nrabulinski/lix
0
0
Fork 0
forked from lix-project/lix
Code Pull requests Activity

Restore ownership of / for non-uid-range builds

Browse source
This commit is contained in:
Eelco Dolstra 2022-11-29 13:10:53 +01:00
parent 7dd3e1fec4
commit 4f762e2b02
1 changed files with 1 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/libstore/build/local-derivation-goal.cc
View file

@ -646,8 +646,7 @@ void LocalDerivationGoal::startBuilder()
if (mkdir(chrootRootDir.c_str(), buildUser && buildUser->getUIDCount() != 1 ? 0755 : 0750) == -1)
throw SysError("cannot create '%1%'", chrootRootDir);
// FIXME: only make root writable for user namespace builds.
if (buildUser && chown(chrootRootDir.c_str(), buildUser->getUID(), buildUser->getGID()) == -1)
if (buildUser && chown(chrootRootDir.c_str(), buildUser->getUIDCount() != 1 ? buildUser->getUID() : 0, buildUser->getGID()) == -1)
throw SysError("cannot change ownership of '%1%'", chrootRootDir);
/* Create a writable /tmp in the chroot. Many builders need