aboutsummaryrefslogtreecommitdiff
path: root/nix/libstore/local-store.cc
diff options
context:
space:
mode:
Diffstat (limited to 'nix/libstore/local-store.cc')
-rw-r--r--nix/libstore/local-store.cc33
1 files changed, 30 insertions, 3 deletions
diff --git a/nix/libstore/local-store.cc b/nix/libstore/local-store.cc
index 1293a6e8f2..5d210ae017 100644
--- a/nix/libstore/local-store.cc
+++ b/nix/libstore/local-store.cc
@@ -20,6 +20,7 @@
#include <errno.h>
#include <stdio.h>
#include <time.h>
+#include <grp.h>
#if HAVE_UNSHARE && HAVE_STATVFS && HAVE_SYS_MOUNT_H
#include <sched.h>
@@ -237,7 +238,7 @@ LocalStore::LocalStore(bool reserveSpace)
makeStoreWritable();
createDirs(linksDir = settings.nixStore + "/.links");
Path profilesDir = settings.nixStateDir + "/profiles";
- createDirs(settings.nixStateDir + "/profiles");
+ createDirs(profilesDir);
createDirs(settings.nixStateDir + "/temproots");
createDirs(settings.nixDBPath);
Path gcRootsDir = settings.nixStateDir + "/gcroots";
@@ -246,6 +247,32 @@ LocalStore::LocalStore(bool reserveSpace)
createSymlink(profilesDir, gcRootsDir + "/profiles");
}
+ /* Optionally, create directories and set permissions for a
+ multi-user install. */
+ if (getuid() == 0 && settings.buildUsersGroup != "") {
+
+ Path perUserDir = profilesDir + "/per-user";
+ createDirs(perUserDir);
+ if (chmod(perUserDir.c_str(), 01777) == -1)
+ throw SysError(format("could not set permissions on `%1%' to 1777") % perUserDir);
+
+ struct group * gr = getgrnam(settings.buildUsersGroup.c_str());
+ if (!gr)
+ throw Error(format("the group `%1%' specified in `build-users-group' does not exist")
+ % settings.buildUsersGroup);
+
+ struct stat st;
+ if (stat(settings.nixStore.c_str(), &st))
+ throw SysError(format("getting attributes of path `%1%'") % settings.nixStore);
+
+ if (st.st_uid != 0 || st.st_gid != gr->gr_gid || (st.st_mode & ~S_IFMT) != 01775) {
+ if (chown(settings.nixStore.c_str(), 0, gr->gr_gid) == -1)
+ throw SysError(format("changing ownership of path `%1%'") % settings.nixStore);
+ if (chmod(settings.nixStore.c_str(), 01775) == -1)
+ throw SysError(format("changing permissions on path `%1%'") % settings.nixStore);
+ }
+ }
+
checkStoreNotSymlink();
/* We can't open a SQLite database if the disk is full. Since
@@ -661,7 +688,7 @@ unsigned long long LocalStore::addValidPath(const ValidPathInfo & info, bool che
efficiently query whether a path is an output of some
derivation. */
if (isDerivation(info.path)) {
- Derivation drv = parseDerivation(readFile(info.path));
+ Derivation drv = readDerivation(info.path);
/* Verify that the output paths in the derivation are correct
(i.e., follow the scheme for computing output paths from
@@ -1290,7 +1317,7 @@ void LocalStore::registerValidPaths(const ValidPathInfos & infos)
if (isDerivation(i->path)) {
// FIXME: inefficient; we already loaded the
// derivation in addValidPath().
- Derivation drv = parseDerivation(readFile(i->path));
+ Derivation drv = readDerivation(i->path);
checkDerivationOutputs(i->path, drv);
}