From bd013b6f987c23c3b99b639ba7cdbc7b694a13f5 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 15 Feb 2012 01:31:56 +0100 Subject: On Linux, make the Nix store really read-only by using the immutable bit MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit I was bitten one time too many by Python modifying the Nix store by creating *.pyc files when run as root. On Linux, we can prevent this by setting the immutable bit on files and directories (as in ‘chattr +i’). This isn't supported by all filesystems, so it's not an error if setting the bit fails. The immutable bit is cleared by the garbage collector before deleting a path. The only tricky aspect is in optimiseStore(), since it's forbidden to create hard links to an immutable file. Thus optimiseStore() temporarily clears the immutable bit before creating the link. --- configure.ac | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'configure.ac') diff --git a/configure.ac b/configure.ac index 2a0a30f030..29fdfdb36f 100644 --- a/configure.ac +++ b/configure.ac @@ -113,8 +113,8 @@ AC_LANG_POP(C++) # Check for chroot support (requires chroot() and bind mounts). AC_CHECK_FUNCS([chroot]) AC_CHECK_FUNCS([unshare]) -AC_CHECK_HEADERS([sched.h], [], [], []) -AC_CHECK_HEADERS([sys/param.h], [], [], []) +AC_CHECK_HEADERS([sched.h]) +AC_CHECK_HEADERS([sys/param.h]) AC_CHECK_HEADERS([sys/mount.h], [], [], [#ifdef HAVE_SYS_PARAM_H # include @@ -124,7 +124,7 @@ AC_CHECK_HEADERS([sys/mount.h], [], [], # Check for . AC_LANG_PUSH(C++) -AC_CHECK_HEADERS([locale], [], [], []) +AC_CHECK_HEADERS([locale]) AC_LANG_POP(C++) @@ -138,9 +138,13 @@ AC_SUBST([bsddiff_compat_include]) AC_CHECK_HEADERS([sys/personality.h]) +# Check for (for immutable file support). +AC_CHECK_HEADERS([linux/fs.h]) + + # Check for tr1/unordered_set. AC_LANG_PUSH(C++) -AC_CHECK_HEADERS([tr1/unordered_set], [], [], []) +AC_CHECK_HEADERS([tr1/unordered_set]) AC_LANG_POP(C++) -- cgit 1.4.1