picnoir
/
nix-gh
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Don’t rely on EPERM 

startProcess does not appear to send the exit code to the helper
correctly. Not sure why this is, but it is probably safe to just
fallback on all sandbox errors.
This commit is contained in:
Matthew Bauer 2019-07-30 17:52:42 -04:00
parent 11d8534629
commit 9a0855bbb6
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/libstore/build.cc
View File

@ -2320,7 +2320,7 @@ void DerivationGoal::startBuilder()
parent. This is only done when sandbox-fallback is set
to true (the default). */
if (child == -1 && (errno == EPERM || errno == EINVAL) && settings.sandboxFallback)
_exit(EPERM);
_exit(1);
if (child == -1) throw SysError("cloning builder process");
writeFull(builderOut.writeSide.get(), std::to_string(child) + "\n");
@ -2328,7 +2328,7 @@ void DerivationGoal::startBuilder()
}, options);
int res = helper.wait();
if (res == EPERM && settings.sandboxFallback) {
if (res != 0 && settings.sandboxFallback) {
useChroot = false;
goto fallback;
} else if (res != 0)