about summary refs log tree commit diff
path: root/doc/manual/writing-nix-expressions.xml
diff options
context:
space:
mode:
authorEelco Dolstra <e.dolstra@tudelft.nl>2007-08-30T09·50+0000
committerEelco Dolstra <e.dolstra@tudelft.nl>2007-08-30T09·50+0000
commit0d65fc08e2f7e69976ab91271024a87dbeef380d (patch)
tree8276ec01bd428d3be6422eb71e25ed8dec247ae1 /doc/manual/writing-nix-expressions.xml
parentcb1c1004cdd582abe67146ab3904bd88de3a1d4e (diff)
* Create the Nix daemon socket in a separate directory
  (/nix/var/nix/daemon-socket).  This allows access to the Nix daemon
  to be restricted by setting the mode/ownership on that directory as
  desired, e.g.

    $ chmod 770 /nix/var/nix/daemon-socket
    $ chown root.wheel /nix/var/nix/daemon-socket

  to allow only users in the wheel group to use Nix.

  Setting the ownership on a socket is much trickier, since the socket
  must be deleted and recreated every time the daemon is started
  (which would require additional Nix configuration file directives to
  specify the mode/ownership, and wouldn't support arbitrary ACLs),
  some BSD variants appear to ignore permissions on sockets, and it's
  not clear whether the umask is respected on every platform when
  creating sockets.

Diffstat (limited to 'doc/manual/writing-nix-expressions.xml')
0 files changed, 0 insertions, 0 deletions