1
0
Fork 0
mirror of https://github.com/NixOS/nix synced 2025-07-07 18:31:49 +02:00

create pathAccessible, use it to infer default dirs

(cherry picked from commit 2c462486fe)
This commit is contained in:
Yorick van Pelt 2023-05-26 15:32:28 +02:00 committed by Emily
parent a1c22a7c10
commit 8a9b22b604
5 changed files with 26 additions and 14 deletions

View file

@ -2525,17 +2525,12 @@ Strings EvalSettings::getDefaultNixPath()
{
Strings res;
auto add = [&](const Path & p, const std::string & s = std::string()) {
try {
if (pathExists(p)) {
if (s.empty()) {
res.push_back(p);
} else {
res.push_back(s + "=" + p);
}
if (pathAccessible(p)) {
if (s.empty()) {
res.push_back(p);
} else {
res.push_back(s + "=" + p);
}
} catch (SysError & e) {
// swallow EPERM
if (e.errNo != EPERM) throw;
}
};

View file

@ -47,8 +47,6 @@ Settings::Settings()
auto sslOverride = getEnv("NIX_SSL_CERT_FILE").value_or(getEnv("SSL_CERT_FILE").value_or(""));
if (sslOverride != "")
caFile = sslOverride;
else if (caFile == "")
caFile = getDefaultSSLCertFile();
/* Backwards compatibility. */
auto s = getEnv("NIX_REMOTE_SYSTEMS");
@ -175,7 +173,7 @@ bool Settings::isWSL1()
Path Settings::getDefaultSSLCertFile()
{
for (auto & fn : {"/etc/ssl/certs/ca-certificates.crt", "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"})
if (pathExists(fn)) return fn;
if (pathAccessible(fn)) return fn;
return "";
}

View file

@ -858,7 +858,7 @@ public:
)"};
Setting<Path> caFile{
this, "", "ssl-cert-file",
this, getDefaultSSLCertFile(), "ssl-cert-file",
R"(
The path of a file containing CA certificates used to
authenticate `https://` downloads. Nix by default will use

View file

@ -263,6 +263,17 @@ bool pathExists(const Path & path)
return false;
}
bool pathAccessible(const Path & path)
{
try {
return pathExists(path);
} catch (SysError & e) {
// swallow EPERM
if (e.errNo == EPERM) return false;
throw;
}
}
Path readLink(const Path & path)
{

View file

@ -119,6 +119,14 @@ struct stat lstat(const Path & path);
*/
bool pathExists(const Path & path);
/**
* A version of pathExists that returns false on a permission error.
* Useful for inferring default paths across directories that might not
* be readable.
* @return true iff the given path can be accessed and exists
*/
bool pathAccessible(const Path & path);
/**
* Read the contents (target) of a symbolic link. The result is not
* in any way canonicalised.