Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement SSHStore on top of nix-daemon served over ssh #997

Closed
wants to merge 8 commits into from
Closed

Implement SSHStore on top of nix-daemon served over ssh #997

wants to merge 8 commits into from

Conversation

shlevy
Copy link
Member

@shlevy shlevy commented Jul 25, 2016

Fixes #986

@shlevy shlevy mentioned this pull request Jul 25, 2016
Merged
@shlevy
Copy link
Member Author

shlevy commented Jul 25, 2016

@edolstra ping, will merge this at the end of the week absent any issues

@domenkozar domenkozar added this to the perl-to-c++ milestone Jul 26, 2016
@edolstra
Copy link
Member

Please don't, I'll want to review this first.

@shlevy
Copy link
Member Author

shlevy commented Jul 26, 2016

OK, I'll count that as an issue 😄

@shlevy shlevy mentioned this pull request Aug 10, 2016
Closed
@shlevy
Copy link
Member Author

shlevy commented Aug 11, 2016

@edolstra Can you give me a time frame for reviewing this? It's the most controversial change in the perl->c++ work and if I'm going to have to redo build-remote without it I'd rather know sooner than later...

@shlevy
Copy link
Member Author

shlevy commented Aug 11, 2016

(erm, and nix-copy-closure)

@shlevy shlevy mentioned this pull request Aug 12, 2016
Merged
@shlevy
Copy link
Member Author

shlevy commented Aug 18, 2016

@edolstra Is there anything I can do to help get this reviewed? If I'm going to have to redo build-remote and nix-copy-closure without this it will be much easier now than in a few weeks (though still a pain now of course).

@edolstra
Copy link
Member

To reduce the churn in this PR and make it easier to review, could you not rename RemoteStore to DaemonStore? We can always rename things sensibly later...

Also, wrt build-remote, the use of a separate protocol allows the use of a forced SSH command to root where the client can only do a few operations (copying paths and starting builds). How would that work here?

@shlevy
Copy link
Member Author

shlevy commented Aug 31, 2016

OK, will do with the rename.

For build-remote, we could add a limited mode to the daemon? What do you think?

@edolstra
Copy link
Member

Yeah that would be good. It would probably suffice to add a flag that causes the daemon to use "nobody" as the connecting user name rather than using the uid of the calling user.

@shlevy shlevy mentioned this pull request Sep 2, 2016
Merged
@shlevy
Copy link
Member Author

shlevy commented Sep 2, 2016

Replaced by #1053

@shlevy shlevy closed this Sep 2, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
perl-to-c++
Development

Successfully merging this pull request may close these issues.
3 participants
@shlevy @edolstra @domenkozar