nix-serve user added to nix-daemon allowed users #11784
Conversation
|
By analyzing the blame information on this pull request, we identified @dezgeg, @wkennington and @robbinch to be potential reviewers |
| @@ -66,5 +66,7 @@ in | |||
| description = "Nix-serve user"; | |||
| uid = config.ids.uids.nix-serve; | |||
| }; | |||
|
|
|||
| nix.allowedUsers = [ "nix-serve" ]; | |||
There was a problem hiding this comment.
Note that setting this overrides the default value (["*"]) so it will actually lock out other users.
There was a problem hiding this comment.
Is there a way to do what I intent it to do, add an element to nix.allowedUsers if the user overwrote the default value?
Without the nix-serve user in the allowed users of the Nix daemon, it will not have access to the Nix store, which will result in internal server errors.
|
@edolstra I added an additional value constructor called mkIfUserDefined, which will only assign the value if the user defined it. This allows you to have generous defaults such as those being used in |
|
Hi, is this still the case ? I haven't had any issues with the nix-daemon lately and don't know how to reproduce the issue. |
|
(triage) can this be closed ? |
|
Closing as abandoned. |
Without the nix-serve user in the allowed users of the Nix daemon,
it will not have access to the Nix store, which will result in internal server errors.