[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
65/118: nix-daemon: Only print connection info if we have SO_PEERCRED
|
From: |
Ludovic Courtès |
|
Subject: |
65/118: nix-daemon: Only print connection info if we have SO_PEERCRED |
|
Date: |
Tue, 19 May 2015 14:45:42 +0000 |
civodul pushed a commit to branch nix
in repository guix.
commit 77c972c898b325997fa2f527264a9706f1e414a5
Author: Eelco Dolstra <address@hidden>
Date: Thu Jul 17 15:41:11 2014 +0200
nix-daemon: Only print connection info if we have SO_PEERCRED
---
src/nix-daemon/nix-daemon.cc | 21 ++++++++++++---------
1 files changed, 12 insertions(+), 9 deletions(-)
diff --git a/src/nix-daemon/nix-daemon.cc b/src/nix-daemon/nix-daemon.cc
index ab9e4b9..f486806 100644
--- a/src/nix-daemon/nix-daemon.cc
+++ b/src/nix-daemon/nix-daemon.cc
@@ -854,22 +854,25 @@ static void daemonLoop()
closeOnExec(remote);
- /* Get the identity of the caller, if possible. */
- uid_t clientUid = -1;
- pid_t clientPid = -1;
bool trusted = false;
+ pid_t clientPid = -1;
+
#if defined(SO_PEERCRED)
+ /* Get the identity of the caller, if possible. */
+ uid_t clientUid = -1;
+
ucred cred;
socklen_t credLen = sizeof(cred);
- if (getsockopt(remote, SOL_SOCKET, SO_PEERCRED, &cred, &credLen)
!= -1) {
- clientPid = cred.pid;
- clientUid = cred.uid;
- if (clientUid == 0) trusted = true;
- }
-#endif
+ if (getsockopt(remote, SOL_SOCKET, SO_PEERCRED, &cred, &credLen)
== -1)
+ throw SysError("getting peer credentials");
+
+ clientPid = cred.pid;
+ clientUid = cred.uid;
+ if (clientUid == 0) trusted = true;
printMsg(lvlInfo, format("accepted connection from pid %1%, uid
%2%") % clientPid % clientUid);
+#endif
/* Fork a child to handle the connection. */
startProcess([&]() {
- 41/118: nix-copy-closure: Restore compression and the progress viewer, (continued)
- 41/118: nix-copy-closure: Restore compression and the progress viewer, Ludovic Courtès, 2015/05/19
- 54/118: build-remote.pl: Don't keep a shell process around, Ludovic Courtès, 2015/05/19
- 57/118: Manual: Typo, Ludovic Courtès, 2015/05/19
- 53/118: build-remote.pl: Fix build log, Ludovic Courtès, 2015/05/19
- 66/118: nix-daemon: Show name of connecting user, Ludovic Courtès, 2015/05/19
- 58/118: Pass *_proxy vars to bootstrap fetchurl, Ludovic Courtès, 2015/05/19
- 56/118: Remove cruft, Ludovic Courtès, 2015/05/19
- 48/118: Fix broken Pid constructor, Ludovic Courtès, 2015/05/19
- 51/118: build-remote.pl: Use ‘nix-store --serve’ on the remote side, Ludovic Courtès, 2015/05/19
- 62/118: Be more strict about file names in NARs, Ludovic Courtès, 2015/05/19
- 65/118: nix-daemon: Only print connection info if we have SO_PEERCRED,
Ludovic Courtès <=
- 72/118: Remove dead code, Ludovic Courtès, 2015/05/19
- 55/118: build-remote.pl: Fix building multiple output derivations, Ludovic Courtès, 2015/05/19
- 59/118: Install systemd and Upstart stuff only on Linux, Ludovic Courtès, 2015/05/19
- 68/118: Ugly hack to fix building on old Darwin, Ludovic Courtès, 2015/05/19
- 64/118: nix-daemon: Fix compat with older clients, Ludovic Courtès, 2015/05/19
- 61/118: Handle case collisions on case-insensitive systems, Ludovic Courtès, 2015/05/19
- 60/118: Make dev-shell script work on Darwin, Ludovic Courtès, 2015/05/19
- 71/118: Revert old useBuildHook behaviour, Ludovic Courtès, 2015/05/19
- 63/118: Get rid of a compiler warning, Ludovic Courtès, 2015/05/19
- 67/118: nix-daemon: Add trusted-users and allowed-users options, Ludovic Courtès, 2015/05/19