wroclaw-git-backups/nix
1
0
Fork 0
mirror of https://github.com/NixOS/nix synced 2025-06-27 16:51:15 +02:00
Code Activity

* Get rid of `build-users'. We'll just take all the members of

Browse source 
`build-users-group'.  This makes configuration easier: you can just
  add users in /etc/group.
This commit is contained in:
Eelco Dolstra 2006-12-06 20:00:15 +00:00
parent 751f6d2157
commit 6e5ec1029a
3 changed files with 88 additions and 66 deletions
Download patch file Download diff file Expand all files Collapse all files

10
src/nix-setuid-helper/main.cc
View file

@ -40,14 +40,18 @@ static void runBuilder(string userName,
don't want to create that directory here. */
secureChown(pw->pw_uid, gidBuilders, ".");
/* Set the real, effective and saved gid. Must be done before
setuid(), otherwise it won't set the real and saved gids. */
if (setgroups(0, 0) == -1)
throw SysError("cannot clear the set of supplementary groups");
//setgid(gidBuilders);
/* Set the real, effective and saved uid. */
setuid(pw->pw_uid);
if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid)
throw Error("cannot setuid");
if (setuid(pw->pw_uid) == -1 ||
getuid() != pw->pw_uid ||
geteuid() != pw->pw_uid)
throw SysError("setuid failed");
/* Execute the program. */
std::vector<const char *> args;