diff options
Diffstat (limited to 'nix/nix-daemon/nix-daemon.cc')
| -rw-r--r-- | nix/nix-daemon/nix-daemon.cc | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/nix/nix-daemon/nix-daemon.cc b/nix/nix-daemon/nix-daemon.cc index 9b29b3e91d..47b67d5863 100644 --- a/nix/nix-daemon/nix-daemon.cc +++ b/nix/nix-daemon/nix-daemon.cc @@ -203,11 +203,11 @@ static void stopWork(bool success = true, const string & msg = "", unsigned int } -struct TunnelSink : Sink +struct TunnelSink : BufferedSink { Sink & to; - TunnelSink(Sink & to) : to(to) { } - virtual void operator () (const unsigned char * data, size_t len) + TunnelSink(Sink & to) : BufferedSink(64 * 1024), to(to) { } + virtual void write(const unsigned char * data, size_t len) { writeInt(STDERR_WRITE, to); writeString(data, len, to); @@ -433,6 +433,7 @@ static void performOp(bool trusted, unsigned int clientVersion, startWork(); TunnelSink sink(to); store->exportPath(path, sign, sink); + sink.flush(); stopWork(); writeInt(1, to); break; @@ -959,6 +960,18 @@ static void daemonLoop() strncpy(argvSaved[1], processName.c_str(), strlen(argvSaved[1])); } +#if defined(SO_PEERCRED) + /* Store the client's user and group for this connection. This + has to be done in the forked process since it is per + connection. */ + settings.clientUid = cred.uid; + settings.clientGid = cred.gid; +#else + /* Setting these to -1 means: do not change */ + settings.clientUid = (uid_t) -1; + settings.clientGid = (gid_t) -1; +#endif + /* Handle the connection. */ from.fd = remote; to.fd = remote; |