summary refs log tree commit diff
path: root/nix/libstore
diff options
context:
space:
mode:
Diffstat (limited to 'nix/libstore')
-rw-r--r--nix/libstore/local-store.cc17
-rw-r--r--nix/libstore/local-store.hh2
-rw-r--r--nix/libstore/store-api.hh4
3 files changed, 21 insertions, 2 deletions
diff --git a/nix/libstore/local-store.cc b/nix/libstore/local-store.cc
index 3b08492c64..3793382361 100644
--- a/nix/libstore/local-store.cc
+++ b/nix/libstore/local-store.cc
@@ -88,8 +88,9 @@ LocalStore::LocalStore(bool reserveSpace)
 
         Path perUserDir = profilesDir + "/per-user";
         createDirs(perUserDir);
-        if (chmod(perUserDir.c_str(), 01777) == -1)
-            throw SysError(format("could not set permissions on '%1%' to 1777") % perUserDir);
+        if (chmod(perUserDir.c_str(), 0755) == -1)
+            throw SysError(format("could not set permissions on '%1%' to 755")
+                           % perUserDir);
 
         mode_t perm = 01775;
 
@@ -1642,4 +1643,16 @@ void LocalStore::vacuumDB()
 }
 
 
+void LocalStore::createUser(const std::string & userName, uid_t userId)
+{
+    auto dir = settings.nixStateDir + "/profiles/per-user/" + userName;
+
+    createDirs(dir);
+    if (chmod(dir.c_str(), 0755) == -1)
+	throw SysError(format("changing permissions of directory '%s'") % dir);
+    if (chown(dir.c_str(), userId, -1) == -1)
+	throw SysError(format("changing owner of directory '%s'") % dir);
+}
+
+
 }
diff --git a/nix/libstore/local-store.hh b/nix/libstore/local-store.hh
index 4113fafcb5..2e48cf03e6 100644
--- a/nix/libstore/local-store.hh
+++ b/nix/libstore/local-store.hh
@@ -180,6 +180,8 @@ public:
 
     void setSubstituterEnv();
 
+    void createUser(const std::string & userName, uid_t userId);
+
 private:
 
     Path schemaPath;
diff --git a/nix/libstore/store-api.hh b/nix/libstore/store-api.hh
index 2d9dcbd573..7d2ad2270d 100644
--- a/nix/libstore/store-api.hh
+++ b/nix/libstore/store-api.hh
@@ -289,6 +289,10 @@ public:
     /* Check the integrity of the Nix store.  Returns true if errors
        remain. */
     virtual bool verifyStore(bool checkContents, bool repair) = 0;
+
+    /* Create a profile for the given user.  This is done by the daemon
+       because the 'profiles/per-user' directory is not writable by users.  */
+    virtual void createUser(const std::string & userName, uid_t userId) = 0;
 };
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-21 23:21:36 +0000