Skip to content

Commit 726d359

Browse files
rtirti
committed
fix: move to $HOME when not sharing current working directory
1 parent f5e61d2 commit 726d359

File tree

2 files changed

+29
-11
lines changed

2 files changed

+29
-11
lines changed

tests.nix

Lines changed: 28 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -260,14 +260,20 @@ pkgs.nixosTest {
260260
(echo 'Unexpected: cwd exposed when using -p'; false)
261261
"""))
262262
263-
with subtest("-p cds to root"):
263+
with subtest("-p cds to $HOME"):
264264
machine.succeed(as_alice("""
265265
mkdir -p /tmp/new-home
266266
export HOME=/tmp/new-home
267+
mkdir -p /tmp/new-home/some-dir
268+
cd /tmp/new-home/some-dir
267269
268-
# Expect pwd to return / in sandbox
269-
wrap -p bash -c 'pwd' | grep '^/$' ||
270-
(echo 'Unexpected: -p did not change cwd as expected'; false)
270+
# Expect pwd to return $HOME in sandbox
271+
wrap -p bash -c 'pwd' | grep '^/tmp/new-home$' ||
272+
(echo 'Unexpected: -p did not change cwd to $HOME as expected'; false)
273+
274+
# Expect this home dir to be empty
275+
wrap -p bash -c 'ls -l $HOME' | grep '^total 0$' ||
276+
(echo 'Unexpected: Sandbox $HOME is not empty'; false)
271277
"""))
272278
273279
with subtest("$HOME as cwd is not shared implicitly"):
@@ -278,20 +284,32 @@ pkgs.nixosTest {
278284
touch /tmp/new-home/something-in-home
279285
cd $HOME
280286
281-
# expect cwd to be changed to /
282-
wrap bash -c 'pwd' | grep '^/$' ||
283-
(echo 'Unexpected: Cwd in sandbox is not /'; false)
287+
# expect cwd to still be $HOME
288+
wrap bash -c 'pwd' | grep '^/tmp/new-home$' ||
289+
(echo 'Unexpected: Cwd in sandbox is not $HOME'; false)
284290
285291
# expect $HOME to be empty
286292
wrap bash -c 'ls -l $HOME' | grep '^total 0$' ||
287293
(echo 'Unexpected: Sandbox $HOME is not empty'; false)
288294
"""))
289295
290-
with subtest("/etc as cwd is excluded from implicit sharing"):
296+
with subtest("/etc as cwd is not shared implicitly"):
297+
machine.succeed("""
298+
touch /etc/something-in-etc
299+
""")
291300
machine.succeed(as_alice("""
301+
# setup prerequisites
302+
export HOME=/tmp/new-home
303+
mkdir -p /tmp/new-home
292304
cd /etc
293-
wrap bash -c 'pwd' | grep '^/$' ||
294-
(echo 'Unexpected: /etc shared implicitly as cwd'; false)
305+
306+
# expect cwd to still be $HOME
307+
wrap bash -c 'pwd' | grep '^/tmp/new-home$' ||
308+
(echo 'Unexpected: Cwd in sandbox is not $HOME'; false)
309+
310+
# expect /etc to not contain file from outside sandbox
311+
! (wrap bash -c 'ls /etc/something-in-etc' | grep '^something-in-etc$') ||
312+
(echo 'Unexpected: Sandbox /etc contains file from outside sandbox'; false)
295313
"""))
296314
297315
with subtest("-f forces sharing HOME as cwd"):

wrap.sh

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -321,7 +321,7 @@ shift $((OPTIND - 1))
321321
cwd="$(pwd)"
322322

323323
# The directory to change to after launching the sandbox
324-
bwrap_chdir="/"
324+
bwrap_chdir="$HOME"
325325

326326
if [[ $unshare_all -eq 1 ]]; then
327327
bwrap_opts+=(--unshare-all "${bwrap_opts[@]}")

0 commit comments

Comments
 (0)