wroclaw-git-backups/nix
1
0
Fork 0
mirror of https://github.com/NixOS/nix synced 2025-07-08 15:13:55 +02:00
Code Activity

Add option allowed-uris

Browse source 
This allows network access in restricted eval mode.
This commit is contained in:
Eelco Dolstra 2017-10-30 12:39:59 +01:00
parent f1c555cef8
commit 812e027e1d
No known key found for this signature in database
GPG key ID: 8170B4726D7198DE
8 changed files with 67 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

18
doc/manual/command-ref/conf-file.xml
View file

@ -563,7 +563,8 @@ password <replaceable>my-password</replaceable>
<para>If set to <literal>true</literal>, the Nix evaluator will
not allow access to any files outside of the Nix search path (as
set via the <envar>NIX_PATH</envar> environment variable or the
<option>-I</option> option). The default is
<option>-I</option> option), or to URIs outside of
<option>allowed-uri</option>. The default is
<literal>false</literal>.</para>
</listitem>
@ -571,6 +572,21 @@ password <replaceable>my-password</replaceable>
</varlistentry>
<varlistentry xml:id="conf-allowed-uris"><term><literal>allowed-uris</literal></term>
<listitem>
<para>A list of URI prefixes to which access is allowed in
restricted evaluation mode. For example, when set to
<literal>https://github.com/NixOS</literal>, builtin functions
such as <function>fetchGit</function> are allowed to access
<literal>https://github.com/NixOS/patchelf.git</literal>.</para>
</listitem>
</varlistentry>
<varlistentry xml:id="conf-pre-build-hook"><term><literal>pre-build-hook</literal></term>
<listitem>