From 3cd8ce3bce1e3d89b21caa0d3ad458193f5179ba Mon Sep 17 00:00:00 2001 From: Anders Kaseorg Date: Wed, 1 Jan 2020 16:29:34 -0800 Subject: [PATCH] treewide: Fix unsafe concatenation of $LD_LIBRARY_PATH Naive concatenation of $LD_LIBRARY_PATH can result in an empty colon-delimited segment; this tells glibc to load libraries from the current directory, which is definitely wrong, and may be a security vulnerability if the current directory is untrusted. (See #67234, for example.) Fix this throughout the tree. Signed-off-by: Anders Kaseorg --- pkgs/applications/graphics/paraview/default.nix | 2 +- pkgs/applications/misc/audio/soxr/default.nix | 4 ++-- .../networking/mailreaders/claws-mail/default.nix | 2 +- pkgs/applications/office/gnucash/default.nix | 2 +- pkgs/applications/science/math/sage/sage-env.nix | 2 +- pkgs/applications/video/avidemux/default.nix | 2 +- pkgs/build-support/build-fhs-userenv/env.nix | 2 +- pkgs/desktops/deepin/dde-file-manager/default.nix | 4 ++-- pkgs/desktops/enlightenment/efl.nix | 2 +- pkgs/development/compilers/halide/default.nix | 2 +- pkgs/development/compilers/llvm/4/llvm.nix | 2 +- pkgs/development/compilers/llvm/5/llvm.nix | 2 +- pkgs/development/compilers/llvm/6/llvm.nix | 2 +- pkgs/development/compilers/llvm/7/llvm.nix | 2 +- pkgs/development/compilers/llvm/8/llvm.nix | 2 +- pkgs/development/compilers/llvm/9/llvm.nix | 2 +- pkgs/development/compilers/mlton/20130715.nix | 2 +- pkgs/development/compilers/solc/default.nix | 2 +- pkgs/development/guile-modules/guile-lib/default.nix | 2 +- pkgs/development/interpreters/pure/default.nix | 2 +- pkgs/development/libraries/boxfort/default.nix | 2 +- pkgs/development/libraries/caf/default.nix | 4 ++-- pkgs/development/libraries/criterion/default.nix | 2 +- pkgs/development/libraries/cutelyst/default.nix | 2 +- pkgs/development/libraries/exiv2/default.nix | 2 +- pkgs/development/libraries/glib/default.nix | 2 +- pkgs/development/libraries/grpc/default.nix | 2 +- pkgs/development/libraries/jsoncpp/default.nix | 4 ++-- pkgs/development/libraries/libtins/default.nix | 4 ++-- pkgs/development/libraries/orcania/default.nix | 2 +- pkgs/development/libraries/qt-4.x/4.8/default.nix | 2 +- pkgs/development/libraries/qt-5/modules/qtbase.nix | 2 +- pkgs/development/libraries/science/math/arpack/default.nix | 4 ++-- pkgs/development/libraries/science/math/scalapack/default.nix | 2 +- pkgs/development/libraries/yder/default.nix | 2 +- pkgs/development/pharo/vm/build-vm.nix | 2 +- pkgs/development/python-modules/pytorch/default.nix | 2 +- pkgs/games/dwarf-fortress/dfhack/default.nix | 2 +- pkgs/games/dwarf-fortress/wrapper/dfhack.in | 2 +- pkgs/games/steam/chrootenv.nix | 4 ++-- pkgs/os-specific/linux/ati-drivers/builder.sh | 2 +- pkgs/os-specific/linux/tiscamera/default.nix | 2 +- pkgs/servers/plex/default.nix | 2 +- pkgs/tools/X11/libstrangle/nixos.patch | 2 +- pkgs/tools/X11/primus/default.nix | 2 +- pkgs/tools/filesystems/ceph/default.nix | 2 +- pkgs/tools/security/neopg/default.nix | 2 +- pkgs/tools/text/opencc/default.nix | 2 +- 48 files changed, 55 insertions(+), 55 deletions(-) diff --git a/pkgs/applications/graphics/paraview/default.nix b/pkgs/applications/graphics/paraview/default.nix index 1a47a355749..ddf7c537062 100644 --- a/pkgs/applications/graphics/paraview/default.nix +++ b/pkgs/applications/graphics/paraview/default.nix @@ -30,7 +30,7 @@ mkDerivation rec { # libraries. These reside in build/lib, and are not found by # default. preBuild = '' - export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$PWD/lib:$PWD/VTK/ThirdParty/vtkm/vtk-m/lib + export LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}$PWD/lib:$PWD/VTK/ThirdParty/vtkm/vtk-m/lib ''; enableParallelBuilding = true; diff --git a/pkgs/applications/misc/audio/soxr/default.nix b/pkgs/applications/misc/audio/soxr/default.nix index 7c4e6ff8c3d..20a754ba98a 100644 --- a/pkgs/applications/misc/audio/soxr/default.nix +++ b/pkgs/applications/misc/audio/soxr/default.nix @@ -11,9 +11,9 @@ stdenv.mkDerivation rec { outputs = [ "out" "doc" ]; # headers are just two and very small preConfigure = if stdenv.isDarwin then '' - export DYLD_LIBRARY_PATH="$DYLD_LIBRARY_PATH:"`pwd`/build/src + export DYLD_LIBRARY_PATH="$DYLD_LIBRARY_PATH''${DYLD_LIBRARY_PATH:+:}"`pwd`/build/src '' else '' - export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:"`pwd`/build/src + export LD_LIBRARY_PATH="$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}"`pwd`/build/src ''; nativeBuildInputs = [ cmake ]; diff --git a/pkgs/applications/networking/mailreaders/claws-mail/default.nix b/pkgs/applications/networking/mailreaders/claws-mail/default.nix index e89a36eade0..f62ab292d66 100644 --- a/pkgs/applications/networking/mailreaders/claws-mail/default.nix +++ b/pkgs/applications/networking/mailreaders/claws-mail/default.nix @@ -43,7 +43,7 @@ stdenv.mkDerivation rec { preConfigure = '' # autotools check tries to dlopen libpython as a requirement for the python plugin - export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:${python}/lib + export LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}${python}/lib ''; postPatch = '' diff --git a/pkgs/applications/office/gnucash/default.nix b/pkgs/applications/office/gnucash/default.nix index 963a896dd51..476b1128b94 100644 --- a/pkgs/applications/office/gnucash/default.nix +++ b/pkgs/applications/office/gnucash/default.nix @@ -79,7 +79,7 @@ stdenv.mkDerivation rec { # 80 - test-gnc-module-scm-module (Failed) # 81 - test-gnc-module-scm-multi (Failed) preCheck = '' - export LD_LIBRARY_PATH=$PWD/lib:$PWD/lib/gnucash:$PWD/lib/gnucash/test:$LD_LIBRARY_PATH + export LD_LIBRARY_PATH=$PWD/lib:$PWD/lib/gnucash:$PWD/lib/gnucash/test''${LD_LIBRARY_PATH:+:}$LD_LIBRARY_PATH export NIX_CFLAGS_LINK="-lgtest -lgtest_main" ''; doCheck = false; diff --git a/pkgs/applications/science/math/sage/sage-env.nix b/pkgs/applications/science/math/sage/sage-env.nix index 00397239876..68e0d134ace 100644 --- a/pkgs/applications/science/math/sage/sage-env.nix +++ b/pkgs/applications/science/math/sage/sage-env.nix @@ -177,7 +177,7 @@ writeTextFile rec { export SAGE_EXTCODE='${sagelib.src}/src/ext' # for find_library - export DYLD_LIBRARY_PATH="${lib.makeLibraryPath [stdenv.cc.libc singular]}:$DYLD_LIBRARY_PATH" + export DYLD_LIBRARY_PATH="${lib.makeLibraryPath [stdenv.cc.libc singular]}''${DYLD_LIBRARY_PATH:+:}$DYLD_LIBRARY_PATH" ''; } // { lib = sagelib; # equivalent of `passthru`, which `writeTextFile` doesn't support diff --git a/pkgs/applications/video/avidemux/default.nix b/pkgs/applications/video/avidemux/default.nix index c28d900dd9f..00bdb370aae 100644 --- a/pkgs/applications/video/avidemux/default.nix +++ b/pkgs/applications/video/avidemux/default.nix @@ -66,7 +66,7 @@ stdenv.mkDerivation rec { cd "$sourceRoot" patchPhase - export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:${libXext}/lib" + export LD_LIBRARY_PATH="$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}${libXext}/lib" ${stdenv.shell} bootStrap.bash \ --with-core \ ${if withQT then "--with-qt" else "--without-qt"} \ diff --git a/pkgs/build-support/build-fhs-userenv/env.nix b/pkgs/build-support/build-fhs-userenv/env.nix index 295b17eec67..8de43d5a919 100644 --- a/pkgs/build-support/build-fhs-userenv/env.nix +++ b/pkgs/build-support/build-fhs-userenv/env.nix @@ -52,7 +52,7 @@ let etcProfile = writeText "profile" '' export PS1='${name}-chrootenv:\u@\h:\w\$ ' export LOCALE_ARCHIVE='/usr/lib/locale/locale-archive' - export LD_LIBRARY_PATH="/run/opengl-driver/lib:/run/opengl-driver-32/lib:/usr/lib:/usr/lib32:$LD_LIBRARY_PATH" + export LD_LIBRARY_PATH="/run/opengl-driver/lib:/run/opengl-driver-32/lib:/usr/lib:/usr/lib32''${LD_LIBRARY_PATH:+:}$LD_LIBRARY_PATH" export PATH="/run/wrappers/bin:/usr/bin:/usr/sbin:$PATH" export TZDIR='/etc/zoneinfo' diff --git a/pkgs/desktops/deepin/dde-file-manager/default.nix b/pkgs/desktops/deepin/dde-file-manager/default.nix index 5d0d04bfb76..62931dfcd81 100644 --- a/pkgs/desktops/deepin/dde-file-manager/default.nix +++ b/pkgs/desktops/deepin/dde-file-manager/default.nix @@ -228,8 +228,8 @@ mkDerivation rec { ]; preBuild = '' - export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:${zlib}/lib"; - export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:${libX11}/lib"; + export LD_LIBRARY_PATH="$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}${zlib}/lib"; + export LD_LIBRARY_PATH="$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}${libX11}/lib"; ''; dontWrapQtApps = true; diff --git a/pkgs/desktops/enlightenment/efl.nix b/pkgs/desktops/enlightenment/efl.nix index 183e72565d3..b4b271fb38f 100644 --- a/pkgs/desktops/enlightenment/efl.nix +++ b/pkgs/desktops/enlightenment/efl.nix @@ -123,7 +123,7 @@ stdenv.mkDerivation rec { preConfigure = '' # allow ecore_con to find libcurl.so, which is a runtime dependency (it is dlopened) - export LD_LIBRARY_PATH="${curl.out}/lib:$LD_LIBRARY_PATH" + export LD_LIBRARY_PATH="${curl.out}/lib''${LD_LIBRARY_PATH:+:}$LD_LIBRARY_PATH" source "$setupHook" ''; diff --git a/pkgs/development/compilers/halide/default.nix b/pkgs/development/compilers/halide/default.nix index 0b28b61a27b..44c079af926 100644 --- a/pkgs/development/compilers/halide/default.nix +++ b/pkgs/development/compilers/halide/default.nix @@ -29,7 +29,7 @@ in llvmPackages.stdenv.mkDerivation { # To handle the lack of 'local' RPATH; required, as they call one of # their built binaries requiring their libs, in the build process. preBuild = '' - export LD_LIBRARY_PATH="$(pwd)/lib:$LD_LIBRARY_PATH" + export LD_LIBRARY_PATH="$(pwd)/lib''${LD_LIBRARY_PATH:+:}$LD_LIBRARY_PATH" ''; enableParallelBuilding = true; diff --git a/pkgs/development/compilers/llvm/4/llvm.nix b/pkgs/development/compilers/llvm/4/llvm.nix index d5f64041486..0d3ce1614de 100644 --- a/pkgs/development/compilers/llvm/4/llvm.nix +++ b/pkgs/development/compilers/llvm/4/llvm.nix @@ -143,7 +143,7 @@ stdenv.mkDerivation ({ ''; preCheck = '' - export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$PWD/lib + export LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}$PWD/lib ''; postInstall = stdenv.lib.optionalString enableSharedLibraries '' diff --git a/pkgs/development/compilers/llvm/5/llvm.nix b/pkgs/development/compilers/llvm/5/llvm.nix index cd26b7d17a9..2ce17765d63 100644 --- a/pkgs/development/compilers/llvm/5/llvm.nix +++ b/pkgs/development/compilers/llvm/5/llvm.nix @@ -119,7 +119,7 @@ stdenv.mkDerivation ({ ''; preCheck = '' - export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$PWD/lib + export LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}$PWD/lib ''; postInstall = '' diff --git a/pkgs/development/compilers/llvm/6/llvm.nix b/pkgs/development/compilers/llvm/6/llvm.nix index 8faab6b94a9..80acd3fa2fe 100644 --- a/pkgs/development/compilers/llvm/6/llvm.nix +++ b/pkgs/development/compilers/llvm/6/llvm.nix @@ -120,7 +120,7 @@ stdenv.mkDerivation ({ ''; preCheck = '' - export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$PWD/lib + export LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}$PWD/lib ''; postInstall = '' diff --git a/pkgs/development/compilers/llvm/7/llvm.nix b/pkgs/development/compilers/llvm/7/llvm.nix index 62be8bbedab..d7fb1fe4b93 100644 --- a/pkgs/development/compilers/llvm/7/llvm.nix +++ b/pkgs/development/compilers/llvm/7/llvm.nix @@ -141,7 +141,7 @@ in stdenv.mkDerivation ({ ''; preCheck = '' - export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$PWD/lib + export LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}$PWD/lib ''; postInstall = '' diff --git a/pkgs/development/compilers/llvm/8/llvm.nix b/pkgs/development/compilers/llvm/8/llvm.nix index 18946f5d640..a9c4a6b0ba2 100644 --- a/pkgs/development/compilers/llvm/8/llvm.nix +++ b/pkgs/development/compilers/llvm/8/llvm.nix @@ -117,7 +117,7 @@ in stdenv.mkDerivation ({ ''; preCheck = '' - export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$PWD/lib + export LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}$PWD/lib ''; postInstall = '' diff --git a/pkgs/development/compilers/llvm/9/llvm.nix b/pkgs/development/compilers/llvm/9/llvm.nix index c0e750dc31c..2cdc5a5fd06 100644 --- a/pkgs/development/compilers/llvm/9/llvm.nix +++ b/pkgs/development/compilers/llvm/9/llvm.nix @@ -134,7 +134,7 @@ in stdenv.mkDerivation (rec { ''; preCheck = '' - export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$PWD/lib + export LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}$PWD/lib ''; postInstall = '' diff --git a/pkgs/development/compilers/mlton/20130715.nix b/pkgs/development/compilers/mlton/20130715.nix index 207ed8f29bc..52bb0a0775c 100644 --- a/pkgs/development/compilers/mlton/20130715.nix +++ b/pkgs/development/compilers/mlton/20130715.nix @@ -77,7 +77,7 @@ stdenv.mkDerivation rec { chmod u+x $(pwd)/../${usr_prefix}/bin/mlton # So the builder runs the binary compiler with gmp. - export LD_LIBRARY_PATH=${gmp.out}/lib:$LD_LIBRARY_PATH + export LD_LIBRARY_PATH=${gmp.out}/lib''${LD_LIBRARY_PATH:+:}$LD_LIBRARY_PATH '' + stdenv.lib.optionalString stdenv.isLinux '' # Patch ELF interpreter. diff --git a/pkgs/development/compilers/solc/default.nix b/pkgs/development/compilers/solc/default.nix index 23e6c64f3ff..0f71ed79e7e 100644 --- a/pkgs/development/compilers/solc/default.nix +++ b/pkgs/development/compilers/solc/default.nix @@ -49,7 +49,7 @@ stdenv.mkDerivation rec { checkPhase = '' while IFS= read -r -d ''' dir do - LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$(pwd)/$dir + LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}$(pwd)/$dir export LD_LIBRARY_PATH done < <(find . -type d -print0) diff --git a/pkgs/development/guile-modules/guile-lib/default.nix b/pkgs/development/guile-modules/guile-lib/default.nix index cea464ad5d2..97f501f41db 100644 --- a/pkgs/development/guile-modules/guile-lib/default.nix +++ b/pkgs/development/guile-modules/guile-lib/default.nix @@ -21,7 +21,7 @@ in stdenv.mkDerivation { preCheck = '' # Make `libgcc_s.so' visible