mirrors/nix-darwin
mirrors/nix-darwin
1
0
Fork 0
mirror of https://github.com/LnL7/nix-darwin.git synced 2025-03-30 19:54:43 +00:00
Code Activity

etc: allow replacing files with known content

Browse source 
This enables replacing existing system files like /etc/bashrc by default
while keeping the safer behaviour for other files like /etc/passwd, etc.
that could potentially cause major problems for the system when replaced.
This commit is contained in:
Daiderd Jordan 2020-06-17 18:29:20 +02:00
parent 2d6479b72e
commit b22481d03a
No known key found for this signature in database
GPG key ID: D02435D05B810C96
2 changed files with 27 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
modules/lib/write-text.nix
View file

@ -44,6 +44,12 @@ in
Path of the source file. Path of the source file.
''; '';
}; };
knownSha256Hashes = mkOption {
internal = true;
type = types.listOf types.str;
default = [];
};
}; };
config = { config = {

24
modules/system/etc.nix
View file

@ -44,6 +44,9 @@ in
# Set up the statically computed bits of /etc. # Set up the statically computed bits of /etc.
echo "setting up /etc..." >&2 echo "setting up /etc..." >&2
declare -A etcSha256Hashes
${concatMapStringsSep "\n" (attr: "etcSha256Hashes['/etc/${attr.target}']='${concatStringsSep " " attr.knownSha256Hashes}'") etc}
ln -sfn "$(readlink -f $systemConfig/etc)" /etc/static ln -sfn "$(readlink -f $systemConfig/etc)" /etc/static
for f in $(find /etc/static/* -type l); do for f in $(find /etc/static/* -type l); do
@ -53,9 +56,24 @@ in
mkdir -p "$d" mkdir -p "$d"
fi fi
if [ -e "$l" ]; then if [ -e "$l" ]; then
if [ "$(readlink $l)" != "$f" ]; then if [ "$(readlink "$l")" != "$f" ]; then
if ! grep -q /etc/static "$l"; then if ! grep -q /etc/static "$l"; then
echo "warning: not linking environment.etc.\"''${l#/etc/}\" because $l exists, skipping..." >&2 o=''$(shasum -a256 "$l")
o=''${o%% *}
for h in ''${etcSha256Hashes["$l"]}; do
if [ "$o" = "$h" ]; then
mv "$l" "$l.orig"
ln -s "$f" "$l"
break
else
h=
fi
done
if [ -z "$h" ]; then
echo "error: not linking environment.etc.\"''${l#/etc/}\" because $l already exists, skipping..." >&2
echo "existing file has unknown content $o, move and activate again to apply" >&2
fi
fi fi
fi fi
else else
@ -66,7 +84,7 @@ in
for l in $(find /etc/* -type l 2> /dev/null); do for l in $(find /etc/* -type l 2> /dev/null); do
f="$(echo $l | sed 's,/etc/,/etc/static/,')" f="$(echo $l | sed 's,/etc/,/etc/static/,')"
f=/etc/static/''${l#/etc/} f=/etc/static/''${l#/etc/}
if [ "$(readlink $l)" = "$f" -a ! -e "$(readlink -f $l)" ]; then if [ "$(readlink "$l")" = "$f" -a ! -e "$(readlink -f "$l")" ]; then
rm "$l" rm "$l"
fi fi
done done