2003-06-16 13:33:38 +00:00
|
|
|
|
#include "globals.hh"
|
2006-09-04 21:06:23 +00:00
|
|
|
|
#include "util.hh"
|
2014-07-16 14:02:05 +00:00
|
|
|
|
#include "archive.hh"
|
2017-04-13 18:53:23 +00:00
|
|
|
|
#include "args.hh"
|
2020-09-21 16:49:43 +00:00
|
|
|
|
#include "abstract-setting-to-json.hh"
|
2021-02-16 13:32:12 +00:00
|
|
|
|
#include "compute-levels.hh"
|
2003-06-16 13:33:38 +00:00
|
|
|
|
|
2005-09-22 15:43:22 +00:00
|
|
|
|
#include <algorithm>
|
2017-02-27 15:01:54 +00:00
|
|
|
|
#include <map>
|
2023-02-01 16:24:14 +00:00
|
|
|
|
#include <mutex>
|
2017-02-27 15:01:54 +00:00
|
|
|
|
#include <thread>
|
2018-02-08 16:26:18 +00:00
|
|
|
|
#include <dlfcn.h>
|
2020-01-12 23:12:34 +00:00
|
|
|
|
#include <sys/utsname.h>
|
2005-02-01 22:07:48 +00:00
|
|
|
|
|
2020-08-20 09:02:16 +00:00
|
|
|
|
#include <nlohmann/json.hpp>
|
|
|
|
|
|
2023-02-01 16:12:11 +00:00
|
|
|
|
#include <sodium/core.h>
|
|
|
|
|
|
2023-02-01 16:24:14 +00:00
|
|
|
|
#ifdef __GLIBC__
|
|
|
|
|
#include <gnu/lib-names.h>
|
|
|
|
|
#include <nss.h>
|
|
|
|
|
#include <dlfcn.h>
|
|
|
|
|
#endif
|
2005-02-01 22:07:48 +00:00
|
|
|
|
|
2006-09-04 21:06:23 +00:00
|
|
|
|
namespace nix {
|
|
|
|
|
|
|
|
|
|
|
2013-03-08 00:24:59 +00:00
|
|
|
|
/* The default location of the daemon socket, relative to nixStateDir.
|
|
|
|
|
The socket is in a directory to allow you to control access to the
|
|
|
|
|
Nix daemon by setting the mode/ownership of the directory
|
|
|
|
|
appropriately. (This wouldn't work on the socket itself since it
|
|
|
|
|
must be deleted and recreated on startup.) */
|
|
|
|
|
#define DEFAULT_SOCKET_PATH "/daemon-socket/socket"
|
|
|
|
|
|
2012-07-30 23:55:41 +00:00
|
|
|
|
Settings settings;
|
2003-07-31 13:47:13 +00:00
|
|
|
|
|
2020-10-06 11:36:55 +00:00
|
|
|
|
static GlobalConfig::Register rSettings(&settings);
|
2018-03-27 16:41:31 +00:00
|
|
|
|
|
2012-07-30 23:55:41 +00:00
|
|
|
|
Settings::Settings()
|
2018-03-27 16:41:31 +00:00
|
|
|
|
: nixPrefix(NIX_PREFIX)
|
2023-03-01 19:01:36 +00:00
|
|
|
|
, nixStore(canonPath(getEnvNonEmpty("NIX_STORE_DIR").value_or(getEnvNonEmpty("NIX_STORE").value_or(NIX_STORE_DIR))))
|
|
|
|
|
, nixDataDir(canonPath(getEnvNonEmpty("NIX_DATA_DIR").value_or(NIX_DATA_DIR)))
|
|
|
|
|
, nixLogDir(canonPath(getEnvNonEmpty("NIX_LOG_DIR").value_or(NIX_LOG_DIR)))
|
|
|
|
|
, nixStateDir(canonPath(getEnvNonEmpty("NIX_STATE_DIR").value_or(NIX_STATE_DIR)))
|
|
|
|
|
, nixConfDir(canonPath(getEnvNonEmpty("NIX_CONF_DIR").value_or(NIX_CONF_DIR)))
|
2020-03-30 13:31:14 +00:00
|
|
|
|
, nixUserConfFiles(getUserConfigFiles())
|
2023-03-01 19:01:36 +00:00
|
|
|
|
, nixBinDir(canonPath(getEnvNonEmpty("NIX_BIN_DIR").value_or(NIX_BIN_DIR)))
|
2018-02-14 22:05:55 +00:00
|
|
|
|
, nixManDir(canonPath(NIX_MAN_DIR))
|
2023-03-01 19:01:36 +00:00
|
|
|
|
, nixDaemonSocketFile(canonPath(getEnvNonEmpty("NIX_DAEMON_SOCKET_PATH").value_or(nixStateDir + DEFAULT_SOCKET_PATH)))
|
2012-07-30 23:55:41 +00:00
|
|
|
|
{
|
2014-05-02 10:46:03 +00:00
|
|
|
|
buildUsersGroup = getuid() == 0 ? "nixbld" : "";
|
2020-09-21 16:29:08 +00:00
|
|
|
|
allowSymlinkedStore = getEnv("NIX_IGNORE_SYMLINK_STORE") == "1";
|
2017-06-12 14:44:43 +00:00
|
|
|
|
|
2023-03-17 17:32:18 +00:00
|
|
|
|
auto sslOverride = getEnv("NIX_SSL_CERT_FILE").value_or(getEnv("SSL_CERT_FILE").value_or(""));
|
|
|
|
|
if (sslOverride != "")
|
|
|
|
|
caFile = sslOverride;
|
Explicitly model all settings and fail on unrecognized ones
Previously, the Settings class allowed other code to query for string
properties, which led to a proliferation of code all over the place making
up new options without any sort of central registry of valid options. This
commit pulls all those options back into the central Settings class and
removes the public get() methods, to discourage future abuses like that.
Furthermore, because we know the full set of options ahead of time, we
now fail loudly if someone enters an unrecognized option, thus preventing
subtle typos. With some template fun, we could probably also dump the full
set of options (with documentation, defaults, etc.) to the command line,
but I'm not doing that yet here.
2017-02-22 03:50:18 +00:00
|
|
|
|
|
2017-05-02 12:36:59 +00:00
|
|
|
|
/* Backwards compatibility. */
|
|
|
|
|
auto s = getEnv("NIX_REMOTE_SYSTEMS");
|
2019-11-22 15:06:44 +00:00
|
|
|
|
if (s) {
|
2017-10-24 08:52:34 +00:00
|
|
|
|
Strings ss;
|
2019-11-22 15:06:44 +00:00
|
|
|
|
for (auto & p : tokenizeString<Strings>(*s, ":"))
|
2017-10-24 08:52:34 +00:00
|
|
|
|
ss.push_back("@" + p);
|
|
|
|
|
builders = concatStringsSep(" ", ss);
|
|
|
|
|
}
|
2017-05-02 12:36:59 +00:00
|
|
|
|
|
2017-05-15 15:30:33 +00:00
|
|
|
|
#if defined(__linux__) && defined(SANDBOX_SHELL)
|
|
|
|
|
sandboxPaths = tokenizeString<StringSet>("/bin/sh=" SANDBOX_SHELL);
|
Explicitly model all settings and fail on unrecognized ones
Previously, the Settings class allowed other code to query for string
properties, which led to a proliferation of code all over the place making
up new options without any sort of central registry of valid options. This
commit pulls all those options back into the central Settings class and
removes the public get() methods, to discourage future abuses like that.
Furthermore, because we know the full set of options ahead of time, we
now fail loudly if someone enters an unrecognized option, thus preventing
subtle typos. With some template fun, we could probably also dump the full
set of options (with documentation, defaults, etc.) to the command line,
but I'm not doing that yet here.
