diff options
| author | Ludovic Courtès <ludo@gnu.org> | 2019-10-16 11:51:42 +0200 |
|---|---|---|
| committer | Ludovic Courtès <ludo@gnu.org> | 2019-10-16 22:53:40 +0200 |
| commit | 81c580c8664bfeeb767e2c47ea343004e88223c7 (patch) | |
| tree | 682678e9f32fd6c38f78ccd5cd2ab58ee736e1be /nix/nix-daemon | |
| parent | a1aaca314ca94700ebe3449d6bd73522f2d243bc (diff) | |
| download | guix-patches-81c580c8664bfeeb767e2c47ea343004e88223c7.tar guix-patches-81c580c8664bfeeb767e2c47ea343004e88223c7.tar.gz | |
daemon: Make 'profiles/per-user' non-world-writable.
Fixes <https://bugs.gnu.org/37744>.
Reported at <https://www.openwall.com/lists/oss-security/2019/10/09/4>.
Based on Nix commit 5a303093dcae1e5ce9212616ef18f2ca51020b0d
by Eelco Dolstra <edolstra@gmail.com>.
* nix/libstore/local-store.cc (LocalStore::LocalStore): Set 'perUserDir'
to #o755 instead of #o1777.
(LocalStore::createUser): New function.
* nix/libstore/local-store.hh (LocalStore): Add it.
* nix/libstore/store-api.hh (StoreAPI): Add it.
* nix/nix-daemon/nix-daemon.cc (performOp): In 'wopSetOptions', add
condition to handle "user-name" property and honor it.
(processConnection): Add 'userId' parameter. Call 'store->createUser'
when userId is not -1.
* guix/profiles.scm (ensure-profile-directory): Note that this is now
handled by the daemon.
* guix/store.scm (current-user-name): New procedure.
(set-build-options): Add #:user-name parameter and pass it to the daemon.
* tests/guix-daemon.sh: Test the creation of 'profiles/per-user' when
listening on a TCP socket.
* tests/store.scm ("profiles/per-user exists and is not writable")
("profiles/per-user/$USER exists"): New tests.
Diffstat (limited to 'nix/nix-daemon')
| -rw-r--r-- | nix/nix-daemon/nix-daemon.cc | 24 |
1 files changed, 22 insertions, 2 deletions
diff --git a/nix/nix-daemon/nix-daemon.cc b/nix/nix-daemon/nix-daemon.cc index 1163a249d1..3dd156ba77 100644 --- a/nix/nix-daemon/nix-daemon.cc +++ b/nix/nix-daemon/nix-daemon.cc @@ -613,6 +613,17 @@ static void performOp(bool trusted, unsigned int clientVersion, || name == "build-repeat" || name == "multiplexed-build-output") settings.set(name, value); + else if (name == "user-name" + && settings.clientUid == (uid_t) -1) { + /* Create the user profile. This is necessary if + clientUid = -1, for instance because the client + connected over TCP. */ + struct passwd *pw = getpwnam(value.c_str()); + if (pw != NULL) + store->createUser(value, pw->pw_uid); + else + printMsg(lvlInfo, format("user name %1% not found") % value); + } else settings.set(trusted ? name : "untrusted-" + name, value); } @@ -731,7 +742,7 @@ static void performOp(bool trusted, unsigned int clientVersion, } -static void processConnection(bool trusted) +static void processConnection(bool trusted, uid_t userId) { canSendStderr = false; _writeToStderr = tunnelStderr; @@ -778,6 +789,15 @@ static void processConnection(bool trusted) /* Open the store. */ store = std::shared_ptr<StoreAPI>(new LocalStore(reserveSpace)); + if (userId != (uid_t) -1) { + /* Create the user profile. */ + struct passwd *pw = getpwuid(userId); + if (pw != NULL && pw->pw_name != NULL) + store->createUser(pw->pw_name, userId); + else + printMsg(lvlInfo, format("user with UID %1% not found") % userId); + } + stopWork(); to.flush(); @@ -963,7 +983,7 @@ static void acceptConnection(int fdSocket) /* Handle the connection. */ from.fd = remote; to.fd = remote; - processConnection(trusted); + processConnection(trusted, clientUid); exit(0); }, false, "unexpected build daemon error: ", true); |