aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorEelco Dolstra <e.dolstra@tudelft.nl>2006-12-07 11:27:32 +0000
committerEelco Dolstra <e.dolstra@tudelft.nl>2006-12-07 11:27:32 +0000
commit7d8cf316eec3b5b1f2cf5ae8558a80bcaa69437f (patch)
tree2b5f5727c4e915af4f0069210e584575519ffe92 /src
parenta45c498e4e1109e0147b46df1230db718e5bceb1 (diff)
* Pass the actual build user to the setuid helper.
Diffstat (limited to 'src')
-rw-r--r--src/libstore/build.cc32
1 files changed, 10 insertions, 22 deletions
diff --git a/src/libstore/build.cc b/src/libstore/build.cc
index be6f93489..2b2b54cd1 100644
--- a/src/libstore/build.cc
+++ b/src/libstore/build.cc
@@ -340,6 +340,7 @@ private:
Path fnUserLock;
AutoCloseFD fdUserLock;
+ string user;
uid_t uid;
gid_t gid;
@@ -350,10 +351,12 @@ public:
void acquire();
void release();
- uid_t getUID();
- uid_t getGID();
+ string getUser() { return user; }
+ uid_t getUID() { return uid; }
+ uid_t getGID() { return gid; }
- bool enabled();
+ bool enabled() { return uid != 0; }
+
};
@@ -420,6 +423,7 @@ void UserLock::acquire()
if (lockFile(fd, ltWrite, false)) {
fdUserLock = fd.borrow();
lockedPaths.insert(fnUserLock);
+ user = *i;
uid = pw->pw_uid;
/* Sanity check... */
@@ -448,24 +452,6 @@ void UserLock::release()
}
-uid_t UserLock::getUID()
-{
- return uid;
-}
-
-
-uid_t UserLock::getGID()
-{
- return gid;
-}
-
-
-bool UserLock::enabled()
-{
- return uid != 0;
-}
-
-
static bool amPrivileged()
{
return geteuid() == 0;
@@ -1351,6 +1337,7 @@ void DerivationGoal::startBuilder()
Path program = drv.builder.c_str();
std::vector<const char *> args; /* careful with c_str()! */
+ string user; /* must be here for its c_str()! */
/* If we are running in `build-users' mode, then switch to
the user we allocated above. Make sure that we drop
@@ -1381,7 +1368,8 @@ void DerivationGoal::startBuilder()
program = nixLibexecDir + "/nix-setuid-helper";
args.push_back(program.c_str());
args.push_back("run-builder");
- args.push_back("nix-builder-1"); /* !!! TODO */
+ user = buildUser.getUser().c_str();
+ args.push_back(user.c_str());
args.push_back(drv.builder.c_str());
}
}