movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-10 19:55:41 +03:00
Code Issues Projects Releases Packages Wiki Activity

nixos/specialisation: escape and restrict specialisation names

Browse source 
Prevent the specialisation names from containing a forward slash.
Also escape them to allow for spaces in specialisation names.
This commit is contained in:
toborwinner 2025-05-09 00:10:54 +02:00
parent b938d655f3
commit 2b9fc0ccc5
No known key found for this signature in database
1 changed files with 11 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

12
nixos/modules/system/activation/specialisation.nix
View file

@ -10,6 +10,8 @@
let
inherit (lib)
concatStringsSep
escapeShellArg
hasInfix
mapAttrs
mapAttrsToList
mkOption
@ -84,10 +86,18 @@ in
};
config = {
assertions = mapAttrsToList (name: _: {
assertion = !hasInfix "/" name;
message = ''
Specialisation names must not contain forward slashes.
Invalid specialisation name: ${name}
'';
}) config.specialisation;
system.systemBuilderCommands = ''
mkdir $out/specialisation
${concatStringsSep "\n" (
mapAttrsToList (name: path: "ln -s ${path} $out/specialisation/${name}") children
mapAttrsToList (name: path: "ln -s ${path} $out/specialisation/${escapeShellArg name}") children
)}
'';
};