diff options
| author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2012-10-03 17:30:45 -0400 |
|---|---|---|
| committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2012-10-03 17:30:45 -0400 |
| commit | 522ecab9b83902de5a3010b50b9532e376cbba4c (patch) | |
| tree | 87d471d089f60c9d6539742e695281b2aeaf102a /src/libstore/remote-store.cc | |
| parent | 7586095504f238a35937426aa870cb6d2a7b2862 (diff) | |
Drop support for running nix-worker in "slave" mode
AFAIK nobody uses this, setuid binaries are evil, and there is no good
reason why people can't just run the daemon.
Diffstat (limited to 'src/libstore/remote-store.cc')
| -rw-r--r-- | src/libstore/remote-store.cc | 58 |
1 files changed, 3 insertions, 55 deletions
diff --git a/src/libstore/remote-store.cc b/src/libstore/remote-store.cc index 08e409d3f..16b5db808 100644 --- a/src/libstore/remote-store.cc +++ b/src/libstore/remote-store.cc @@ -50,16 +50,12 @@ void RemoteStore::openConnection(bool reserveSpace) string remoteMode = getEnv("NIX_REMOTE"); - if (remoteMode == "slave") - /* Fork off a setuid worker to do the privileged work. */ - forkSlave(); - else if (remoteMode == "daemon") + if (remoteMode == "daemon") /* Connect to a daemon that does the privileged work for us. */ - connectToDaemon(); + connectToDaemon(); else - throw Error(format("invalid setting for NIX_REMOTE, `%1%'") - % remoteMode); + throw Error(format("invalid setting for NIX_REMOTE, `%1%'") % remoteMode); from.fd = fdSocket; to.fd = fdSocket; @@ -88,54 +84,6 @@ void RemoteStore::openConnection(bool reserveSpace) } -void RemoteStore::forkSlave() -{ - int sockets[2]; - if (socketpair(AF_UNIX, SOCK_STREAM, 0, sockets) == -1) - throw SysError("cannot create sockets"); - - fdSocket = sockets[0]; - AutoCloseFD fdChild = sockets[1]; - - /* Start the worker. */ - Path worker = getEnv("NIX_WORKER"); - if (worker == "") - worker = settings.nixBinDir + "/nix-worker"; - - child = fork(); - - switch (child) { - - case -1: - throw SysError("unable to fork"); - - case 0: - try { /* child */ - - if (dup2(fdChild, STDOUT_FILENO) == -1) - throw SysError("dupping write side"); - - if (dup2(fdChild, STDIN_FILENO) == -1) - throw SysError("dupping read side"); - - close(fdSocket); - close(fdChild); - - execlp(worker.c_str(), worker.c_str(), "--slave", NULL); - - throw SysError(format("executing `%1%'") % worker); - - } catch (std::exception & e) { - std::cerr << format("child error: %1%\n") % e.what(); - } - quickExit(1); - } - - fdChild.close(); - -} - - void RemoteStore::connectToDaemon() { fdSocket = socket(PF_UNIX, SOCK_STREAM, 0); |