From 9d62d5a35c8c1c2178e8f7c64b7575cd177c447d Mon Sep 17 00:00:00 2001 From: Nicolas Pierron Date: Sun, 3 Jan 2010 11:08:45 +0000 Subject: [PATCH] * Add a wrapper to find any set-uid version of a program in the environment. svn path=/nixpkgs/trunk/; revision=19181 --- pkgs/build-support/trivial-builders.nix | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/pkgs/build-support/trivial-builders.nix b/pkgs/build-support/trivial-builders.nix index cbbc5ae0628d..25ae340629b1 100644 --- a/pkgs/build-support/trivial-builders.nix +++ b/pkgs/build-support/trivial-builders.nix @@ -73,4 +73,29 @@ rec { linkFarm = name: entries: runCommand name {} ("mkdir -p $out; cd $out; \n" + (stdenv.lib.concatMapStrings (x: "ln -s '${x.path}' '${x.name}';\n") entries)); + # Search in the environment if the same program exists with a set uid or + # set gid bit. If it exists, run the first program found, otherwise run + # the default binary. + useSetUID = drv: path: + let + name = stdenv.lib.basename path; + bin = "${drv}${path}"; + in assert name != ""; + writeScript "setUID-${name}" '' + #!${stdenv.shell} + inode=$(stat -Lc %i ${bin}) + for file in $(type -ap ${name}); do + case $(stat -Lc %a $file) in + ([2-7][0-7][0-7][0-7]) + if test -r "$file".real; then + orig=$(cat "$file".real) + if test $inode = $(stat -Lc %i "$orig"); then + exec "$file" "$@" + fi + fi;; + esac + done + exec ${bin} "$@" + ''; + }