From 9cee600c88d2a23b872be1c175450011a6d52152 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Wed, 30 Mar 2016 17:35:48 +0200
Subject: LocalStore: Keep track of ultimately trusted paths

These are content-addressed paths or outputs of locally performed
builds. They are trusted even if they don't have signatures, so "nix
verify-paths" won't complain about them.
---
 src/libstore/build.cc | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'src/libstore/build.cc')

diff --git a/src/libstore/build.cc b/src/libstore/build.cc
index ed4e0f659da3..31c321c83ade 100644
--- a/src/libstore/build.cc
+++ b/src/libstore/build.cc
@@ -2743,6 +2743,14 @@ void DerivationGoal::registerOutputs()
                     throw Error(format("derivation ‘%1%’ may not be deterministic: output ‘%2%’ differs")
                         % drvPath % path);
             }
+
+            /* Since we verified the build, it's now ultimately
+               trusted. */
+            if (!info.ultimate) {
+                info.ultimate = true;
+                worker.store.registerValidPaths({info});
+            }
+
             continue;
         }
 
@@ -2799,6 +2807,7 @@ void DerivationGoal::registerOutputs()
         info.narSize = hash.second;
         info.references = references;
         info.deriver = drvPath;
+        info.ultimate = true;
         infos.push_back(info);
     }
 
-- 
cgit 1.4.1