From a1c56d5492f7f97cc9aa18158033d5ae911bc317 Mon Sep 17 00:00:00 2001
From: Daiderd Jordan <daiderd@gmail.com>
Date: Fri, 18 Jan 2019 23:18:45 +0100
Subject: [PATCH] system-packages: verify libraries are not linked

By default environment.pathsToLink does not include /lib so libraries
should not be exposed directly in the system output.
---
 tests/system-packages.nix | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/tests/system-packages.nix b/tests/system-packages.nix
index 092e2d3..0a51813 100644
--- a/tests/system-packages.nix
+++ b/tests/system-packages.nix
@@ -1,10 +1,21 @@
 { config, pkgs, ... }:
 
+let
+  hello = pkgs.runCommand "hello-0.0.0" {} ''
+    mkdir -p $out/bin $out/lib
+    touch $out/bin/hello $out/lib/libhello.dylib
+  '';
+in
+
 {
    environment.systemPackages = [ pkgs.hello ];
 
    test = ''
      echo checking hello binary in /sw/bin >&2
+     test -e ${config.out}/sw/bin/hello
      test "$(readlink -f ${config.out}/sw/bin/hello)" = "${pkgs.hello}/bin/hello"
+
+     echo checking for unexpected paths in /sw/bin >&2
+     ! test -e ${config.out}/sw/lib/libhello.dylib
    '';
 }