Age | Commit message (Expand) | Author | Files | Lines |
2006-12-07 | * Move setuidCleanup() to libutil. | Eelco Dolstra | 5 | -27/+23 |
2006-12-07 | * If not running as root, let the setuid helper kill the build user's | Eelco Dolstra | 2 | -31/+69 |
2006-12-07 | * In the garbage collector, if deleting a path fails, try to fix its | Eelco Dolstra | 3 | -6/+31 |
2006-12-07 | * When not running as root, call the setuid helper to change the | Eelco Dolstra | 2 | -7/+13 |
2006-12-07 | * Change the ownership of store paths to the Nix account before | Eelco Dolstra | 3 | -38/+104 |
2006-12-07 | * Pass the actual build user to the setuid helper. | Eelco Dolstra | 1 | -22/+10 |
2006-12-07 | * If Nix is not running as root, call the setuid helper to start the | Eelco Dolstra | 2 | -26/+41 |
2006-12-07 | * Sanity check. | Eelco Dolstra | 1 | -1/+7 |
2006-12-07 | * Move killUser() to libutil so that the setuid helper can use it. | Eelco Dolstra | 3 | -48/+79 |
2006-12-06 | * Change the ownership of the current directory to the build user. | Eelco Dolstra | 1 | -3/+16 |
2006-12-06 | * Verify that the desired target user is in the build users group (as | Eelco Dolstra | 1 | -10/+43 |
2006-12-06 | * Check that the caller is allowed to call the setuid helper. The | Eelco Dolstra | 1 | -12/+49 |
2006-12-06 | * Fix the safety check. | Eelco Dolstra | 1 | -2/+2 |
2006-12-06 | * Get rid of `build-users'. We'll just take all the members of | Eelco Dolstra | 2 | -38/+60 |
2006-12-06 | * nix-setuid-helper: allow running programs under a different uid. | Eelco Dolstra | 3 | -11/+140 |
2006-12-06 | * Start of the setuid helper (the program that performs the operations | Eelco Dolstra | 4 | -4/+17 |
2006-12-05 | * Be less chatty. | Eelco Dolstra | 1 | -2/+2 |
2006-12-05 | * Urgh. Do setgid() before setuid(), because the semantics of setgid() | Eelco Dolstra | 1 | -4/+4 |
2006-12-05 | * Tricky: child processes should not send data to the client since | Eelco Dolstra | 1 | -2/+10 |
2006-12-05 | * FreeBSD returns ESRCH when there are no processes to kill. | Eelco Dolstra | 1 | -4/+8 |
2006-12-05 | * Oops! In daemon mode, we can't run as root either if build-users is empty. | Eelco Dolstra | 1 | -2/+2 |
2006-12-05 | * Use an explicit handler for SIGCHLD, since SIG_IGN doesn't do the | Eelco Dolstra | 1 | -3/+15 |
2006-12-05 | * Better message. | Eelco Dolstra | 1 | -1/+1 |
2006-12-05 | * Ugly hack to handle spurious SIGPOLLs. | Eelco Dolstra | 1 | -20/+50 |
2006-12-05 | * Some renaming. | Eelco Dolstra | 1 | -6/+6 |
2006-12-05 | * Allow unprivileged users to run the garbage collector and to do | Eelco Dolstra | 16 | -56/+106 |
2006-12-05 | * The determination of the root set should be made by the privileged | Eelco Dolstra | 9 | -77/+138 |
2006-12-05 | * findRoots: return a map from the symlink (outside of the store) to | Eelco Dolstra | 1 | -11/+16 |
2006-12-05 | * In addPermRoot, check that the root that we just registered can be | Eelco Dolstra | 2 | -18/+42 |
2006-12-04 | * Add indirect root registration to the protocol so that unprivileged | Eelco Dolstra | 7 | -6/+42 |
2006-12-04 | * Not every OS knows about SIGPOLL. | Eelco Dolstra | 1 | -0/+5 |
2006-12-04 | * Don't redirect stderr. | Eelco Dolstra | 1 | -6/+0 |
2006-12-04 | * Handle exceptions and stderr for all protocol functions. | Eelco Dolstra | 2 | -19/+64 |
2006-12-04 | * Daemon mode (`nix-worker --daemon'). Clients connect to the server | Eelco Dolstra | 7 | -53/+182 |
2006-12-04 | * When NIX_REMOTE=daemon, connect to /nix/var/nix/daemon.socket | Eelco Dolstra | 3 | -8/+37 |
2006-12-04 | * Refactoring. | Eelco Dolstra | 3 | -17/+33 |
2006-12-04 | * Pass the verbosity level to the worker. | Eelco Dolstra | 1 | -2/+8 |
2006-12-04 | * Install the worker in bindir, not libexecdir. | Eelco Dolstra | 6 | -2/+11 |
2006-12-03 | * Doh. | Eelco Dolstra | 2 | -1/+4 |
2006-12-03 | * Don't run setuid root when build-users is empty. | Eelco Dolstra | 3 | -26/+51 |
2006-12-03 | * Removed `build-allow-root'. | Eelco Dolstra | 4 | -21/+34 |
2006-12-03 | * Use setreuid if setresuid is not available. | Eelco Dolstra | 1 | -6/+12 |
2006-12-03 | * Handle a subtle race condition: the client closing the socket | Eelco Dolstra | 1 | -2/+30 |
2006-12-03 | * Some hardcore magic to handle asynchronous client disconnects. | Eelco Dolstra | 1 | -1/+37 |
2006-12-03 | * Use a Unix domain socket instead of pipes. | Eelco Dolstra | 2 | -15/+18 |
2006-12-03 | * Better error message if the worker doesn't start. | Eelco Dolstra | 1 | -4/+8 |
2006-12-03 | * Pid::kill() should be interruptable. | Eelco Dolstra | 1 | -1/+3 |
2006-12-03 | * Some hackery to propagate the worker's stderr and exceptions to the | Eelco Dolstra | 7 | -104/+206 |
2006-12-03 | * Run the worker in a separate session to prevent terminal signals | Eelco Dolstra | 1 | -0/+6 |
2006-12-02 | * Move addTempRoot() to the store API, and add another function | Eelco Dolstra | 11 | -17/+81 |