Propagate the user and group names of the calling user
This commit is contained in:
parent
5cea3900eb
commit
b796c4336d
|
@ -9,6 +9,8 @@
|
||||||
, libDir ? "${stateDir}/lib"
|
, libDir ? "${stateDir}/lib"
|
||||||
, tmpDir ? (if stateDir == "/var" then "/tmp" else "${stateDir}/tmp")
|
, tmpDir ? (if stateDir == "/var" then "/tmp" else "${stateDir}/tmp")
|
||||||
, forceDisableUserChange ? false
|
, forceDisableUserChange ? false
|
||||||
|
, callingUser ? null
|
||||||
|
, callingGroup ? null
|
||||||
, exprFile ? null
|
, exprFile ? null
|
||||||
, extraParams ? {}
|
, extraParams ? {}
|
||||||
}@args:
|
}@args:
|
||||||
|
|
|
@ -9,6 +9,8 @@
|
||||||
, libDir ? "${stateDir}/lib"
|
, libDir ? "${stateDir}/lib"
|
||||||
, tmpDir ? (if stateDir == "/var" then "/tmp" else "${stateDir}/tmp")
|
, tmpDir ? (if stateDir == "/var" then "/tmp" else "${stateDir}/tmp")
|
||||||
, forceDisableUserChange ? false
|
, forceDisableUserChange ? false
|
||||||
|
, callingUser ? null
|
||||||
|
, callingGroup ? null
|
||||||
, extraParams ? {}
|
, extraParams ? {}
|
||||||
, exprFile ? null
|
, exprFile ? null
|
||||||
}@args:
|
}@args:
|
||||||
|
|
|
@ -9,6 +9,8 @@
|
||||||
, libDir ? "${stateDir}/lib"
|
, libDir ? "${stateDir}/lib"
|
||||||
, tmpDir ? (if stateDir == "/var" then "/tmp" else "${stateDir}/tmp")
|
, tmpDir ? (if stateDir == "/var" then "/tmp" else "${stateDir}/tmp")
|
||||||
, forceDisableUserChange ? false
|
, forceDisableUserChange ? false
|
||||||
|
, callingUser ? null
|
||||||
|
, callingGroup ? null
|
||||||
, clientInterface ? (if builtins.getEnv "DISNIX_CLIENT_INTERFACE" == "" then "disnix-run-activity" else builtins.getEnv "DISNIX_CLIENT_INTERFACE")
|
, clientInterface ? (if builtins.getEnv "DISNIX_CLIENT_INTERFACE" == "" then "disnix-run-activity" else builtins.getEnv "DISNIX_CLIENT_INTERFACE")
|
||||||
, disnixDataDir ? (if builtins.getEnv "DISNIX_DATA_DIR" == "" then throw "Set DISNIX_DATA_DIR to the data directory of Disnix" else builtins.getEnv "DISNIX_DATA_DIR")
|
, disnixDataDir ? (if builtins.getEnv "DISNIX_DATA_DIR" == "" then throw "Set DISNIX_DATA_DIR to the data directory of Disnix" else builtins.getEnv "DISNIX_DATA_DIR")
|
||||||
, extraParams ? {}
|
, extraParams ? {}
|
||||||
|
|
|
@ -9,6 +9,8 @@
|
||||||
, libDir ? "${stateDir}/lib"
|
, libDir ? "${stateDir}/lib"
|
||||||
, tmpDir ? (if stateDir == "/var" then "/tmp" else "${stateDir}/tmp")
|
, tmpDir ? (if stateDir == "/var" then "/tmp" else "${stateDir}/tmp")
|
||||||
, forceDisableUserChange ? false
|
, forceDisableUserChange ? false
|
||||||
|
, callingUser ? null
|
||||||
|
, callingGroup ? null
|
||||||
, extraParams ? {}
|
, extraParams ? {}
|
||||||
, exprFile ? null
|
, exprFile ? null
|
||||||
}@args:
|
}@args:
|
||||||
|
|
|
@ -9,6 +9,8 @@
|
||||||
, lockDir ? "${stateDir}/lock"
|
, lockDir ? "${stateDir}/lock"
|
||||||
, libDir ? "${stateDir}/lib"
|
, libDir ? "${stateDir}/lib"
|
||||||
, forceDisableUserChange ? false
|
, forceDisableUserChange ? false
|
||||||
|
, callingUser ? null
|
||||||
|
, callingGroup ? null
|
||||||
, extraParams ? {}
|
, extraParams ? {}
|
||||||
, exprFile ? null
|
, exprFile ? null
|
||||||
}@args:
|
}@args:
|
||||||
|
|
|
@ -9,6 +9,8 @@
|
||||||
, libDir ? "${stateDir}/lib"
|
, libDir ? "${stateDir}/lib"
|
||||||
, tmpDir ? (if stateDir == "/var" then "/tmp" else "${stateDir}/tmp")
|
, tmpDir ? (if stateDir == "/var" then "/tmp" else "${stateDir}/tmp")
|
||||||
, forceDisableUserChange ? false
|
, forceDisableUserChange ? false
|
||||||
|
, callingUser ? null
|
||||||
|
, callingGroup ? null
|
||||||
, extraParams ? {}
|
, extraParams ? {}
|
||||||
, exprFile ? null
|
, exprFile ? null
|
||||||
, defaultBundleName ? "default"
|
, defaultBundleName ? "default"
|
||||||
|
|
|
@ -9,6 +9,8 @@
|
||||||
, libDir ? "${stateDir}/lib"
|
, libDir ? "${stateDir}/lib"
|
||||||
, tmpDir ? (if stateDir == "/var" then "/tmp" else "${stateDir}/tmp")
|
, tmpDir ? (if stateDir == "/var" then "/tmp" else "${stateDir}/tmp")
|
||||||
, forceDisableUserChange ? false
|
, forceDisableUserChange ? false
|
||||||
|
, callingUser ? null
|
||||||
|
, callingGroup ? null
|
||||||
, extraParams ? {}
|
, extraParams ? {}
|
||||||
, exprFile ? null
|
, exprFile ? null
|
||||||
}@args:
|
}@args:
|
||||||
|
|
|
@ -9,6 +9,8 @@
|
||||||
, libDir ? "${stateDir}/lib"
|
, libDir ? "${stateDir}/lib"
|
||||||
, tmpDir ? (if stateDir == "/var" then "/tmp" else "${stateDir}/tmp")
|
, tmpDir ? (if stateDir == "/var" then "/tmp" else "${stateDir}/tmp")
|
||||||
, forceDisableUserChange ? false
|
, forceDisableUserChange ? false
|
||||||
|
, callingUser ? null
|
||||||
|
, callingGroup ? null
|
||||||
, extraParams ? {}
|
, extraParams ? {}
|
||||||
, exprFile ? null
|
, exprFile ? null
|
||||||
}@args:
|
}@args:
|
||||||
|
|
|
@ -9,6 +9,8 @@
|
||||||
, libDir ? "${stateDir}/lib"
|
, libDir ? "${stateDir}/lib"
|
||||||
, tmpDir ? (if stateDir == "/var" then "/tmp" else "${stateDir}/tmp")
|
, tmpDir ? (if stateDir == "/var" then "/tmp" else "${stateDir}/tmp")
|
||||||
, forceDisableUserChange ? false
|
, forceDisableUserChange ? false
|
||||||
|
, callingUser ? null
|
||||||
|
, callingGroup ? null
|
||||||
, extraParams ? {}
|
, extraParams ? {}
|
||||||
, exprFile ? null
|
, exprFile ? null
|
||||||
}@args:
|
}@args:
|
||||||
|
|
|
@ -19,9 +19,14 @@ let
|
||||||
inherit profileSettings exprFile extraParams pkgs system tools;
|
inherit profileSettings exprFile extraParams pkgs system tools;
|
||||||
};
|
};
|
||||||
|
|
||||||
processes = import exprFile ({
|
processesFun = import exprFile;
|
||||||
|
processesFormalArgs = builtins.functionArgs processesFun;
|
||||||
|
|
||||||
|
processesArgs = builtins.intersectAttrs processesFormalArgs ({
|
||||||
inherit pkgs system processManager;
|
inherit pkgs system processManager;
|
||||||
} // extraParams // profileSettings.params);
|
} // profileSettings.params // extraParams);
|
||||||
|
|
||||||
|
processes = processesFun processesArgs;
|
||||||
in
|
in
|
||||||
with import "${nixpkgs}/nixos/lib/testing-python.nix" { inherit system; };
|
with import "${nixpkgs}/nixos/lib/testing-python.nix" { inherit system; };
|
||||||
|
|
||||||
|
|
|
@ -3,6 +3,8 @@
|
||||||
stateDir = "/home/unprivileged/var";
|
stateDir = "/home/unprivileged/var";
|
||||||
runtimeDir = "${stateDir}/run";
|
runtimeDir = "${stateDir}/run";
|
||||||
forceDisableUserChange = true;
|
forceDisableUserChange = true;
|
||||||
|
callingUser = "unprivileged";
|
||||||
|
callingGroup = "users";
|
||||||
};
|
};
|
||||||
|
|
||||||
deployArgs = [ "--state-dir" "/home/unprivileged/var" "--force-disable-user-change" ];
|
deployArgs = [ "--state-dir" "/home/unprivileged/var" "--force-disable-user-change" ];
|
||||||
|
|
|
@ -197,4 +197,20 @@ fi
|
||||||
NIXPROC=${NIXPROC:-@NIXPROC@}
|
NIXPROC=${NIXPROC:-@NIXPROC@}
|
||||||
|
|
||||||
# Build the profile
|
# Build the profile
|
||||||
nix-build $stateDirArg $runtimeDirArg $logDirArg $tmpDirArg $cacheDirArg $spoolDirArg $lockDirArg $libDirArg $forceDisableUserChangeArg $noOutLinkArg $showTraceArg $processManagerArg "${extraParamsArg[@]}" $exprFileArg $NIXPROC/backends/$processManager/build-$processManager-env.nix
|
nix-build $stateDirArg \
|
||||||
|
$runtimeDirArg \
|
||||||
|
$logDirArg \
|
||||||
|
$tmpDirArg \
|
||||||
|
$cacheDirArg \
|
||||||
|
$spoolDirArg \
|
||||||
|
$lockDirArg \
|
||||||
|
$libDirArg \
|
||||||
|
$forceDisableUserChangeArg \
|
||||||
|
--argstr callingUser "$(id -un)" \
|
||||||
|
--argstr callingGroup "$(id -gn)" \
|
||||||
|
$noOutLinkArg \
|
||||||
|
$showTraceArg \
|
||||||
|
$processManagerArg \
|
||||||
|
"${extraParamsArg[@]}" \
|
||||||
|
$exprFileArg \
|
||||||
|
$NIXPROC/backends/$processManager/build-$processManager-env.nix
|
||||||
|
|
Loading…
Reference in New Issue