feat(sterni/nix/misc): predicate to check if isRestrictedEval
This is merely a little demonstration of nix#6579: `users.sterni.nix.misc.isRestrictEval` returns whether the restrict-eval setting is true or false by exploiting the aforementioned Nix bug. Change-Id: Icca354d1cd6571cdf0804abae27aac91a18cda1e Reviewed-on: https://cl.tvl.fyi/c/depot/+/5692 Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
This commit is contained in:
sterni
parent
f54ea857ec
commit
ae422c1353
2 changed files with 19 additions and 0 deletions
18
users/sterni/nix/misc/default.nix
Normal file
18
users/sterni/nix/misc/default.nix
Normal file
|
|
@ -0,0 +1,18 @@
|
||||||
|
{ ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
/* Returns true if it is being evaluated using restrict-eval, false if not.
|
||||||
|
It's more robust than using `builtins.getEnv` since it isn't fooled by
|
||||||
|
`env -i`.
|
||||||
|
|
||||||
|
See https://github.com/NixOS/nix/issues/6579 for a description of the
|
||||||
|
behavior. Precise cause in the evaluator / store implementation is unclear.
|
||||||
|
|
||||||
|
Type: bool
|
||||||
|
*/
|
||||||
|
inRestrictedEval = builtins.pathExists (toString ./guinea-pig + "/.");
|
||||||
|
in
|
||||||
|
|
||||||
|
{
|
||||||
|
inherit inRestrictedEval;
|
||||||
|
}
|
||||||
1
users/sterni/nix/misc/guinea-pig
Symbolic link
1
users/sterni/nix/misc/guinea-pig
Symbolic link
|
|
@ -0,0 +1 @@
|
||||||
|
default.nix
|
||||||
Loading…
Add table
Add a link
Reference in a new issue