From 856b68bda959638201182304ded2759c7de5411b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sun, 12 Nov 2017 23:52:18 +0100 Subject: [PATCH] list-runtime-roots: Ignore PIDs we cannot access. This allows running as non-root. Fixes a regression introduced in b8f59cdc20e9d83ce63523ef917e95fcee07f134. * nix/scripts/list-runtime-roots.in (referenced-files): Handle EACCES in addition to ENOENT. --- nix/scripts/list-runtime-roots.in | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/nix/scripts/list-runtime-roots.in b/nix/scripts/list-runtime-roots.in index 001d25c577..511789a539 100644 --- a/nix/scripts/list-runtime-roots.in +++ b/nix/scripts/list-runtime-roots.in @@ -119,10 +119,11 @@ or the empty list." (proc-maps-roots proc) (proc-environ-roots proc))) (lambda args - ;; There's a TOCTTOU race that we need to handle. - (if (= ENOENT (system-error-errno args)) - '() - (apply throw args)))))) + (let ((err (system-error-errno args))) + (if (or (= ENOENT err) ;TOCTTOU race + (= EACCES err)) ;not running as root + '() + (apply throw args))))))) (scandir %proc-directory string->number (lambda (a b) (< (string->number a) (string->number b))))))