Eelco Dolstra
46605fb4f5
* Fix 64-bit compiler warnings.
2007-02-06 20:03:53 +00:00
Eelco Dolstra
84a84afb0e
* Nasty: Glibc clears the TMPDIR environment variable in setuid
...
programs, so if a builder uses TMPDIR, then it will fail when
executed through nix-setuid-helper. In fact Glibc clears a whole
bunch of variables (see sysdeps/generic/unsecvars.h in the Glibc
sources), but only TMPDIR should matter in practice. As a
workaround, we reinitialise TMPDIR from NIX_BUILD_TOP.
2007-01-24 13:31:20 +00:00
Eelco Dolstra
4ca01065c3
* Rename all those main.cc files.
2006-12-07 20:47:30 +00:00
Eelco Dolstra
d03f0d4117
* Check for lchown.
2006-12-07 18:51:11 +00:00
Eelco Dolstra
a82d80ddeb
* Move setuidCleanup() to libutil.
2006-12-07 16:40:41 +00:00
Eelco Dolstra
f76fdb6d42
* If not running as root, let the setuid helper kill the build user's
...
processes before and after the build.
2006-12-07 16:33:31 +00:00
Eelco Dolstra
6a07ff1ec0
* Change the ownership of store paths to the Nix account before
...
deleting them using the setuid helper.
2006-12-07 14:14:35 +00:00
Eelco Dolstra
a45c498e4e
* If Nix is not running as root, call the setuid helper to start the
...
builder under the desired build user.
2006-12-07 00:42:30 +00:00
Eelco Dolstra
79875c5e42
* Change the ownership of the current directory to the build user.
2006-12-06 23:52:25 +00:00
Eelco Dolstra
62ab131412
* Verify that the desired target user is in the build users group (as
...
specified in the setuid config file).
2006-12-06 23:15:26 +00:00
Eelco Dolstra
f07ac41656
* Check that the caller is allowed to call the setuid helper. The
...
allowed uid is specified in a configuration file in
/etc/nix-setuid.conf.
2006-12-06 22:45:41 +00:00
Eelco Dolstra
6e5ec1029a
* Get rid of `build-users'. We'll just take all the members of
...
`build-users-group'. This makes configuration easier: you can just
add users in /etc/group.
2006-12-06 20:00:15 +00:00
Eelco Dolstra
751f6d2157
* nix-setuid-helper: allow running programs under a different uid.
2006-12-06 17:29:10 +00:00
Eelco Dolstra
9f0efa6611
* Start of the setuid helper (the program that performs the operations
...
that have to be done as root: running builders under different uids,
changing ownership of build results, and deleting paths in the store
with the wrong ownership).
2006-12-06 01:24:02 +00:00