2 files changed, 24 insertions, 11 deletions

diff --git a/src/libmain/setuid-common.hh b/src/libmain/setuid-common.hh
new file mode 100644
index 000000000000..a3e840996161
--- /dev/null
+++ b/src/libmain/setuid-common.hh
@@ -0,0 +1,22 @@
+/* Code shared between libmain and nix-setuid-helper. */
+
+extern char * * environ;
+
+
+namespace nix {
+    
+
+void setuidCleanup()
+{
+    /* Don't trust the environment. */
+    environ = 0;
+
+    /* Make sure that file descriptors 0, 1, 2 are open. */
+    for (int fd = 0; fd <= 2; ++fd) {
+        struct stat st;
+        if (fstat(fd, &st) == -1) abort();
+    }
+}
+
+ 
+}
diff --git a/src/libmain/shared.cc b/src/libmain/shared.cc
index 393f31fcda66..fa72ca5bc444 100644
--- a/src/libmain/shared.cc
+++ b/src/libmain/shared.cc
@@ -14,7 +14,7 @@
 #include <aterm2.h>
 
 
-extern char * * environ;
+#include "setuid-common.hh"
 
 
 namespace nix {
@@ -218,20 +218,11 @@ static void setuidInit()
     uid_t nixUid = geteuid();
     gid_t nixGid = getegid();
     
-    fprintf(stderr, "<<< setuid mode >>>\n");
-
-    /* Don't trust the environment. */
-    environ = 0;
+    setuidCleanup();
 
     /* Don't trust the current directory. */
     if (chdir("/") == -1) abort();
 
-    /* Make sure that file descriptors 0, 1, 2 are open. */
-    for (int fd = 0; fd <= 2; ++fd) {
-        struct stat st;
-        if (fstat(fd, &st) == -1) abort();
-    }
-
     /* Set the real (and preferably also the save) uid/gid to the
        effective uid/gid.  This matters mostly when we're not using
        build-users (bad!), since some builders (like Perl) complain