* Put the chroots under /nix/var/nix/chroots to reduce the risk of

disasters involving `rm -rf' on bind mounts. Will try the definitive fix (per-process mounts, apparently possible via the CLONE_NEWNS flag in clone()) some other time.
author: Eelco Dolstra <e.dolstra@tudelft.nl> 2008-10-29 15:34:48 +0000
committer: Eelco Dolstra <e.dolstra@tudelft.nl> 2008-10-29 15:34:48 +0000
commit: 709b55ee0281bc2d587dff6f60ec189b010800f6 (patch)
tree: 18285f86f7247c8ee638598daad8e5b5b2387f26 /src/libstore/globals.hh
parent: c98ea254dcb6384b686a88657fd800ad7655e4a5 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/src/libstore/globals.hh b/src/libstore/globals.hh
index f650cd1b7..a97aa6d8b 100644
--- a/src/libstore/globals.hh
+++ b/src/libstore/globals.hh
@@ -35,6 +35,12 @@ extern string nixLibexecDir;
 /* nixBinDir is the directory where the main programs are stored. */
 extern string nixBinDir;
 
+/* nixChrootsDir is the directory where we create chroot environments
+   (when chroot builds are enabled).  We don't put these under /tmp to
+   prevent "rm -rf /tmp" from recursing into /nix/store via the bind
+   mounts in the chroots. */
+extern string nixChrootsDir;
+
 
 /* Misc. global flags. */
author	Eelco Dolstra <e.dolstra@tudelft.nl>	2008-10-29 15:34:48 +0000
committer	Eelco Dolstra <e.dolstra@tudelft.nl>	2008-10-29 15:34:48 +0000
commit	709b55ee0281bc2d587dff6f60ec189b010800f6 (patch)
tree	18285f86f7247c8ee638598daad8e5b5b2387f26 /src/libstore/globals.hh
parent	c98ea254dcb6384b686a88657fd800ad7655e4a5 (diff)