qyriad/lix
1
0
Fork 0
forked from lix-project/lix
Code Pull requests Activity

Merge pull request #7461 from rapenne-s/improve_messaging_untrusted_sub_user

Browse source 
Improve warning when an untrusted user is using an untrusted substituter
This commit is contained in:
Théophane Hufschmitt 2023-01-26 11:01:37 +01:00 committed by GitHub
parent aa61ae03da 6b2729c81e
commit ed479aafdc
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 17 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/libstore/daemon.cc
View file

@ -222,7 +222,8 @@ struct ClientSettings
else if (!hasSuffix(s, "/") && trusted.count(s + "/")) else if (!hasSuffix(s, "/") && trusted.count(s + "/"))
subs.push_back(s + "/"); subs.push_back(s + "/");
else else
warn("ignoring untrusted substituter '%s'", s); warn("ignoring untrusted substituter '%s', you are not a trusted user.\n"
"Run `man nix.conf` for more information on the `substituters` configuration option.", s);
res = subs; res = subs;
return true; return true;
}; };

25
src/libstore/globals.hh
View file

@ -570,11 +570,15 @@ public:
{"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="}, {"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="},
"trusted-public-keys", "trusted-public-keys",
R"( R"(
A whitespace-separated list of public keys. When paths are copied A whitespace-separated list of public keys.
from another Nix store (such as a binary cache), they must be
signed with one of these keys. For example: At least one of the following condition must be met
`cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= for Nix to accept copying a store object from another
hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=`. Nix store (such as a substituter):
- the store object has been signed using a key in the trusted keys list
- the [`require-sigs`](#conf-require-sigs) option has been set to `false`
- the store object is [output-addressed](@docroot@/glossary.md#gloss-output-addressed-store-object)
)", )",
{"binary-cache-public-keys"}}; {"binary-cache-public-keys"}};
@ -670,13 +674,14 @@ public:
independently. Lower value means higher priority. independently. Lower value means higher priority.
The default is `https://cache.nixos.org`, with a Priority of 40. The default is `https://cache.nixos.org`, with a Priority of 40.
Nix will copy a store path from a remote store only if one At least one of the following conditions must be met for Nix to use
of the following is true: a substituter:
- the store object is signed by one of the [`trusted-public-keys`](#conf-trusted-public-keys)
- the substituter is in the [`trusted-substituters`](#conf-trusted-substituters) list - the substituter is in the [`trusted-substituters`](#conf-trusted-substituters) list
- the [`require-sigs`](#conf-require-sigs) option has been set to `false` - the user calling Nix is in the [`trusted-users`](#conf-trusted-users) list
- the store object is [output-addressed](@docroot@/glossary.md#gloss-output-addressed-store-object)
In addition, each store path should be trusted as described
in [`trusted-public-keys`](#conf-trusted-public-keys)
)", )",
{"binary-caches"}}; {"binary-caches"}};