summary refs log tree commit diff
diff options
context:
space:
mode:
authorEelco Dolstra <eelco.dolstra@logicblox.com>2012-12-21 15:00:07 +0100
committerEelco Dolstra <eelco.dolstra@logicblox.com>2012-12-21 15:00:07 +0100
commit68dcbb187e540034e85b5b77d1b37cec1759a587 (patch)
tree5d7a45a3da8d39ebf6d63bcfd83e9b2c891f3178
parent5ee7d8fbab71b9eef94f1eecd38de511d00f6149 (diff)
downloadguix-68dcbb187e540034e85b5b77d1b37cec1759a587.tar.gz
download-from-binary-cache: Use the channels of the calling user rather than root
This should make live easier for single-user (non-daemon)
installations.  Note that when the daemon is used, the "calling user"
is root so we're not using any untrusted caches.
-rw-r--r--doc/manual/conf-file.xml10
-rw-r--r--scripts/download-from-binary-cache.pl.in4
2 files changed, 9 insertions, 5 deletions
diff --git a/doc/manual/conf-file.xml b/doc/manual/conf-file.xml
index 6a575b9e3a..70437686d8 100644
--- a/doc/manual/conf-file.xml
+++ b/doc/manual/conf-file.xml
@@ -341,10 +341,12 @@ build-use-chroot = /dev /proc /bin</programlisting>
 
     <listitem><para>A list of names of files that will be read to
     obtain additional binary cache URLs.  The default is
-    <literal>/nix/var/nix/profiles/per-user/root/channels/binary-caches/*</literal>,
-    which ensures that Nix will use the binary caches corresponding to
-    the channels installed by root.  Do not set this option to read
-    files created by untrusted users!</para></listitem>
+    <literal>/nix/var/nix/profiles/per-user/<replaceable>username</replaceable>/channels/binary-caches/*</literal>.
+    Note that when you’re using the Nix daemon,
+    <replaceable>username</replaceable> is always equal to
+    <literal>root</literal>, so Nix will only use the binary caches
+    provided by the channels installed by root.  Do not set this
+    option to read files created by untrusted users!</para></listitem>
 
   </varlistentry>
 
diff --git a/scripts/download-from-binary-cache.pl.in b/scripts/download-from-binary-cache.pl.in
index b822466719..98333dafb0 100644
--- a/scripts/download-from-binary-cache.pl.in
+++ b/scripts/download-from-binary-cache.pl.in
@@ -36,6 +36,8 @@ my %requests;
 my %scheduled;
 my $caBundle = $ENV{"CURL_CA_BUNDLE"} // $ENV{"OPENSSL_X509_CERT_FILE"};
 
+my $userName = getpwuid($<) or die "cannot figure out user name";
+
 
 sub addRequest {
     my ($storePath, $url, $head) = @_;
@@ -195,7 +197,7 @@ sub getAvailableCaches {
     # // ($Nix::Config::storeDir eq "/nix/store" ? "http://nixos.org/binary-cache" : ""));
 
     my $urlsFiles = $Nix::Config::config{"binary-cache-files"}
-        // "/nix/var/nix/profiles/per-user/root/channels/binary-caches/*";
+        // "$Nix::Config::stateDir/profiles/per-user/$userName/channels/binary-caches/*";
     foreach my $urlFile (glob $urlsFiles) {
         next unless -f $urlFile;
         open FILE, "<$urlFile" or die "cannot open ‘$urlFile’\n";