about summary refs log tree commit diff
path: root/src/libstore/build.cc
diff options
context:
space:
mode:
authorEelco Dolstra <eelco.dolstra@logicblox.com>2015-06-04T12·07+0200
committerEelco Dolstra <eelco.dolstra@logicblox.com>2015-06-04T12·07+0200
commit07d7e7df84bf9bc381fbe56137bc47f5db7763ca (patch)
tree96131495fb19afb5b8e8b93d95b612ec0692be49 /src/libstore/build.cc
parent94378910fb55780cc11c1d68045f5c43e269490e (diff)
Chown files created for passAsFile
Nixpkgs' writeTextAsFile does this:

  mv "$textPath" "$n"

Since $textPath was owned by root, if $textPath is on the same
filesystem as $n, $n will be owned as root. As a result, the build
result was rejected as having suspicious ownership.

http://hydra.nixos.org/build/22836807
Diffstat (limited to 'src/libstore/build.cc')
-rw-r--r--src/libstore/build.cc9
1 files changed, 7 insertions, 2 deletions
diff --git a/src/libstore/build.cc b/src/libstore/build.cc
index 50c59c1314d9..04f8e23c5230 100644
--- a/src/libstore/build.cc
+++ b/src/libstore/build.cc
@@ -1655,6 +1655,7 @@ void DerivationGoal::startBuilder()
        environments, except those listed in the passAsFile
        attribute. Those are passed as file names pointing to
        temporary files containing the contents. */
+    PathSet filesToChown;
     StringSet passAsFile = tokenizeString<StringSet>(get(drv.env, "passAsFile"));
     int fileNr = 0;
     for (auto & i : drv.env) {
@@ -1663,6 +1664,7 @@ void DerivationGoal::startBuilder()
         } else {
             Path p = tmpDir + "/.attr-" + int2String(fileNr++);
             writeFile(p, i.second);
+            filesToChown.insert(p);
             env[i.first + "Path"] = p;
         }
     }
@@ -1759,8 +1761,11 @@ void DerivationGoal::startBuilder()
         buildUser.kill();
 
         /* Change ownership of the temporary build directory. */
-        if (chown(tmpDir.c_str(), buildUser.getUID(), buildUser.getGID()) == -1)
-            throw SysError(format("cannot change ownership of ‘%1%’") % tmpDir);
+        filesToChown.insert(tmpDir);
+
+        for (auto & p : filesToChown)
+            if (chown(p.c_str(), buildUser.getUID(), buildUser.getGID()) == -1)
+                throw SysError(format("cannot change ownership of ‘%1%’") % p);
     }