This commit is contained in:
Eelco Dolstra 2014-08-05 10:19:57 +02:00
parent 988bf59421
commit f02c52e3d4
2 changed files with 2 additions and 11 deletions

View File

@ -203,15 +203,6 @@ struct Settings {
/* Whether the importNative primop should be enabled */
bool enableImportNative;
/* List of users that have elevated rights in the Nix daemon, such
as the ability to specify additional binary caches, or to
import unsigned NARs. */
Strings trustedUsers;
/* List of users that are allowed to connect to the daemon, in
addition to the trusted users. These have normal rights. */
Strings allowedUsers;
private:
SettingsMap settings, overrides;

View File

@ -746,10 +746,10 @@ static void daemonLoop()
Strings trustedUsers = settings.get("trusted-users", Strings({"root"}));
Strings allowedUsers = settings.get("allowed-users", Strings({"*"}));
if (matchUser(user, group, settings.trustedUsers))
if (matchUser(user, group, trustedUsers))
trusted = true;
if (!trusted && !matchUser(user, group, settings.allowedUsers))
if (!trusted && !matchUser(user, group, allowedUsers))
throw Error(format("user `%1%' is not allowed to connect to the Nix daemon") % user);
printMsg(lvlInfo, format((string) "accepted connection from pid %1%, user %2%"