movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-12 04:35:41 +03:00
Code Issues Projects Releases Packages Wiki Activity

nixos/specialisation: escape and restrict specialisation names

Browse source 
Prevent the specialisation names from containing a forward slash.
Also escape them to allow for spaces in specialisation names.
This commit is contained in:
toborwinner 2025-05-09 00:10:54 +02:00
parent b938d655f3
commit 2b9fc0ccc5
No known key found for this signature in database
1 changed files with 11 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

12
nixos/modules/system/activation/specialisation.nix
View file

@ -10,6 +10,8 @@
let let
inherit (lib) inherit (lib)
concatStringsSep concatStringsSep
escapeShellArg
hasInfix
mapAttrs mapAttrs
mapAttrsToList mapAttrsToList
mkOption mkOption
@ -84,10 +86,18 @@ in
}; };
config = { config = {
assertions = mapAttrsToList (name: _: {
assertion = !hasInfix "/" name;
message = ''
Specialisation names must not contain forward slashes.
Invalid specialisation name: ${name}
'';
}) config.specialisation;
system.systemBuilderCommands = '' system.systemBuilderCommands = ''
mkdir $out/specialisation mkdir $out/specialisation
${concatStringsSep "\n" ( ${concatStringsSep "\n" (
mapAttrsToList (name: path: "ln -s ${path} $out/specialisation/${name}") children mapAttrsToList (name: path: "ln -s ${path} $out/specialisation/${escapeShellArg name}") children
)} )}
''; '';
}; };