[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#75810] [PATCH v8 05/16] daemon: Remount inputs as read-only.
|
From: |
Ludovic Courtès |
|
Subject: |
[bug#75810] [PATCH v8 05/16] daemon: Remount inputs as read-only. |
|
Date: |
Sun, 23 Mar 2025 15:24:58 +0100 |
* nix/libstore/build.cc (DerivationGoal::runChild): Remount ‘target’ as
read-only.
Reported-by: Reepca Russelstein <reepca@russelstein.xyz>
Change-Id: Ib7201bcf4363be566f205d23d17fe2f55d3ad666
---
nix/libstore/build.cc | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/nix/libstore/build.cc b/nix/libstore/build.cc
index 193b279b88..3861a1ffd9 100644
--- a/nix/libstore/build.cc
+++ b/nix/libstore/build.cc
@@ -2107,8 +2107,15 @@ void DerivationGoal::runChild()
createDirs(dirOf(target));
writeFile(target, "");
}
+
+ /* Extra flags passed with MS_BIND are ignored, hence the
+ extra MS_REMOUNT. */
if (mount(source.c_str(), target.c_str(), "", MS_BIND, 0) ==
-1)
throw SysError(format("bind mount from `%1%' to `%2%'
failed") % source % target);
+ if (source.compare(0, settings.nixStore.length(),
settings.nixStore) == 0) {
+ if (mount(source.c_str(), target.c_str(), "", MS_BIND |
MS_REMOUNT | MS_RDONLY, 0) == -1)
+ throw SysError(format("read-only remount of `%1%'
failed") % target);
+ }
}
/* Bind a new instance of procfs on /proc to reflect our
--
2.48.1
- [bug#75810] [PATCH v8 00/16] Rootless guix-daemon, Ludovic Courtès, 2025/03/23
- [bug#75810] [PATCH v8 01/16] daemon: Use ‘close_range’ where available., Ludovic Courtès, 2025/03/23
- [bug#75810] [PATCH v8 03/16] daemon: Bind-mount /etc/nsswitch.conf & co. only if it exists., Ludovic Courtès, 2025/03/23
- [bug#75810] [PATCH v8 06/16] daemon: Remount root directory as read-only., Ludovic Courtès, 2025/03/23
- [bug#75810] [PATCH v8 02/16] daemon: Close the read end of the logging pipe., Ludovic Courtès, 2025/03/23
- [bug#75810] [PATCH v8 04/16] daemon: Bind-mount all the inputs, not just directories., Ludovic Courtès, 2025/03/23
- [bug#75810] [PATCH v8 05/16] daemon: Remount inputs as read-only.,
Ludovic Courtès <=
- [bug#75810] [PATCH v8 09/16] daemon: Drop Linux ambient capabilities before executing builder., Ludovic Courtès, 2025/03/23
- [bug#75810] [PATCH v8 08/16] daemon: Create /var/guix/profiles/per-user unconditionally., Ludovic Courtès, 2025/03/23
- [bug#75810] [PATCH v8 10/16] daemon: Move comments where they belong., Ludovic Courtès, 2025/03/23
- [bug#75810] [PATCH v8 07/16] daemon: Allow running as non-root with unprivileged user namespaces., Ludovic Courtès, 2025/03/23
- [bug#75810] [PATCH v8 11/16] linux-container: ‘unprivileged-user-namespace-supported?’ returns #f on non-Linux., Ludovic Courtès, 2025/03/23
- [bug#75810] [PATCH v8 12/16] tests: Add missing derivation inputs., Ludovic Courtès, 2025/03/23
- [bug#75810] [PATCH v8 13/16] tests: Run in a chroot and unprivileged user namespaces., Ludovic Courtès, 2025/03/23
- [bug#75810] [PATCH v8 14/16] etc: systemd services: Run ‘guix-daemon’ as an unprivileged user., Ludovic Courtès, 2025/03/23