about summary refs log tree commit diff
diff options
context:
space:
mode:
authorEelco Dolstra <e.dolstra@tudelft.nl>2006-12-07T11·27+0000
committerEelco Dolstra <e.dolstra@tudelft.nl>2006-12-07T11·27+0000
commit7d8cf316eec3b5b1f2cf5ae8558a80bcaa69437f (patch)
tree2b5f5727c4e915af4f0069210e584575519ffe92
parenta45c498e4e1109e0147b46df1230db718e5bceb1 (diff)
* Pass the actual build user to the setuid helper.
-rw-r--r--src/libstore/build.cc32
1 files changed, 10 insertions, 22 deletions
diff --git a/src/libstore/build.cc b/src/libstore/build.cc
index be6f934890e1..2b2b54cd1f30 100644
--- a/src/libstore/build.cc
+++ b/src/libstore/build.cc
@@ -340,6 +340,7 @@ private:
     Path fnUserLock;
     AutoCloseFD fdUserLock;
 
+    string user;
     uid_t uid;
     gid_t gid;
     
@@ -350,10 +351,12 @@ public:
     void acquire();
     void release();
 
-    uid_t getUID();
-    uid_t getGID();
+    string getUser() { return user; }
+    uid_t getUID() { return uid; }
+    uid_t getGID() { return gid; }
 
-    bool enabled();
+    bool enabled() { return uid != 0; }
+        
 };
 
 
@@ -420,6 +423,7 @@ void UserLock::acquire()
         if (lockFile(fd, ltWrite, false)) {
             fdUserLock = fd.borrow();
             lockedPaths.insert(fnUserLock);
+            user = *i;
             uid = pw->pw_uid;
 
             /* Sanity check... */
@@ -448,24 +452,6 @@ void UserLock::release()
 }
 
 
-uid_t UserLock::getUID()
-{
-    return uid;
-}
-
-
-uid_t UserLock::getGID()
-{
-    return gid;
-}
-
-
-bool UserLock::enabled()
-{
-    return uid != 0;
-}
-
-
 static bool amPrivileged()
 {
     return geteuid() == 0;
@@ -1351,6 +1337,7 @@ void DerivationGoal::startBuilder()
 
             Path program = drv.builder.c_str();
             std::vector<const char *> args; /* careful with c_str()! */
+            string user; /* must be here for its c_str()! */
             
             /* If we are running in `build-users' mode, then switch to
                the user we allocated above.  Make sure that we drop
@@ -1381,7 +1368,8 @@ void DerivationGoal::startBuilder()
                     program = nixLibexecDir + "/nix-setuid-helper";
                     args.push_back(program.c_str());
                     args.push_back("run-builder");
-                    args.push_back("nix-builder-1"); /* !!! TODO */
+                    user = buildUser.getUser().c_str();
+                    args.push_back(user.c_str());
                     args.push_back(drv.builder.c_str());
                 }
             }