diff options
| author | Eelco Dolstra <edolstra@gmail.com> | 2023-01-06 12:35:55 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-01-06 12:35:55 +0100 |
| commit | 420ccecc1ebfd1b8dc6b98ab1fb67081d2f4be9a (patch) | |
| tree | e487758a892940f58a1d30e5c5b15ac0b49271b5 /src | |
| parent | 1a4a02cff9f5d474e7085c80a0c6ef58cf50a335 (diff) | |
| parent | 4e84b532ed5317ec836c54689c73a1fddab0c892 (diff) | |
Merge pull request #7557 from NixOS/fix-7529
On macOS with auto-uid-allocation and sandboxing, use the correct gid
Diffstat (limited to 'src')
| -rw-r--r-- | src/libstore/lock.cc | 12 | ||||
| -rw-r--r-- | src/libstore/lock.hh | 2 |
2 files changed, 9 insertions, 5 deletions
diff --git a/src/libstore/lock.cc b/src/libstore/lock.cc index d02d20b4c..4fe1fcf56 100644 --- a/src/libstore/lock.cc +++ b/src/libstore/lock.cc @@ -123,8 +123,12 @@ struct AutoUserLock : UserLock std::vector<gid_t> getSupplementaryGIDs() override { return {}; } - static std::unique_ptr<UserLock> acquire(uid_t nrIds, bool useChroot) + static std::unique_ptr<UserLock> acquire(uid_t nrIds, bool useUserNamespace) { + #if !defined(__linux__) + useUserNamespace = false; + #endif + settings.requireExperimentalFeature(Xp::AutoAllocateUids); assert(settings.startId > 0); assert(settings.uidCount % maxIdsPerBuild == 0); @@ -157,7 +161,7 @@ struct AutoUserLock : UserLock auto lock = std::make_unique<AutoUserLock>(); lock->fdUserLock = std::move(fd); lock->firstUid = firstUid; - if (useChroot) + if (useUserNamespace) lock->firstGid = firstUid; else { struct group * gr = getgrnam(settings.buildUsersGroup.get().c_str()); @@ -174,10 +178,10 @@ struct AutoUserLock : UserLock } }; -std::unique_ptr<UserLock> acquireUserLock(uid_t nrIds, bool useChroot) +std::unique_ptr<UserLock> acquireUserLock(uid_t nrIds, bool useUserNamespace) { if (settings.autoAllocateUids) - return AutoUserLock::acquire(nrIds, useChroot); + return AutoUserLock::acquire(nrIds, useUserNamespace); else return SimpleUserLock::acquire(); } diff --git a/src/libstore/lock.hh b/src/libstore/lock.hh index 49ad86de7..7f1934510 100644 --- a/src/libstore/lock.hh +++ b/src/libstore/lock.hh @@ -31,7 +31,7 @@ struct UserLock /* Acquire a user lock for a UID range of size `nrIds`. Note that this may return nullptr if no user is available. */ -std::unique_ptr<UserLock> acquireUserLock(uid_t nrIds, bool useChroot); +std::unique_ptr<UserLock> acquireUserLock(uid_t nrIds, bool useUserNamespace); bool useBuildUsers(); |