for `pthread_cancel'. export LD_LIBRARY_PATH=\ - "$(dirname $(echo ${stdenv.cc.cc.lib}/lib*/libgcc_s.so)):$LD_LIBRARY_PATH" + "$(dirname $(echo ${stdenv.cc.cc.lib}/lib*/libgcc_s.so))''${LD_LIBRARY_PATH:+:}$LD_LIBRARY_PATH" ''; meta = with stdenv.lib; { diff --git a/pkgs/development/interpreters/pure/default.nix b/pkgs/development/interpreters/pure/default.nix index 9c35fc35497..764ee241aff 100644 --- a/pkgs/development/interpreters/pure/default.nix +++ b/pkgs/development/interpreters/pure/default.nix @@ -24,7 +24,7 @@ stdenv.mkDerivation rec { configureFlags = [ "--enable-release" ]; doCheck = true; checkPhase = '' - LD_LIBRARY_PATH=$LD_LIBRARY_PATH:${llvm}/lib make check + LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}${llvm}/lib make check ''; postInstall = '' wrapProgram $out/bin/pure --prefix LD_LIBRARY_PATH : ${llvm}/lib diff --git a/pkgs/development/libraries/boxfort/default.nix b/pkgs/development/libraries/boxfort/default.nix index 95c1afd090f..fb6e735c46e 100644 --- a/pkgs/development/libraries/boxfort/default.nix +++ b/pkgs/development/libraries/boxfort/default.nix @@ -29,7 +29,7 @@ stdenv.mkDerivation rec { doCheck = true; preCheck = '' - export LD_LIBRARY_PATH=`pwd`:$LD_LIBRARY_PATH + export LD_LIBRARY_PATH=`pwd`''${LD_LIBRARY_PATH:+:}$LD_LIBRARY_PATH ''; outputs = [ "dev" "out" ]; diff --git a/pkgs/development/libraries/caf/default.nix b/pkgs/development/libraries/caf/default.nix index ecf991cb59c..e32ec169579 100644 --- a/pkgs/development/libraries/caf/default.nix +++ b/pkgs/development/libraries/caf/default.nix @@ -22,8 +22,8 @@ stdenv.mkDerivation rec { doCheck = true; checkTarget = "test"; preCheck = '' - export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$PWD/lib - export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH:$PWD/lib + export LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}$PWD/lib + export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH''${DYLD_LIBRARY_PATH:+:}$PWD/lib ''; meta = with stdenv.lib; { diff --git a/pkgs/development/libraries/criterion/default.nix b/pkgs/development/libraries/criterion/default.nix index c2721d3839a..3dc4b462404 100644 --- a/pkgs/development/libraries/criterion/default.nix +++ b/pkgs/development/libraries/criterion/default.nix @@ -30,7 +30,7 @@ stdenv.mkDerivation rec { cmakeFlags = [ "-DCTESTS=ON" ]; doCheck = true; preCheck = '' - export LD_LIBRARY_PATH=`pwd`:$LD_LIBRARY_PATH + export LD_LIBRARY_PATH=`pwd`''${LD_LIBRARY_PATH:+:}$LD_LIBRARY_PATH ''; checkTarget = "criterion_tests test"; diff --git a/pkgs/development/libraries/cutelyst/default.nix b/pkgs/development/libraries/cutelyst/default.nix index 6cd464e5539..2cf611eed27 100644 --- a/pkgs/development/libraries/cutelyst/default.nix +++ b/pkgs/development/libraries/cutelyst/default.nix @@ -24,7 +24,7 @@ stdenv.mkDerivation rec { ]; preBuild = '' - export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:`pwd`/Cutelyst:`pwd`/EventLoopEPoll" + export LD_LIBRARY_PATH="$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}`pwd`/Cutelyst:`pwd`/EventLoopEPoll" ''; postBuild = '' diff --git a/pkgs/development/libraries/exiv2/default.nix b/pkgs/development/libraries/exiv2/default.nix index 21f63e07335..425346df816 100644 --- a/pkgs/development/libraries/exiv2/default.nix +++ b/pkgs/development/libraries/exiv2/default.nix @@ -69,7 +69,7 @@ stdenv.mkDerivation rec { ''} ${stdenv.lib.optionalString stdenv.isDarwin '' - export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH:`pwd`/lib + export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH''${DYLD_LIBRARY_PATH:+:}`pwd`/lib # Removing tests depending on charset conversion substituteInPlace ../test/Makefile --replace "conversions.sh" "" rm -f ../tests/bugfixes/redmine/test_issue_460.py diff --git a/pkgs/development/libraries/glib/default.nix b/pkgs/development/libraries/glib/default.nix index 4a7d6cce90b..18756213230 100644 --- a/pkgs/development/libraries/glib/default.nix +++ b/pkgs/development/libraries/glib/default.nix @@ -160,7 +160,7 @@ stdenv.mkDerivation rec { checkInputs = [ tzdata libxml2 desktop-file-utils shared-mime-info ]; preCheck = optionalString doCheck '' - export LD_LIBRARY_PATH="$NIX_BUILD_TOP/${pname}-${version}/glib/.libs:$LD_LIBRARY_PATH" + export LD_LIBRARY_PATH="$NIX_BUILD_TOP/${pname}-${version}/glib/.libs''${LD_LIBRARY_PATH:+:}$LD_LIBRARY_PATH" export TZDIR="${tzdata}/share/zoneinfo" export XDG_CACHE_HOME="$TMP" export XDG_RUNTIME_HOME="$TMP" diff --git a/pkgs/development/libraries/grpc/default.nix b/pkgs/development/libraries/grpc/default.nix index abcd3abaf30..dfec171f1db 100644 --- a/pkgs/development/libraries/grpc/default.nix +++ b/pkgs/development/libraries/grpc/default.nix @@ -38,7 +38,7 @@ stdenv.mkDerivation rec { ''; preBuild = '' - export LD_LIBRARY_PATH=$(pwd):$LD_LIBRARY_PATH + export LD_LIBRARY_PATH=$(pwd)''${LD_LIBRARY_PATH:+:}$LD_LIBRARY_PATH ''; NIX_CFLAGS_COMPILE = stdenv.lib.optionalString stdenv.cc.isClang "-Wno-error=unknown-warning-option"; diff --git a/pkgs/development/libraries/jsoncpp/default.nix b/pkgs/development/libraries/jsoncpp/default.nix index 72158e186ac..7b06cc8ad4e 100644 --- a/pkgs/development/libraries/jsoncpp/default.nix +++ b/pkgs/development/libraries/jsoncpp/default.nix @@ -23,9 +23,9 @@ stdenv.mkDerivation rec { # Hack to be able to run the test, broken because we use # CMAKE_SKIP_BUILD_RPATH to avoid cmake resetting rpath on install preBuild = if stdenv.isDarwin then '' - export DYLD_LIBRARY_PATH="`pwd`/src/lib_json:$DYLD_LIBRARY_PATH" + export DYLD_LIBRARY_PATH="`pwd`/src/lib_json''${DYLD_LIBRARY_PATH:+:}$DYLD_LIBRARY_PATH" '' else '' - export LD_LIBRARY_PATH="`pwd`/src/lib_json:$LD_LIBRARY_PATH" + export LD_LIBRARY_PATH="`pwd`/src/lib_json''${LD_LIBRARY_PATH:+:}$LD_LIBRARY_PATH" ''; nativeBuildInputs = [ cmake python ]; diff --git a/pkgs/development/libraries/libtins/default.nix b/pkgs/development/libraries/libtins/default.nix index c90cff31677..60bb092c6fa 100644 --- a/pkgs/development/libraries/libtins/default.nix +++ b/pkgs/development/libraries/libtins/default.nix @@ -32,8 +32,8 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; doCheck = true; preCheck = '' - export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$PWD${placeholder "out"}/lib - export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH:$PWD${placeholder "out"}/lib + export LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}$PWD${placeholder "out"}/lib + export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH''${DYLD_LIBRARY_PATH:+:}$PWD${placeholder "out"}/lib ''; checkTarget = "tests test"; diff --git a/pkgs/development/libraries/orcania/default.nix b/pkgs/development/libraries/orcania/default.nix index bc27011c588..2f8765f9a72 100644 --- a/pkgs/development/libraries/orcania/default.nix +++ b/pkgs/development/libraries/orcania/default.nix @@ -19,7 +19,7 @@ stdenv.mkDerivation rec { doCheck = true; preCheck = '' - export LD_LIBRARY_PATH="$(pwd):$LD_LIBRARY_PATH" + export