Sovran_Systems/Sovran_SystemsOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #168 from naturallaw777/copilot/fix-nixos-rebuild-command

Browse Source 
Fix "Running System Match" always failing due to unsupported --print-out-paths flag
This commit is contained in:
Sovran_Systems
2026-04-08 22:24:39 -05:00
committed by GitHub
parent fa71a7da97 489e326ccc
commit 967df9664d
1 changed files with 22 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
app/sovran_systemsos_web/server.py
View File

@@ -12,6 +12,7 @@ import re
import shutil import shutil
import socket import socket
import subprocess import subprocess
import tempfile
import time import time
import urllib.error import urllib.error
import urllib.parse import urllib.parse
@@ -3087,14 +3088,27 @@ async def api_security_verify_integrity():
expected_system_path = "" expected_system_path = ""
try: try:
current_system_path = os.path.realpath("/run/current-system") current_system_path = os.path.realpath("/run/current-system")
result = subprocess.run( # Use a temp directory so the ./result symlink doesn't pollute anything
["/run/current-system/sw/bin/nixos-rebuild", "build", "--flake", "/etc/nixos", tmpdir = tempfile.mkdtemp(prefix="sovran-verify-")
"--no-build-output", "--print-out-paths"], try:
capture_output=True, text=True, timeout=600, result = subprocess.run(
) ["/run/current-system/sw/bin/nixos-rebuild", "build", "--flake", "/etc/nixos",
if result.returncode == 0: "--no-build-output"],
expected_system_path = result.stdout.strip() capture_output=True, text=True, timeout=600,
system_matches = (current_system_path == expected_system_path) cwd=tmpdir,
)
if result.returncode == 0:
result_link = os.path.join(tmpdir, "result")
if os.path.islink(result_link):
expected_system_path = os.path.realpath(result_link)
system_matches = (current_system_path == expected_system_path)
else:
expected_system_path = "Build succeeded but no result symlink found"
else:
# Surface the error so the UI can show what went wrong
expected_system_path = f"Build failed: {(result.stderr or result.stdout).strip()[:500]}"
finally:
shutil.rmtree(tmpdir, ignore_errors=True)
except subprocess.TimeoutExpired: except subprocess.TimeoutExpired:
expected_system_path = "Build timed out" expected_system_path = "Build timed out"
except Exception as exc: except Exception as exc: