From e9070bf4226b225a0b42798b20ea3947abf58a6f Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 4 Aug 2014 18:13:14 +0200 Subject: Move some options out of globals --- nix/libstore/globals.cc | 20 ++++++++++++++++---- nix/libstore/globals.hh | 4 ++++ nix/nix-daemon/nix-daemon.cc | 3 +++ 3 files changed, 23 insertions(+), 4 deletions(-) diff --git a/nix/libstore/globals.cc b/nix/libstore/globals.cc index 9da14dc51a..1cbe912625 100644 --- a/nix/libstore/globals.cc +++ b/nix/libstore/globals.cc @@ -57,8 +57,6 @@ Settings::Settings() lockCPU = getEnv("NIX_AFFINITY_HACK", "1") == "1"; showTrace = false; enableImportNative = false; - trustedUsers = Strings({"root"}); - allowedUsers = Strings({"*"}); } @@ -116,6 +114,22 @@ void Settings::set(const string & name, const string & value) } +string Settings::get(const string & name, const string & def) +{ + auto i = settings.find(name); + if (i == settings.end()) return def; + return i->second; +} + + +Strings Settings::get(const string & name, const Strings & def) +{ + auto i = settings.find(name); + if (i == settings.end()) return def; + return tokenizeString(i->second); +} + + void Settings::update() { _get(tryFallback, "build-fallback"); @@ -147,8 +161,6 @@ void Settings::update() _get(logServers, "log-servers"); _get(enableImportNative, "allow-unsafe-native-code-during-evaluation"); _get(useCaseHack, "use-case-hack"); - _get(trustedUsers, "trusted-users"); - _get(allowedUsers, "allowed-users"); string subs = getEnv("NIX_SUBSTITUTERS", "default"); if (subs == "default") { diff --git a/nix/libstore/globals.hh b/nix/libstore/globals.hh index df113e2b63..743d2061ff 100644 --- a/nix/libstore/globals.hh +++ b/nix/libstore/globals.hh @@ -21,6 +21,10 @@ struct Settings { void set(const string & name, const string & value); + string get(const string & name, const string & def); + + Strings get(const string & name, const Strings & def); + void update(); string pack(); diff --git a/nix/nix-daemon/nix-daemon.cc b/nix/nix-daemon/nix-daemon.cc index dc41cae7f5..422c7f67b3 100644 --- a/nix/nix-daemon/nix-daemon.cc +++ b/nix/nix-daemon/nix-daemon.cc @@ -882,6 +882,9 @@ static void daemonLoop() struct group * gr = getgrgid(cred.gid); string group = gr ? gr->gr_name : int2String(cred.gid); + Strings trustedUsers = settings.get("trusted-users", Strings({"root"})); + Strings allowedUsers = settings.get("allowed-users", Strings({"*"})); + if (matchUser(user, group, settings.trustedUsers)) trusted = true; -- cgit 1.4.1