Fix nixos-rebuild result symlink by passing explicit -o flag

Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/52242cb6-8038-446d-bafb-9fe6666b31b9 Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
2026-04-09 03:43:45 +00:00
parent d77dde4020
commit 2bf9c6657b
1 changed files with 2 additions and 2 deletions
--- a/app/sovran_systemsos_web/server.py
+++ b/app/sovran_systemsos_web/server.py
@@ -3091,14 +3091,14 @@ async def api_security_verify_integrity():
        # Use a temp directory so the ./result symlink doesn't pollute anything
        tmpdir = tempfile.mkdtemp(prefix="sovran-verify-")
        try:
+            result_link = os.path.join(tmpdir, "result")
            result = subprocess.run(
                ["/run/current-system/sw/bin/nixos-rebuild", "build", "--flake", "/etc/nixos",
-                 "--no-build-output"],
+                 "--no-build-output", "-o", result_link],
                capture_output=True, text=True, timeout=600,
                cwd=tmpdir,
            )
            if result.returncode == 0:
-                result_link = os.path.join(tmpdir, "result")
                if os.path.islink(result_link):
                    expected_system_path = os.path.realpath(result_link)
                    system_matches = (current_system_path == expected_system_path)