feat(sterni/nix/misc): predicate to check if isRestrictedEval
This is merely a little demonstration of nix#6579: `users.sterni.nix.misc.isRestrictEval` returns whether the restrict-eval setting is true or false by exploiting the aforementioned Nix bug. Change-Id: Icca354d1cd6571cdf0804abae27aac91a18cda1e Reviewed-on: https://cl.tvl.fyi/c/depot/+/5692 Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
This commit is contained in:
parent
f54ea857ec
commit
ae422c1353
2 changed files with 19 additions and 0 deletions
18
users/sterni/nix/misc/default.nix
Normal file
18
users/sterni/nix/misc/default.nix
Normal file
|
@ -0,0 +1,18 @@
|
|||
{ ... }:
|
||||
|
||||
let
|
||||
/* Returns true if it is being evaluated using restrict-eval, false if not.
|
||||
It's more robust than using `builtins.getEnv` since it isn't fooled by
|
||||
`env -i`.
|
||||
|
||||
See https://github.com/NixOS/nix/issues/6579 for a description of the
|
||||
behavior. Precise cause in the evaluator / store implementation is unclear.
|
||||
|
||||
Type: bool
|
||||
*/
|
||||
inRestrictedEval = builtins.pathExists (toString ./guinea-pig + "/.");
|
||||
in
|
||||
|
||||
{
|
||||
inherit inRestrictedEval;
|
||||
}
|
1
users/sterni/nix/misc/guinea-pig
Symbolic link
1
users/sterni/nix/misc/guinea-pig
Symbolic link
|
@ -0,0 +1 @@
|
|||
default.nix
|
Loading…
Reference in a new issue