From 709b55ee0281bc2d587dff6f60ec189b010800f6 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <e.dolstra@tudelft.nl>
Date: Wed, 29 Oct 2008 15:34:48 +0000
Subject: * Put the chroots under /nix/var/nix/chroots to reduce the risk of  
 disasters involving `rm -rf' on bind mounts.  Will try the   definitive fix
 (per-process mounts, apparently possible via the   CLONE_NEWNS flag in
 clone()) some other time.

---
 src/libstore/globals.hh | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'src/libstore/globals.hh')

diff --git a/src/libstore/globals.hh b/src/libstore/globals.hh
index f650cd1b7..a97aa6d8b 100644
--- a/src/libstore/globals.hh
+++ b/src/libstore/globals.hh
@@ -35,6 +35,12 @@ extern string nixLibexecDir;
 /* nixBinDir is the directory where the main programs are stored. */
 extern string nixBinDir;
 
+/* nixChrootsDir is the directory where we create chroot environments
+   (when chroot builds are enabled).  We don't put these under /tmp to
+   prevent "rm -rf /tmp" from recursing into /nix/store via the bind
+   mounts in the chroots. */
+extern string nixChrootsDir;
+
 
 /* Misc. global flags. */
 
-- 
cgit v1.2.3