aboutsummaryrefslogtreecommitdiff
path: root/nix.spec.in
diff options
context:
space:
mode:
authorEelco Dolstra <edolstra@gmail.com>2017-07-04 15:43:06 +0200
committerEelco Dolstra <edolstra@gmail.com>2017-07-04 15:48:25 +0200
commit6cf23c3e8fa12e6bf297ca87d1b47889bf115d52 (patch)
treeee3a793b215fc0d1cca59034a61171b19c1aa77b /nix.spec.in
parentad8b96f1f2c80bf3f91ceab4d955aa368b7c85d4 (diff)
Add allow-new-privileges option
This allows builds to call setuid binaries. This was previously possible until we started using seccomp. Turns out that seccomp by default disallows processes from acquiring new privileges. Generally, any use of setuid binaries (except those created by the builder itself) is by definition impure, but some people were relying on this ability for certain tests. Example: $ nix build '(with import <nixpkgs> {}; runCommand "foo" {} "/run/wrappers/bin/ping -c 1 8.8.8.8; exit 1")' --no-allow-new-privileges builder for ‘/nix/store/j0nd8kv85hd6r4kxgnwzvr0k65ykf6fv-foo.drv’ failed with exit code 1; last 2 log lines: cannot raise the capability into the Ambient set : Operation not permitted $ nix build '(with import <nixpkgs> {}; runCommand "foo" {} "/run/wrappers/bin/ping -c 1 8.8.8.8; exit 1")' --allow-new-privileges builder for ‘/nix/store/j0nd8kv85hd6r4kxgnwzvr0k65ykf6fv-foo.drv’ failed with exit code 1; last 6 log lines: PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_seq=1 ttl=46 time=15.2 ms Fixes #1429.
Diffstat (limited to 'nix.spec.in')
0 files changed, 0 insertions, 0 deletions