max/nix-super
1
0
Fork 0
mirror of https://github.com/privatevoid-net/nix-super.git synced 2024-11-16 03:06:17 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
nix-super/src/libstore
History
Félix Baylac-Jacqué 40a7929c8e Daemon: warn when an untrusted user cannot override a setting 
In a daemon-based Nix setup, some options cannot be overridden by a
client unless the client's user is considered trusted.

Currently, if an untrusted user tries to override one of those
options, we are silently ignoring it.

This can be pretty confusing in certain situations.

e.g. a user thinks he disabled the sandbox when in reality he did not.

We are now sending a warning message letting know the user some options
have been ignored.

Related to #1761.

This is a cherry-pick of 9e0f5f803f.
The above commit has been reverted by
a59e77d9e5 to prevent spamming warnings
with experimental features, but these are now totally ignored on the
daemon side, so there's no reason for the revert any more.
2024-03-20 17:55:35 +01:00
..
build Fix the outputs moving on macOS 2024-03-07 14:52:40 +01:00
builtins Merge pull request #10006 from edolstra/fix-impure-fetchurl 2024-02-13 22:50:55 +01:00
binary-cache-store.cc Avoid creating temporary store object for git over the wire 2024-02-27 11:27:34 -05:00
binary-cache-store.hh Avoid creating temporary store object for git over the wire 2024-02-27 11:27:34 -05:00
build-result.cc Test the rest of the worker protocol serializers 2023-10-04 15:31:52 -04:00
build-result.hh Fix gcc 12 warnings 2024-02-28 22:59:20 +01:00
builtins.hh builtin:{unpack-channel,buildenv}: Get output path from the derivation 2024-02-12 16:34:59 +01:00
ca-specific-schema.sql ca: add sqlite index on RealisationsRefs(realisationReference) 2022-04-21 10:06:39 +02:00
common-protocol-impl.hh Restrict some code to StoreDirConfig 2023-11-04 19:05:36 -04:00
common-protocol.cc Merge pull request #6236 from obsidiansystems/store-dir-config 2023-12-01 15:38:14 +01:00
common-protocol.hh Restrict some code to StoreDirConfig 2023-11-04 19:05:36 -04:00
content-address.cc Add Git object hashing to the store layer 2024-02-27 11:27:34 -05:00
content-address.hh treewide: hash type -> hash algorithm 2024-02-26 18:09:06 +08:00
daemon.cc Daemon: warn when an untrusted user cannot override a setting 2024-03-20 17:55:35 +01:00
daemon.hh Add Store::isTrustedClient() 2023-04-06 19:59:57 -04:00
derivations.cc Avoid creating temporary store object for git over the wire 2024-02-27 11:27:34 -05:00
derivations.hh refactor: Impure derivation type isPure -> isImpure 2024-01-27 11:00:10 +01:00
derived-path-map.cc Split up util.{hh,cc} 2023-11-05 12:20:02 -05:00
derived-path-map.hh Split up util.{hh,cc} 2023-11-05 12:20:02 -05:00
derived-path.cc use std::tie() for macro-generated operators 2023-12-19 19:32:16 +01:00
derived-path.hh Merge pull request #6236 from obsidiansystems/store-dir-config 2023-12-01 15:38:14 +01:00
downstream-placeholder.cc Renamed HashFormat::Base32 to HashFormat::Nix32 2023-12-06 23:43:42 +01:00
downstream-placeholder.hh Introduce OutputName and OutputNameView type aliases 2023-08-25 09:55:07 -04:00
dummy-store.cc Avoid creating temporary store object for git over the wire 2024-02-27 11:27:34 -05:00
dummy-store.md Support per-store Markdown documentation 2023-03-21 14:03:40 +01:00
export-import.cc ParseSink -> FileSystemObjectSink 2024-01-22 18:01:18 -05:00
filetransfer.cc Tarball fetcher: Use the content-addressed Git cache 2024-02-20 12:57:36 +01:00
filetransfer.hh Tarball fetcher: Use the content-addressed Git cache 2024-02-20 12:57:36 +01:00
gc-store.hh Clean up store hierarchy with IndirectRootStore 2023-07-24 09:19:44 -04:00
gc.cc Sleep a bit between attempts to connect to the root server 2024-01-16 15:26:17 +01:00
globals.cc Separate SystemError from SysError 2024-01-12 12:00:33 -05:00
globals.hh treewide: hash type -> hash algorithm 2024-02-26 18:09:06 +08:00
