From ec23ecc64d40b7f65585c23592db123127967221 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 7 Dec 2006 15:54:52 +0000 Subject: [PATCH] * In the garbage collector, if deleting a path fails, try to fix its ownership, then try again. --- src/libstore/build.cc | 15 ++++++++++----- src/libstore/local-store.cc | 13 ++++++++++++- src/libstore/local-store.hh | 9 +++++++++ 3 files changed, 31 insertions(+), 6 deletions(-) diff --git a/src/libstore/build.cc b/src/libstore/build.cc index c4ff62891..7ae0dd4ec 100644 --- a/src/libstore/build.cc +++ b/src/libstore/build.cc @@ -452,12 +452,18 @@ void UserLock::release() } -static bool amPrivileged() +bool amPrivileged() { return geteuid() == 0; } +bool haveBuildUsers() +{ + return querySetting("build-users-group", "") != ""; +} + + static void killUserWrapped(uid_t uid) { if (amPrivileged()) @@ -468,7 +474,7 @@ static void killUserWrapped(uid_t uid) } -static void getOwnership(const Path & path) +void getOwnership(const Path & path) { string program = nixLibexecDir + "/nix-setuid-helper"; @@ -513,8 +519,7 @@ static void deletePathWrapped(const Path & path) /* When using build users and we're not root, we may not have sufficient permission to delete the path. So use the setuid helper to change ownership to us. */ - if (querySetting("build-users-group", "") != "" - || !amPrivileged()) + if (haveBuildUsers() && !amPrivileged()) getOwnership(path); deletePath(path); } @@ -1320,7 +1325,7 @@ void DerivationGoal::startBuilder() /* If `build-users-group' is not empty, then we have to build as one of the members of that group. */ - if (querySetting("build-users-group", "") != "") { + if (haveBuildUsers()) { buildUser.acquire(); assert(buildUser.getUID() != 0); assert(buildUser.getGID() != 0); diff --git a/src/libstore/local-store.cc b/src/libstore/local-store.cc index 143f093e5..237800209 100644 --- a/src/libstore/local-store.cc +++ b/src/libstore/local-store.cc @@ -710,7 +710,18 @@ void deleteFromStore(const Path & _path, unsigned long long & bytesFreed) } txn.commit(); - deletePath(path, bytesFreed); + try { + /* First try to delete it ourselves. */ + deletePath(path, bytesFreed); + } catch (SysError & e) { + /* If this failed due to a permission error, then try it with + the setuid helper. */ + if (haveBuildUsers() && !amPrivileged()) { + getOwnership(path); + deletePath(path, bytesFreed); + } else + throw; + } } diff --git a/src/libstore/local-store.hh b/src/libstore/local-store.hh index 58bb70d0e..6e2350abe 100644 --- a/src/libstore/local-store.hh +++ b/src/libstore/local-store.hh @@ -139,6 +139,15 @@ void deleteFromStore(const Path & path, unsigned long long & bytesFreed); void verifyStore(bool checkContents); +/* Whether we are in build users mode. */ +bool haveBuildUsers(); + +/* Whether we are root. */ +bool amPrivileged(); + +/* Recursively change the ownership of `path' to the current uid. */ +void getOwnership(const Path & path); + }