2017-02-22 03:50:18 +00:00
|
|
|
|
#endif
|
|
|
|
|
|
2022-06-22 20:43:53 +00:00
|
|
|
|
/* chroot-like behavior from Apple's sandbox */
|
2020-03-20 20:31:20 +00:00
|
|
|
|
#if __APPLE__
|
2020-03-20 21:12:30 +00:00
|
|
|
|
sandboxPaths = tokenizeString<StringSet>("/System/Library/Frameworks /System/Library/PrivateFrameworks /bin/sh /bin/bash /private/tmp /private/var/tmp /usr/lib");
|
2020-03-20 20:31:20 +00:00
|
|
|
|
allowedImpureHostPrefixes = tokenizeString<StringSet>("/System/Library /usr/lib /dev /bin/sh");
|
|
|
|
|
#endif
|
2022-06-22 20:43:53 +00:00
|
|
|
|
|
|
|
|
|
buildHook = getSelfExe().value_or("nix") + " __build-remote";
|
2005-09-22 15:43:22 +00:00
|
|
|
|
}
|
2005-02-01 22:07:48 +00:00
|
|
|
|
|
2018-03-27 16:41:31 +00:00
|
|
|
|
void loadConfFile()
|
2005-02-01 22:07:48 +00:00
|
|
|
|
{
|
2018-03-27 16:41:31 +00:00
|
|
|
|
globalConfig.applyConfigFile(settings.nixConfDir + "/nix.conf");
|
2017-04-20 12:58:16 +00:00
|
|
|
|
|
|
|
|
|
/* We only want to send overrides to the daemon, i.e. stuff from
|
|
|
|
|
~/.nix/nix.conf or the command line. */
|
2021-03-26 15:14:38 +00:00
|
|
|
|
globalConfig.resetOverridden();
|
2017-04-20 12:58:16 +00:00
|
|
|
|
|
2020-03-30 13:31:14 +00:00
|
|
|
|
auto files = settings.nixUserConfFiles;
|
|
|
|
|
for (auto file = files.rbegin(); file != files.rend(); file++) {
|
|
|
|
|
globalConfig.applyConfigFile(*file);
|
|
|
|
|
}
|
2020-10-19 21:08:50 +00:00
|
|
|
|
|
|
|
|
|
auto nixConfEnv = getEnv("NIX_CONFIG");
|
|
|
|
|
if (nixConfEnv.has_value()) {
|
|
|
|
|
globalConfig.applyConfig(nixConfEnv.value(), "NIX_CONFIG");
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-30 13:31:14 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
std::vector<Path> getUserConfigFiles()
|
|
|
|
|
{
|
|
|
|
|
// Use the paths specified in NIX_USER_CONF_FILES if it has been defined
|
|
|
|
|
auto nixConfFiles = getEnv("NIX_USER_CONF_FILES");
|
|
|
|
|
if (nixConfFiles.has_value()) {
|
2022-02-25 15:00:00 +00:00
|
|
|
|
return tokenizeString<std::vector<std::string>>(nixConfFiles.value(), ":");
|
2020-03-30 13:31:14 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Use the paths specified by the XDG spec
|
|
|
|
|
std::vector<Path> files;
|
2018-10-25 11:00:21 +00:00
|
|
|
|
auto dirs = getConfigDirs();
|
2020-03-30 13:31:14 +00:00
|
|
|
|
for (auto & dir : dirs) {
|
|
|
|
|
files.insert(files.end(), dir + "/nix/nix.conf");
|
2018-10-25 11:00:21 +00:00
|
|
|
|
}
|
2020-03-30 13:31:14 +00:00
|
|
|
|
return files;
|
2005-02-01 22:07:48 +00:00
|
|
|
|
}
|
2005-02-14 13:07:09 +00:00
|
|
|
|
|
2017-04-13 18:53:23 +00:00
|
|
|
|
unsigned int Settings::getDefaultCores()
|
2006-12-08 15:44:00 +00:00
|
|
|
|
{
|
2022-07-19 06:09:46 +00:00
|
|
|
|
const unsigned int concurrency = std::max(1U, std::thread::hardware_concurrency());
|
|
|
|
|
const unsigned int maxCPU = getMaxCPU();
|
2022-07-15 04:14:29 +00:00
|
|
|
|
|
2022-07-19 06:09:46 +00:00
|
|
|
|
if (maxCPU > 0)
|
|
|
|
|
return maxCPU;
|
|
|
|
|
else
|
|
|
|
|
return concurrency;
|
2009-02-27 11:04:41 +00:00
|
|
|
|
}
|
|
|
|
|
|
2018-09-28 13:57:27 +00:00
|
|
|
|
StringSet Settings::getDefaultSystemFeatures()
|
|
|
|
|
{
|
|
|
|
|
/* For backwards compatibility, accept some "features" that are
|
|
|
|
