Fixes #18124: atomically replace /var/setuid-wrappers/ (#18186)
Before this commit updating /var/setuid-wrappers/ folder introduced a small window where NixOS activation scripts could be terminated and resulted into empty /var/setuid-wrappers/ folder. That's very unfortunate because one might lose sudo binary. Instead we use two atomic operations mv and ln (as described in https://axialcorps.com/2013/07/03/atomically-replacing-files-and-directories/) to achieve atomicity. Since /var/setuid-wrappers is not a directory anymore, tmpfs mountpoints were removed in installation scripts and in boot process. Tested: - upgrade /var/setuid-wrappers/ from folder to a symlink - make sure /run/setuid-wrappers-dirs/ legacy symlink is really deleted
parent
78cd9f8e
Please register or sign in to comment