mirror of
https://github.com/NixOS/nix
synced 2024-09-19 10:50:24 -04:00
chmod later
This commit is contained in:
parent
89ace85071
commit
d6fd7eee56
|
@ -771,9 +771,6 @@ void LocalDerivationGoal::startBuilder()
|
|||
pathsInChroot.erase(worker.store.printStorePath(*i.second.second));
|
||||
}
|
||||
|
||||
// Make build root read-only, so `mkdir /homeless-shelter` would fail.
|
||||
chmod_(chrootRootDir, 01555);
|
||||
|
||||
if (cgroup) {
|
||||
if (mkdir(cgroup->c_str(), 0755) != 0)
|
||||
throw SysError("creating cgroup '%s'", *cgroup);
|
||||
|
@ -1973,6 +1970,9 @@ void LocalDerivationGoal::runChild()
|
|||
if (rmdir("real-root") == -1)
|
||||
throw SysError("cannot remove real-root directory");
|
||||
|
||||
// Make build root read-only, so `mkdir /homeless-shelter` would fail.
|
||||
chmod_(chrootRootDir, 01555);
|
||||
|
||||
/* Switch to the sandbox uid/gid in the user namespace,
|
||||
which corresponds to the build user or calling user in
|
||||
the parent namespace. */
|
||||
|
|
Loading…
Reference in a new issue