aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorEelco Dolstra <edolstra@gmail.com>2020-08-13 11:01:53 +0200
committerGitHub <noreply@github.com>2020-08-13 11:01:53 +0200
commit859cd4acea8feadcc0b080ec1a75891e6277339c (patch)
tree84835ec903463524e4d9a8838645b496d2eecbcc /src
parent574bf60b4d47f64c0b83b0cd032d34a67dbb3453 (diff)
parent8d4162ff9e940ea9e2f97b07f3030a722695901a (diff)
Merge pull request #3923 from obsidiansystems/daemon-auth-cleanup
Separate auth and logic for the daemon
Diffstat (limited to 'src')
-rw-r--r--src/libstore/build.cc3
-rw-r--r--src/libstore/daemon.cc13
-rw-r--r--src/libstore/daemon.hh7
-rw-r--r--src/nix-daemon/nix-daemon.cc15
4 files changed, 22 insertions, 16 deletions
diff --git a/src/libstore/build.cc b/src/libstore/build.cc
index 76baa1a6e..3fb052f00 100644
--- a/src/libstore/build.cc
+++ b/src/libstore/build.cc
@@ -2920,7 +2920,8 @@ void DerivationGoal::startDaemon()
FdSink to(remote.get());
try {
daemon::processConnection(store, from, to,
- daemon::NotTrusted, daemon::Recursive, "nobody", 65535);
+ daemon::NotTrusted, daemon::Recursive,
+ [&](Store & store) { store.createUser("nobody", 65535); });
debug("terminated daemon connection");
} catch (SysError &) {
ignoreException();
diff --git a/src/libstore/daemon.cc b/src/libstore/daemon.cc
index 5e568fc94..7a6eb99be 100644
--- a/src/libstore/daemon.cc
+++ b/src/libstore/daemon.cc
@@ -817,8 +817,7 @@ void processConnection(
FdSink & to,
TrustedFlag trusted,
RecursiveFlag recursive,
- const std::string & userName,
- uid_t userId)
+ std::function<void(Store &)> authHook)
{
auto monitor = !recursive ? std::make_unique<MonitorFdHup>(from.fd) : nullptr;
@@ -859,15 +858,7 @@ void processConnection(
/* If we can't accept clientVersion, then throw an error
*here* (not above). */
-
-#if 0
- /* Prevent users from doing something very dangerous. */
- if (geteuid() == 0 &&
- querySetting("build-users-group", "") == "")
- throw Error("if you run 'nix-daemon' as root, then you MUST set 'build-users-group'!");
-#endif
-
- store->createUser(userName, userId);
+ authHook(*store);
tunnelLogger->stopWork();
to.flush();
diff --git a/src/libstore/daemon.hh b/src/libstore/daemon.hh
index 266932013..841ace316 100644
--- a/src/libstore/daemon.hh
+++ b/src/libstore/daemon.hh
@@ -12,7 +12,10 @@ void processConnection(
FdSink & to,
TrustedFlag trusted,
RecursiveFlag recursive,
- const std::string & userName,
- uid_t userId);
+ /* Arbitrary hook to check authorization / initialize user data / whatever
+ after the protocol has been negotiated. The idea is that this function
+ and everything it calls doesn't know about this stuff, and the
+ `nix-daemon` handles that instead. */
+ std::function<void(Store &)> authHook);
}
diff --git a/src/nix-daemon/nix-daemon.cc b/src/nix-daemon/nix-daemon.cc
index bcb86cbce..cfa634a44 100644
--- a/src/nix-daemon/nix-daemon.cc
+++ b/src/nix-daemon/nix-daemon.cc
@@ -239,7 +239,15 @@ static void daemonLoop(char * * argv)
// Handle the connection.
FdSource from(remote.get());
FdSink to(remote.get());
- processConnection(openUncachedStore(), from, to, trusted, NotRecursive, user, peer.uid);
+ processConnection(openUncachedStore(), from, to, trusted, NotRecursive, [&](Store & store) {
+#if 0
+ /* Prevent users from doing something very dangerous. */
+ if (geteuid() == 0 &&
+ querySetting("build-users-group", "") == "")
+ throw Error("if you run 'nix-daemon' as root, then you MUST set 'build-users-group'!");
+#endif
+ store.createUser(user, peer.uid);
+ });
exit(0);
}, options);
@@ -324,7 +332,10 @@ static int _main(int argc, char * * argv)
} else {
FdSource from(STDIN_FILENO);
FdSink to(STDOUT_FILENO);
- processConnection(openUncachedStore(), from, to, Trusted, NotRecursive, "root", 0);
+ /* Auth hook is empty because in this mode we blindly trust the
+ standard streams. Limitting access to thoses is explicitly
+ not `nix-daemon`'s responsibility. */
+ processConnection(openUncachedStore(), from, to, Trusted, NotRecursive, [&](Store & _){});
}
} else {
daemonLoop(argv);