diff options
-rw-r--r-- | src/libmain/shared.cc | 4 | ||||
-rw-r--r-- | src/libmain/shared.hh | 2 | ||||
-rw-r--r-- | src/nix-worker/nix-worker.cc | 21 |
3 files changed, 25 insertions, 2 deletions
diff --git a/src/libmain/shared.cc b/src/libmain/shared.cc index d3b73f8fd5a3..99ac198ca356 100644 --- a/src/libmain/shared.cc +++ b/src/libmain/shared.cc @@ -287,7 +287,7 @@ static void * oomHandler(size_t requested) int exitCode = 0; - +char * * argvSaved = 0; } @@ -298,6 +298,8 @@ int main(int argc, char * * argv) { using namespace nix; + argvSaved = argv; + /* If we're setuid, then we need to take some security precautions right away. */ if (argc == 0) abort(); diff --git a/src/libmain/shared.hh b/src/libmain/shared.hh index 1d6a6ec5737d..43725e07fdd9 100644 --- a/src/libmain/shared.hh +++ b/src/libmain/shared.hh @@ -56,6 +56,8 @@ struct RemoveTempRoots /* Exit code of the program. */ extern int exitCode; +extern char * * argvSaved; + } diff --git a/src/nix-worker/nix-worker.cc b/src/nix-worker/nix-worker.cc index eaa686667306..7ca54dee99be 100644 --- a/src/nix-worker/nix-worker.cc +++ b/src/nix-worker/nix-worker.cc @@ -753,8 +753,21 @@ static void daemonLoop() throw SysError("accepting connection"); } - printMsg(lvlInfo, format("accepted connection %1%") % remote); + /* Get the identity of the caller, if possible. */ + uid_t clientUid = -1; + pid_t clientPid = -1; + +#if defined(SO_PEERCRED) + ucred cred; + socklen_t credLen = sizeof(cred); + if (getsockopt(remote, SOL_SOCKET, SO_PEERCRED, &cred, &credLen) != -1) { + clientPid = cred.pid; + clientUid = cred.uid; + } +#endif + printMsg(lvlInfo, format("accepted connection from pid %1%, uid %2%") % clientPid % clientUid); + /* Fork a child to handle the connection. */ pid_t child; child = fork(); @@ -774,6 +787,12 @@ static void daemonLoop() /* Restore normal handling of SIGCHLD. */ setSigChldAction(false); + /* For debugging, stuff the pid into argv[1]. */ + if (clientPid != -1 && argvSaved[1]) { + string processName = int2String(clientPid); + strncpy(argvSaved[1], processName.c_str(), strlen(argvSaved[1])); + } + /* Since the daemon can be long-running, the settings may have changed. So force a reload. */ reloadSettings(); |