diff options
| author | Ludovic Courtès <ludo@gnu.org> | 2016-12-09 18:11:14 +0100 |
|---|---|---|
| committer | Ludovic Courtès <ludo@gnu.org> | 2016-12-09 18:11:14 +0100 |
| commit | f80b4d2ce09b0b7770cbdf2f90704d41b0a168c5 (patch) | |
| tree | ec47c7ee5d5579cfa00f13b5038ff3d8c87e4a48 /nix/libstore/build.cc | |
| parent | 13b5f44b475aa385d580f7e19b907210bc1d6d99 (diff) | |
| parent | 2608e40988ba8cf51723fe0d21bdedf6b3997c9c (diff) | |
| download | guix-f80b4d2ce09b0b7770cbdf2f90704d41b0a168c5.tar guix-f80b4d2ce09b0b7770cbdf2f90704d41b0a168c5.tar.gz | |
Merge remote-tracking branch 'origin/master' into staging
Diffstat (limited to 'nix/libstore/build.cc')
| -rw-r--r-- | nix/libstore/build.cc | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/nix/libstore/build.cc b/nix/libstore/build.cc index 889ee3d2bd..e823001788 100644 --- a/nix/libstore/build.cc +++ b/nix/libstore/build.cc @@ -2631,6 +2631,21 @@ void DerivationGoal::closeLogFile() } +static void _chown(const Path & path, uid_t uid, gid_t gid) +{ + checkInterrupt(); + + if (lchown(path.c_str(), uid, gid) == -1) { + throw SysError(format("change owner and group of `%1%'") % path); + } + struct stat st = lstat(path); + if (S_ISDIR(st.st_mode)) { + for (auto & i : readDirectory(path)) + _chown(path + "/" + i.name, uid, gid); + } +} + + void DerivationGoal::deleteTmpDir(bool force) { if (tmpDir != "") { @@ -2639,6 +2654,12 @@ void DerivationGoal::deleteTmpDir(bool force) format("note: keeping build directory `%2%'") % drvPath % tmpDir); chmod(tmpDir.c_str(), 0755); + // Change the ownership if clientUid is set. Never change the + // ownership or the group to "root" for security reasons. + if (settings.clientUid != (uid_t) -1 && settings.clientUid != 0) { + _chown(tmpDir, settings.clientUid, + settings.clientGid != 0 ? settings.clientGid : -1); + } } else deletePath(tmpDir); |