diff options
| author | Eelco Dolstra <edolstra@gmail.com> | 2023-02-03 11:55:37 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-02-03 11:55:37 +0100 |
| commit | dbe0748f970a86911aae2cb6b603dfb8b541f8d9 (patch) | |
| tree | 80e3f83e7412020c4b5905f4d3e32c7a886140ff /src/nix | |
| parent | 1647354d6b640b7341fba0c94d3dfb6b06355b2d (diff) | |
| parent | a47e055e090a85884413dfc7889897f4e3d831fb (diff) | |
Merge pull request #7739 from obsidiansystems/user-settings
Move `trustedUsers` and `allowedUsers` to separate config struct
Diffstat (limited to 'src/nix')
| -rw-r--r-- | src/nix/daemon.cc | 41 |
1 files changed, 39 insertions, 2 deletions
diff --git a/src/nix/daemon.cc b/src/nix/daemon.cc index 96568fb8f..2ba56ee26 100644 --- a/src/nix/daemon.cc +++ b/src/nix/daemon.cc @@ -34,6 +34,43 @@ using namespace nix; using namespace nix::daemon; +struct UserSettings : Config { + + Setting<Strings> trustedUsers{ + this, {"root"}, "trusted-users", + R"( + A list of names of users (separated by whitespace) that have + additional rights when connecting to the Nix daemon, such as the + ability to specify additional binary caches, or to import unsigned + NARs. You can also specify groups by prefixing them with `@`; for + instance, `@wheel` means all users in the `wheel` group. The default + is `root`. + + > **Warning** + > + > Adding a user to `trusted-users` is essentially equivalent to + > giving that user root access to the system. For example, the user + > can set `sandbox-paths` and thereby obtain read access to + > directories that are otherwise inacessible to them. + )"}; + + /* ?Who we trust to use the daemon in safe ways */ + Setting<Strings> allowedUsers{ + this, {"*"}, "allowed-users", + R"( + A list of names of users (separated by whitespace) that are allowed + to connect to the Nix daemon. As with the `trusted-users` option, + you can specify groups by prefixing them with `@`. Also, you can + allow all users by specifying `*`. The default is `*`. + + Note that trusted users are always allowed to connect. + )"}; +}; + +UserSettings userSettings; + +static GlobalConfig::Register rSettings(&userSettings); + #ifndef __linux__ #define SPLICE_F_MOVE 0 static ssize_t splice(int fd_in, void *off_in, int fd_out, void *off_out, size_t len, unsigned int flags) @@ -203,8 +240,8 @@ static void daemonLoop() struct group * gr = peer.gidKnown ? getgrgid(peer.gid) : 0; std::string group = gr ? gr->gr_name : std::to_string(peer.gid); - Strings trustedUsers = settings.trustedUsers; - Strings allowedUsers = settings.allowedUsers; + Strings trustedUsers = userSettings.trustedUsers; + Strings allowedUsers = userSettings.allowedUsers; if (matchUser(user, group, trustedUsers)) trusted = Trusted; |