aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/download-via-ssh/download-via-ssh.cc2
-rw-r--r--src/libstore/globals.cc12
-rw-r--r--src/libstore/globals.hh4
-rw-r--r--src/nix-daemon/nix-daemon.cc3
4 files changed, 15 insertions, 6 deletions
diff --git a/src/download-via-ssh/download-via-ssh.cc b/src/download-via-ssh/download-via-ssh.cc
index 466233c7a..688fb523a 100644
--- a/src/download-via-ssh/download-via-ssh.cc
+++ b/src/download-via-ssh/download-via-ssh.cc
@@ -103,7 +103,7 @@ void run(Strings args)
/* Pass on the location of the daemon client's SSH authentication
socket. */
- string sshAuthSock = settings.get("ssh-auth-sock");
+ string sshAuthSock = settings.get("ssh-auth-sock", "");
if (sshAuthSock != "") setenv("SSH_AUTH_SOCK", sshAuthSock.c_str(), 1);
string host = settings.sshSubstituterHosts.front();
diff --git a/src/libstore/globals.cc b/src/libstore/globals.cc
index 8fad6e5a9..23ece4a23 100644
--- a/src/libstore/globals.cc
+++ b/src/libstore/globals.cc
@@ -63,8 +63,6 @@ Settings::Settings()
lockCPU = getEnv("NIX_AFFINITY_HACK", "1") == "1";
showTrace = false;
enableImportNative = false;
- trustedUsers = Strings({"root"});
- allowedUsers = Strings({"*"});
}
@@ -130,6 +128,14 @@ string Settings::get(const string & name, const string & def)
}
+Strings Settings::get(const string & name, const Strings & def)
+{
+ auto i = settings.find(name);
+ if (i == settings.end()) return def;
+ return tokenizeString<Strings>(i->second);
+}
+
+
void Settings::update()
{
_get(tryFallback, "build-fallback");
@@ -161,8 +167,6 @@ void Settings::update()
_get(logServers, "log-servers");
_get(enableImportNative, "allow-unsafe-native-code-during-evaluation");
_get(useCaseHack, "use-case-hack");
- _get(trustedUsers, "trusted-users");
- _get(allowedUsers, "allowed-users");
string subs = getEnv("NIX_SUBSTITUTERS", "default");
if (subs == "default") {
diff --git a/src/libstore/globals.hh b/src/libstore/globals.hh
index 1202f5dd2..743d2061f 100644
--- a/src/libstore/globals.hh
+++ b/src/libstore/globals.hh
@@ -21,7 +21,9 @@ struct Settings {
void set(const string & name, const string & value);
- string get(const string & name, const string & def = "");
+ string get(const string & name, const string & def);
+
+ Strings get(const string & name, const Strings & def);
void update();
diff --git a/src/nix-daemon/nix-daemon.cc b/src/nix-daemon/nix-daemon.cc
index 2d6a3c4c4..77c63f1e6 100644
--- a/src/nix-daemon/nix-daemon.cc
+++ b/src/nix-daemon/nix-daemon.cc
@@ -743,6 +743,9 @@ static void daemonLoop()
struct group * gr = getgrgid(cred.gid);
string group = gr ? gr->gr_name : int2String(cred.gid);
+ Strings trustedUsers = settings.get("trusted-users", Strings({"root"}));
+ Strings allowedUsers = settings.get("allowed-users", Strings({"*"}));
+
if (matchUser(user, group, settings.trustedUsers))
trusted = true;