Branch: refs/heads/release-17.03
Home: https://github.com/NixOS/nixpkgs
Commit: 6c59d851e2967410cc8fb6ba3f374b1d3efa988e
https://github.com/NixOS/nixpkgs/commit/6c59d851e2967410cc8fb6ba3f374b1d3efa988e
Author: Alexey Shmalko <rasen.d...@gmail.com>
Date: 2017-04-03 (Mon, 03 Apr 2017)
Changed paths:
M nixos/modules/virtualisation/docker.nix
Log Message:
-----------
docker: fix socket permissions
Docker socket is world writable. This means any user on the system is
able to invoke docker command. (Which is equal to having a root access
to the machine.)
This commit makes socket group-writable and owned by docker group.
Inspired by
https://github.com/docker/docker/blob/master/contrib/init/systemd/docker.socket
(cherry picked from commit fa4fe7110566d8370983fa81f2b04a833339236d)
Commit: 6018464c49dc60b1779f10a714974dcb4eb21c30
https://github.com/NixOS/nixpkgs/commit/6018464c49dc60b1779f10a714974dcb4eb21c30
Author: Graham Christensen <gra...@grahamc.com>
Date: 2017-04-03 (Mon, 03 Apr 2017)
Changed paths:
M nixos/tests/docker.nix
Log Message:
-----------
docker: test for socket permissions
(cherry picked from commit c7453084ef71e286699b7414894178e5559f5563)
Compare: https://github.com/NixOS/nixpkgs/compare/6024dd4067c4...6018464c49dc
_______________________________________________
nix-commits mailing list
nix-comm...@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-commits