
|
||||||
if (e.errNo != EPERM) throw;
|
|
||||||
}
|
|
||||||
};
|
};
|
||||||
|
|
||||||
if (!evalSettings.restrictEval && !evalSettings.pureEval) {
|
if (!evalSettings.restrictEval && !evalSettings.pureEval) {
|
||||||
|
|
|
@ -57,8 +57,6 @@ Settings::Settings()
|
||||||
auto sslOverride = getEnv("NIX_SSL_CERT_FILE").value_or(getEnv("SSL_CERT_FILE").value_or(""));
|
auto sslOverride = getEnv("NIX_SSL_CERT_FILE").value_or(getEnv("SSL_CERT_FILE").value_or(""));
|
||||||
if (sslOverride != "")
|
if (sslOverride != "")
|
||||||
caFile = sslOverride;
|
caFile = sslOverride;
|
||||||
else if (caFile == "")
|
|
||||||
caFile = getDefaultSSLCertFile();
|
|
||||||
|
|
||||||
/* Backwards compatibility. */
|
/* Backwards compatibility. */
|
||||||
auto s = getEnv("NIX_REMOTE_SYSTEMS");
|
auto s = getEnv("NIX_REMOTE_SYSTEMS");
|
||||||
|
@ -185,7 +183,7 @@ bool Settings::isWSL1()
|
||||||
Path Settings::getDefaultSSLCertFile()
|
Path Settings::getDefaultSSLCertFile()
|
||||||
{
|
{
|
||||||
for (auto & fn : {"/etc/ssl/certs/ca-certificates.crt", "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"})
|
for (auto & fn : {"/etc/ssl/certs/ca-certificates.crt", "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"})
|
||||||
if (pathExists(fn)) return fn;
|
if (pathAccessible(fn)) return fn;
|
||||||
return "";
|
return "";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -842,7 +842,7 @@ public:
|
||||||
)"};
|
)"};
|
||||||
|
|
||||||
Setting<Path> caFile{
|
Setting<Path> caFile{
|
||||||
this, "", "ssl-cert-file",
|
this, getDefaultSSLCertFile(), "ssl-cert-file",
|
||||||
R"(
|
R"(
|
||||||
The path of a file containing CA certificates used to
|
The path of a file containing CA certificates used to
|
||||||
authenticate `https://` downloads. Nix by default will use
|
authenticate `https://` downloads. Nix by default will use
|
||||||
|
|
|
@ -266,6 +266,17 @@ bool pathExists(const Path & path)
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool pathAccessible(const Path & path)
|
||||||
|
{
|
||||||
|
try {
|
||||||
|
return pathExists(path);
|
||||||
|
} catch (SysError & e) {
|
||||||
|
// swallow EPERM
|
||||||
|
if (e.errNo == EPERM) return false;
|
||||||
|
throw;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
Path readLink(const Path & path)
|
Path readLink(const Path & path)
|
||||||
{
|
{
|
||||||
|
|
|
@ -120,6 +120,14 @@ struct stat lstat(const Path & path);
|
||||||
*/
|
*/
|
||||||
bool pathExists(const Path & path);
|
bool pathExists(const Path & path);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* A version of pathExists that returns false on a permission error.
|
||||||
|
* Useful for inferring default paths across directories that might not
|
||||||
|
* be readable.
|
||||||
|
* @return true iff the given path can be accessed and exists
|
||||||
|
*/
|
||||||
|
bool pathAccessible(const Path & path);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Read the contents (target) of a symbolic link. The result is not
|
* Read the contents (target) of a symbolic link. The result is not
|
||||||
* in any way canonicalised.
|
* in any way canonicalised.
|
||||||
|
|
Loading…
Reference in a new issue