From 710662be948d9013390241469c877dc97ca19e1a Mon Sep 17 00:00:00 2001 From: Yegor Timoshenko Date: Wed, 20 Dec 2017 19:32:17 +0000 Subject: [PATCH] chrootenv: error on chrootenv-inside-chrootenv, resolves #32802 --- pkgs/build-support/build-fhs-userenv/chrootenv.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/pkgs/build-support/build-fhs-userenv/chrootenv.c b/pkgs/build-support/build-fhs-userenv/chrootenv.c index 73c8763c0485..d88fc045377d 100644 --- a/pkgs/build-support/build-fhs-userenv/chrootenv.c +++ b/pkgs/build-support/build-fhs-userenv/chrootenv.c @@ -155,7 +155,9 @@ int nftw_rm(const char *path, const struct stat *sb, int type, #define REQUIREMENTS "Linux version >= 3.19 built with CONFIG_USER_NS option" -int main(int argc, char *argv[], char *envp[]) { +extern char **environ; + +int main(int argc, char *argv[]) { if (argc < 2) { fprintf(stderr, "Usage: %s command [arguments...]\n" "Requires " REQUIREMENTS ".\n", @@ -163,6 +165,12 @@ int main(int argc, char *argv[], char *envp[]) { exit(EX_USAGE); } + if (getenv("NIX_CHROOTENV") != NULL) + errorf(EX_USAGE, "can't create chrootenv inside chrootenv"); + + if (setenv("NIX_CHROOTENV", "1", false) < 0) + errorf(EX_IOERR, "setenv"); + char tmpl[] = "/tmp/chrootenvXXXXXX"; char *root = mkdtemp(tmpl); @@ -222,7 +230,7 @@ int main(int argc, char *argv[], char *envp[]) { argv++; - if (execvpe(*argv, argv, env_filter(envp)) < 0) + if (execvpe(*argv, argv, env_filter(environ)) < 0) errorf(EX_OSERR, "execvpe"); }