Stop storing keys in the nix store for storeKeysOnMachine. #650
Commits on Apr 27, 2017
-
Stop storing keys in the nix store for storeKeysOnMachine.
This patch changes storeKeysOnMachine to work roughly the same way when true as when false. The only difference is that the keys are stored in /var/keys (which is usually a real disk) as opposed to /run/keys (which is RAM). This is an improvement on the previous version of storeKeysOnMachine where the keys were stored in the Nix store and linked from /run/keys. The previous version doesn't allow setting unix permissions on the keys, meaning any process on the server can read all keys. This solution has the downside that rolling back doesn't roll back the keys, however this is consistent with how storeKeysOnMachine=false works so shouldn't be a major concern. Furthermore if someone wants to have the keys rollback with the system they can use builtins.toFile instead of the keys mechanism which works the same way that the previous storeKeysOnMachine=true worked. Additionally a symlink /etc/nixops-keys has been added that will be set to the appropriate key location to make it easier to switch between the options.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.