diff options
| author | Daiderd Jordan <daiderd@gmail.com> | 2020-12-19 10:10:17 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-12-19 10:10:17 +0100 |
| commit | 72c6e6f0d422ec91201c2946fa52891fc5800e6b (patch) | |
| tree | 81486baedc0592093c3c944bb029ed6de928db4d | |
| parent | 465539ad1d1ad458bd2179e5b10ad1d487f92e0a (diff) | |
| parent | f47083bd712172af4746bdff8de200d087a8724c (diff) | |
Merge pull request #263 from LnL7/harden-installer
Harden installer
| -rw-r--r-- | pkgs/darwin-installer/configuration.nix | 6 | ||||
| -rw-r--r-- | pkgs/darwin-installer/default.nix | 21 |
2 files changed, 24 insertions, 3 deletions
diff --git a/pkgs/darwin-installer/configuration.nix b/pkgs/darwin-installer/configuration.nix index d8ae89e..f8e2e28 100644 --- a/pkgs/darwin-installer/configuration.nix +++ b/pkgs/darwin-installer/configuration.nix @@ -25,23 +25,25 @@ with lib; esac fi - if ! test -L /etc/bashrc && ! grep -q /etc/static/bashrc /etc/bashrc; then + if ! test -L /etc/bashrc && ! tail -n1 /etc/bashrc | grep -q /etc/static/bashrc; then if test -t 1; then read -p "Would you like to load darwin configuration in /etc/bashrc? [y/n] " i fi case "$i" in y|Y) + sudo ${pkgs.gnused}/bin/sed -i '\,/etc/static/bashrc,d' /etc/bashrc echo 'if test -e /etc/static/bashrc; then . /etc/static/bashrc; fi' | sudo tee -a /etc/bashrc ;; esac fi - if ! test -L /etc/zshrc && ! grep -q /etc/static/zshrc /etc/zshrc; then + if ! test -L /etc/zshrc && ! tail -n1 /etc/zshrc | grep -q /etc/static/zshrc; then if test -t 1; then read -p "Would you like to load darwin configuration in /etc/zshrc? [y/n] " i fi case "$i" in y|Y) + sudo ${pkgs.gnused}/bin/sed -i '\,/etc/static/zshrc,d' /etc/zshrc echo 'if test -e /etc/static/zshrc; then . /etc/static/zshrc; fi' | sudo tee -a /etc/zshrc ;; esac diff --git a/pkgs/darwin-installer/default.nix b/pkgs/darwin-installer/default.nix index a18d138..807fb5c 100644 --- a/pkgs/darwin-installer/default.nix +++ b/pkgs/darwin-installer/default.nix @@ -109,17 +109,36 @@ stdenv.mkDerivation { echo >&2 "checking /etc" readlink /etc/static test -e /etc/static + echo >&2 "checking /etc/static in bashrc" + cat /etc/bashrc grep /etc/static/bashrc /etc/bashrc + echo >&2 "checking /etc/static in zshrc" + cat /etc/zshrc grep /etc/static/zshrc /etc/zshrc + echo >&2 "checking profile" + cat /etc/profile grep -v nix-daemon.sh /etc/profile echo >&2 "checking /run/current-system" readlink /run test -e /run readlink /run/current-system test -e /run/current-system - echo >&2 "checking profile" + echo >&2 "checking system profile" readlink /nix/var/nix/profiles/system test -e /nix/var/nix/profiles/system + + echo >&2 "checking bash environment" + env -i USER=john HOME=/Users/john bash -li -c 'echo $PATH' + env -i USER=john HOME=/Users/john bash -li -c 'echo $PATH' | grep /Users/john/.nix-profile/bin:/run/current-system/sw/bin:/nix/var/nix/profiles/default/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin + env -i USER=john HOME=/Users/john bash -li -c 'echo $NIX_PATH' + env -i USER=john HOME=/Users/john bash -li -c 'echo $NIX_PATH' | grep darwin-config=/Users/john/.nixpkgs/darwin-configuration.nix:/nix/var/nix/profiles/per-user/root/channels:/Users/john/.nix-defexpr/channels + + echo >&2 "checking zsh environment" + env -i USER=john HOME=/Users/john zsh -l -c 'echo $PATH' + env -i USER=john HOME=/Users/john zsh -l -c 'echo $PATH' | grep /Users/john/.nix-profile/bin:/run/current-system/sw/bin:/nix/var/nix/profiles/default/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin + env -i USER=john HOME=/Users/john zsh -l -c 'echo $NIX_PATH' | grep darwin-config=/Users/john/.nixpkgs/darwin-configuration.nix:/nix/var/nix/profiles/per-user/root/channels:/Users/john/.nix-defexpr/channels + env -i USER=john HOME=/Users/john zsh -l -c 'echo $NIX_PATH' + echo >&2 ok exit ''; |