mirror of
https://github.com/privatevoid-net/nix-super.git
synced 2024-11-27 00:06:16 +02:00
Merge remote-tracking branch 'origin/master' into flakes
This commit is contained in:
commit
f3505a7899
2 changed files with 14 additions and 8 deletions
|
@ -503,14 +503,14 @@
|
|||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><emphasis>Pure evaluation mode</emphasis>. This is a variant
|
||||
of the existing restricted evaluation mode. In pure mode, the Nix
|
||||
evaluator forbids access to anything that could cause different
|
||||
evaluations of the same command line arguments to produce a
|
||||
<para><emphasis>Pure evaluation mode</emphasis>. With the
|
||||
<literal>--pure-eval</literal> flag, Nix enables a variant of the existing
|
||||
restricted evaluation mode that forbids access to anything that could cause
|
||||
different evaluations of the same command line arguments to produce a
|
||||
different result. This includes builtin functions such as
|
||||
<function>builtins.getEnv</function>, but more importantly,
|
||||
<emphasis>all</emphasis> filesystem or network access unless a
|
||||
content hash or commit hash is specified. For example, calls to
|
||||
<emphasis>all</emphasis> filesystem or network access unless a content hash
|
||||
or commit hash is specified. For example, calls to
|
||||
<function>builtins.fetchGit</function> are only allowed if a
|
||||
<varname>rev</varname> attribute is specified.</para>
|
||||
|
||||
|
|
|
@ -33,6 +33,9 @@ std::unique_ptr<SSHMaster::Connection> SSHMaster::startCommand(const std::string
|
|||
out.create();
|
||||
|
||||
auto conn = std::make_unique<Connection>();
|
||||
ProcessOptions options;
|
||||
options.dieWithParent = false;
|
||||
|
||||
conn->sshPid = startProcess([&]() {
|
||||
restoreSignals();
|
||||
|
||||
|
@ -64,7 +67,7 @@ std::unique_ptr<SSHMaster::Connection> SSHMaster::startCommand(const std::string
|
|||
|
||||
// could not exec ssh/bash
|
||||
throw SysError("unable to execute '%s'", args.front());
|
||||
});
|
||||
}, options);
|
||||
|
||||
|
||||
in.readSide = -1;
|
||||
|
@ -91,6 +94,9 @@ Path SSHMaster::startMaster()
|
|||
Pipe out;
|
||||
out.create();
|
||||
|
||||
ProcessOptions options;
|
||||
options.dieWithParent = false;
|
||||
|
||||
state->sshMaster = startProcess([&]() {
|
||||
restoreSignals();
|
||||
|
||||
|
@ -110,7 +116,7 @@ Path SSHMaster::startMaster()
|
|||
execvp(args.begin()->c_str(), stringsToCharPtrs(args).data());
|
||||
|
||||
throw SysError("unable to execute '%s'", args.front());
|
||||
});
|
||||
}, options);
|
||||
|
||||
out.writeSide = -1;
|
||||
|
||||
|
|
Loading…
Reference in a new issue