LD_LIBRARY_PATH="$(pwd)''${LD_LIBRARY_PATH:+:}$LD_LIBRARY_PATH" export DYLD_FALLBACK_LIBRARY_PATH="$(pwd):$DYLD_FALLBACK_LIBRARY_PATH" ''; diff --git a/pkgs/development/libraries/qt-4.x/4.8/default.nix b/pkgs/development/libraries/qt-4.x/4.8/default.nix index 25953949eb7..379f5b3d80e 100644 --- a/pkgs/development/libraries/qt-4.x/4.8/default.nix +++ b/pkgs/development/libraries/qt-4.x/4.8/default.nix @@ -125,7 +125,7 @@ stdenv.mkDerivation rec { ]; preConfigure = '' - export LD_LIBRARY_PATH="`pwd`/lib:$LD_LIBRARY_PATH" + export LD_LIBRARY_PATH="`pwd`/lib''${LD_LIBRARY_PATH:+:}$LD_LIBRARY_PATH" configureFlags+=" -docdir $out/share/doc/${name} -plugindir $out/lib/qt4/plugins diff --git a/pkgs/development/libraries/qt-5/modules/qtbase.nix b/pkgs/development/libraries/qt-5/modules/qtbase.nix index bc23d0f9caf..930c59d347b 100644 --- a/pkgs/development/libraries/qt-5/modules/qtbase.nix +++ b/pkgs/development/libraries/qt-5/modules/qtbase.nix @@ -164,7 +164,7 @@ stdenv.mkDerivation { setOutputFlags = false; preConfigure = '' - export LD_LIBRARY_PATH="$PWD/lib:$PWD/plugins/platforms:$LD_LIBRARY_PATH" + export LD_LIBRARY_PATH="$PWD/lib:$PWD/plugins/platforms''${LD_LIBRARY_PATH:+:}$LD_LIBRARY_PATH" ${lib.optionalString (compareVersion "5.9.0" < 0) '' # We need to set LD to CXX or otherwise we get nasty compile errors export LD=$CXX diff --git a/pkgs/development/libraries/science/math/arpack/default.nix b/pkgs/development/libraries/science/math/arpack/default.nix index 36576de0563..89f3aa94247 100644 --- a/pkgs/development/libraries/science/math/arpack/default.nix +++ b/pkgs/development/libraries/science/math/arpack/default.nix @@ -30,9 +30,9 @@ stdenv.mkDerivation { ]; preCheck = if stdenv.isDarwin then '' - export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH:`pwd`/lib + export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH''${DYLD_LIBRARY_PATH:+:}`pwd`/lib '' else '' - export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:`pwd`/lib + export LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}`pwd`/lib '' + '' # Prevent tests from using all cores export OMP_NUM_THREADS=2 diff --git a/pkgs/development/libraries/science/math/scalapack/default.nix b/pkgs/development/libraries/science/math/scalapack/default.nix index bff0d9a85fa..fda902f320c 100644 --- a/pkgs/development/libraries/science/math/scalapack/default.nix +++ b/pkgs/development/libraries/science/math/scalapack/default.nix @@ -40,7 +40,7 @@ stdenv.mkDerivation rec { # Run single threaded export OMP_NUM_THREADS=1 - export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:`pwd`/lib + export LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}`pwd`/lib ''; meta = with stdenv.lib; { diff --git a/pkgs/development/libraries/yder/default.nix b/pkgs/development/libraries/yder/default.nix index 7025fd2eb1c..5ddb1d1a131 100644 --- a/pkgs/development/libraries/yder/default.nix +++ b/pkgs/development/libraries/yder/default.nix @@ -32,7 +32,7 @@ stdenv.mkDerivation rec { doCheck = true; preCheck = '' - export LD_LIBRARY_PATH="$(pwd):$LD_LIBRARY_PATH" + export LD_LIBRARY_PATH="$(pwd)''${LD_LIBRARY_PATH:+:}$LD_LIBRARY_PATH" export DYLD_FALLBACK_LIBRARY_PATH="$(pwd):$DYLD_FALLBACK_LIBRARY_PATH" ''; diff --git a/pkgs/development/pharo/vm/build-vm.nix b/pkgs/development/pharo/vm/build-vm.nix index 5fc747cbc8c..38516cc1914 100644 --- a/pkgs/development/pharo/vm/build-vm.nix +++ b/pkgs/development/pharo/vm/build-vm.nix @@ -117,7 +117,7 @@ stdenv.mkDerivation rec { cat > "$out/bin/${cmd}" <