|
used in Nixpkgs to route builds to certain machines but don't
|
|
|
|
|
actually require anything special on the machines. */
|
2021-11-19 02:28:20 +00:00
|
|
|
|
StringSet features{"nixos-test", "benchmark", "big-parallel"};
|
2018-09-28 13:57:27 +00:00
|
|
|
|
|
2022-11-08 15:03:42 +00:00
|
|
|
|
#if __linux__
|
|
|
|
|
features.insert("uid-range");
|
|
|
|
|
#endif
|
|
|
|
|
|
2018-09-28 13:57:27 +00:00
|
|
|
|
#if __linux__
|
|
|
|
|
if (access("/dev/kvm", R_OK | W_OK) == 0)
|
|
|
|
|
features.insert("kvm");
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
return features;
|
|
|
|
|
}
|
|
|
|
|
|
2020-12-03 21:35:38 +00:00
|
|
|
|
StringSet Settings::getDefaultExtraPlatforms()
|
|
|
|
|
{
|
2021-02-16 13:32:12 +00:00
|
|
|
|
StringSet extraPlatforms;
|
|
|
|
|
|
2020-12-03 21:35:38 +00:00
|
|
|
|
if (std::string{SYSTEM} == "x86_64-linux" && !isWSL1())
|
2021-02-16 13:32:12 +00:00
|
|
|
|
extraPlatforms.insert("i686-linux");
|
|
|
|
|
|
|
|
|
|
#if __linux__
|
|
|
|
|
StringSet levels = computeLevels();
|
|
|
|
|
for (auto iter = levels.begin(); iter != levels.end(); ++iter)
|
|
|
|
|
extraPlatforms.insert(*iter + "-linux");
|
|
|
|
|
#elif __APPLE__
|
2020-12-03 21:35:38 +00:00
|
|
|
|
// Rosetta 2 emulation layer can run x86_64 binaries on aarch64
|
|
|
|
|
// machines. Note that we can’t force processes from executing
|
|
|
|
|
// x86_64 in aarch64 environments or vice versa since they can
|
|
|
|
|
// always exec with their own binary preferences.
|
2022-10-14 07:35:33 +00:00
|
|
|
|
if (std::string{SYSTEM} == "aarch64-darwin" &&
|
|
|
|
|
runProgram(RunOptions {.program = "arch", .args = {"-arch", "x86_64", "/usr/bin/true"}, .mergeStderrToStdout = true}).first == 0)
|
|
|
|
|
extraPlatforms.insert("x86_64-darwin");
|
2020-12-03 21:35:38 +00:00
|
|
|
|
#endif
|
2021-02-16 13:32:12 +00:00
|
|
|
|
|
|
|
|
|
return extraPlatforms;
|
2020-12-03 21:35:38 +00:00
|
|
|
|
}
|
|
|
|
|
|
2019-12-20 20:40:23 +00:00
|
|
|
|
bool Settings::isWSL1()
|
|
|
|
|
{
|
|
|
|
|
struct utsname utsbuf;
|
|
|
|
|
uname(&utsbuf);
|
|
|
|
|
// WSL1 uses -Microsoft suffix
|
|
|
|
|
// WSL2 uses -microsoft-standard suffix
|
|
|
|
|
return hasSuffix(utsbuf.release, "-Microsoft");
|
|
|
|
|
}
|
|
|
|
|
|
2023-03-17 17:32:18 +00:00
|
|
|
|
Path Settings::getDefaultSSLCertFile()
|
|
|
|
|
{
|
|
|
|
|
for (auto & fn : {"/etc/ssl/certs/ca-certificates.crt", "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"})
|
|
|
|
|
if (pathExists(fn)) return fn;
|
|
|
|
|
return "";
|
|
|
|
|
}
|
|
|
|
|
|
2022-02-25 15:00:00 +00:00
|
|
|
|
const std::string nixVersion = PACKAGE_VERSION;
|
2009-02-27 11:04:41 +00:00
|
|
|
|
|
2020-09-20 05:26:07 +00:00
|
|
|
|
NLOHMANN_JSON_SERIALIZE_ENUM(SandboxMode, {
|
|
|
|
|
{SandboxMode::smEnabled, true},
|
|
|
|
|
{SandboxMode::smRelaxed, "relaxed"},
|
|
|
|
|
{SandboxMode::smDisabled, false},
|
|
|
|
|
});
|
|
|
|
|
|
2020-10-29 17:17:39 +00:00
|
|
|
|
template<> void BaseSetting<SandboxMode>::set(const std::string & str, bool append)
|
2008-11-20 12:25:11 +00:00
|
|
|
|
{
|
2017-04-13 18:53:23 +00:00
|
|
|
|
if (str == "true") value = smEnabled;
|
|
|
|
|
else if (str == "relaxed") value = smRelaxed;
|
|
|
|
|
else if (str == "false") value = smDisabled;
|
|
|
|
|
