diff options
Diffstat (limited to 'src/nix-daemon/nix-daemon.cc')
| -rw-r--r-- | src/nix-daemon/nix-daemon.cc | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/src/nix-daemon/nix-daemon.cc b/src/nix-daemon/nix-daemon.cc index fc6195cf0..bd016bb0c 100644 --- a/src/nix-daemon/nix-daemon.cc +++ b/src/nix-daemon/nix-daemon.cc @@ -269,6 +269,7 @@ static int main_nix_daemon(int argc, char * * argv) { { auto stdio = false; + std::optional<TrustedFlag> isTrustedOpt; parseCmdLine(argc, argv, [&](Strings::iterator & arg, const Strings::iterator & end) { if (*arg == "--daemon") @@ -279,14 +280,26 @@ static int main_nix_daemon(int argc, char * * argv) printVersion("nix-daemon"); else if (*arg == "--stdio") stdio = true; - else return false; + else if (*arg == "--trust") { + settings.requireExperimentalFeature("nix-testing"); + isTrustedOpt = Trusted; + } else if (*arg == "--no-trust") { + settings.requireExperimentalFeature("nix-testing"); + isTrustedOpt = NotTrusted; + } else return false; return true; }); initPlugins(); + auto ensureNoTrustedFlag = [&]() { + if (isTrustedOpt) + throw Error("--trust and --no-trust flags are only for use with --stdio when this nix-daemon process is not proxying another"); + }; + if (stdio) { if (auto store = openUncachedStore().dynamic_pointer_cast<RemoteStore>()) { + ensureNoTrustedFlag(); auto conn = store->openConnectionWrapper(); int from = conn->from.fd; int to = conn->to.fd; @@ -320,9 +333,11 @@ static int main_nix_daemon(int argc, char * * argv) /* Auth hook is empty because in this mode we blindly trust the standard streams. Limitting access to thoses is explicitly not `nix-daemon`'s responsibility. */ - processConnection(openUncachedStore(), from, to, Trusted, NotRecursive, [&](Store & _){}); + auto isTrusted = isTrustedOpt.value_or(Trusted); + processConnection(openUncachedStore(), from, to, isTrusted, NotRecursive, [&](Store & _){}); } } else { + ensureNoTrustedFlag(); daemonLoop(argv); } |