Check for static busybox in configure

A dynamically linked shell will not work in the sandbox Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2024-09-19 10:50:24 -04:00 · 2023-06-28 10:55:48 +02:00 · 2023-06-28 10:55:48 +02:00 · 1cfb88964a
parent 4c007bf88f
commit 1cfb88964a
1 changed files with 19 additions and 0 deletions
--- a/configure.ac
+++ b/configure.ac
@ -419,6 +419,25 @@ if test ${cross_compiling:-no} = no && ! test -z ${sandbox_shell+x}; then
  else
    AC_MSG_RESULT(disabled)
  fi
+
+  # system refers to host platform
+  case $system in
+    *-darwin)
+      # ldd unsupported on darwin *build* platform, and
+      # static linking against system libraries not recommended on darwin,
+      # so we don't check that sandbox-shell is statically linked
+      ;;
+    *)
+      # A dynamically linked shell will not work in the sandbox.
+      AC_MSG_CHECKING([whether sandbox-shell is statically linked])
+      if ldd $sandbox_shell 2>&1 | grep -q "not a dynamic executable"; then
+        AC_MSG_RESULT(yes)
+      else
+        AC_MSG_RESULT(no)
+        AC_MSG_ERROR([Please enable busybox STATIC])
+      fi
+      ;;
+  esac
 fi

 AC_ARG_ENABLE(embedded-sandbox-shell, AS_HELP_STRING([--enable-embedded-sandbox-shell],[include the sandbox shell in the Nix binary [default=no]]),