else throw UsageError("option '%s' has invalid value '%s'", name, str);
|
Explicitly model all settings and fail on unrecognized ones
Previously, the Settings class allowed other code to query for string
properties, which led to a proliferation of code all over the place making
up new options without any sort of central registry of valid options. This
commit pulls all those options back into the central Settings class and
removes the public get() methods, to discourage future abuses like that.
Furthermore, because we know the full set of options ahead of time, we
now fail loudly if someone enters an unrecognized option, thus preventing
subtle typos. With some template fun, we could probably also dump the full
set of options (with documentation, defaults, etc.) to the command line,
but I'm not doing that yet here.
2017-02-22 03:50:18 +00:00
|
|
|
|
}
|
|
|
|
|
|
2020-10-29 17:17:39 +00:00
|
|
|
|
template<> bool BaseSetting<SandboxMode>::isAppendable()
|
|
|
|
|
{
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2019-12-17 16:17:53 +00:00
|
|
|
|
template<> std::string BaseSetting<SandboxMode>::to_string() const
|
Explicitly model all settings and fail on unrecognized ones
Previously, the Settings class allowed other code to query for string
properties, which led to a proliferation of code all over the place making
up new options without any sort of central registry of valid options. This
commit pulls all those options back into the central Settings class and
removes the public get() methods, to discourage future abuses like that.
Furthermore, because we know the full set of options ahead of time, we
now fail loudly if someone enters an unrecognized option, thus preventing
subtle typos. With some template fun, we could probably also dump the full
set of options (with documentation, defaults, etc.) to the command line,
but I'm not doing that yet here.
2017-02-22 03:50:18 +00:00
|
|
|
|
{
|
2017-04-13 18:53:23 +00:00
|
|
|
|
if (value == smEnabled) return "true";
|
|
|
|
|
else if (value == smRelaxed) return "relaxed";
|
|
|
|
|
else if (value == smDisabled) return "false";
|
|
|
|
|
else abort();
|
2008-11-20 12:25:11 +00:00
|
|
|
|
}
|
|
|
|
|
|
2017-06-07 16:41:20 +00:00
|
|
|
|
template<> void BaseSetting<SandboxMode>::convertToArg(Args & args, const std::string & category)
|
2017-06-07 14:17:17 +00:00
|
|
|
|
{
|
2020-05-04 20:40:19 +00:00
|
|
|
|
args.addFlag({
|
|
|
|
|
.longName = name,
|
|
|
|
|
.description = "Enable sandboxing.",
|
|
|
|
|
.category = category,
|
2022-10-22 13:25:35 +00:00
|
|
|
|
.handler = {[this]() { override(smEnabled); }}
|
2020-05-04 20:40:19 +00:00
|
|
|
|
});
|
|
|
|
|
args.addFlag({
|
|
|
|
|
.longName = "no-" + name,
|
|
|
|
|
.description = "Disable sandboxing.",
|
|
|
|
|
.category = category,
|
2022-10-22 13:25:35 +00:00
|
|
|
|
.handler = {[this]() { override(smDisabled); }}
|
2020-05-04 20:40:19 +00:00
|
|
|
|
});
|
|
|
|
|
args.addFlag({
|
|
|
|
|
.longName = "relaxed-" + name,
|
|
|
|
|
.description = "Enable sandboxing, but allow builds to disable it.",
|
|
|
|
|
.category = category,
|
2022-10-22 13:25:35 +00:00
|
|
|
|
.handler = {[this]() { override(smRelaxed); }}
|
2020-05-04 20:40:19 +00:00
|
|
|
|
});
|
2017-06-07 14:17:17 +00:00
|
|
|
|
}
|
|
|
|
