mirror of
https://github.com/NixOS/nix.git
synced 2024-11-22 23:02:27 +00:00
Merge pull request #7557 from NixOS/fix-7529
On macOS with auto-uid-allocation and sandboxing, use the correct gid
This commit is contained in:
commit
420ccecc1e
@ -123,8 +123,12 @@ struct AutoUserLock : UserLock
|
||||
|
||||
std::vector<gid_t> getSupplementaryGIDs() override { return {}; }
|
||||
|
||||
static std::unique_ptr<UserLock> acquire(uid_t nrIds, bool useChroot)
|
||||
static std::unique_ptr<UserLock> acquire(uid_t nrIds, bool useUserNamespace)
|
||||
{
|
||||
#if !defined(__linux__)
|
||||
useUserNamespace = false;
|
||||
#endif
|
||||
|
||||
settings.requireExperimentalFeature(Xp::AutoAllocateUids);
|
||||
assert(settings.startId > 0);
|
||||
assert(settings.uidCount % maxIdsPerBuild == 0);
|
||||
@ -157,7 +161,7 @@ struct AutoUserLock : UserLock
|
||||
auto lock = std::make_unique<AutoUserLock>();
|
||||
lock->fdUserLock = std::move(fd);
|
||||
lock->firstUid = firstUid;
|
||||
if (useChroot)
|
||||
if (useUserNamespace)
|
||||
lock->firstGid = firstUid;
|
||||
else {
|
||||
struct group * gr = getgrnam(settings.buildUsersGroup.get().c_str());
|
||||
@ -174,10 +178,10 @@ struct AutoUserLock : UserLock
|
||||
}
|
||||
};
|
||||
|
||||
std::unique_ptr<UserLock> acquireUserLock(uid_t nrIds, bool useChroot)
|
||||
std::unique_ptr<UserLock> acquireUserLock(uid_t nrIds, bool useUserNamespace)
|
||||
{
|
||||
if (settings.autoAllocateUids)
|
||||
return AutoUserLock::acquire(nrIds, useChroot);
|
||||
return AutoUserLock::acquire(nrIds, useUserNamespace);
|
||||
else
|
||||
return SimpleUserLock::acquire();
|
||||
}
|
||||
|
@ -31,7 +31,7 @@ struct UserLock
|
||||
|
||||
/* Acquire a user lock for a UID range of size `nrIds`. Note that this
|
||||
may return nullptr if no user is available. */
|
||||
std::unique_ptr<UserLock> acquireUserLock(uid_t nrIds, bool useChroot);
|
||||
std::unique_ptr<UserLock> acquireUserLock(uid_t nrIds, bool useUserNamespace);
|
||||
|
||||
bool useBuildUsers();
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user