diff options
| author | Las Safin <me@las.rs> | 2021-10-08 22:55:08 +0000 |
|---|---|---|
| committer | Las Safin <me@las.rs> | 2021-11-25 11:15:11 +0000 |
| commit | 8388d2c7c662e37470240cfde798956fe8e36a6f (patch) | |
| tree | 887bf67a7bf545cb0aac41317af3c60eeaf2338e /src/libstore/build/local-derivation-goal.hh | |
| parent | d58f149140582330bc994d215e54b2a4fc1149ff (diff) | |
Make recursive-nix work even when not privileged
Before this, `setns` would fail when switching to the mount namespace,
since we did not have the privileges to do so when not root.
Closes #5360
Diffstat (limited to 'src/libstore/build/local-derivation-goal.hh')
| -rw-r--r-- | src/libstore/build/local-derivation-goal.hh | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/libstore/build/local-derivation-goal.hh b/src/libstore/build/local-derivation-goal.hh index 088a57209..bfdf91d89 100644 --- a/src/libstore/build/local-derivation-goal.hh +++ b/src/libstore/build/local-derivation-goal.hh @@ -27,9 +27,10 @@ struct LocalDerivationGoal : public DerivationGoal /* Pipe for synchronising updates to the builder namespaces. */ Pipe userNamespaceSync; - /* The mount namespace of the builder, used to add additional + /* The mount namespace and user namespace of the builder, used to add additional paths to the sandbox as a result of recursive Nix calls. */ AutoCloseFD sandboxMountNamespace; + AutoCloseFD sandboxUserNamespace; /* On Linux, whether we're doing the build in its own user namespace. */ |