|
|
2020-10-29 17:17:39 +00:00
|
|
|
|
void MaxBuildJobsSetting::set(const std::string & str, bool append)
|
2014-02-08 05:05:46 +00:00
|
|
|
|
{
|
2017-04-13 18:53:23 +00:00
|
|
|
|
if (str == "auto") value = std::max(1U, std::thread::hardware_concurrency());
|
2021-01-08 11:22:21 +00:00
|
|
|
|
else {
|
|
|
|
|
if (auto n = string2Int<decltype(value)>(str))
|
|
|
|
|
value = *n;
|
|
|
|
|
else
|
|
|
|
|
throw UsageError("configuration setting '%s' should be 'auto' or an integer", name);
|
|
|
|
|
}
|
2014-02-08 05:05:46 +00:00
|
|
|
|
}
|
|
|
|
|
|
2018-02-08 16:26:18 +00:00
|
|
|
|
|
2021-01-28 12:37:04 +00:00
|
|
|
|
void PluginFilesSetting::set(const std::string & str, bool append)
|
|
|
|
|
{
|
|
|
|
|
if (pluginsLoaded)
|
|
|
|
|
throw UsageError("plugin-files set after plugins were loaded, you may need to move the flag before the subcommand");
|
|
|
|
|
BaseSetting<Paths>::set(str, append);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2018-02-08 16:26:18 +00:00
|
|
|
|
void initPlugins()
|
|
|
|
|
{
|
2021-01-28 14:37:43 +00:00
|
|
|
|
assert(!settings.pluginFiles.pluginsLoaded);
|
2018-02-08 16:26:18 +00:00
|
|
|
|
for (const auto & pluginFile : settings.pluginFiles.get()) {
|
2018-02-13 12:51:52 +00:00
|
|
|
|
Paths pluginFiles;
|
|
|
|
|
try {
|
|
|
|
|
auto ents = readDirectory(pluginFile);
|
|
|
|
|
for (const auto & ent : ents)
|
|
|
|
|
pluginFiles.emplace_back(pluginFile + "/" + ent.name);
|
|
|
|
|
} catch (SysError & e) {
|
|
|
|
|
if (e.errNo != ENOTDIR)
|
|
|
|
|
throw;
|
|
|
|
|
pluginFiles.emplace_back(pluginFile);
|
|
|
|
|
}
|
|
|
|
|
for (const auto & file : pluginFiles) {
|
|
|
|
|
/* handle is purposefully leaked as there may be state in the
|
|
|
|
|
DSO needed by the action of the plugin. */
|
|
|
|
|
void *handle =
|
|
|
|
|
dlopen(file.c_str(), RTLD_LAZY | RTLD_LOCAL);
|
|
|
|
|
if (!handle)
|
2018-04-12 01:02:50 +00:00
|
|
|
|
throw Error("could not dynamically open plugin file '%s': %s", file, dlerror());
|
2018-02-13 12:51:52 +00:00
|
|
|
|
}
|
2018-02-08 16:26:18 +00:00
|
|
|
|
}
|
2018-02-13 19:43:32 +00:00
|
|
|
|
|
2018-03-27 16:41:31 +00:00
|
|
|
|
/* Since plugins can add settings, try to re-apply previously
|
|
|
|
|
unknown settings. */
|
|
|
|
|
globalConfig.reapplyUnknownSettings();
|
|
|
|
|
globalConfig.warnUnknownSettings();
|
2021-01-28 12:37:04 +00:00
|
|
|
|
|
|
|
|
|
/* Tell the user if they try to set plugin-files after we've already loaded */
|
|
|
|
|
settings.pluginFiles.pluginsLoaded = true;
|
2018-02-08 16:26:18 +00:00
|
|
|
|
}
|
|
|
|
|
|
2023-02-01 16:24:14 +00:00
|
|
|
|
static void preloadNSS()
|
|
|
|
|
{
|
|
|
|
|
/* builtin:fetchurl can trigger a DNS lookup, which with glibc can trigger a dynamic library load of
|
|
|
|
|
one of the glibc NSS libraries in a sandboxed child, which will fail unless the library's already
|
|
|
|
|
been loaded in the parent. So we force a lookup of an invalid domain to force the NSS machinery to
|
|
|
|
|
load its lookup libraries in the parent before any child gets a chance to. */
|
|
|
|
|
static std::once_flag dns_resolve_flag;
|
|
|
|
|
|
|
|
|
|
std::call_once(dns_resolve_flag, []() {
|
|
|
|
|
#ifdef __GLIBC__
|
|
|
|
|
/* On linux, glibc will run every lookup through the nss layer.
