diff --git a/src/libstore/daemon.cc b/src/libstore/daemon.cc index 6079eae7ba4..7b4e306d490 100644 --- a/src/libstore/daemon.cc +++ b/src/libstore/daemon.cc @@ -238,9 +238,13 @@ struct ClientSettings return true; }; + auto clientOnlySettings = settings.clientOnlySettings.get(); + try { if (name == "ssh-auth-sock") // obsolete ; + else if (clientOnlySettings.contains(name)) + ; else if (name == experimentalFeatureSettings.experimentalFeatures.name) { // We don’t want to forward the experimental features to // the daemon, as that could cause some pretty weird stuff diff --git a/src/libstore/globals.hh b/src/libstore/globals.hh index be922c9f741..9081c94c129 100644 --- a/src/libstore/globals.hh +++ b/src/libstore/globals.hh @@ -94,6 +94,12 @@ public: */ Path nixDaemonSocketFile; + Setting clientOnlySettings{this, {}, "client-only-settings", + R"( + The names of settings that will not be forwarded from the + Nix client to the Nix daemon. + )"}; + Setting storeUri{this, getEnv("NIX_REMOTE").value_or("auto"), "store", R"( The [URL of the Nix store](@docroot@/store/types/index.md#store-url-format) diff --git a/src/libstore/remote-store.cc b/src/libstore/remote-store.cc index 69bbc64fca3..f70734d9fd6 100644 --- a/src/libstore/remote-store.cc +++ b/src/libstore/remote-store.cc @@ -135,6 +135,9 @@ void RemoteStore::setOptions(Connection & conn) overrides.erase(loggerSettings.showTrace.name); overrides.erase(experimentalFeatureSettings.experimentalFeatures.name); overrides.erase("plugin-files"); + overrides.erase(settings.clientOnlySettings.name); + for (auto & i : settings.clientOnlySettings.get()) + overrides.erase(i); conn.to << overrides.size(); for (auto & i : overrides) conn.to << i.first << i.second.value; diff --git a/tests/functional/common/functions.sh b/tests/functional/common/functions.sh index d05fac4e7f8..b621475cc5d 100644 --- a/tests/functional/common/functions.sh +++ b/tests/functional/common/functions.sh @@ -62,6 +62,8 @@ clearCacheCache() { rm -f "$TEST_HOME/.cache/nix/binary-cache"* } +extraDaemonFlags=() + startDaemon() { if isTestOnNixOS; then die "startDaemon: not supported when testing on NixOS. Is it really needed? If so add conditionals; e.g. if ! isTestOnNixOS; then ..." @@ -73,7 +75,7 @@ startDaemon() { fi # Start the daemon, wait for the socket to appear. rm -f "$NIX_DAEMON_SOCKET_PATH" - PATH=$DAEMON_PATH nix --extra-experimental-features 'nix-command' daemon & + PATH=$DAEMON_PATH nix --extra-experimental-features 'nix-command' daemon "${extraDaemonFlags[@]}" & _NIX_TEST_DAEMON_PID=$! export _NIX_TEST_DAEMON_PID for ((i = 0; i < 300; i++)); do diff --git a/tests/functional/remote-store.sh b/tests/functional/remote-store.sh index 841b6b27ae4..8237c715322 100755 --- a/tests/functional/remote-store.sh +++ b/tests/functional/remote-store.sh @@ -36,3 +36,20 @@ NIX_REMOTE= nix-store --dump-db > $TEST_ROOT/d2 cmp $TEST_ROOT/d1 $TEST_ROOT/d2 killDaemon + +# Test 'client-only-settings' on the client. +extraDaemonFlags=("--trusted-users" "") +startDaemon +nix store info --netrc-file /foo 2>&1 | grepQuiet "ignoring the client-specified setting 'netrc-file'" +if nix store info --netrc-file /foo --client-only-settings netrc-file 2>&1 | grep "ignoring the client-specified setting 'netrc-file'"; then + exit 1 +fi +killDaemon + +# Test 'client-only-settings' on the daemon. +extraDaemonFlags=("--trusted-users" "" "--option" "client-only-settings" "netrc-file") +startDaemon +if nix store info --netrc-file /foo 2>&1 | grep "ignoring the client-specified setting 'netrc-file'"; then + exit 1 +fi +killDaemon