From: Hartmut Goebel <h.goebel@crazy-compilers.com>
To: 36605@debbugs.gnu.org
Subject: [bug#36605] [PATCH v4] daemon: Set ownership of kept build directories to the calling user.
Date: Thu, 11 Jul 2019 22:26:09 +0200 [thread overview]
Message-ID: <20190711202644.32014-1-h.goebel@crazy-compilers.com> (raw)
In-Reply-To: <58494E16.9010909@crazy-compilers.com>
Fixes <http://bugs.gnu.org/15890>.
* nix/libstore/globals.hh (Settings) Add clientUid and clientGid.
* nix/nix-daemon/nix-daemon.cc (daemonLoop] Store UID and GID of the
caller in settings.
* nix/libstore/build.cc (_chown): New function.
(DerivationGoal::deleteTmpDir): Use it, change ownership of build
directory if it is kept and the new owner is not root.
---
nix/libstore/build.cc | 21 +++++++++++++++++++++
nix/libstore/globals.hh | 6 ++++++
nix/nix-daemon/nix-daemon.cc | 12 ++++++++++++
3 files changed, 39 insertions(+)
diff --git a/nix/libstore/build.cc b/nix/libstore/build.cc
index 889ee3d..e823001 100644
--- a/nix/libstore/build.cc
+++ b/nix/libstore/build.cc
@@ -2631,6 +2631,21 @@ void DerivationGoal::closeLogFile()
}
+static void _chown(const Path & path, uid_t uid, gid_t gid)
+{
+ checkInterrupt();
+
+ if (lchown(path.c_str(), uid, gid) == -1) {
+ throw SysError(format("change owner and group of `%1%'") % path);
+ }
+ struct stat st = lstat(path);
+ if (S_ISDIR(st.st_mode)) {
+ for (auto & i : readDirectory(path))
+ _chown(path + "/" + i.name, uid, gid);
+ }
+}
+
+
void DerivationGoal::deleteTmpDir(bool force)
{
if (tmpDir != "") {
@@ -2639,6 +2654,12 @@ void DerivationGoal::deleteTmpDir(bool force)
format("note: keeping build directory `%2%'")
% drvPath % tmpDir);
chmod(tmpDir.c_str(), 0755);
+ // Change the ownership if clientUid is set. Never change the
+ // ownership or the group to "root" for security reasons.
+ if (settings.clientUid != (uid_t) -1 && settings.clientUid != 0) {
+ _chown(tmpDir, settings.clientUid,
+ settings.clientGid != 0 ? settings.clientGid : -1);
+ }
}
else
deletePath(tmpDir);
diff --git a/nix/libstore/globals.hh b/nix/libstore/globals.hh
index 8c07e36..7beb1a5 100644
--- a/nix/libstore/globals.hh
+++ b/nix/libstore/globals.hh
@@ -70,6 +70,12 @@ struct Settings {
subgoal of the same goal) fails. */
bool keepGoing;
+ /* User and groud id of the client issuing the build request. Used to set
+ the owner and group of the kept temporary directories of failed
+ builds. */
+ uid_t clientUid;
+ gid_t clientGid;
+
/* Whether, if we cannot realise the known closure corresponding
to a derivation, we should try to normalise the derivation
instead. */
diff --git a/nix/nix-daemon/nix-daemon.cc b/nix/nix-daemon/nix-daemon.cc
index 682f9a2..47b67d5 100644
--- a/nix/nix-daemon/nix-daemon.cc
+++ b/nix/nix-daemon/nix-daemon.cc
@@ -960,6 +960,18 @@ static void daemonLoop()
strncpy(argvSaved[1], processName.c_str(), strlen(argvSaved[1]));
}
+#if defined(SO_PEERCRED)
+ /* Store the client's user and group for this connection. This
+ has to be done in the forked process since it is per
+ connection. */
+ settings.clientUid = cred.uid;
+ settings.clientGid = cred.gid;
+#else
+ /* Setting these to -1 means: do not change */
+ settings.clientUid = (uid_t) -1;
+ settings.clientGid = (gid_t) -1;
+#endif
+
/* Handle the connection. */
from.fd = remote;
to.fd = remote;
--
2.7.4
next parent reply other threads:[~2019-07-11 20:27 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <58494E16.9010909@crazy-compilers.com>
2019-07-11 20:26 ` Hartmut Goebel [this message]
2019-07-11 20:26 ` [bug#36605] [PATCH] gc: Add option --keep-going Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH] gnu: Add anonip Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH] gnu: Add dtrx Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH] gnu: Add php-hello-world Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH] gnu: Add python-gunicorn and python2-gunicorn Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 0/2] Updated patches for gunicorn Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 1/2] gnu: Add gunicorn and gunicorn-python2 Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 2/2] gnu: Build documentation for " Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 0/3] Emhancements to the ant-build-system Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 1/3] guix: ant-build-system: put dummy project-name into default build.xml Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 2/3] guix: ant-build-system: add empty `tests` target to " Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 3/3] gnu: Remove now useless #:tests? #f from java-packages Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 00/12] Java build-system and some packages Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 01/12] guix: ant-bulild-sytem: allow specifying the source directory Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 02/12] guix: ant-build-system: use abs path as basedir Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 03/12] guix: Add java-utils Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 04/12] gnu: Add java-plexus-utils Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 05/12] gnu: Add java-plexus-interpolation Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 06/12] gnu: Add java-commons-cli Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 07/12] gnu: Add java-commons-codec Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 08/12] gnu: Add java-commons-daemon Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 09/12] gnu: Add java-commons-io Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 10/12] gnu: Add java-commons-lang Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 11/12] gnu: Add java-commons-lang3 Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 12/12] gnu: Add java-commons-bcel Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 1/6] gnu: kcoreaddons: Enable test-suite Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 2/6] gnu: kirigami: " Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 3/6] gnu: kpackage: " Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 4/6] gnu: kemoticons: " Hartmut Goebel
2019-07-11 20:26 ` [bug#36605] [PATCH 5/6] gnu: knewstuff: " Hartmut Goebel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190711202644.32014-1-h.goebel@crazy-compilers.com \
--to=h.goebel@crazy-compilers.com \
--cc=36605@debbugs.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).