From 8369148e0dd53755d2f82f3e659075890009e72b Mon Sep 17 00:00:00 2001
From: Johannes Christ <jc@jchri.st>
Date: Thu, 1 Aug 2024 20:17:39 +0200
Subject: Allow reading pyvenv.cfg for nested poetry-in-poetry usecases

---
 poetry_restrict_plugin/plugin.py | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/poetry_restrict_plugin/plugin.py b/poetry_restrict_plugin/plugin.py
index d7f02d7..1fc749d 100644
--- a/poetry_restrict_plugin/plugin.py
+++ b/poetry_restrict_plugin/plugin.py
@@ -27,7 +27,12 @@ def ensure_paths(paths):
 
 class RestrictPlugin(Plugin):
     def landlock(self, poetry: Poetry):
+        # /home/user/.local/pipx/venvs/poetry/lib/python3.11/site-packages
         poetry_libs_path = pathlib.Path(poetry_package.__path__._path[0]).parent
+        # Needed, otherwise raises:
+        #   Fatal Python error: init_import_site: Failed to import the site module
+        # /home/user/.local/pipx/venvs/poetry/pyvenv.cfg
+        poetry_pyvenv_cfg = poetry_libs_path.parent.parent.parent / "pyvenv.cfg"
 
         ruleset = Ruleset()
 
@@ -105,6 +110,8 @@ class RestrictPlugin(Plugin):
         # filter programs in gitattributes might allow a sandbox escape.
         ruleset.allow(os.path.dirname(poetry.pyproject_path))
 
+        # => Rules for poetry-in-poetry
+        #
         # This is suboptimal. It is needed for nested invocations of poetry, which
         # sometimes happen through a combination of tooling (e.g. script calling
         # command through poetry being run in poetry shell). However, the
@@ -115,6 +122,8 @@ class RestrictPlugin(Plugin):
             *existing_paths((os.path.expanduser("~/.config/pypoetry"),)),
             rules=FSAccess.READ_FILE | FSAccess.READ_DIR,
         )
+        # Python may need to read pyvenv.cfg
+        ruleset.allow(poetry_pyvenv_cfg, rules=FSAccess.READ_FILE)
 
         ruleset.apply()
 
-- 
cgit v1.2.3