http-binary-cache-store.cc Add Store::isTrustedClient() 2023-04-06 19:59:57 -04:00
http-binary-cache-store.md Support per-store Markdown documentation 2023-03-21 14:03:40 +01:00
indirect-root-store.hh MountedSSHStore: stores on shared filesystems 2023-11-21 13:34:01 -05:00
keys.cc Separate SystemError from SysError 2024-01-12 12:00:33 -05:00
keys.hh Signer infrastructure: Prep for #9076 2024-01-03 16:13:55 -05:00
legacy-ssh-store.cc Make SSHMaster::startCommand work on an args list 2024-01-22 17:46:57 -05:00
legacy-ssh-store.hh Avoid creating temporary store object for git over the wire 2024-02-27 11:27:34 -05:00
legacy-ssh-store.md Support per-store Markdown documentation 2023-03-21 14:03:40 +01:00
length-prefixed-protocol-helper.hh Restrict some code to StoreDirConfig 2023-11-04 19:05:36 -04:00
local-binary-cache-store.cc Add Store::isTrustedClient() 2023-04-06 19:59:57 -04:00
local-binary-cache-store.md Support per-store Markdown documentation 2023-03-21 14:03:40 +01:00
local-fs-store.cc CanonPath, SourcePath: Change operator + to / 2024-02-05 15:17:39 +01:00
local-fs-store.hh Add Git object hashing to the store layer 2024-02-27 11:27:34 -05:00
local-store.cc Fix a too smart implicit cast 2024-02-28 08:00:17 +01:00
local-store.hh Avoid creating temporary store object for git over the wire 2024-02-27 11:27:34 -05:00
local-store.md Tweaks 2023-03-23 15:32:59 +01:00
local.mk Only link with -pthread on Unix 2024-01-10 20:38:39 -05:00
lock.cc Split up util.{hh,cc} 2023-11-05 12:20:02 -05:00
lock.hh Finish converting existing comments for internal API docs (#8146) 2023-04-07 13:55:28 +00:00
log-store.cc Move the getBuildLog implementation to its own implementation file 2023-01-13 11:05:44 +01:00
log-store.hh Finish converting existing comments for internal API docs (#8146) 2023-04-07 13:55:28 +00:00
machines.cc Convert Machine::speedFactor from a non-neg int to a non-neg float 2024-01-24 01:03:07 -05:00
machines.hh Convert Machine::speedFactor from a non-neg int to a non-neg float 2024-01-24 01:03:07 -05:00
make-content-addressed.cc HashType: Rename to HashAlgorithm 2023-12-06 23:43:42 +01:00
make-content-addressed.hh makeContentAddressed: Add single path helper 2023-06-30 18:22:47 +02:00
misc.cc Fix building CA derivations with and eval store 2023-12-11 12:17:36 -05:00
mounted-ssh-store.md MountedSSHStore: stores on shared filesystems 2023-11-21 13:34:01 -05:00
names.cc return string_views from forceString* 2022-01-27 17:15:43 +01:00
names.hh Ensure all headers have #pragma once and are in API docs 2023-03-31 23:19:44 -04:00
nar-accessor.cc CanonPath, SourcePath: Change operator + to / 2024-02-05 15:17:39 +01:00
nar-accessor.hh Fix consts and casts 2023-11-08 17:29:55 +01:00
nar-info-disk-cache.cc Update nar-info-disk-cache.cc 2024-02-12 23:37:40 +03:00
nar-info-disk-cache.hh Finish converting existing comments for internal API docs (#8146) 2023-04-07 13:55:28 +00:00
nar-info.cc Renamed HashFormat::Base32 to HashFormat::Nix32 2023-12-06 23:43:42 +01:00
nar-info.hh Fix consts and casts 2023-11-08 17:29:55 +01:00
nix-store.pc.in Fix building with GCC 9 2023-02-10 18:38:57 +01:00
optimise-store.cc Add Git object hashing to the store layer 2024-02-27 11:27:34 -05:00
outputs-spec.cc Fix moves that accidentally copy anyway 2023-10-16 21:48:35 +01:00
outputs-spec.hh Introduce OutputName and OutputNameView type aliases 2023-08-25 09:55:07 -04:00
parsed-derivations.cc Renamed HashFormat::Base32 to HashFormat::Nix32 2023-12-06 23:43:42 +01:00
parsed-derivations.hh Ensure all headers have #pragma once and are in API docs 2023-03-31 23:19:44 -04:00
path-info.cc Signer infrastructure: Prep for #9076 2024-01-03 16:13:55 -05:00
path-info.hh Signer infrastructure: Prep for #9076 2024-01-03 16:13:55 -05:00
path-references.cc HashType: Rename to HashAlgorithm 2023-12-06 23:43:42 +01:00
path-references.hh Split up util.{hh,cc} 2023-11-05 12:20:02 -05:00
