[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
45/64: Set up directories and permissions for multi-user install automat
From: |
Ludovic Courtès |
Subject: |
45/64: Set up directories and permissions for multi-user install automatically |
Date: |
Mon, 05 Jan 2015 16:39:06 +0000 |
civodul pushed a commit to branch nix
in repository guix.
commit 696f960dee35889433adfa6c08a2dbfb6ea0724f
Author: Eelco Dolstra <address@hidden>
Date: Fri May 2 14:31:15 2014 +0200
Set up directories and permissions for multi-user install automatically
This automatically creates /nix/var/nix/profiles/per-user and sets the
permissions/ownership on /nix/store to 1775 and root:nixbld.
---
src/libstore/local-store.cc | 29 ++++++++++++++++++++++++++++-
1 files changed, 28 insertions(+), 1 deletions(-)
diff --git a/src/libstore/local-store.cc b/src/libstore/local-store.cc
index 567706d..5d210ae 100644
--- a/src/libstore/local-store.cc
+++ b/src/libstore/local-store.cc
@@ -20,6 +20,7 @@
#include <errno.h>
#include <stdio.h>
#include <time.h>
+#include <grp.h>
#if HAVE_UNSHARE && HAVE_STATVFS && HAVE_SYS_MOUNT_H
#include <sched.h>
@@ -237,7 +238,7 @@ LocalStore::LocalStore(bool reserveSpace)
makeStoreWritable();
createDirs(linksDir = settings.nixStore + "/.links");
Path profilesDir = settings.nixStateDir + "/profiles";
- createDirs(settings.nixStateDir + "/profiles");
+ createDirs(profilesDir);
createDirs(settings.nixStateDir + "/temproots");
createDirs(settings.nixDBPath);
Path gcRootsDir = settings.nixStateDir + "/gcroots";
@@ -246,6 +247,32 @@ LocalStore::LocalStore(bool reserveSpace)
createSymlink(profilesDir, gcRootsDir + "/profiles");
}
+ /* Optionally, create directories and set permissions for a
+ multi-user install. */
+ if (getuid() == 0 && settings.buildUsersGroup != "") {
+
+ Path perUserDir = profilesDir + "/per-user";
+ createDirs(perUserDir);
+ if (chmod(perUserDir.c_str(), 01777) == -1)
+ throw SysError(format("could not set permissions on `%1%' to
1777") % perUserDir);
+
+ struct group * gr = getgrnam(settings.buildUsersGroup.c_str());
+ if (!gr)
+ throw Error(format("the group `%1%' specified in
`build-users-group' does not exist")
+ % settings.buildUsersGroup);
+
+ struct stat st;
+ if (stat(settings.nixStore.c_str(), &st))
+ throw SysError(format("getting attributes of path `%1%'") %
settings.nixStore);
+
+ if (st.st_uid != 0 || st.st_gid != gr->gr_gid || (st.st_mode &
~S_IFMT) != 01775) {
+ if (chown(settings.nixStore.c_str(), 0, gr->gr_gid) == -1)
+ throw SysError(format("changing ownership of path `%1%'") %
settings.nixStore);
+ if (chmod(settings.nixStore.c_str(), 01775) == -1)
+ throw SysError(format("changing permissions on path `%1%'") %
settings.nixStore);
+ }
+ }
+
checkStoreNotSymlink();
/* We can't open a SQLite database if the disk is full. Since
- 39/64: nix-env: Minor change to '--delete-generations Nd' semantics, (continued)
- 39/64: nix-env: Minor change to '--delete-generations Nd' semantics, Ludovic Courtès, 2015/01/05
- 33/64: If a .drv cannot be parsed, show its path, Ludovic Courtès, 2015/01/05
- 40/64: trunk -> master, Ludovic Courtès, 2015/01/05
- 17/64: Pass position information to primop calls, Ludovic Courtès, 2015/01/05
- 32/64: Simplify quick start section, Ludovic Courtès, 2015/01/05
- 43/64: Set build-max-jobs to the number of available cores by default, Ludovic Courtès, 2015/01/05
- 41/64: doc fix: swap 'import' and 'export', Ludovic Courtès, 2015/01/05
- 28/64: Ensure that systemd units to into lib, not lib64, Ludovic Courtès, 2015/01/05
- 36/64: Bump version to 1.8, Ludovic Courtès, 2015/01/05
- 44/64: Install an Upstart service, Ludovic Courtès, 2015/01/05
- 45/64: Set up directories and permissions for multi-user install automatically,
Ludovic Courtès <=
- 46/64: Simplify multi-user installation instructions, Ludovic Courtès, 2015/01/05
- 49/64: Add ubuntu 14.04, Ludovic Courtès, 2015/01/05
- 48/64: Don't install Upstart job on Fedora, Ludovic Courtès, 2015/01/05
- 51/64: Really fix the RPM builds, Ludovic Courtès, 2015/01/05
- 50/64: Fix RPM build, Ludovic Courtès, 2015/01/05
- 53/64: fix typo, Ludovic Courtès, 2015/01/05
- 52/64: Shortcut already-hardlinked files, Ludovic Courtès, 2015/01/05
- 54/64: nix-instantiate --eval: Apply auto-arguments if the result is a function, Ludovic Courtès, 2015/01/05
- 47/64: Fix Debian tests, Ludovic Courtès, 2015/01/05
- 60/64: Merge branch 'master' of github.com:wmertens/nix, Ludovic Courtès, 2015/01/05