|
|
|
|
|
* That means every lookup goes, by default, through nscd, which acts as a local
|
|
|
|
|
* cache.
|
|
|
|
|
* Because we run builds in a sandbox, we also remove access to nscd otherwise
|
|
|
|
|
* lookups would leak into the sandbox.
|
|
|
|
|
*
|
|
|
|
|
* But now we have a new problem, we need to make sure the nss_dns backend that
|
|
|
|
|
* does the dns lookups when nscd is not available is loaded or available.
|
|
|
|
|
*
|
|
|
|
|
* We can't make it available without leaking nix's environment, so instead we'll
|
|
|
|
|
* load the backend, and configure nss so it does not try to run dns lookups
|
|
|
|
|
* through nscd.
|
|
|
|
|
*
|
|
|
|
|
* This is technically only used for builtins:fetch* functions so we only care
|
|
|
|
|
* about dns.
|
|
|
|
|
*
|
|
|
|
|
* All other platforms are unaffected.
|
|
|
|
|
*/
|
|
|
|
|
if (!dlopen(LIBNSS_DNS_SO, RTLD_NOW))
|
|
|
|
|
warn("unable to load nss_dns backend");
|
|
|
|
|
// FIXME: get hosts entry from nsswitch.conf.
|
|
|
|
|
__nss_configure_lookup("hosts", "files dns");
|
|
|
|
|
#endif
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
2022-12-19 13:06:07 +00:00
|
|
|
|
static bool initLibStoreDone = false;
|
|
|
|
|
|
|
|
|
|
void assertLibStoreInitialized() {
|
|
|
|
|
if (!initLibStoreDone) {
|
|
|
|
|
printError("The program must call nix::initNix() before calling any libstore library functions.");
|
|
|
|
|
abort();
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void initLibStore() {
|
2023-02-01 15:46:26 +00:00
|
|
|
|
|
2023-02-01 16:43:14 +00:00
|
|
|
|
initLibUtil();
|
|
|
|
|
|
2023-02-01 16:12:11 +00:00
|
|
|
|
if (sodium_init() == -1)
|
|
|
|
|
throw Error("could not initialise libsodium");
|
|
|
|
|
|
2023-02-01 15:46:26 +00:00
|
|
|
|
loadConfFile();
|
|
|
|
|
|
2023-02-01 16:24:14 +00:00
|
|
|
|
preloadNSS();
|
|
|
|
|
|
2023-02-01 16:35:28 +00:00
|
|
|
|
/* On macOS, don't use the per-session TMPDIR (as set e.g. by
|
|
|
|
|
sshd). This breaks build users because they don't have access
|
|
|
|
|
to the TMPDIR, in particular in ‘nix-store --serve’. */
|
|
|
|
|
#if __APPLE__
|
|
|
|
|
if (hasPrefix(getEnv("TMPDIR").value_or("/tmp"), "/var/folders/"))
|
|
|
|
|
unsetenv("TMPDIR");
|
|
|
|
|
#endif
|
|
|
|
|
|
2022-12-19 13:06:07 +00:00
|
|
|
|
initLibStoreDone = true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2006-09-04 21:06:23 +00:00
|
|
|
|
}
|