about summary refs log tree commit diff
path: root/src/libstore/remote-store.cc
AgeCommit message (Collapse)AuthorFilesLines
2006-12-05 * The determination of the root set should be made by the privilegedEelco Dolstra1-4/+36
process, so forward the operation. * Spam the user about GC misconfigurations (NIX-71). * findRoots: skip all roots that are unreadable - the warnings with which we spam the user should be enough.
2006-12-04 * Add indirect root registration to the protocol so that unprivilegedEelco Dolstra1-0/+9
processes can register indirect roots. Of course, there is still the problem that the garbage collector can only read the targets of the indirect roots when it's running as root...
2006-12-04 * Don't redirect stderr.Eelco Dolstra1-6/+0
2006-12-04 * Handle exceptions and stderr for all protocol functions.Eelco Dolstra1-0/+10
* SIGIO -> SIGPOLL (POSIX calls it that). * Use sigaction instead of signal to register the SIGPOLL handler. Sigaction is better defined, and a handler registered with signal appears not to interrupt fcntl(..., F_SETLKW, ...), which is bad.
2006-12-04 * Daemon mode (`nix-worker --daemon'). Clients connect to the serverEelco Dolstra1-1/+2
via the Unix domain socket in /nix/var/nix/daemon.socket. The server forks a worker process per connection. * readString(): use the heap, not the stack. * Some protocol fixes.
2006-12-04 * When NIX_REMOTE=daemon, connect to /nix/var/nix/daemon.socketEelco Dolstra1-7/+29
instead of forking a worker.
2006-12-04 * Refactoring.Eelco Dolstra1-13/+29
2006-12-04 * Pass the verbosity level to the worker.Eelco Dolstra1-2/+8
2006-12-04 * Install the worker in bindir, not libexecdir.Eelco Dolstra1-1/+4
* Allow the worker path to be overriden through the NIX_WORKER environment variable.
2006-12-03 * Don't run setuid root when build-users is empty.Eelco Dolstra1-0/+1
* Send startup errors to the client.
2006-12-03 * Use a Unix domain socket instead of pipes.Eelco Dolstra1-13/+17
2006-12-03 * Better error message if the worker doesn't start.Eelco Dolstra1-4/+8
2006-12-03 * Some hackery to propagate the worker's stderr and exceptions to theEelco Dolstra1-5/+34
client.
2006-12-02 * Move addTempRoot() to the store API, and add another functionEelco Dolstra1-0/+15
syncWithGC() to allow clients to register GC roots without needing write access to the global roots directory or the GC lock.
2006-12-02 * Remove queryPathHash().Eelco Dolstra1-1/+4
* Help for nix-worker.
2006-12-01 * Merge addToStore and addToStoreFixed.Eelco Dolstra1-28/+4
* addToStore now adds unconditionally, it doesn't use readOnlyMode. Read-only operation is up to the caller (who can call computeStorePathForPath).
2006-12-01 * More operations.Eelco Dolstra1-1/+24
* addToStore() and friends: don't do a round-trip to the worker if we're only interested in the path (i.e., in read-only mode).
2006-11-30 * More remote operations.Eelco Dolstra1-18/+32
* Added new operation hasSubstitutes(), which is more efficient than querySubstitutes().size() > 0.
2006-11-30 * More operations.Eelco Dolstra1-5/+18
2006-11-30 * First remote operation: isValidPath().Eelco Dolstra1-4/+14
2006-11-30 * When NIX_REMOTE is set to "slave", fork off nix-worker in slaveEelco Dolstra1-1/+53
mode. Presumably nix-worker would be setuid to the Nix store user. The worker performs all operations on the Nix store and database, so the caller can be completely unprivileged. This is already much more secure than the old setuid scheme, since the worker doesn't need to do Nix expression evaluation and so on. Most importantly, this means that it doesn't need to access any user files, with all resulting security risks; it only performs pure store operations. Once this works, it is easy to move to a daemon model that forks off a worker for connections established through a Unix domain socket. That would be even more secure.
2006-11-30 * Oops.Eelco Dolstra1-0/+82
generated by cgit-pink 1.4.1 (git 2.44.2) at 2024-09-19T10·46+0000