diff options
author | Eelco Dolstra <e.dolstra@tudelft.nl> | 2007-08-30T09·50+0000 |
---|---|---|
committer | Eelco Dolstra <e.dolstra@tudelft.nl> | 2007-08-30T09·50+0000 |
commit | 0d65fc08e2f7e69976ab91271024a87dbeef380d (patch) | |
tree | 8276ec01bd428d3be6422eb71e25ed8dec247ae1 /doc/manual/writing-nix-expressions.xml | |
parent | cb1c1004cdd582abe67146ab3904bd88de3a1d4e (diff) |
* Create the Nix daemon socket in a separate directory
(/nix/var/nix/daemon-socket). This allows access to the Nix daemon to be restricted by setting the mode/ownership on that directory as desired, e.g. $ chmod 770 /nix/var/nix/daemon-socket $ chown root.wheel /nix/var/nix/daemon-socket to allow only users in the wheel group to use Nix. Setting the ownership on a socket is much trickier, since the socket must be deleted and recreated every time the daemon is started (which would require additional Nix configuration file directives to specify the mode/ownership, and wouldn't support arbitrary ACLs), some BSD variants appear to ignore permissions on sockets, and it's not clear whether the umask is respected on every platform when creating sockets.
Diffstat (limited to 'doc/manual/writing-nix-expressions.xml')
0 files changed, 0 insertions, 0 deletions