Move some options out of globals
This commit is contained in:
parent
daccd68999
commit
988bf59421
4 changed files with 15 additions and 6 deletions
|
@ -103,7 +103,7 @@ void run(Strings args)
|
|||
|
||||
/* Pass on the location of the daemon client's SSH authentication
|
||||
socket. */
|
||||
string sshAuthSock = settings.get("ssh-auth-sock");
|
||||
string sshAuthSock = settings.get("ssh-auth-sock", "");
|
||||
if (sshAuthSock != "") setenv("SSH_AUTH_SOCK", sshAuthSock.c_str(), 1);
|
||||
|
||||
string host = settings.sshSubstituterHosts.front();
|
||||
|
|
|
@ -63,8 +63,6 @@ Settings::Settings()
|
|||
lockCPU = getEnv("NIX_AFFINITY_HACK", "1") == "1";
|
||||
showTrace = false;
|
||||
enableImportNative = false;
|
||||
trustedUsers = Strings({"root"});
|
||||
allowedUsers = Strings({"*"});
|
||||
}
|
||||
|
||||
|
||||
|
@ -130,6 +128,14 @@ string Settings::get(const string & name, const string & def)
|
|||
}
|
||||
|
||||
|
||||
Strings Settings::get(const string & name, const Strings & def)
|
||||
{
|
||||
auto i = settings.find(name);
|
||||
if (i == settings.end()) return def;
|
||||
return tokenizeString<Strings>(i->second);
|
||||
}
|
||||
|
||||
|
||||
void Settings::update()
|
||||
{
|
||||
_get(tryFallback, "build-fallback");
|
||||
|
@ -161,8 +167,6 @@ void Settings::update()
|
|||
_get(logServers, "log-servers");
|
||||
_get(enableImportNative, "allow-unsafe-native-code-during-evaluation");
|
||||
_get(useCaseHack, "use-case-hack");
|
||||
_get(trustedUsers, "trusted-users");
|
||||
_get(allowedUsers, "allowed-users");
|
||||
|
||||
string subs = getEnv("NIX_SUBSTITUTERS", "default");
|
||||
if (subs == "default") {
|
||||
|
|
|
@ -21,7 +21,9 @@ struct Settings {
|
|||
|
||||
void set(const string & name, const string & value);
|
||||
|
||||
string get(const string & name, const string & def = "");
|
||||
string get(const string & name, const string & def);
|
||||
|
||||
Strings get(const string & name, const Strings & def);
|
||||
|
||||
void update();
|
||||
|
||||
|
|
|
@ -743,6 +743,9 @@ static void daemonLoop()
|
|||
struct group * gr = getgrgid(cred.gid);
|
||||
string group = gr ? gr->gr_name : int2String(cred.gid);
|
||||
|
||||
Strings trustedUsers = settings.get("trusted-users", Strings({"root"}));
|
||||
Strings allowedUsers = settings.get("allowed-users", Strings({"*"}));
|
||||
|
||||
if (matchUser(user, group, settings.trustedUsers))
|
||||
trusted = true;
|
||||
|
||||
|
|
Loading…
Reference in a new issue