* Change the ownership of the current directory to the build user.
This commit is contained in:
parent
62ab131412
commit
79875c5e42
1 changed files with 16 additions and 3 deletions
|
@ -23,9 +23,22 @@ using namespace nix;
|
||||||
static void secureChown(uid_t uidFrom, uid_t uidTo, gid_t gidTo,
|
static void secureChown(uid_t uidFrom, uid_t uidTo, gid_t gidTo,
|
||||||
const Path & path)
|
const Path & path)
|
||||||
{
|
{
|
||||||
/* Recursively chown `path' to the specified uid and gid, but only
|
struct stat st;
|
||||||
if it is currently owned by the Nix account. */
|
if (lstat(path.c_str(), &st) == -1)
|
||||||
/* !!! */
|
throw SysError(format("statting of `%1%'") % path);
|
||||||
|
|
||||||
|
if (st.st_uid != uidFrom)
|
||||||
|
throw Error(format("path `%1%' owned by the wrong owner") % path);
|
||||||
|
|
||||||
|
if (lchown(path.c_str(), uidTo, gidTo) == -1)
|
||||||
|
throw SysError(format("changing ownership of `%1%'") % path);
|
||||||
|
|
||||||
|
if (S_ISDIR(st.st_mode)) {
|
||||||
|
Strings names = readDirectory(path);
|
||||||
|
for (Strings::iterator i = names.begin(); i != names.end(); ++i)
|
||||||
|
/* !!! recursion; check stack depth */
|
||||||
|
secureChown(uidFrom, uidTo, gidTo, path + "/" + *i);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue