Eelco Dolstra <eelco.dols...@logicblox.com> skribis: > On 03/06/15 10:27, Ludovic Courtès wrote: > >>>> The patch below adds a ‘verifyStore’ RPC with the same signature as the >>>> current LocalStore::verifyStore method. >>> >>> Thanks! I've applied this with the following change to disallow repairing by >>> unprivileged users (since it's a potentially dangerous operation): >>> >>> https://github.com/NixOS/nix/commit/d8ddf994e70f97994e0f1fbd382df93cd071b90f >> >> Sounds good, although I’m unclear on how things could go wrong: >> repairing can only rebuild or use approved substitutes, right? > > Repair may replace store paths non-atomically, which, if interrupted, can > leave > the system in a broken state. (E.g. if you try to replace glibc and it fails > half-way through.)
I see, thanks for explaining. Ludo’.
