forked from lix-project/lix
0d65fc08e2
(/nix/var/nix/daemon-socket). This allows access to the Nix daemon
to be restricted by setting the mode/ownership on that directory as
desired, e.g.
$ chmod 770 /nix/var/nix/daemon-socket
$ chown root.wheel /nix/var/nix/daemon-socket
to allow only users in the wheel group to use Nix.
Setting the ownership on a socket is much trickier, since the socket
must be deleted and recreated every time the daemon is started
(which would require additional Nix configuration file directives to
specify the mode/ownership, and wouldn't support arbitrary ACLs),
some BSD variants appear to ignore permissions on sockets, and it's
not clear whether the umask is respected on every platform when
creating sockets.
57 lines
1.2 KiB
C++
57 lines
1.2 KiB
C++
#ifndef __WORKER_PROTOCOL_H
|
|
#define __WORKER_PROTOCOL_H
|
|
|
|
|
|
namespace nix {
|
|
|
|
|
|
#define WORKER_MAGIC_1 0x6e697864
|
|
#define WORKER_MAGIC_2 0x6478696e
|
|
|
|
|
|
typedef enum {
|
|
wopQuit = 0,
|
|
wopIsValidPath,
|
|
wopHasSubstitutes = 3,
|
|
wopQueryPathHash,
|
|
wopQueryReferences,
|
|
wopQueryReferrers,
|
|
wopAddToStore,
|
|
wopAddTextToStore,
|
|
wopBuildDerivations,
|
|
wopEnsurePath,
|
|
wopAddTempRoot,
|
|
wopAddIndirectRoot,
|
|
wopSyncWithGC,
|
|
wopFindRoots,
|
|
wopCollectGarbage,
|
|
wopExportPath,
|
|
wopImportPath,
|
|
wopQueryDeriver,
|
|
} WorkerOp;
|
|
|
|
|
|
#define STDERR_NEXT 0x6f6c6d67
|
|
#define STDERR_READ 0x64617461 // data needed from source
|
|
#define STDERR_WRITE 0x64617416 // data for sink
|
|
#define STDERR_LAST 0x616c7473
|
|
#define STDERR_ERROR 0x63787470
|
|
|
|
|
|
/* The default location of the daemon socket, relative to nixStateDir.
|
|
The socket is in a directory to allow you to control access to the
|
|
Nix daemon by setting the mode/ownership of the directory
|
|
appropriately. (This wouldn't work on the socket itself since it
|
|
must be deleted and recreated on startup.) */
|
|
#define DEFAULT_SOCKET_PATH "/daemon-socket/socket"
|
|
|
|
|
|
Path readStorePath(Source & from);
|
|
PathSet readStorePaths(Source & from);
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif /* !__WORKER_PROTOCOL_H */
|