picnoir/nix-gh
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
nix-gh/src/libstore
History
Eelco Dolstra bd013b6f98 On Linux, make the Nix store really read-only by using the immutable bit 
I was bitten one time too many by Python modifying the Nix store by
creating *.pyc files when run as root.  On Linux, we can prevent this
by setting the immutable bit on files and directories (as in ‘chattr
+i’).  This isn't supported by all filesystems, so it's not an error
if setting the bit fails.  The immutable bit is cleared by the garbage
collector before deleting a path.  The only tricky aspect is in
optimiseStore(), since it's forbidden to create hard links to an
immutable file.  Thus optimiseStore() temporarily clears the immutable
bit before creating the link.
2012-02-15 01:31:56 +01:00
..
build.cc Use data() instead of c_str() where appropriate 2012-02-09 18:27:45 +01:00
derivations.cc * Ouch. A store upgrade could cause a substituter to be triggered, 2011-09-12 09:07:43 +00:00
derivations.hh * Eliminate all uses of the global variable ‘store’ from libstore. 2011-08-31 21:11:50 +00:00
gc.cc Don't use deletePath() to delete a single file 2012-02-15 00:28:01 +01:00
globals.cc * Move initialisation of variables like nixConfDir from libmain to 2011-11-22 17:28:41 +00:00
globals.hh * Move initialisation of variables like nixConfDir from libmain to 2011-11-22 17:28:41 +00:00
local-store.cc On Linux, make the Nix store really read-only by using the immutable bit 2012-02-15 01:31:56 +01:00
local-store.hh * Sync with the trunk. 2011-12-16 23:33:01 +00:00
Makefile.am * Move initialisation of variables like nixConfDir from libmain to 2011-11-22 17:28:41 +00:00
misc.cc * Oops. 2011-12-30 17:13:25 +00:00
misc.hh * Eliminate all uses of the global variable ‘store’ from libstore. 2011-08-31 21:11:50 +00:00
optimise-store.cc On Linux, make the Nix store really read-only by using the immutable bit 2012-02-15 01:31:56 +01:00
pathlocks.cc * Another case of lock file permissions being too liberal. 2011-12-21 19:17:45 +00:00
pathlocks.hh * Revert r19797, and use a simpler solution: just don't monitor build 2010-02-03 21:38:41 +00:00
references.cc Use data() instead of c_str() where appropriate 2012-02-09 18:27:45 +01:00
references.hh * Store the size of a store path in the database (to be precise, the 2010-11-16 17:11:46 +00:00
remote-store.cc Use data() instead of c_str() where appropriate 2012-02-09 18:27:45 +01:00
remote-store.hh * Sync with the trunk. 2011-12-16 23:33:01 +00:00
schema.sql * Store the size of a store path in the database (to be precise, the 2010-11-16 17:11:46 +00:00
store-api.cc * Add an API function exportPaths() that provides the functionality of 2011-11-23 15:13:37 +00:00
store-api.hh * Reject a build if there is a cycle among the outputs. This is 2011-12-30 14:47:14 +00:00
worker-protocol.hh * Sync with the trunk. 2011-12-16 23:33:01 +00:00