nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-01-18 19:03:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
4f8f1c30cb
nixpkgs/pkgs
History
Rickard Nilsson 4f8f1c30cb openssh: Use the default privilege separation dir (/var/empty) 
(This is a rewritten version of the reverted commit
a927709a35, that disables the creation of
/var/empty during build so that sandboxed builds also works. For more
context, see https://github.com/NixOS/nixpkgs/pull/16966)

If running NixOS inside a container where the host's root-owned files
and directories have been mapped to some other uid (like nobody), the
ssh daemon fails to start, producing this error message:

fatal: /nix/store/...-openssh-7.2p2/empty must be owned by root and not group or world-writable.

The reason for this is that when openssh is built, we explicitly set
`--with-privsep-path=$out/empty`. This commit removes that flag which
causes the default directory /var/empty to be used instead. Since NixOS'
activation script correctly sets up that directory, the ssh daemon now
also works within containers that have a non-root-owned nix store.
2016-07-16 10:15:58 +02:00
..
applications nixpkgs: bittorrentSync 2.3.7 -> 2.3.8 2016-07-16 01:20:15 -05:00
build-support buildInLinuxVM: Workaround bug #16742 2016-07-14 15:12:50 +03:00
data geolite-legacy: 2016-07-04 -> 2016-07-08 2016-07-08 20:15:02 +02:00
desktops Merge branch 'staging' 2016-07-14 15:51:28 +02:00
development Merge pull request #16977 from markus1189/scalafmt 2016-07-16 07:57:19 +02:00
games spring: 101.0 -> 102.0 (#16934) 2016-07-14 09:19:04 +02:00
misc vim-plugin:YouCompleteMe: propogatedBuildInputs -> propagatedBuildInputs 2016-07-14 17:26:19 +05:30
os-specific Merge pull request #16961 from womfoo/bump/eventstat-0.03.02 2016-07-14 22:19:33 +04:00
servers nixpkgs: upgrade plex packages 2016-07-16 01:20:15 -05:00
shells oh-my-zsh: 2016-06-18 -> 2016-07-05 (#16874) 2016-07-12 09:55:17 +02:00
stdenv darwin make-bootstrap-tools: Document reason for special coreutils 2016-07-09 17:23:43 +03:00
test Remove cruft 2016-04-26 17:31:54 +02:00
tools openssh: Use the default privilege separation dir (/var/empty) 2016-07-16 10:15:58 +02:00
top-level pythonPackages.cffi: fix on darwin 2016-07-15 22:01:58 -04:00