From 9ebec6056bfeb5e80247c309acfbb10bc2113077 Mon Sep 17 00:00:00 2001
From: Tyson Whitehead <twhitehead@gmail.com>
Date: Wed, 25 Apr 2018 13:50:42 -0400
Subject: [PATCH] Set SKIP_CC_CVMFS=1 in nix-shell pure mode to avoid CVMFS
 pollution

---
 README.md             | 16 +++-------------
 pkgs/all-packages.nix |  4 ++--
 pkgs/nix/cvmfs.patch  | 12 ++++++++++++
 3 files changed, 17 insertions(+), 15 deletions(-)
 create mode 100644 pkgs/nix/cvmfs.patch

diff --git a/README.md b/README.md
index b5174bf..992199a 100644
--- a/README.md
+++ b/README.md
@@ -170,19 +170,9 @@ channel to the clusters until fixed.
 
 The `nix-shell` command can be used to enter a non-sandboxed version
 of the build environment from the top-level directory.  Passing the
-`--pure` option causes it to purge the environment.  RHEL and Fedora
-do not guard against multiple evaluations of the */etc/profile.d*
-scripts though, so the default *~/.bashrc* will restore it unless it
-is modified to not source */etc/bashrc* when `__ETC_PROFILE_SOURCED`
-is set
-
-```bash
-sed -i -e 's|^\(\s*\)\(\. /etc/bashrc\)\s*$|\1test -n "$__ETC_PROFILE_SOURCED" \|\| \2|' ~/.bashrc
-```
-
-With this one-time change, a purged simulated build environment can be
-entered by running
-
+`--pure` option causes it to purge the environment (RHEL and Fedora do
+not guard against multiple evaluations of the */etc/profile.d* scripts
+via `__ETC_PROFILE_SOURCED` so this may not be 100% effective)
 
 ```bash
 nix-shell --pure --attr attribute
diff --git a/pkgs/all-packages.nix b/pkgs/all-packages.nix
index e73ce45..d8bc318 100644
--- a/pkgs/all-packages.nix
+++ b/pkgs/all-packages.nix
@@ -35,7 +35,7 @@ self: super: pkgs: with pkgs; {
   sambamba = callPackage ./sambamba { };
 
   nixStable = super.nixStable.overrideAttrs
-    ( attrs: { patches = attrs.patches or [] ++ [ ./nix/remote.patch ]; } );
+    ( attrs: { patches = attrs.patches or [] ++ [ ./nix/remote.patch ./nix/cvmfs.patch ]; } );
   nix = super.nix.overrideAttrs
-    ( attrs: { patches = attrs.patches or [] ++ [ ./nix/remote.patch ]; } );
+    ( attrs: { patches = attrs.patches or [] ++ [ ./nix/remote.patch ./nix/cvmfs.patch ]; } );
 }
diff --git a/pkgs/nix/cvmfs.patch b/pkgs/nix/cvmfs.patch
new file mode 100644
index 0000000..7ec5b35
--- /dev/null
+++ b/pkgs/nix/cvmfs.patch
@@ -0,0 +1,12 @@
+diff --git a/scripts/nix-build.in b/scripts/nix-build.in
+index bb61e1c..d58d687 100755
+--- a/scripts/nix-build.in
++++ b/scripts/nix-build.in
+@@ -276,6 +276,7 @@ foreach my $expr (@exprs) {
+             }
+             # NixOS hack: prevent /etc/bashrc from sourcing /etc/profile.
+             $ENV{'__ETC_PROFILE_SOURCED'} = 1;
++            $ENV{'SKIP_CC_CVMFS'} = 1;
+         }
+         $ENV{'NIX_BUILD_TOP'} = $ENV{'TMPDIR'} = $ENV{'TEMPDIR'} = $ENV{'TMP'} = $ENV{'TEMP'} = $tmp;
+         $ENV{'NIX_STORE'} = $Nix::Config::storeDir;