nix-daemon: Add trusted-users and allowed-users options

‘trusted-users’ is a list of users and groups that have elevated
rights, such as the ability to specify binary caches. It defaults to
‘root’. A typical value would be ‘@wheel’ to specify all users in the
wheel group.

‘allowed-users’ is a list of users and groups that are allowed to
connect to the daemon. It defaults to ‘*’. A typical value would be
‘@users’ to specify the ‘users’ group.

2 files changed, 13 insertions, 0 deletions

diff --git a/src/libstore/globals.cc b/src/libstore/globals.cc
index 60bc1dba1..2bfebb77a 100644
--- a/src/libstore/globals.cc
+++ b/src/libstore/globals.cc
@@ -63,6 +63,8 @@ Settings::Settings()
     lockCPU = getEnv("NIX_AFFINITY_HACK", "1") == "1";
     showTrace = false;
     enableImportNative = false;
+    trustedUsers = Strings({"root"});
+    allowedUsers = Strings({"*"});
 }
 
 
@@ -152,6 +154,8 @@ void Settings::update()
     get(logServers, "log-servers");
     get(enableImportNative, "allow-unsafe-native-code-during-evaluation");
     get(useCaseHack, "use-case-hack");
+    get(trustedUsers, "trusted-users");
+    get(allowedUsers, "allowed-users");
 
     string subs = getEnv("NIX_SUBSTITUTERS", "default");
     if (subs == "default") {
diff --git a/src/libstore/globals.hh b/src/libstore/globals.hh
index 8dd59a9c7..f1748336f 100644
--- a/src/libstore/globals.hh
+++ b/src/libstore/globals.hh
@@ -203,6 +203,15 @@ struct Settings {
     /* Whether the importNative primop should be enabled */
     bool enableImportNative;
 
+    /* List of users that have elevated rights in the Nix daemon, such
+       as the ability to specify additional binary caches, or to
+       import unsigned NARs. */
+    Strings trustedUsers;
+
+    /* List of users that are allowed to connect to the daemon, in
+       addition to the trusted users. These have normal rights. */
+    Strings allowedUsers;
+
 private:
     SettingsMap settings, overrides;