diff options
| -rw-r--r-- | src/libstore/build.cc | 2 | ||||
| -rw-r--r-- | src/libutil/util.cc | 3 |
2 files changed, 5 insertions, 0 deletions
diff --git a/src/libstore/build.cc b/src/libstore/build.cc index ab8923bbdc47..36436d7eb2cd 100644 --- a/src/libstore/build.cc +++ b/src/libstore/build.cc @@ -1914,6 +1914,8 @@ void DerivationGoal::startBuilder() builderOut.create(); /* Fork a child to build the package. */ + ProcessOptions options; + options.allowVfork = !buildUser.enabled(); pid = startProcess([&]() { runChild(); }); diff --git a/src/libutil/util.cc b/src/libutil/util.cc index bdd114c5e49a..5895e7200e96 100644 --- a/src/libutil/util.cc +++ b/src/libutil/util.cc @@ -825,6 +825,9 @@ void killUser(uid_t uid) users to which the current process can send signals. So we fork a process, switch to uid, and send a mass kill. */ + ProcessOptions options; + options.allowVfork = false; + Pid pid = startProcess([&]() { if (setuid(uid) == -1) |