3
0
Fork 0
forked from mirrors/nixpkgs
nixpkgs/nixos/modules
Domen Kožar a6670c1a0b Fixes #18124: atomically replace /var/setuid-wrappers/ (#18186)
Before this commit updating /var/setuid-wrappers/ folder introduced
a small window where NixOS activation scripts could be terminated
and resulted into empty /var/setuid-wrappers/ folder.

That's very unfortunate because one might lose sudo binary.

Instead we use two atomic operations mv and ln (as described in
https://axialcorps.com/2013/07/03/atomically-replacing-files-and-directories/)
to achieve atomicity.

Since /var/setuid-wrappers is not a directory anymore, tmpfs mountpoints
were removed in installation scripts and in boot process.

Tested:

- upgrade /var/setuid-wrappers/ from folder to a symlink
- make sure /run/setuid-wrappers-dirs/ legacy symlink is really deleted
2016-09-01 20:57:51 +02:00
..
config Merge staging into master 2016-09-01 13:27:27 +03:00
hardware Merge branch 'master' into staging 2016-08-21 12:03:41 +01:00
i18n/input-method Merge pull request #15025 from ericsagnes/modules/manual 2016-08-28 13:57:34 +02:00
installer Fixes #18124: atomically replace /var/setuid-wrappers/ (#18186) 2016-09-01 20:57:51 +02:00
misc Merge pull request #15025 from ericsagnes/modules/manual 2016-08-28 13:57:34 +02:00
profiles documentation: fix start display-manager command 2016-07-04 10:25:31 +02:00
programs nixos/shadow: setuid wrappers for new{uid,gid}map 2016-08-19 14:59:33 +02:00
security Fixes #18124: atomically replace /var/setuid-wrappers/ (#18186) 2016-09-01 20:57:51 +02:00
services unbound service: whitespace fixes 2016-09-01 14:51:33 +02:00
system Fixes #18124: atomically replace /var/setuid-wrappers/ (#18186) 2016-09-01 20:57:51 +02:00
tasks nixos/filesystems: Drop compat code for filesystems.*.options type 2016-09-01 12:18:33 +03:00
testing KDE test: Bump kdm start timeout 2016-05-27 11:22:27 +02:00
virtualisation virtualbox: add headless build (without Qt dependency) (#18026) 2016-09-01 20:54:58 +02:00
module-list.nix ferm: init at 2.3 2016-08-25 21:37:19 +02:00
rename.nix nixos/modules/rename.nix: fix eval error 2016-08-28 14:47:24 +01:00