aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gnu/packages/ld-wrapper.in14
-rw-r--r--guix/build/gnu-build-system.scm3
2 files changed, 16 insertions, 1 deletions
diff --git a/gnu/packages/ld-wrapper.in b/gnu/packages/ld-wrapper.in
index c1f2038acb..16780c58f6 100644
--- a/gnu/packages/ld-wrapper.in
+++ b/gnu/packages/ld-wrapper.in
@@ -81,7 +81,19 @@ exec @GUILE@ -c "(load-compiled \"@SELF@.go\") (apply $main (cdr (command-line))
(define %allow-impurities?
;; Whether to allow references to libraries outside the store.
- (getenv "GUIX_LD_WRAPPER_ALLOW_IMPURITIES"))
+ ;; Allow them by default for convenience.
+ (let ((value (getenv "GUIX_LD_WRAPPER_ALLOW_IMPURITIES")))
+ (or (not value)
+ (let ((value (string-downcase value)))
+ (cond ((member value '("yes" "y" "t" "true" "1"))
+ #t)
+ ((member value '("no" "n" "f" "false" "0"))
+ #f)
+ (else
+ (format (current-error-port)
+ "ld-wrapper: ~s: invalid value for \
+'GUIX_LD_WRAPPER_ALLOW_IMPURITIES'~%"
+ value)))))))
(define %debug?
;; Whether to emit debugging output.
diff --git a/guix/build/gnu-build-system.scm b/guix/build/gnu-build-system.scm
index a39a884852..be5ad78b93 100644
--- a/guix/build/gnu-build-system.scm
+++ b/guix/build/gnu-build-system.scm
@@ -87,6 +87,9 @@ See https://reproducible-builds.org/specs/source-date-epoch/."
(#f ; not cross compiling
'())))
+ ;; Tell 'ld-wrapper' to disallow non-store libraries.
+ (setenv "GUIX_LD_WRAPPER_ALLOW_IMPURITIES" "no")
+
;; When cross building, $PATH must refer only to native (host) inputs since
;; target inputs are not executable.
(set-path-environment-variable "PATH" '("bin" "sbin")