build/gnu: Only make source checkout files writable.

This is a followup commit to 6129ebddbd. It was suggested by Ludovic in #guix that it's probably safer to leave files extracted from a tarball alone. While at it, guard against possible exceptions that can happen in the presence of dangling symbolic links, for example. * guix/build/gnu-build-system.scm (unpack): Wrap the make-file-writable call in a false-if-exception handler. Move the for-each loop under the file-is-directory? cond branch.
2025-01-14 07:00:32 -05:00 · 2021-02-04 16:15:21 -05:00 · 2021-02-04 16:15:21 -05:00 · 39e67ed697
commit 39e67ed697
parent 3299530c43
1 changed files with 6 additions and 3 deletions
--- a/guix/build/gnu-build-system.scm
+++ b/guix/build/gnu-build-system.scm
@ -156,7 +156,11 @@ (define* (unpack #:key source #:allow-other-keys)
        ;; Preserve timestamps (set to the Epoch) on the copied tree so that
        ;; things work deterministically.
        (copy-recursively source "."
-                          #:keep-mtime? #t))
+                          #:keep-mtime? #t)
        ;; Make the source checkout files writable, for convenience.
        (for-each (lambda (f)
                    (false-if-exception (make-file-writable f)))
                  (find-files ".")))
      (begin
        (cond
         ((string-suffix? ".zip" source)
@ -170,8 +174,7 @@ (define* (unpack #:key source #:allow-other-keys)
            (when command
              (invoke command "--decompress" name)))))
        ;; Attempt to change into child directory.
-        (and=> (first-subdirectory ".") chdir)))
+        (and=> (first-subdirectory ".") chdir))))
  (for-each make-file-writable (find-files ".")))
 (define* (bootstrap #:key bootstrap-scripts
                    #:allow-other-keys)