fetchzip: fix extraPostFetch concatenation

4a5c49363a added some more commands after
`extraPostFetch` but concatenated them without a separating newline.

Which means, that since that commit

  fetchzip { ..., extraPostFetch = ''rm -f "$out"/some-file''; }

now actually runs the following shell command

  rm -f "$out"/some-file"chmod -R a-w "$out"

thus deleting "$out". Which is very unfortunate.

Especially since this actually happens on master for all `fetchFromBitbucket`
derivations. But since the results are fixed-output users bulding with hydra
cache enabled are not hitting this for not recently updated derivations yet.
This commit is contained in:
Jan Malakhovski 2021-02-04 14:48:47 +00:00
parent 84d3739ed6
commit dcb6103bf2

View file

@ -45,16 +45,17 @@
'' else ''
mv "$unpackDir" "$out"
'')
+ extraPostFetch
# Remove write permissions for files unpacked with write bits set
# Fixes https://github.com/NixOS/nixpkgs/issues/38649
#
# However, we should (for the moment) retain write permission on the directory
# itself, to avoid tickling https://github.com/NixOS/nix/issues/4295 in
# single-user Nix installations. This is because in sandbox mode we'll try to
# move the path, and if we don't have write permissions on the directory,
# then we can't update the ".." entry.
+ ''
${extraPostFetch}
# Remove write permissions for files unpacked with write bits set
# Fixes https://github.com/NixOS/nixpkgs/issues/38649
#
# However, we should (for the moment) retain write permission on the directory
# itself, to avoid tickling https://github.com/NixOS/nix/issues/4295 in
# single-user Nix installations. This is because in sandbox mode we'll try to
# move the path, and if we don't have write permissions on the directory,
# then we can't update the ".." entry.
chmod -R a-w "$out"
chmod u+w "$out"
'';