nix-community/home-manager
1
0
Fork 0
mirror of https://github.com/nix-community/home-manager.git synced 2025-11-08 19:46:05 +01:00
Code Activity

home-manager: verify username and home directory

Browse source 
The generation activation script should be run by the user specified
in `home.username` and `home.homeDirectory`. If some other user runs
the activation script, then files may end up in the wrong place or
with the wrong owner.

This commits adds a check early in the activation script that verifies
that the running user match the user in the configuration.

Fixes #4019
This commit is contained in:
Robert Helgesson 2023-05-26 15:11:22 +02:00
parent bec196cd9b
commit 6a19225683
No known key found for this signature in database
GPG key ID: 36BDAA14C2797E89
4 changed files with 39 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

18
modules/lib-bash/activation-init.sh Normal file → Executable file
View file

@ -88,6 +88,24 @@ function setupVars() {
fi
}
function checkUsername() {
local expectedUser="$1"
if [[ "$USER" != "$expectedUser" ]]; then
_iError 'Error: USER is set to "%s" but we expect "%s"' "$USER" "$expectedUser"
exit 1
fi
}
function checkHomeDirectory() {
local expectedHome="$1"
if ! [[ $HOME -ef $expectedHome ]]; then
_iError 'Error: HOME is set to "%s" but we expect "%s"' "$HOME" "$expectedHome"
exit 1
fi
}
if [[ -v VERBOSE ]]; then
export VERBOSE_ECHO=echo
export VERBOSE_ARG="--verbose"