nixos/lib/eval-config.nix: toString modulesPath
Referencing modulesPath in NixOS configurations can cause evaluation
errors in restricted mode. If used as `${modulesPath}` (as in all
use-sites in nixpkgs) the modules subtree is copied into its own store
path. Access to this path will be forbidden in restricted mode.
Converting to a string solves this issue.
`${builtins.toString modulesPath}` will point to a subdirectory of the
nixpkgs tree out of which evalModules is called.
This change converts modulesPath to a string by default so that the
call-site doesn't have to anymore.
This commit is contained in:
Andreas Herrmann
parent
ebffa9fd06
commit
044ceae280
1 changed files with 2 additions and 1 deletions
|
|
@ -49,7 +49,8 @@ in rec {
|
|||
inherit prefix check;
|
||||
modules = modules ++ extraModules ++ baseModules ++ [ pkgsModule ];
|
||||
args = extraArgs;
|
||||
specialArgs = { modulesPath = ../modules; } // specialArgs;
|
||||
specialArgs =
|
||||
{ modulesPath = builtins.toString ../modules; } // specialArgs;
|
||||
}) config options;
|
||||
|
||||
# These are the extra arguments passed to every module. In
|
||||
|
|
|
|||
Loading…
Reference in a new issue