[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] Add a ‘verifyStore’ RPC
From: |
Eelco Dolstra |
Subject: |
Re: [PATCH] Add a ‘verifyStore’ RPC |
Date: |
Wed, 03 Jun 2015 16:19:03 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 |
Hi,
On 03/06/15 10:27, Ludovic Courtès wrote:
>>> The patch below adds a ‘verifyStore’ RPC with the same signature as the
>>> current LocalStore::verifyStore method.
>>
>> Thanks! I've applied this with the following change to disallow repairing by
>> unprivileged users (since it's a potentially dangerous operation):
>>
>> https://github.com/NixOS/nix/commit/d8ddf994e70f97994e0f1fbd382df93cd071b90f
>
> Sounds good, although I’m unclear on how things could go wrong:
> repairing can only rebuild or use approved substitutes, right?
Repair may replace store paths non-atomically, which, if interrupted, can leave
the system in a broken state. (E.g. if you try to replace glibc and it fails
half-way through.)
--
Eelco Dolstra | LogicBlox, Inc. | http://nixos.org/~eelco/