path-regex.hh Disallow store path names that are . or .. (plus opt. -) 2024-01-31 18:35:19 +01:00
path-with-outputs.cc Restrict some code to StoreDirConfig 2023-11-04 19:05:36 -04:00
path-with-outputs.hh Restrict some code to StoreDirConfig 2023-11-04 19:05:36 -04:00
path.cc Disallow store path names that are . or .. (plus opt. -) 2024-01-31 18:35:19 +01:00
path.hh Ensure all headers have #pragma once and are in API docs 2023-03-31 23:19:44 -04:00
pathlocks.cc Split up util.{hh,cc} 2023-11-05 12:20:02 -05:00
pathlocks.hh Split up util.{hh,cc} 2023-11-05 12:20:02 -05:00
posix-fs-canonicalise.cc Fix NetBSD build 2024-01-02 12:33:51 -05:00
posix-fs-canonicalise.hh Put canonicaliseTimestampAndPermissions in its own header/file 2023-11-21 12:57:59 -05:00
profiles.cc Split up util.{hh,cc} 2023-11-05 12:20:02 -05:00
profiles.hh Clean up a few things related to profiles (#8526) 2023-06-19 04:04:59 +00:00
realisation.cc Signer infrastructure: Prep for #9076 2024-01-03 16:13:55 -05:00
realisation.hh Signer infrastructure: Prep for #9076 2024-01-03 16:13:55 -05:00
remote-fs-accessor.cc Separate SystemError from SysError 2024-01-12 12:00:33 -05:00
remote-fs-accessor.hh Merge FSAccessor into SourceAccessor 2023-11-01 17:09:28 +01:00
remote-store-connection.hh Split up util.{hh,cc} 2023-11-05 12:20:02 -05:00
remote-store.cc Fix gcc 12 warnings 2024-02-28 22:59:20 +01:00
remote-store.hh Avoid creating temporary store object for git over the wire 2024-02-27 11:27:34 -05:00
s3-binary-cache-store.cc Remove bug-avoiding StoreConfig * casts for settings 2023-10-31 12:09:46 -04:00
s3-binary-cache-store.hh Ensure all headers have #pragma once and are in API docs 2023-03-31 23:19:44 -04:00
s3-binary-cache-store.md Merge how-to section on S3 buckets into S3 store docs (#7972) 2023-10-23 13:22:33 -04:00
s3.hh Ensure all headers have #pragma once and are in API docs 2023-03-31 23:19:44 -04:00
schema.sql schema.sql: add comment about hash being in base16 2022-06-01 14:59:57 +02:00
serve-protocol-impl.cc Factor our ServeProto::BasicServerConnection::handshake 2024-01-22 12:43:11 -05:00
serve-protocol-impl.hh Factor our ServeProto::BasicServerConnection::handshake 2024-01-22 12:43:11 -05:00
serve-protocol.cc Create ServeProto::BuildOptions and a serializer for it 2023-12-09 11:35:13 -05:00
serve-protocol.hh Factor our ServeProto::BasicServerConnection::handshake 2024-01-22 12:43:11 -05:00
sqlite.cc Rename hintfmt to HintFmt 2024-02-08 11:58:25 -08:00
sqlite.hh Rename hintfmt to HintFmt 2024-02-08 11:58:25 -08:00
ssh-store-config.hh Document each store type on its own page 2023-12-01 01:27:52 +01:00
ssh-store.cc Make SSHMaster::startCommand work on an args list 2024-01-22 17:46:57 -05:00
ssh-store.md Support per-store Markdown documentation 2023-03-21 14:03:40 +01:00
ssh.cc Make SSHMaster::startCommand work on an args list 2024-01-22 17:46:57 -05:00
ssh.hh Make SSHMaster::startCommand work on an args list 2024-01-22 17:46:57 -05:00
store-api.cc Avoid creating temporary store object for git over the wire 2024-02-27 11:27:34 -05:00
store-api.hh Avoid creating temporary store object for git over the wire 2024-02-27 11:27:34 -05:00
store-cast.hh Ensure all headers have #pragma once and are in API docs 2023-03-31 23:19:44 -04:00
store-dir-config.hh Remove now-redundant text-hashing store methods 2023-12-18 10:44:10 -05:00
uds-remote-store.cc Split up util.{hh,cc} 2023-11-05 12:20:02 -05:00
uds-remote-store.hh Add Git object hashing to the store layer 2024-02-27 11:27:34 -05:00
uds-remote-store.md Support per-store Markdown documentation 2023-03-21 14:03:40 +01:00
worker-protocol-impl.hh Restrict some code to StoreDirConfig 2023-11-04 19:05:36 -04:00
worker-protocol.cc worker protocol: serialise cgroup stats in BuildResult (#9598) 2023-12-13 16:37:17 -05:00
worker-protocol.hh worker protocol: serialise cgroup stats in BuildResult (#9598) 2023-12-13 16:37:17 -05:00