From 6e049ae607b53eba3c9c6bed260a0b39a3f73a70 Mon Sep 17 00:00:00 2001
From: Matthew Bauer <mjbauer95@gmail.com>
Date: Thu, 22 Sep 2022 13:59:16 -0500
Subject: Allow pass max-silent-time and build-poll-interval to daemon
 untrusted

These settings seem harmless, they control the same polling
functionality that timeout does, but with different behavior. Should
be safe for untrusted users to pass in.
---
 src/libstore/daemon.cc | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'src/libstore/daemon.cc')

diff --git a/src/libstore/daemon.cc b/src/libstore/daemon.cc
index de69b50ee..48dd5c247 100644
--- a/src/libstore/daemon.cc
+++ b/src/libstore/daemon.cc
@@ -239,6 +239,8 @@ struct ClientSettings
                 else if (trusted
                     || name == settings.buildTimeout.name
                     || name == settings.buildRepeat.name
+                    || name == settings.maxSilentTime.name
+                    || name == settings.pollInterval.name
                     || name == "connect-timeout"
                     || (name == "builders" && value == ""))
                     settings.set(name, value);
-- 
cgit v1.2.3


From 8e0946e8df968391d1430af8377bdb51204e4666 Mon Sep 17 00:00:00 2001
From: Linus Heckemann <git@sphalerite.org>
Date: Mon, 26 Sep 2022 20:55:56 +0200
Subject: Remove repeat and enforce-determinism options

These only functioned if a very narrow combination of conditions held:

- The result path does not yet exist (--check did not result in
  repeated builds), AND
- The result path is not available from any configured substituters, AND
- No remote builders that can build the path are available.

If any of these do not hold, a derivation would be built 0 or 1 times
regardless of the repeat option. Thus, remove it to avoid confusion.
---
 src/libstore/daemon.cc | 1 -
 1 file changed, 1 deletion(-)

(limited to 'src/libstore/daemon.cc')

diff --git a/src/libstore/daemon.cc b/src/libstore/daemon.cc
index 48dd5c247..12596ba49 100644
--- a/src/libstore/daemon.cc
+++ b/src/libstore/daemon.cc
@@ -238,7 +238,6 @@ struct ClientSettings
                 }
                 else if (trusted
                     || name == settings.buildTimeout.name
-                    || name == settings.buildRepeat.name
                     || name == settings.maxSilentTime.name
                     || name == settings.pollInterval.name
                     || name == "connect-timeout"
-- 
cgit v1.2.3