* On systems that have the setresuid() and setresgid() system calls to
set the real uid and gid to the effective uid and gid, the Nix binaries can be installed as owned by the Nix user and group instead of root, so no root involvement of any kind is necessary. Linux and FreeBSD have these functions.
This commit is contained in:
Eelco Dolstra
parent
2d35116c13
commit
e77fbe0fa2
3 changed files with 32 additions and 8 deletions
|
|
@ -4,5 +4,10 @@ SUBDIRS = bin2c boost libutil libstore libmain nix-store nix-hash \
|
|||
SETUID_PROGS = nix-store nix-instantiate nix-env
|
||||
install-exec-hook:
|
||||
if SETUID_HACK
|
||||
if HAVE_SETRESUID
|
||||
cd $(DESTDIR)$(bindir) && chown @NIX_USER@ $(SETUID_PROGS) \
|
||||
&& chgrp @NIX_GROUP@ $(SETUID_PROGS) && chmod ug+s $(SETUID_PROGS)
|
||||
else
|
||||
cd $(DESTDIR)$(bindir) && chown root $(SETUID_PROGS) && chmod u+s $(SETUID_PROGS)
|
||||
endif
|
||||
endif
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue